userconfig changes

hosts/AZLT124-L/configuration.nix

@@ -21,7 +21,10 @@
   services.xserver.videoDrivers = ["amdgpu"];
   security.polkit.enable = true;
   security.pam.services.gdm.enableGnomeKeyring = true;
-  networking.hostName = "AZ-LPT-100";
+  networking = {
+    networkmanager.enable = true;
+    hostName = "AZLT124-L";
+  };
 
   # Define your hostname.
   # warp-terminal update fix
@@ -31,8 +34,6 @@
   # '';
   # Pick only one of the below networking options.
   # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
-  networking.networkmanager.enable =
-    true; # Easiest to use and most distros use this by default.
   # Set your time zone.
   time.timeZone = "Europe/Berlin";
 

hosts/AZLT124-L/default.nix

@@ -44,7 +44,7 @@
   home-manager = {
     useUserPackages = true;
     extraSpecialArgs = {inherit inputs outputs;};
-    users."sascha.koenig" = import ../../home/sascha.koenig/AZ-LPT-100.nix;
+    users."sascha.koenig" = import ../../home/sascha.koenig/AZLT124-L.nix;
   };
 
   # Configure nixpkgs to use unstable

hosts/AZLT124-L/services/ad.nix

@@ -5,8 +5,11 @@
 }: {
   environment.systemPackages = with pkgs; [
     adcli # Helper library and tools for Active Directory client operations
-    realmd # Diagnostic command; Does not configure AD client on NixOS
-    samba # Standard Windows interoperability suite of programs for Linux and Unix
+    oddjob # Odd Job Daemon
+    samba4Full # Standard Windows interoperability suite of programs for Linux and Unix
+    sssd # System Security Services Daemon
+    krb5 # MIT Kerberos 5
+    realmd # DBus service for configuring Kerberos and other
   ];
 
   #
@@ -72,20 +75,15 @@
         config_file_version = 2
         services = nss, pam
 
-        [pam]
-        offline_credentials_expiration = 365
-
         [domain/az-group]
         override_shell = /run/current-system/sw/bin/zsh
-        krb5_store_password_if_offline = true
-        cache_credentials = true
-        account_cache_expiration = 365
-        entry_cache_timeout = 14400
+        krb5_store_password_if_offline = True
+        cache_credentials = True
         krb5_realm = AZ-GROUP
         realmd_tags = manages-system joined-with-samba
         id_provider = ad
         fallback_homedir = /home/%u
-        ad_domain = az-group
+        ad_domain = your_domain_lowercase
         use_fully_qualified_names = false
         ldap_id_mapping = false
         auth_provider = ad
@@ -96,4 +94,21 @@
       '';
     };
   };
+
+  #
+  # Systemd
+  #
+  systemd = {
+    services.realmd = {
+      description = "Realm Discovery Service";
+      wantedBy = ["multi-user.target"];
+      after = ["network.target"];
+      serviceConfig = {
+        Type = "dbus";
+        BusName = "org.freedesktop.realmd";
+        ExecStart = "${pkgs.realmd}/libexec/realmd";
+        User = "root";
+      };
+    };
+  };
 }