Joining Ubuntu 13.04 to Windows Domain

Apart from Windows, our University is supporting Fedora on workstations and CentOS on servers. Everybody is not happy with Fedora however and Ubuntu has become very popular during the last few years. Ubuntu isn’t supported in the same way as Fedora, which (for us) means that there’s only local users/authentication after a successful installation.

We need another way to authenticate and joining the computer to the Windows Active Directory Domain is an alternative. I did some research and LikewiseOpen seemed like the easiest way of accomplishing this.

“Likewise Open provides a complete authentication solution allowing *nix systems to be fully integrated into Active Directory environments. Created by Likewise Software to make Linux and Unix systems first class citizens on Windows networks, likewise-open will authenticate both Ubuntu Desktop Edition and Ubuntu Server Edition machines.”

Source: https://help.ubuntu.com/community/LikewiseOpen

 

My steps for joining an Ubuntu 13.04 machine to the Windows Domain / Active Directory:

sudo pico /etc/hostname , change it so it corresponds with the computers registered dns name

Install LikewiseOpen:

sudo apt-get install likewise-open likewise-open-gui (source: likewise documentation)

Join the domain:

sudo domainjoin-gui (cmd version wouldn’t work for me). Leave the domain with the same command

likewise

Fig 1. Joining the Domain

To get domain login options to the Ubuntu login screen (info for both 13.04 and 13.10):

for Ubuntu 13.04: sudo sh -c ‘echo “greeter-show-manual-login=true” >> /etc/lightdm/lightdm.conf’

for Ubuntu 13.10: sudo pico /etc/lightdm/lightdm.conf.d/10-ubuntu.conf

[SeatDefaults]
user-session=ubuntu
# to disable guest login
allow-guest=false
# to enable user login manually
greeter-show-manual-login=true

Sources:

http://askubuntu.com/questions/210712/ubuntu-12-10-likewise-and-logging-in-to-the-domain

http://askubuntu.com/questions/62564/how-do-i-disable-the-guest-session

 

By default you have to login to the domain with your user credentials in the form domain\username.

To skip this and login with only username:

sudo lwconfig assumeDefaultDomain true

Source: http://www.youtube.com/watch?v=sVT-0t4d48I

I had some problems finding the above command as the old trick will NOT work with Ubuntu 10 and newer versions.

(Old: sudo pico /etc/samba/lwlauthd.conf

winbind use default domain = yes)

 

Additional (optional) configuration and comments:

Put yourself as sudoer:

sudo pico /etc/sudoers

Install OpenSSH server:

sudo apt-get install openssh-server

edit /etc/hosts.allow & /etc/host.deny according to your needs.

 

Checking likewise configuration after successful domain join:

cat /etc/krb5.conf

Checking likewise version:

dpkg-query -W likewise-open

 

Printers:

My installed Windows domain printers seemed to work just fine in Ubuntu also. I only had to do some small changes to page size and page type.

Advertisements

One thought on “Joining Ubuntu 13.04 to Windows Domain

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s