Join Linux to Active Directory with PowerShell Core
PowerShell Core is now generally available, which means you can now start running it on your production servers and not feel guilty! There are many possibilities for using PowerShell on non-Windows platforms now and today my mind was pondering how to use it to join Linux servers to Active Directory. So, I created a small little function that automates some of this called Join-LinuxToAD. Keep in mind I tested this only on CentOS 7.
The script does the following:
- Ensures you can lookup the domain with nslookup
- Ensures Samba and other dependencies are installed via yum
- Uses the realm command to join the local server to an Active Directory domain
While this is not totally automated, it does at least some of the work for you. I use $LASTEXITCODE has a way to do some error checking in the script.
# Add CentOS 7 machine to Active Directory
function Join-LinuxToAD {
[CmdletBinding()]
param (
[Parameter(Mandatory=$true)]
[string]$DomainName,
[Parameter(Mandatory=$true)]
[string]$UserName
)
#Is this host Linux?
if (!$IsLinux)
{
Write-Error -Message 'This host is not Linux. Exiting'
exit
}
#Ensure you can lookup AD DNS
nslookup $DomainName | Out-Null
if ($LASTEXITCODE -ne 0)
{
Write-Error -Message 'Could not find domain in DNS. Checking settings'
exit
}
#Ensure Samba and dependencies installed
yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python -y | Out-Null
if ($LASTEXITCODE -ne 0)
{
Write-Error -Message 'Could not install one or more dependencies'
exit
}
#Join domain with realm
realm join $DomainName --user=$UserName
if ($LASTEXITCODE -ne 0)
{
Write-Error -Message "Could not join domain $DomainName. See error output"
exit
}
if ($LASTEXITCODE -eq 0)
{
Write-Output 'Yay! Your host is joined!'
}
}
Now lets run it:
PS /root> Join-LinuxToAD -DomainName domain.com -UserName Administrator Password for Administrator: Yay! Your host is joined!
Fun times!
Previous Post
Next Post