Problem:
I am unable to find a reliable and straightforward way to join newly provisioned Debian hosts to my organization’s Active Directory domain. Currently I am trying to use RealmD to join new hosts to the domain as part of a finish provisioning template, but the process appears to fail due to RealmD relying on some running system services/buses to complete its workflows. I believe I could run it in ‘install’ mode, but that would prevent RealmD from actually joining the domain, installing packages, and getting the host ready to authenticate AD users. For the actual join step, I am using a keytab file that contains a privileged user’s credentials to authenticate and join the new hosts to the domain.
Running the RealmD join process post-provisioning works fine and successfully joins the hosts to the domain. I would like to find a way to either have Foreman automatically perform this process after provisioning has ended, or find a better strategy for joining these new hosts to AD.
I suspect I may be taking the wrong approach, and if anyone has successfully implemented a workflow for joining new Linux hosts to AD through Foreman provisioning, I would love to hear how it was done and with what tools and processes. Any pointers, best practices, or tips would be appreciated.
Expected outcome:
Newly provisioned hosts are joined to Active Directory, and AD users are able to login and authenticate.
Foreman and Proxy versions:
Running as a single node (testing/proof of concept instance)
Foreman version: 2.0.2
Installed Features: DHCP, DNS, HTTPBoot, Logs, Puppet, Puppet CA, TFTP
Foreman and Proxy plugin versions:
No plugins in use
Distribution and version:
Debian 10.7
Other relevant data:
N/A, if you have any questions please let me know and I would be glad to provide any additional information