The following guide was done on CentOS 7.
Install the relevant files:
yum install -y realmd samba samba-common oddjob oddjob-mkhomedir sssd adcli krb5-workstation openldap-clients policycoreutils-python samba-winbind-clients
Edit /etc/krb5.conf
[libdefaults]
default_realm = DOMAIN.NAME
dns_lookup_realm = false
dns_lookup_kdc = true
Edit /etc/samba/smb.conf
[global]
security = ADS
workgroup = WORKGROUP
realm = REALM.COM
template homedir = /home/%U
template shell = /bin/bash
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
map acl inherit = yes
store dos attributes = yes
idmap config * : backend = tdb
idmap config * : range = 1000000-1999999
[design]
path = /design
public = no
writable = yes
guest ok = no
valid users = @"design",administrator
kernel share modes = no
Enter command nmtui and set DNS to appropriate target IP
Edit the following in /etc/nsswitch.conf
... passwd: files winbind shadow: files sss group: files winbind ...
Test configuration files:
testparm
Add your IP address & FQDN to /etc/hosts
Sign into AD:
net ads join -U USERNAME
Enable and Start Winbind:
systemctl enable winbind systemctl start winbind