Ubuntu with Active Directory log on
I have several boxes running around the house, and some I rarely need to connect to. For that reason I keep forgetting what login to use. Solution is to have all authenticate to Active Directory.
Starting with a clean installation you need a few packages
sudo apt install ntp realmd sssd sssd-tools adcli \ samba-common samba-common-bin samba-libs krb5-user packagekit
Create a new file /etc/realmd.conf containing
[users] default-home = /home/%U default-shell = /bin/bash [active-directory] default-client = sssd os-name = Ubuntu Desktop Linux os-version = 16.04.1 [service] automatic-install = no [ds.resoft.no] fully-qualified-names = no automatic-id-mapping = yes user-principal = yes manage-system = no
Get a kerberos ticket from the Active Directory
sudo kinit Administrator@DS.RESOFT.NO Password for Administrator@DS.RESOFT.NO:
You shouldn’t get anything back if the command succeeded. We now know our machine can authenticate itself on Active Directory. Move on.
Join the domain
sudo realm join -U Administrator ds.resoft.no Password for Administrator:
Even if realm did a good job configuring the system, it fails. Edit /etc/sssd/sssd.conf and change access_provider from simple to ad.
access_provider = ad
Creating home directories
Edit the file /etc/pam.d/common-session and add the statements below
# Create home directories automagically session required pam_mkhomedir.so skel=/etc/skel umask=0077