Hey everyone, I'm looking for some advice on integrating Linux machines into a Windows Active Directory (AD) environment. My company has recently been acquired by a Windows-centric organization and we're going to be handling robotics and IoT devices on Linux systems. For now, we'll keep our Linux machines on a separate development network that won't connect to the main corporate network. However, the plan is to create a hybrid network that ensures security for both Linux and Windows domains. Has anyone here dealt with something similar and can share their experiences or suggestions?
2 Answers
If the new company uses Intune, there's some potential support for Linux there. Plus, if they have Microsoft Defender for endpoint detection, you can get Linux onboarded too. But depending on your situation, I'm not sure if enrolling Linux into AD is the best route.
SSSD (System Security Services Daemon) is pretty solid for joining AD these days. Using the realmd tool makes the whole process straightforward. If you're considering a hybrid setup, integrating Red Hat FreeIPA with a cross-realm trust to AD could be beneficial for certain features, but otherwise, just joining with SSSD should work fine for authentication.
They're using Crowdstrike, so do you think keeping them separate from AD is better?