Azure AD login for linux and windows(on premise)

                                 Azure AD login for linux and windows(on premise)


In this blog I will explain how to login to your on-premise Linux and windows instances using your Azure AD credentials without any need of on-premise AD.


First let us see how to do it in ubuntu:

For ubuntu we will be using ADAL for nodejs for implementing this.

You can get the code from the git-repo here,

https://github.com/thuvarageshchiv/adal-for-linux.git 

move to your home directory,

$ cd ~

$ git clone https://github.com/thuvarageshchiv/adal-for-linux.git

$ cd adal-for-linux/adal-auth-ubuntu/aad-login

$ ./install.sh [NAME of YOUR AZURE ACTIVE DIRECTORY] [APP CLIENT ID]


Now before running the script we need details of the Azure AD name and native application client ID.

To get your directory name just login to Azure active directory and switch to users and select the user for whom the access is needed.

The user name has a mail ID like thuvaragesh@example.com




here example.com is your directory name. If you give it like example.onmicrosft.com in other documents it wont work. This is the easiest way to find your directory name if  your organization uses multiple domain and directory.


Next switch to your Azure AD home => Enterprise application => new application => Create your own application => Register an application you're working on to integrate with Azure AD => name of the application.

Then for redirect url option select native and url as localhost://3000  and click register.


Now you have a native application configured for adal authentication now open the newly created application and on the overview copy the Application ID which is the Client ID.

Few more things to keep in mind are you need to give this application to 
1. access the directory as signed in user [admin user is preferred ie., you do all this using your Azure admin user portal]  and 
2. To read the directory data.

To do this click on API permissions and add the permissions search for Azure AD graph [ at the time of this blog Azure AD graph was on depreciation so you might need to use Microsoft graph API in future]

and select the above said two permissions.

The most important thing here is to select the highlighted option in the image and give admin consent to the your organization otherwise the authentication wont work.


Also you need to set a permanent password for the user by changing the temporary password.

We are all done now go to the cloned repo path and install the script as told above.

you should now be able to login to on-premise linux instance with Azure AD credentials both ssh and GUI.




Windows:


It is as simple as that just connect your organisation in the settings window in windows,









Comments

Post a Comment

Popular posts from this blog

Ubuntu 18.04 no audio error

                                                                   UBUNTU 18.04 NO AUDIO ERROR     I  am posting the fix which worked for me on Ubuntu 18.04. Permanent fix: sudo apt install alsa-tools-gui Run  hdajackretask Parser hints > jack_detect = no Apply now Install boot override Some times you get error while on Apply now like, /sys/class/soynd/hwC0D2/reconfig: device busy then kill the process like  $ sudo pkill pulseaudio Now reboot.
Read more

How to fix Permission denied (publickey). fatal: Could not read from remote repository

                        Fixing p ermission denied Public key and could not pull from remote repository Sometimes all of a sudden your repository throws an error while pulling, the public key was denied and the could not pull from the repository. To fix this we need to run,    $ eval `ssh-agent -s` [ the -s Generate Bourne shell commands on stdout ] Then run the command         $  ssh-add       which will ask for passphrase and once you gave the passphrase it will add your public key to the ssh agent. Now try to pull from the repository and it should work.
Read more