< Previous | Contents | Next >
5. SSSD and Active Directory
This section describes the use of sssd to authenticate user logins against an Active Directory via using sssd's "ad" provider. In previous versions of sssd, it was possible to authenticate using the "ldap" provider. However, when authenticating against a Microsoft Windows AD Domain Controller, it was generally necessary to install the POSIX AD extensions on the Domain Controller. The "ad" provider simplifies the configuration and requires no modifications to the AD structure.
5.1. Prerequisites, Assumptions, and Requirements5.2. Software Installation5.3. Kerberos Configuration5.4. Samba Configuration5.5. SSSD Configuration5.6. Verify nsswitch.conf Configuration5.7. Modify /etc/hosts5.8. Join the Active Directory5.9. Test Authentication5.10. Home directories with pam_mkhomedir (optional)5.11. Desktop Ubuntu Authentication5.12. Resources