Sponsor Products
join linux machines to domain without password prompt.
posted by Rory Falloon  on July 23, 2018, 1:05 p.m. (11 months, 27 days ago)
0 Responses     0 Plus One's     0 Comments  

net ads join -Uusername%password also works.

From: studiosysadmins-discuss-bounces@studiosysadmins.com <studiosysadmins-discuss-bounces@studiosysadmins.com> on behalf of greg whynott <greg.whynott@gmail.com>
Sent: Monday, July 23, 2018 12:58 PM
To: studiosysadmins-discuss
Subject: [SSA-Discuss] join linux machines to domain without password prompt.
  If you don't join linux machines to AD bail now,

Should it be helpful...

During my move from NSLCD to SSSD one of the challenges was adding machines to the domain silently without interaction required.
Both the realm and net command require you to enter your password and neither (from what I can tell) have a flag to pass the password along on the command line.  

There are many articles on how to do this as a one off,  typically requiring you to pre-add the machine to the domain, one time pass or similar.  These methods don't scale well beyond 1 machine.
My intention was to deploy hundreds of machines using kickstart and have them all 100% done when the installer finished up,  unattended. 

After a lot of searching for methods and without much luck,  unix itself provided the method.  Should of been obvious but I guess my head was in windows mode at the time.
if you type:
realm join ad01.mydomain.com -U accountname

It'll ask you for a password.  To get around this,  instead type:
echo mypassword | realm join ad01.mydomain.com -U accountname

power of the pipe!

kinit works the same:
echo mypassword | kinit -U accountname


Thread Tags: