Multiple solutions exist to integrate Linux with Active Directory (AD).
The following solutions are known to work in a View environment:
- OpenLDAP Pass-Through Authentication
At a high level, the OpenLDAP pass-through authentication solution involves the following steps:
- Configure the OpenLDAP server to delegate password verification to a separate process such as saslauthd, which can perform password verification against Active Directory.
- Configure the Linux desktops to authenticate users with OpenLDAP.
If you plan to bulk deploy Linux desktops, you can set up the template virtual machine (VM) to run the final AD integration task. Be aware of the following considerations:
- The OpenLDAP solution works for cloned VMs without any additional steps.
- With the Winbind solution, the step to join the domain will fail because each cloned VM has a different host name. Each cloned VM needs to run the following command to rejoin the domain:
sudo /usr/bin/net ads join -U <domain user>%<domain password>
Use the following options to run the domain join command on cloned virtual machine for winbind solution:
- Remote connect such as SSH or vSphere PowerCLI to each virtual machine and run the command. For more information on scripts, see Bulk Deployment of Horizon 7 for Manual Desktop Pools.
- Include the command to a shell script and specify the script path to Horizon agent option RunOnceScript in /etc/vmware/viewagent-custom.conf. For more information, see Setting Options in Configuration Files on a Linux Desktop.
For more information about bulk deploying Linux desktops, see Bulk Deployment of Horizon 7 for Manual Desktop Pools.