📄️ Joining AD
Managing access to Linux machines on your network can be challenging. I've seen admins create all users on all machines, others that share accounts using SSH keys or even passwords, and still others that use LDAP binding (sometimes using the existing Active Directory infrastructure and sometimes using a separate domain) which requires them to write LDAP queries to filter access. All these methods make managing access to machines difficult, and they require the admins to be informed when someone has left or joined a team. Shared accounts can make logging mostly useless as everyone will have the same username. And I'm probably not alone in having a bad experience with HR informing technical teams when there's a change to a team. However, there's a way I've found that works well and integrates with what is typically a pre-existing process.
📄️ RealmD
RealmD can sometimes be utilized as a shortcut for joining a system to AD. Unfortunately, it skips a few quality of life options and some required options. I've come across a lot of people that have joined their systems to AD and ended up with the machines falling off the domain, dealing with slow logins, or complaining there's no way to manage who can log in. Using the method described here, I've had machine stay on the domain for years with no problems, all of the logins were fast, and I could easily manage who could log in and I even could have added SSH keys if I wanted.