Dear Alex,
1. Hyper-V
2. We use AD from Microsoft, it's configured with Kerberos / SSSD / PAM (install sssd heimdal-clients msktutil)
3. We only installed SSH access
4. Configuration
SSSD example:
[sssd]
services = nss, pam
config_file_version = 2
domains = nots.local
[nss]
entry_negative_timeout = 0
#debug_level = 5
[pam]
#debug_level = 5
[domain/nots.local]
#debug_level = 10
enumerate = false
id_provider = ad
auth_provider = ad
chpass_provider = ad
access_provider = ad
dyndns_update = false
ad_hostname = ubuntu-desktop.nots.local
ad_server = winserver19.nots.local
ad_domain = nots.local
ldap_schema = ad
ldap_id_mapping = true
fallback_homedir = /home/%u
default_shell = /bin/bash
ldap_sasl_mech = gssapi
ldap_sasl_authid = UBUNTU-DESKTOP$
krb5_keytab = /etc/sssd/my-keytab.keytab
ldap_krb5_init_creds = true
krb5.conf example:
[libdefaults]
default_realm = NOTS.LOCAL
rdns = no
dns_lookup_kdc = true
dns_lookup_realm = true
[realms]
NOTS.LOCAL = {
kdc = winserver19.nots.local
admin_server = winserver19.nots.local
}