1

We currently have a solution to have our data partition encrypted with the keys stored on the system partition to allow for booting without user interaction, but not our system partition as we have no clue how to integrate our Suse VMs into Active Directory, which can store the encryption keys in the Azure Key vault?

Has anyone else ever done this before and if yes: how?

Improve this question

1 Answer 1

Reset to default
1

Let me preface with the fact that I don't know how to do it, and I cannot leave this answer as a comment, but I still want to give a suggestion to at least see if this might be a step in a direction that could help you solve your issue.

It looks like this is a multi-step process. A quick search returned this, which basically involves these steps:

  1. Configuring NTP, NSCD, DNS, and FQDN settings.
  2. Evaluating and choosing between SSSD and Winbind services.
  3. Installing necessary packages.
  4. Configuring the Kerberos client.
  5. Configuring smb.conf (for Winbind) or sssd.conf (for SSSD).
  6. Setting up NSS.
  7. Establishing a Kerberos connection and joining the domain.
  8. Configuring PAM.
  9. Optional LDAP client configuration.

I found the question to be a bit confusing, to be honest: do you already know how to join AD but want to know how to use the keys stored in the vault, or do you know how to use the keys and want to know how to join AD?

Improve this answer
1
  • I know how to join AD, just not how to store keys in the Azure vault. Thanks for the answer already. I will try this out tomorrow... Commented Jan 7, 2024 at 17:37

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.