RedHat Linux VM Domain Joining

[linuxnaive]

Hi all, I am new to Linux and need some suggestion on Azure Linux VM (RHEL 7.7) domain joining using bash script. I wrote below script for each steps needed to domain join a linux (rhel) vm. The script seems working fine but, as I am new to linux world, I need advise on below steps and I might be missing any best practice on these configuration especially on step 2, 3 & 6.
Note: I am thinking to implement DR using azure site recovery so as per my understanding I am configuring dynamic dns settings (step 6).

#1# Install required packages
yum install realmd sssd krb5-workstation krb5-libs oddjob oddjob-mkhomedir samba-common-tools -y

#2# Add the DNS suffix to hostname
hostnamectl set-hostname ${HOSTNAME,,}.$DOMAINLOWERCASE

systemctl restart NetworkManager

#3# Add domain to /etc/resolv.conf
cat <<EOF | tee -a /etc/sysconfig/network-scripts/ifcfg-eth0
DOMAIN=$DOMAIN
EOF

systemctl restart NetworkManager

#4# Initialise Kerberos
echo $PASSWORD | kinit $USERNAME@$DOMAIN

#5# Join the domain
echo $PASSWORD | realm join $DOMAIN -U $USERNAME@$DOMAIN --computer-ou=$OUPATH --verbose

#6# Dyndns settings and homedir settings
cat <<EOF | sudo tee -a /etc/sssd/sssd.conf
dyndns_update = true
dyndns_refresh_interval = 43200
dyndns_update_ptr = true
dyndns_ttl = 3600
dyndns_auth = gss-tsig
override_homedir = /home/%d/%u
EOF

systemctl restart sssd



Any Suggestion/feedback will be much appreciated. Thanks.

 

[linuxnaive]

Appreciate any suggestion or feedback on the query.

 

[f33dm3bits]

Having to configure kerberos and other services needed to join a domain the chances are high you will run into something or make mistake and will cost you a load of time to debug. Just use IDM that way you can have your IDM server create a trust with a Windows AD and have your Linux clients talking to your IDM server.

Installing Identity Management Red Hat Enterprise Linux 8 | Red Hat Customer Portal

Depending on your environment, you can install Red Hat Identity Management (IdM) to provide DNS and Certificate Authority (CA) services, or you configure IdM to use an existing DNS and CA infrastructure. You can install IdM servers, replicas, and clients manually or by using Ansible Playbooks...

access.redhat.com

Installing Identity Management Red Hat Enterprise Linux 8 | Red Hat Customer Portal

This documentation collection provides instructions on how to install Identity Management on Red Hat Enterprise Linux 8 (RHEL).

access.redhat.com