Installing Centrify Express on CentOS / Redhat – AD authentication for linux
- Angelo Schalley
- Nov, 20, 2012
- Active Directory, Linux, security, Windows-Microsoft
- No Comments
I tried installing Centrify Express 64-bits on CentOS 5.4 x86_64 and it was quite smooth
Prerequisites:
1. You have root account and password
2. In order for you to join the domain, you need an Active Directory account with permission to add computers to the domain
Download Centrify Express, go to:
1. Go to Download Centrify Express
2. You may also wish to look at the Centrify Express Linux Quick Start Guide (pdf) and Centrify Express Admin Guide
Preparation for the Linux Box to join Centrify
1. Change of Hostname for the Linux Computer.
Changing the hostname on CentOS
# vim /etc/sysconfig/network
Change
HOSTNAME=myserver.name.com
Step 2: Edit /etc/hostname
# vim /etc/hostname
Change
myserver.name.com
Step 3: Run hostname
# hostname -F /etc/hostname
2. Ensure your /etc/nsswitch.conf contains the following lines
hosts: files dns
See man page for nsswitch.conf for more information on configuring for nsswitch
3. Ensure your resolv.conf includes a DNS Server than resolve SRV records for your domain
# less /etc/resolv.conf
You should get something like
search example.com nameserver 192.168.1.5
4. Now you are ready to install
# mkdir centrify-suite
# mv centrify-suite-2011-rhel3-x86_64.tgz
# tar -zxvf centrify-suite-2011-rhel3-x86_64.tgz
# ./install-express.sh
Respond to the installation prompt (Taken from Centrify Admin)
How do you want to proceed? (E|S|X|C|Q) [X]: Accept the default, X (for Express Edition), by clicking Enter.
Do you want to run adcheck to verify your AD environment? (Q|Y|N) [Y]: Accept the default answer, Y (to run adcheck) by clicking Enter.
Please enter the Active Directory domain to check: Enter the fully qualified name of your AD domain; for example, ad.example.com
Join an Active Directory domain? (Q|Y|N) [Y] Accept the default answer, Y to join a domain.
Enter the Active Directory authorized user [administrator]: Enter the password for the Active Directory user:
Click Enter to select the defaults for the following prompts: Enter the computer name: [QA1.sales.acme.com] Enter the container DN [Computers]: Enter the name of the domain controller [auto detect]: Reboot the computer after the installation (Q|Y|N) [Y}:
You will see summation text similar to the following:
You chose Centrify Suite Express Edition and entered the following:
Install CentrifyDC 4.4.0 package: Y Install CentrifyDC-nis 4.4.0 package: N Install CentrifyDC-openssh 4.3.1 package: Y Install CentrifyDA 1.1.2 package: N Run adcheck : Y Join an Active Directory domain : Y Active Directory domain to join : ad.example.com Active Directory authorized user : administrator computer name : computername.ad.example.com container DN : Computers domain controller name : auto detect Reboot computer : Y
You can still try to do a direct Active Directory domain join.
# adjoin ad.example.com -u admin_user --force