Bug 27369 - Add realmd and adcli tools from RHEL8/CentOS8 to join Active Directory Domains, NEW PACKAGE REQUEST
Summary: Add realmd and adcli tools from RHEL8/CentOS8 to join Active Directory Domain...
Status: NEW
Alias: None
Product: Mageia
Classification: Unclassified
Component: New RPM package request (show other bugs)
Version: Cauldron
Hardware: All Linux
Priority: Normal normal
Target Milestone: Mageia 8
Assignee: All Packagers
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-10-07 02:09 CEST by Ezequiel Partida
Modified: 2020-10-15 00:35 CEST (History)
3 users (show)

See Also:
Source RPM:
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Ezequiel Partida 2020-10-07 02:09:39 CEST 
Hello,

I am trying to join my mageia laptop to my Windows Active Directory and if possible to Azure AD.\

Checking on this webpage; https://docs.microsoft.com/en-us/azure/active-directory-domain-services/join-rhel-linux-vm

The problem is that the required packages cannot be found on Mageia.... like realmd it's only available on MGA5.

Packages like realmd sssd oddjob oddjob-mkhomedir are not available.

Are they included in other packages?.

I need to use "realm join --verbose AADDSCONTOSO.COM -U 'contosoadmin@AADDSCONTOSO.COM'" to join..

Please advice.
Regards
Ezequiel Partida
Comment 1 Dave Hodgins 2020-10-07 03:43:34 CEST 
$ urpmq -y sssd
python2-sssdconfig
python3-sssdconfig
sssd
sssd-ad
sssd-client
sssd-common
sssd-common-pac
sssd-dbus
sssd-ipa
sssd-kcm
sssd-krb5
sssd-krb5-common
sssd-ldap
sssd-libwbclient
sssd-libwbclient-devel
sssd-nfs-idmap
sssd-proxy
sssd-tools
sssd-winbind-idmap

I have no experience with active directory. From it's description, sssd-ad may be what is needed.

CC: (none) => davidwhodgins

Comment 2 Aurelien Oudelet 2020-10-07 20:37:40 CEST 
All online tutorials I saw today refers to a "realmd" binaries.
On some RHEL8 / CentOS8 tutos, an install command:

# dnf install realmd sssd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation authselect-compat

Some above packages are no equivalent on Mageia.

Assigning this as RPM package request.

Assigning this package request to all packagers collectively. On a voluntary basis, one of them might, if there are no license or other legal issues, want to integrate it to the distribution and maintain it for bug and security fixes.

You might also want to join the packager team to maintain this piece of software: see https://wiki.mageia.org/en/Becoming_a_Mageia_Packager

Target Milestone: --- => Mageia 8
Summary: How to join mageia to Active Directory => Add realmd and adcli tools from RHEL8/CentOS8 to join Active Directory Domains, NEW PACKAGE REQUEST
Component: RPM Packages => New RPM package request

Aurelien Oudelet 2020-10-07 20:46:49 CEST

Assignee: bugsquad => pkg-bugs
CC: (none) => ouaurelien

Comment 3 David Walser 2020-10-13 21:43:50 CEST 
We do have sssd.  adcli is pretty handy and would be nice to have.  The current sssd version actually expects that you have it, and uses it to rotate the machine account password periodically.  The net command (from Samba) for joining doesn't work reliably with newer Windows versions.

The oddjob stuff isn't needed, as we have pam_mkhomedir in the pam package, and that can be used.

The realmd package isn't as useful as documentation makes it sound.  It does multiple things incompletely and incorrectly by default, so you end up having to fix the configuration manually anyway, it doesn't save much effort over just reading documentation and doing the configuration manually.  I wouldn't be in favor of bringing this package back, at least without fixing those things.

A better idea would be integrating Active Directory support into drakauth.
David Walser 2020-10-15 00:35:44 CEST

CC: (none) => luigiwalser
Note You need to log in before you can comment on or make changes to this bug.