Joining a Linux Machine to Active Directory.

the following guide will your users to simply use the username to login. it will also allow members of network access to have sudo access.

start by installing the following packages.

sudo apt-get install realmd oddjobd sssd-tools sssd adcli -y

then join to the domain

sudo realm join --user=administrator contoso.local

after joining edit the following file

sudo vi /etc/sssd/sssd.conf

the finished file should look like this

[sssd]
domains = contoso.local
config_file_version = 2
services = nss, pam

[domain/contoso.local]
ad_domain = contoso.local
krb5_realm = CONTOSO.LOCAL
realmd_tags = manages-system joined-with-adcli
cache_credentials = True
id_provider = ad
access_provider = simple
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
use_fully_qualified_names = False
fallback_homedir = /home/%u
simple_allow_groups = Domain Users
ldap_use_tokengroups = false
dyndns_update = true
dyndns_refresh_interval = 43200
dyndns_update_ptr = true
dyndns_ttl = 3600
dyndns_auth = GSS-TSIG

restart the sssd service

sudo /etc/init.d/sssd restart

update the sudoers file to all elevated access. in this case the following is an AD group

visudo

%NetworkAccess   ALL=(ALL:ALL) ALL

References

Red Hat: join a Linux system to an Active Directory domain
Red Hat: Additional Configuration for Identity and Authentication Providers
Debian: Join Debian to AD