Joining Ubuntu Server 17.04 to Windows AD: Likewise vs Centrify vs Winbind vs SSSD

I've actually used Centrify commercial version and can totally recommend it. However, it's not worth buying the full version for a pair of Linux hosts, really.

Winbind is a good free alternative though. Here's an updated guidance on how to deploy and configure it: https://www.starwindsoftware.com/blog/ubuntu-join-a-server-to-an-active-directory-domain

Sssd was pretty simple on Ubuntu. I followed the docs on their site https://help.ubuntu.com/lts/serverguide/sssd-ad.html and it worked perfectly. I liked that it was very simple to implement and there were no changes required to the DCs.

I would second Mr. Raspberry's comment that Centrify is a good option for joining linux/unix hosts to an AD domain.

In my opinion, Centrify has a few advantages over SSSD.

• Its easy to implement and maintain and not just for a few systems (like SSSD 30 machine limit), but enterprise wide as well.

• It works on well on complex systems that are not your basic vanilla setup (ie. multi-forest, one-way trusts, read only domain controllers (RODC), etc)

• It works on multiple OS types (Mac OSX, Linux, Unix and Windows)

• It has also been around for awhile (10+ years), so it has been tried and tested

• Centrify covers the classic "Triple A's" of secure Access Control; Authentication, Authorization and Auditing, instead of just authentication with SSSD.

• Centrify addresses the issue with Linux environments that have complex UID namespaces.

• There is also have a free version, Centrify Express, that has most of the same functionality as the paid version.

http://blog.centrify.com/centrify-vs-sssd-for-integrating-linux-with-active-directory/