Even in a Windows environment, Linux servers can play a critical role, they're better for a multitude of different tasks and workloads, and you don't have to deal with Windows updates.
This article isn't really about Windows vs Linux though, this is about glorious integrations for the Sysadmins who aren't quite as comfortable as they'd like to be with Linux.
If you're not running Linux in your shop because you're unfamiliar with it, hopefully this will answer some of your questions.
Join to Active Directory
Give admins SUDO privileges
Now that your server is on the Domain, you need your admins - to be admins.
This is accomplished quite easily, add a new file to
/etc/sudoers.d/ and fill in the users/groups you want to have sudo privileges like below:
Note: You should use visudo to modify the sudoers file, this is just an example pulled from my working config
Change default home directory
Add the following to the file
This ensures users get their own home directory in
/home/EXAMPLE.NET/username at logon
Restrict SSH Logins to approved users
You don't want any user to be able to login and browse around, so you'll likely want to try and restrict logins to approved users, bear in mind local accounts will not be able to login via SSH with this change
Allow SSSD Authentication for SSH
In order for the SSH service to be able to recognise AD accounts, you need to add it to the services field in the SSSD configuration config, here's an example config:
That should just about do it, let me know in the comments below if you have any questions, issues or suggestions!