Using SSSD it’s relatively easy to bind a CentOS 7 or Red Hat Enteprise Linux 7 to Active Directory service.
Install the needed binaries:
yum install realmd sssd adcli
Discover the domain:
realm discover YOURDOMAIN
Join the domain:
realm join YOURDOMAIN
Check if the domain was correctly joined:
Configuration can be found in the SSSD configuration file:
To set up security by allowing only a specific group to access the server with Active Directory, you can edit the configuration file and change the access provider like this:
access_provider = simple simple_allow_groups = YOUR-AD-GROUP
If you need to allow only specific users, you can do the same with this configuration:
access_provider = simple simple_allow_users = YOUR-USER1, YOUR-USER2,...
Many other ways can be used to restrict users, you can check the SSSD man page for more information.