리눅스(우분투) AD JOIN 테스트 (01) - AD구성 환경 및 참고URL

VM을 이용한 테스트 환경 구축

• OS : Windows2012, Ubuntu 20.04.3
• AD DC(DNS) 서버 1대, 연결할 서버 2대(Windows,Ubuntu) 구성
• 네트워크 : NAT네트워크 (VM끼리 통신)

 

 

 

JOIN에는 크게 sssd 이용하는 방법과 winbind(realm) 이용하는 방법 2가지로 나뉨

느낌상 차이점으로는 이렇게 체감되었음

 -- sssd : 윈도우(AD Server)가 주체

 -- winbind : 리눅스(Client)가 주체

 

 

 

 

 

아래는 구성시 참고했던 URL 들 (거의 winbind만 자료)

===================================

MS 공식문서

https://docs.microsoft.com/ko-kr/azure/active-directory-domain-services/join-ubuntu-linux-vm

 

리눅스AD 사용 방안

https://masterjoe.tistory.com/entry/%EA%B8%B0%EA%B0%80-%EB%A7%89%ED%9E%8C-Active-Directory-%EC%9D%98-%EA%B3%84%EC%A0%95-%EA%B4%80%EB%A6%AC-Unix-%EC%97%90%EB%8F%84-%EC%A0%81%EC%9A%A9%ED%95%A0-%EC%88%98-%EC%97%86%EC%9D%84%EA%B9%8C2

 

리눅스 AD 정의

https://dataonair.or.kr/db-tech-reference/d-lounge/technical-data/?mod=document&uid=237310

https://masterjoe.tistory.com/entry/%EA%B8%B0%EA%B0%80-%EB%A7%89%ED%9E%8C-Active-Directory-%EC%9D%98-%EA%B3%84%EC%A0%95-%EA%B4%80%EB%A6%AC-Unix-%EC%97%90%EB%8F%84-%EC%A0%81%EC%9A%A9%ED%95%A0-%EC%88%98-%EC%97%86%EC%9D%84%EA%B9%8C2

 

GPO 참고

https://www.youtube.com/watch?v=lTZPaosq3wM

 

GPO 지원부분

https://ubuntu.com/blog/new-active-directory-integration-features-in-ubuntu-22-04-part-2-group-policy-objects

 

우분투 공식 지원 게시글

https://ubuntu.com/blog/new-active-directory-integration-features-in-ubuntu-22-04-part-1

 

유저 제한

https://docs.aws.amazon.com/ko_kr/directoryservice/latest/admin-guide/simple_ad_join_linux_instance.html

 

유저제한 및 전체적인 설정

https://access.redhat.com/documentation/ko-kr/red_hat_enterprise_linux/8/html-single/integrating_rhel_systems_directly_with_windows_active_directory/index#managing-login-permissions-for-domain-users_managing-direct-connections-to-ad

 

 

realm 이용 설정

https://access.redhat.com/documentation/ko-kr/red_hat_enterprise_linux/8/html/deploying_different_types_of_servers/assembly_setting-up-samba-as-an-ad-domain-member-server_assembly_using-samba-as-a-server

 

https://www.delmaster.net/187

 

sssd 이용 설정

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/windows_integration_guide/sssd-integration-intro

 

sssd 설정 중 특정 유저로만 로그인 제한

https://docs.aws.amazon.com/ko_kr/directoryservice/latest/admin-guide/simple_ad_join_linux_instance.html

 

 

Centos용 테스트

https://louky0714.tistory.com/102

 

Ubuntu용 설정

https://docs.vmware.com/kr/VMware-Horizon/2111/linux-desktops-setup/GUID-F8F0CFCF-C4D6-4784-85FF-E7C6DF575F49.html

 

 

Azure 리눅스용 문서

https://docs.microsoft.com/ko-kr/sql/linux/sql-server-linux-active-directory-join-domain?view=sql-server-ver16

 

AWS 리눅스용 문서

https://docs.aws.amazon.com/ko_kr/directoryservice/latest/admin-guide/join_linux_instance_winbind.html

 

wbinfo 확인

http://nblog.syszone.co.kr/archives/6756

 

 

Samba 관련 참고

https://www.admin-magazine.com/Articles/Samba-pitfalls-in-daily-operation/(offset)/3

https://wiki.samba.org/index.php/Troubleshooting_Samba_Domain_Members

 

접속시 자동으로 끊기는 경우 참고

https://community.spiceworks.com/topic/2057391-ssh-with-ad-closes-immediately-local-login-works

https://unix.stackexchange.com/questions/591966/ssh-disconnecting-after-successful-auth-when-using-ad-credentials

 

Ssh 문서 -> 여기서 type 96(SSH_MSG_CHANNEL_EOF) 내용 봄

http://www.snailbook.com/docs/assigned-numbers.txt

 

 

pbis? 이거는 테스트 못해봄

https://kanziw.com/111

 

 

이건 이론

https://dataonair.or.kr/db-tech-reference/d-lounge/technical-data/?mod=document&uid=237310

===================================