PowerShell Core is now generally available, which means you can now start running it on your production servers and not feel guilty! There are many possibilities for using PowerShell on non-Windows platforms now and today my mind was pondering how to use it to join Linux servers to Active Directory. So, I created a small little function that automates some of this called Join-LinuxToAD. Keep in mind I tested this only on CentOS 7.

The script does the following:

Ensures you can lookup the domain with nslookup

Ensures Samba and other dependencies are installed via yum

Uses the realm command to join the local server to an Active Directory domain

While this is not totally automated, it does at least some of the work for you. I use $LASTEXITCODE has a way to do some error checking in the script.

# Add CentOS 7 machine to Active Directory function Join-LinuxToAD { [CmdletBinding()] param ( [Parameter(Mandatory=$true)] [string]$DomainName, [Parameter(Mandatory=$true)] [string]$UserName ) #Is this host Linux? if (!$IsLinux) { Write-Error -Message 'This host is not Linux. Exiting' exit } #Ensure you can lookup AD DNS nslookup $DomainName | Out-Null if ($LASTEXITCODE -ne 0) { Write-Error -Message 'Could not find domain in DNS. Checking settings' exit } #Ensure Samba and dependencies installed yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python -y | Out-Null if ($LASTEXITCODE -ne 0) { Write-Error -Message 'Could not install one or more dependencies' exit } #Join domain with realm realm join $DomainName --user=$UserName if ($LASTEXITCODE -ne 0) { Write-Error -Message "Could not join domain $DomainName. See error output" exit } if ($LASTEXITCODE -eq 0) { Write-Output 'Yay! Your host is joined!' } } 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 # Add CentOS 7 machine to Active Directory function Join - LinuxToAD { [ CmdletBinding ( ) ] param ( [ Parameter ( Mandatory = $ true ) ] [ string ] $ DomainName , [ Parameter ( Mandatory = $ true ) ] [ string ] $ UserName ) #Is this host Linux? if ( ! $ IsLinux ) { Write - Error - Message 'This host is not Linux. Exiting' exit } #Ensure you can lookup AD DNS nslookup $ DomainName | Out - Null if ( $ LASTEXITCODE - ne 0 ) { Write - Error - Message 'Could not find domain in DNS. Checking settings' exit } #Ensure Samba and dependencies installed yum install sssd realmd oddjob oddjob - mkhomedir adcli samba - common samba - common - tools krb5 - workstation openldap - clients policycoreutils - python - y | Out - Null if ( $ LASTEXITCODE - ne 0 ) { Write - Error - Message 'Could not install one or more dependencies' exit } #Join domain with realm realm join $ DomainName -- user = $ UserName if ( $ LASTEXITCODE - ne 0 ) { Write - Error - Message "Could not join domain $DomainName. See error output" exit } if ( $ LASTEXITCODE - eq 0 ) { Write - Output 'Yay! Your host is joined!' } }

Now lets run it:

PS /root> Join-LinuxToAD -DomainName domain.com -UserName Administrator Password for Administrator: Yay! Your host is joined! 1 2 3 PS / root > Join - LinuxToAD - DomainName domain . com - UserName Administrator Password for Administrator : Yay ! Your host is joined !

Fun times!