Using Powerbroker instead of likewise
do as steps below
1- download powerbroker frome here
http://download1.beyondtrust.com/Technical-Support/Downloads/PowerBroker-Identity-Services-Open-Edition/?Pass=True
2- run it ,
sudo chmod a+x
run by typing it and hitting enter key
sudo ./pibsfilename.sh
3- join by one of the below commands
sudo domainjoin-cli join domainname.com administrator@domainname.com
or
sudo domainjoin-cli join --disable ssh domainname.com administrator@domainname.com
4- Also, note that you might need to make one minor change to a config file as noted here. Namely, in the file /etc/pam.d/common-session
, change the line that reads:
session sufficient pam_lsass.so
to
session [success=ok default=ignore] pam_lsass.so
5- run this command to config, like lwconfig in likewise (run from home folder), use caret ^
for spaces in group names
/opt/pbis/bin/config Requiremembershipof "domainname\\ASecurityGroupFromYourDomain" "domainname\\plus^other^group"
/opt/pbis/bin/config AssumeDefaultDomain true
/opt/pbis/bin/config UserDomainPrefix domainname
6- if you want a username to be sudoer do as follows
sudo nano /etc/sudoers
after root line add the line below
username ALL=(ALL:ALL) ALL
for group use %
:
%DOMAINNAME\\Power^Users ALL=(ALL:ALL) ALL
7- and finally edit lightdm configuration file
sudo nano /usr/share/lightdm/lightdm.conf.d/50-unity-greeter.conf
allow-guest=false
greeter-show-remote-login=false
greeter-show-manual-login=true
(60-lightdm-gtk-greeter.conf
in Lubuntu 14.04)
8- Reboot
Resources used:
Best Answer
Well try this before installing likewise-open
Open Terminal
ping domain e.g. domain.com ping doimain controller e.g. domaincontroller.domain.com ping domain controller IP Address 192.168.X.X
For this Process I used ¨root user¨
$ sudo su
gedit /etc/hosts
Put this below the first two lines:
IPADDRESSOFDCSERVER SERVERNAME 192.168.0.1 Ubuntuserver1
gedit /etc/nsswitch.conf
look for line that says hosts and comment is out with ¨#¨ then add the following line above it:
hosts: files dns mdns4
gedit /etc/resolv.conf
comment out everything with ¨#¨ and add line below
search domain.com nameserver 192.168.X.X (IP ADDRESS OF DOMAIN CONTROLLER)
gedit /etc/dhcp3/dhclient.conf
Then add line below the ¨option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;¨
supersede domain-name ¨domain.com¨;
prepend domain-name-servers 192.168.0.2; (IP ADDRESS OF DOMAIN CONTROLLER)
Here I added the user I will be log into the machine with to a two group:
sudo visudo
under #User privilege specification: put domain user DOMAIN\username ALL=(ALL) ALL
and
under #Member of admin group may gain root privileges:
%DOMAIN\domain^users ALL=(ALL) ALL
Then Install likewise with the following:
apt-get install likewise-open likewise-open-gui
Then join the domain:
domainjoin-cli join --ou COMPUTERS DOMAIN.COM administrator
This is opitional to allow you to just type in the username without the domain:
lwconfig assumeDefaultDomain True
Then you reboot the machine:
sudo reboot
After reboot you login:
login with domain username
from terminal you now check to see if all configuration went well:
lw-get-status (to see if active Directory is there)
lw-enum-users (to see the user of active Directory)
If errors should occur like not seeing the login page:
Enable domain login on login screen
gedit /etc/lightdm/lightdm.conf
Acutally adding: greeter-hide-users=true (this hide the users so becareful with this one)
greeter-show-manual-login=true (This shows all users and login function)
To leave the domain
sudo domainjoin-cli leave
Let me know if this helps!