List of downloads
List of downloads
You might have a fortress of Linux solitude at home, but unless you are one of the lucky ones working in a Linux-only environment, you can't escape the clutches of Microsoft and you are going to have to interact with Windows.
One of the trickiest aspects of getting Linux to play well with Windows is the Windows Domain. For the longest time this was a challenge most were simply not able to handle. This task required a very deep understanding of Samba and how to get Samba to communicate with Windows domain. Even armed with that knowledge, this wouldn't always work. That is, until now.
Fortunately, things have continued to get easier on the Linux operating system to where even what was once the most challenging tasks are mundane. One such tool that has made the challenge of joining a Windows domain is Likewise Open. Using Likewise Open's handy GUI tool (that also comes with an equally hand command line version) you can quickly and easily connect a Linux machine to a Windows domain.
Note: Packages were removed from PPA, and the project has been renamed to PowerBroker Identity Services “AD Bridge“. Go to www.beyondtrust.com for more details. (Download link)
This is simple. Follow these steps to get both the GUI and command line tools installed:
You are now ready to join your Windows domain. Let's tackle this via command line first.
Joining using the command line
You will be surprised how easy this is to do. Open up a terminal window and issue the following command:
sudo domainjoin-cli join DOMAIN_NAME USER
Where DOMAIN_NAME is the name of the Windows domain you want to join and USER is the user you authenticate with. You will be prompted for your user password and, upon successful authentication, you will have officially joined that domain! You should be able to do things like browse all machines on your network domain as well as connect to your Exchange server using Evolution!
If you want to leave the domain you can do so equally as easy with the command:
sudo domainjoin-cli leave
This will drop you from the domain you are currently joined.
To start up the GUI click F2 and enter domainjoin-gui to open up the graphical tool. This should be fairly straight-forward. You can name your computer what you want but you do have to use the exact domain name you would use to connect a Windows machine to your domain. In other words, if you domain is DOMAIN.LOCAL then use DOMAIN.LOCAL. If your domain is just DOMAIN then just use DOMAIN. As well, if you have to use an OU (Ogranizational Unit) to connect, make sure you have that correct. Once you have the information entered click Connect and an authentication window will appear. In this window you must enter your username and your password as you would enter them when connecting on a Windows machine. After you enter your credentials click OK and Likewise Open will attempt to connect. Upon successful authentication you will be a part of your company domain. Congratulations!
Now log out of your desktop and log back in with your domain credentials. This most likely will mean you will log in with the username in the DOMAIN\user configuration. You can also log in to your local machine by logging in with the standard username and password on your local system.
Since Ubuntu lists local users and (be default) doesn't allow entering your username manually, you will have to edit your /etc/lightdm/lightdm.conf.d/50-unity-greeter.conf and append this line:
This will allow you to enter your username manually. Or you can just hide all user
Then restart lightdm
sudo service lightdm restart
or simply restart your PC
EDIT: For Ubuntu 14.04 and later - use /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf and append the above lines, or create /etc/lightdm/lightdm.conf and enter:
[SeatDefaults] greeter-show-manual-login=true greeter-hide-users=true
You will find, when logged into your domain, that your user doesn't have sudo privileges. This means you will not be able to install software and administer various tasks. You can fix this by making an addition to the /etc/sudoers file. Open up the /etc/sudoers file and look for the line:
#Members of the Admin group may gain root privileges and do the following:
Under this line add the following:
%DOMAIN\GROUP ALL=(ALL) ALL
Where DOMAIN is the actual domain and GROUP is the group your user belongs to on the domain.
Now log out and log back in and your domain user should have sudoer privileges.