Join Ubuntu 14.04LTS to a Windows Domain using PBI

The following instructions will guide you through the process of joining an Ubuntu 14.04 client to a Windows Domain using Power Broker Identity Services Open Edition version 8.0.1.2029 64bit.

(This process should also work for Lubuntu 14.04)

Environment: 
Windows Server 2012 Standard Domain Controller 
Ubuntu 14.04 LTS and Lubuntu 14.04 Client PCs

1.	Download the most current stable version of Power Broker Identity Services Open Edition Go to the following address and download the most current version of PBIS: http://download1.beyondtrust.com/Technical-Support/Downloads/PowerBroker-Identity-Services-Open-Edition/?Pass=True Or, from a terminal type the following commands: cd ~  sudo wget http://download.beyondtrust.com/PBISO/8.0.1/linux.deb.x64/pbis-open-8.0.1.2029.linux.x86_64.deb.sh
2.	Make the pbis installation script executable In the terminal navigate to the directory where pbis-open-8.0.1.2029.linux.x86_64.deb.sh is located and execute the following command: sudo chmod +x pbis-open-8.0.1.2029.linux.x86_64.deb.sh
3.	Run the pbis installation script From the terminal type the following command to install pbis open: sudo ./pbis-open-8.0.1.2029.linux.x86_64.deb.sh
4.	Use PBIS Open to join your PC to the Windows Domain From the terminal: cd /opt/pbis/bin/  sudo domainjoin-cli join --disable ssh $domainname $domainaccount *where domainname = the name of your domain and domainaccount = user@domainname.### EXAMPLE: sudo domainjoin-cli --disable ssh frijoles.com fadmin@frijoles.com When prompted for a password supply the appropriate credentials and you should receive a "SUCCESS" prompt when finished.
5.	Set-up default configuration for domain users Use PBIS to pre-configure the user environment for all domain users that log into the newly added system. From the terminal: sudo /opt/pbis/bin/config UserDomainPrefix $domain  sudo /opt/pbis/bin/config AssumeDefaultDomain true  sudo /opt/pbis/bin/config LoginShellTemplate /bin/bash  sudo /opt/pbis/bin/config HomeDirTemplate %H/%U  sudo /opt/pbis/bin/config RequireMembershipOf "$domain\\$securitygroup"
6.	Edit the pamd.d common-session file From a terminal:  sudo vi /etc/pam.d/common-session Find the line that states the following:  session sufficient pam_lsass.so Replace it with:  session [success=ok default=ignore] pam_lsass.so
7.	Edit the lightdm configuration file Edit the lightdm configuration file and append the following lines: sudo vi /usr/share/lightdm/lightdm.conf.d/50-unity-greeter.conf allow-guest=false  greeter-show-manual-login=true *If you are using Lubuntu 14.04 your lightdm configuration file will be: 60-lightdm-gtk-greeter.conf
8.	Give sudo access to users/groups Add any necessary administrative users and/or groups from your domain to the sudoers file to give them sudo privileges. From a terminal: sudo vi /etc/sudoers *using the file's configuration examples add users/groups appropriately. EXAMPLE: fadmin ALL=(ALL:ALL) ALL
9.	Reboot and Log-in Reboot your PC and log-in using an appropriate domain user account.

Conclusion

These instructions have only been tested on Lubuntu 14.04 and Ubuntu 14.04 LTS Distributions. With minimal tweaking these steps should also work for other distributions. Older and now deprecated versions of Likewise-Open should work in a similar fashion as PBIS-Open, and may be required on older distributions.

转载于:https://my.oschina.net/forlinux/blog/369677