Joining Ubuntu to Windows Active Directory [Notes]
Step 4 || sudo dpkg -i likewise-open_6.1.0.406-0ubuntu10_amd64.deb
Step 5 || sudo dpkg -i libglade2-0_2.6.4-1ubuntu3_amd64.deb
Step 6 || sudo dpkg -i likewise-open-gui_6.1.0.406-0ubuntu10_amd64.deb
Time to access the Likewise GUI to join your Windows Active Directory
Step 7 || sudo domainjoin-gui
Step 8 || reboot
Ubuntu 14.04 accepts only internal system users on Logon screen and doesn’t provide the ability to manual login a user from Active Directory.
Step 9 || To actually perform a GUI Logon on Ubuntu 14.04 with an Active Directory User you will need to edit the ‘50-ubuntu.conf‘ file located in ‘/usr/share/lightdm/lightdm.conf.d/‘ path and add the following lines then reboot to apply changes.
allow-guest=false
greeter-show-manual-login=true
Step 10 || reboot
After reboot on Logon screen select Login and provide your Active Directory User credentials with related to syntax.
domain_name\domain_user [this one works best J]
domain_name.tld\domain_user
domain_user
Extra Goodies
Enable Active Directory Administrative Rights
Remote users from Active Directory have the same Standard status as internal Ubuntu users and are not allowed to perform administrative tasks on system. To grant root privileges to an Active Directory Administrative User, issue the following command with root privileges.
$ sudo usermod -a -G sudo AD_administrative_user
Basically the above command, adds the Active Directory Administrative User to Ubuntu local group “sudo”, group enabled with root powers.
Hello, when I attempt to login with my DomainName\myUserName I always get error – incorrect password ( I am sure that I am typing it in correctly ) Can you please help?
is the machine able to contact your DNS server?
hai, I am a new user to this site,i need your help.
qus: How to enable AD users policies in ubuntu14.04 client server? and how to set default Ad login image in ubuntu
Hello,
Ubuntu 15.04 x64, on 7 step got error message:
“Error code: ERROR_FILE_NOT_FOUND (0x00000002)
Backtrace:
../domainjoin/domainjoin-gui/gtk/main.c:614
../domainjoin/libdomainjoin/src/djapi.c:257
../domainjoin/libdomainjoin/src/djroutines.c:54
../domainjoin/libdomainjoin/src/djauthinfo.c:1028”
Already rebooted and reinstalled… still don’t work, help me please.
PS: links was broken, i downloaded fresh ones:
likewise-open_6.1.0.406-0ubuntu5.1_amd64.deb
libglade2-0_2.6.4-1ubuntu1.1_i386.deb
likewise-open-gui_6.1.0.406-0ubuntu5.1_amd64.deb
hi i use the steps as you said, and ubuntu send me this :
–2015-05-20 12:50:30– http://de.archive.ubuntu.com/ubuntu/pool/main/l/likewise-open/likewise-open_6.1.0.406-0ubuntu10_amd64.deb
Resolving de.archive.ubuntu.com (de.archive.ubuntu.com)… 141.76.1.200, 141.30.13.20, 141.30.13.10, …
Connecting to de.archive.ubuntu.com (de.archive.ubuntu.com)|141.76.1.200|:80… connected.
HTTP request sent, awaiting response… 404 Not Found
2015-05-20 12:50:30 ERROR 404: Not Found.
do you have an idea.
these is my email raulstallworth@hotmail.com
hope you can help me thnks
the problem is that the link are no longer working. check out the video on the phone, but check it out on YouTube. Many people have enter the correct and active links under the comment section of the video. Hope this helps.
Any idea how to get this working with a 32 bit intel machine?
I’m using Unbuntu 64 bit and when i’m trying to join to my domain it gives me a DNS_ERROR_BAD_PACKET. A bad packet was received from a DNS server.Potentially the requested address does not exist.
try entering your DNS server IP address before you add it to your domain.
I am now able to login with a domain user account but that account needs an administrative privilages. Can you please suggest. I gave the command “sudo usermod -a -G “account name” but it shows an error ” usermod : group ” account name” not found. Please help
Hi, thank you for this amazing tutorial.
Am I able to use this for Ubuntu 12-04?
Thanks.
Eli from Israel.
Hi there just wanted to start off by saying thank you your tutorial is basically the only one out there that actually works and makes it easy to join ubuntu to a windows domain. I did have a question though, have you ever joined linux mint to a windows domain ? If so could you create a tutorial on how to go about doing so i thought it might be the same since mint is built on top of ubuntu but when i get to step 8 i cant locate the lightdm folder in the user share. It doesnt seem to exist on mint.
which version of Linux Mint are you trying to join to your domain?
There was a problem with DNS, fixed now!
how you fix the problem with ur DNS
Hello, when I attemp to login with myDomainName\myUserName I always get error – incorrect password ( I am sure that I am typing it in correctly ) Can you please help? 😀
When I get to step 4 I encounter the error:
“package architecture (amd64) does not match system (i386)”
I’m guessing it’s because my machine is using an intel processor instead of an AMD is there a way around this?
Never mind! I just just changed the amd part to i386 and it worked like a charm!
Awesome job. Did you make the changes on your VM file?
Hi, I have joined the system to domain and also can log in through the open port network we are using which require no password but i cant log in using other ports. Becaue we are having a network authentication for each user. after authentication only we can get the ip from the servers. So what i have to do now to get in to through normal ports. Please help me.
Abdul Mannan Qureshi
Karachi- Pakistan
Join Ubuntu 14.10 to a Windows Domain using PBIS Open
The following instructions will guide you through the process of joining an Ubuntu 14.10 / 14.04 clients to a Windows Domain using Power Broker Identity Services Open Edition version pbis-open-8.2.0.2969.linux.x86.deb.sh
Environment:
Windows Server 2008 R2 Standard Domain Controller
Ubuntu 14.10 / 14.04 LTS and Lubuntu 14.4 Client PCs
1. Download the most current stable version of Power Broker Identity Services Open Edition
Go to the following address and download the most current version of PBIS:
http://download1.beyondtrust.com/Technical-Support/Downloads/PowerBroker-Identity-Services-Open-Edition/?Pass=True
Or, from a terminal type the following commands:
cd ~
sudo wget http://download.beyondtrust.com/PBISO/8.2/linux.deb.i386/pbis-open-8.2.0.2969.linux.x86.deb.sh
2. Make the pbis installation script executable
In the terminal navigate to the directory where pbis-open-8.2.0.2969.linux.x86.deb.sh is located and execute the following command:
sudo chmod +x pbis-open-8.2.0.2969.linux.x86.deb.sh
3. Run the pbis installation script
From the terminal type the following command to install pbis open:
sudo ./ pbis-open-8.2.0.2969.linux.x86.deb.sh
4. Use PBIS Open to join your PC to the Windows Domain
From the terminal:
cd /opt/pbis/bin/
sudo domainjoin-cli join –disable ssh $domainname $domainaccount
*where domainname = the name of your domain and domainaccount = user@domainname.###
EXAMPLE: sudo domainjoin-cli join –disable ssh mydomain.com admin@mydomain.com
When prompted for a password supply the appropriate credentials and you should receive a “SUCCESS” prompt when finished.
5. Set-up default configuration for domain users
Use PBIS to pre-configure the user environment for all domain users that log into the newly added system.
From the terminal:
sudo /opt/pbis/bin/config UserDomainPrefix $domain
sudo /opt/pbis/bin/config AssumeDefaultDomain true
sudo /opt/pbis/bin/config LoginShellTemplate /bin/bash
sudo /opt/pbis/bin/config HomeDirTemplate %H/%U
sudo /opt/pbis/bin/config RequireMembershipOf “$domain\\$securitygroup”
6. Edit the pamd.d common-session file
From a terminal:
sudo vi /etc/pam.d/common-session
Find the line that states the following:
session sufficient pam_lsass.so
Replace it with:
session [success=ok default=ignore] pam_lsass.so
7. Edit the lightdm configuration file
Edit the lightdm configuration file and append the following lines:
sudo vi /usr/share/lightdm/lightdm.conf.d/50-unity-greeter.conf
allow-guest=false
greeter-show-manual-login=true
*If you are using Lubuntu 14.04 your lightdm configuration file will be: 60-lightdm-gtk-greeter.conf
8. Give sudo access to users/groups
Add any necessary administrative users and/or groups from your domain to the sudoers file to give them sudo privileges.
From a terminal:
sudo vi /etc/sudoers
*using the file’s configuration examples add users/groups appropriately.
EXAMPLE:
fadmin ALL=(ALL:ALL) ALL
9. Reboot and Log-in
Reboot your PC and log-in using an appropriate domain user account.
Conclusion:
These instructions have only been tested on Ubuntu 14.10 and 14.4, Lubuntu 14.04 LTS Distributions. With minimaltweaking these steps should also work for other distributions. Older and now deprecated versions of Likewise-Open should work in a similar fashion as PBIS-Open, and may be required on older distributions.
i have the same error
I have followed these instructions, except I did edit because it is a 32 bit machine. I was able to get it to join the domain, but when I try and log in as domain name\user it keeps telling me invalid password. I have tried more than one domain user.
Have you tried your domain name\username
Yes, I did try domain name\username both with .local at the end and not. It said it was successful, it added it to my active directory. It gives me two options when logging in, either administrator of the local machine or a Login section for domain I assume. I’m new to Ubuntu.