Prerequisites:OPNsense must use AD DNS (do not use DNS from DHCP/WAN)OPNsense must have a hostname in AD DNS (A and PTR)OPNsense must be in sync with AD DNS time (use one IP of AD in NTP)OPNsense must be in same domain as AD (hostname configuration page)Create a new Authorization server with ssoproxyad typeConfiguration:Configure Single-Sign-On page with appropriate informationExecute joinDomain buttonOPNsense should be in AD in computers OUReset comptuers from ADExecute UpdateDomainSelect Authorization server in Proxy pageTodo:Add cron job for auto-update keytabTest button should test prerequisites
# configctl ssoproxyad joinDomain