Joining Active Directory

Test on freshly installed Debian 9.
Credit goes: https://www.tecmint.com/integrate-ubuntu-to-samba4-ad-dc-with-sssd-and-realm/

Make sure the hostname has been updated. (hostnamectl set-hostname newhostname).
apt install adcli realmd sssd sssd-tools packagekit policykit-1 apt install samba-common-bin samba-libs samba-dsdb-modules apt install krb5-user Join the "the.domain.name" domain:
realm join the.domain.name
Update /etc/sssd/sssd.conf: (Optional)
(I prefer to have use_fully_qualified_names = False and customize fallback_homedir)
(Also, default_shell = /usr/bin/zsh for me. ) [sssd] domains = the.domain.name config_file_version = 2 services = nss, pam [domain/the.domain.name] ad_domain = the.domain.name krb5_realm = THE.DOMAIN.NAME realmd_tags = manages-system joined-with-adcli cache_credentials = True id_provider = ad krb5_store_password_if_offline = True default_shell = /bin/bash ldap_id_mapping = True use_fully_qualified_names = False fallback_homedir = /home/%d/%u access_provider = ad
Add pam_mkhomedir.so to /etc/pam.d/common-session
session optional pam_mkhomedir.so skel=/etc/skel umask=077 Restart sssd service systemctl restart sssd
Try to identify a domain user with id id Administrator
The output should be something like this:
uid=900000500(administrator) gid=900000512(domain admins) groups=900000512(domain admins),900000520(group policy creator owners),900000519(enterprise admins),900001105(dc backup hosts),900001103(computers),900000518(schema admins),900000513(domain users),900000572(denied rodc password replication group),900001104(dc slave hosts)

Active Directory with Samba 4 Domain Controller on Raspberry Pi

This is just a collection of tutorials for a home network experiment.
The goal is to setup a small Active Directory domain to ease account management and local sharings.
The Domain Controller will be based on Samba 4 running on a Raspberry Pi. I'll have my other machines: several Windows, a few Debians, a Synology NAS, and potentially Mac OS X joining the domain.

Setting up Active Directory

(EDIT: Eventually, I found this guide. My DC just works with a bit tweak for static IP and unmask samba-ad-dc.service.)
Create an Active Directory Infrastructure with Samba4 on Ubuntu – Part 1 https://www.tecmint.com/install-samba4-active-directory-ubuntu/

(EDIT: This can be a good reference, but I failed somewhere. At some point, I realized that I don't really need a Samba DC Router, just too complicated.)
Samba 4 Domain Controller on Raspberry Pi
http://www.virtualfrontiers.co.uk/domain_controller.htm

Tweaking for user home folder
https://wiki.samba.org/index.php/User_Home_Folders

Joining Active Directory

Joining a Debian Client to Active Directory
https://wiki.debian.org/AuthenticatingLinuxWithActiveDirectory
http://www.alandmoore.com/blog/2015/05/06/joining-debian-8-to-active-directory/

Simplier version:
Join in Windows Active Directory Domain.
https://www.server-world.info/en/note?os=Debian_9&p=realmd

Complicated version:
Linux: Connecting a Linux server to Active Directory. All of the needed steps.
http://www.techpository.com/linux-connecting-a-linux-server-to-active-directory-all-of-the-needed-steps/