Joining to Linux PCs domain allows users to login to with AD credentials the same way they are used to on Windows. It’s easy to do on Cent OS.

Install Realm.

yum -y install sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python -y

Join Domain.

realm join --user=$USERNAME $DOMAINNAME

$USERNAME needs to be set for a user with access to join PCs to the domain. $DOMAINNAME is the FQDN.

Check status after joining domain.

realm list

Modify sssd.conf to allow SSH users to login with just their username instead of username@domain.com

Make a backup of the original config first, maybe.

cp /etc/sssd/sssd.conf /etc/sssd/sssd.conf.orig

Edit /etc/sssd/sssd.conf. Set “use_fully_qualified_names” to “False” and “fallback_homedir” to just “/home/%u” instead of “/home/%u@%d”

use_fully_qualified_names = False
fallback_homedir = /home/%u

Restart sssd after making changes to sssd.conf.

systemctl restart sssd

Add permitted users to login.

realm permit username@domain.com

Use realm list again to check the list of permitted users.

realm list

That’s it! Now domain users can use domain acconts to login to SSH and GUI!