Tutorials

▷ How to join ubuntu 18.04 to active directory

2025
▷ How to join ubuntu 18.04 to active directory

Table of contents:

Anonim

We have already seen in another article how to join Windows computers to a domain, and this time we will see how to join Ubuntu 18.04 to Active Directory to be able to register in our system with users configured in our Windows Active Directory domain. The procedure will not be as simple as a Windows computer, but we will see that we can fully integrate it into the system, even giving users root permission.

Index of contents

Active Directory is a credentials and permissions management tool by connecting to a domain where a series of computers will connect to a server to request objects such as system users, network shares and other more advanced utilities.

But not only can we do this with Windows computers, we can also integrate Linux computers under a Microsoft domain more or less easily depending on the system version and distribution we have. One of the best integrated and most used by users is Ubuntu, and we are the one that we will use in its latest version 18.04.

Prerequisites and application to use

Well, the first thing we will have to take into account to connect a computer to the domain will be to have a network card with a connection, either to the Internet or to our LAN. In any of the cases, we will need, through a ping, for example, the server to respond correctly to the client's requests.

There are several ways to connect Linux to an Active Directory domain, some more direct and some less. For our part, we are going to present a form that we have found relatively quickly and without many complications. The selected application is called pbis-open, and it is available for download from its official website.

Currently, as of the date of this tutorial, it is at version 8.7.1, and is available for practically all versions of Linux.

We enter your page and a list of very rare named files will appear in.sh format. We are going to download the 64 bit version for our Debian based system. In our case it will be “pbis-open-8.7.1.494.linux.x86_64.deb.sh”, if we had a 32 bis version we would download the one named “pbis-open-8.7.1.494.linux.x86.deb.sh”

Install pbis-open

Well, once the package is downloaded, you will have to open a command terminal to carry out the installation process. From here on, we are going to go to root to carry out the whole integration process. Then we write:

I sweat his

To ascend to root.

CD

In our case it is located on the desktop, so we do "cd Desktop /".

In case we do not know, when we start to write something in the terminal, we can complete it by pressing the TAB key. The system will automatically detect the file that we intend to access.

To see the file execution permissions, we will put the following command:

ls -l

Permissions will appear to the left of the whole. We could assign different ones to have absolute control over the file in all users. Linux assigns permissions through letters, that is, we will have the string "rwx" which means "Read-Write-Execution". If you look at it, it is three characters that can be combined in 7 different ways, as if it were binary code.

This is why if we want full control over the file we will have to write the following:

chmod 777

Thus we will place an “ rwx ” in the three assignments of permissions of the file.

To execute and install the file, we will simply have to put the characters “./” in front of the file name:

./pbis-open-8.7.1.494.linux.x86_64.deb.sh

The decompression and installation process will begin.

Right at the end of the installation, the program will provide us with important information about how to join our Ubuntu machine to a domain. We will need to keep it in mind to do it soon.

At this point, it would be highly recommended to restart the computer.

Join Ubuntu 18.04 to Active Directory

We fully started the procedure to join Ubuntu 18.04 to Active Directory and be able to access the users and resources of the domain.

Configure Ubuntu network to point to Windows Server DNS

The first thing we will have to do is know the IP address of our server. This is very important because it depends on our client computer "understanding" the NetBIOS name of the Windows domain.

When installing Active Directory, we also need to install a DNS role on our server. In this way we can resolve NetBIOS names of the domain and computers connected to the server. The way to do this is to identify the IP Address of our server, the IP that we have assigned on the network card that connects to the Internet network.

To do this, we can go directly to the adapter configuration, and click on " Status ". We could also do it by using an ipconfig at a command prompt, or by going directly to the DNS role configuration panel of our server. In the section corresponding to our domain, we will see an entry with the name of our server and the IP address we have assigned.

Now we are going to go to the Ubuntu network configuration, located in the upper right area, and click on " Wired network configuration " (or Wi-Fi).

Once inside, we go to the " Wiring " section and click on the configuration wheel button to access the parameters that interest us.

Here, we must place the " Manual " option to be able to place the IP address of the domain server in the "DNS" section.

We can also place an appropriate IP address next to the network mask and gateway, so as not to lose the Internet connection. For this tutorial we are working directly from a physical computer which is directly connected to the router, and not to the LAN that the server may have.

Once this is done, click on " Apply ". We will press the on / off button, so that the network settings are updated. We then check in the " Details " tab that everything is as we have configured it.

A very good way to know that DNS is responding correctly is to go to our command terminal and write the following:

ping

When we ping a domain, we receive information about the server's IP address, just as we would with Google or another IP address.

We can also perform another check to see how the computer is solving the domain and IP address with the following command:

nslookup

In both cases we will obtain the IP address of our Windows Server 2016.

Note that although we have placed a domain name equal to that of our page, we are not receiving the IP address of the web page. This is because our DNS points to our server, not our Internet gateway.

Configure Ubuntu 18.04 to bind it to an Active Directory domain

Once all of the above has been done, it is necessary to fully enter the Ubuntu configuration to join it to the Domain. The process will have to be performed, either as root, or by placing it in front of the "sudo" command.

At this point we will have to differentiate two names of our server:

  • Real name: this will correspond to the name that we configure for Active Directory on the first screen of the wizard. NetBIOS Name: will be the name with which DNS and client computers associate the real name of the domain and the IP of the server.

Previously we saw that the program, after installation, gave us an example of how we should proceed to join the computer to the domain. Let's go one step further and see where the program's commands are stored.

cd / opt / pbis / bin /

ls

This path is where all the program's commands are stored. We will see that the one that interests us is the " domainjoin-cli"

Well, let's go there. We will place the command followed by our real domain name (not the NetBIOS name), and its administrator user.

If we put a user that we have created in our directory with standard permissions, we will skip a message of "Access denied". This is why we must unite the team with our server administrator credentials, in our case, and that of the majority being the " administrator " user.

domainjoin-cli join administrator@

In our case it will be: "domainjoin-cli join profesionalreview.com [email protected]". It will ask us for the password and then we will see how our team has successfully joined. Although this is far from over here.

To verify that our Ubuntu physical computer has indeed joined our server, we are going to go to the Active Directory administration window and go to the root of the domain. We can see that the team name appears perfectly connected to it.

At this point, it would also be advisable to restart the computer.

Configure Active Directory user access to Ubuntu 18.04

Now we will have another relatively easy problem to solve, and that is that we need a system to access Ubuntu with our own users stored in Active Directory. So we can do the same as we would do from a Windows computer directly.

This is partially solved in this version of Ubuntu, since, when we are on the lock screen, we will have an option of "Not listed? ”To give us the possibility to write a different username and password.

Even so, we are going to make sure that this is the case by modifying some lines in the configuration file of the login screen.

We access the command terminal to place ourselves again as root. Now we are going to access the file 50-ubuntu.conf to add a line:

gedit /usr/share/lightdm.conf.d/50-ubuntu.conf

We place the following line below the other:

greeter-show-manual-login = true

Then we save, and close the file.

After this, we will still have to make a very important modification so that the authentication system supports Active Directory users. We will write in the promt the following:

/ opt / pbis / bin / config / LoginShellTemplate / bin / bash

Then we restart the computer.

We will be able to enter with an Active Directory user in Ubuntu 18.04

Access with Active Directory user in Ubuntu 18.04

Once the computer has been restarted, we will click on "Not on the list?" in order to enter the username and password of a new user.

The authentication system must have the following structure:

  • User: @ Password: whichever is appropriate

We will see that we can correctly access the system with our administrator user. If we now open the user properties from the option located at the top right, we can verify that it is indeed a user that belongs to the domain. The real name of the domain is not shown, but its NetBIOS name. In the same way we will see that the permissions that the user has are of a standard one. Not because you are an administrator in Windows, you should also be one here.

We are going to close the session and we are going to test with another user that we have created in Activa Directory. For example, the one used for the tutorial for accessing a Windows system to AD, the well-known Antonio Fernandez Ruiz, for those who have followed our Active Directory installation tutorial.

Well, we do the same login procedure as with the administrator

[email protected]

We will see that indeed we could also have entered. This is reflected in the command terminal.

And user properties. Note that in this case, the NetBIOS name of the domain is not placed in front of the user, only its normal name.

Raising an Active Directory user to root in Ubuntu 18.04

Let's now run the test of raising a user, for example, administrator to root permissions in Ubuntu. We will find the following:

It indicates that this user is not in the sudoers file, which are basically the users with whom we could access as root on our computer. At this point, we could directly attach our user to the root list, although, frankly, it is not an elegant solution, so we will do it in a more beautiful way.

We are going to go for a while to our Windows Server 2016. In it we are going to basically create a new organizational unit that contains a group of users that can be raised to root in Ubuntu. Let's start.

We stand on the root of our domain profesionalreview.com and right click on it. We choose the option " New -> Organizational unit ".

Now we will proceed to enter it to create a new user by right-clicking and choosing " New -> User ".

We put the name that we think is necessary for our user with Ubuntu root permissions.

The next thing we will have to do is create a group within this organizational unit. To attach inside the user that we have created.

In the creation window, we will see the " Member of " section in the lower area. We will click on " Add " and we will put the name of the user.

Next, we will click on " Check names " so that it is verified, it only remains to accept in the windows so that the organizational unit is correctly structured.

Configure Ubuntu sweat file

We go back to our Ubuntu system where we will have to configure the sudoers file to add this group of Ubuntu_admins to the list of users with root permission, in this case, it will be directly a group.

We access with our main user to the system and we rise as root. And we write:

visudo

Directly we will open the editor of the file that eye, is with.tmp extension, this we will have to take into account when saving when we have modified and stored it.

We are on the line that says: "% admin ALL = (ALL) ALL ". We cut the line with " Ctrl + K " and paste it twice with " Ctrl + U ".

We will modify this second line leaving it as follows:

% PROREVIEW \\ Ubuntu_admins ALL = (ALL) ALL

Now we will do the same procedure with the line of "% sudo ALL = (ALL: ALL) ALL ". We will leave the second line as follows:

% PROREVIEW \\ Ubuntu_admins ALL = (ALL) ALL

This line will each place the name given to it by the GROUP of users that it has created.

To save, press the key combination " Ctrl + O " and, very important, remove the.tmp file extension so that it is saved in the actual file.

Raise Active Directory user to root

Once this is done, we will return to the lock screen and access with our newly created user to see if we can raise it to root.

To demonstrate that the user belongs to Active Directory we will write:

pwd

And we will verify that it indeed belongs to the domain, since a directory with the NetBIOS name of the domain has been created in our system.

We can also write:

go \\

Here we will see interesting information about the membership group of this user, in our case "Ubuntu_admins".

That said, we test:

I sweat his

It will request the password and we will be able to rise as root correctly. Now, every time we add a new user to the group created in our Active Directory, we can raise it to root.

With this we finish the process to join Ubuntu 18.04 to Active Directory, we hope that everything went well for those who follow this tutorial.

We also recommend these tutorials:

We hope that, despite the long tutorial, you have been able to correctly configure your Ubuntu system and integrate it with AD. If you have any problems please let us know. We will be back with more.

▷ Active directory what it is and what it is for [best explanation]

▷ Active directory what it is and what it is for [best explanation]

If you want to know what is Active Directory? and what is the Microsoft domain server, we invite you to visit this article.

▷ How to connect computer to active directory and access with user

▷ How to connect computer to active directory and access with user

If you already have your domain controller installed in Windows Server, ✅ we will now teach you how to connect a computer to Active Directory

▷ Install active directory on windows server 2016

▷ Install active directory on windows server 2016

If you want to learn how to install the Active Directory domain controller in Windows Server 2016 ✅ we teach you the step-by-step process

Tutorials

Editor's choice

Is HTC losing interest in Windows Phone?

Is HTC losing interest in Windows Phone?

2025
Samsung Ativ Q

Samsung Ativ Q

2025
Images of what could be the new Nokia Lumia EOS

Images of what could be the new Nokia Lumia EOS

2025
Build 2013 devices: waiting for manufacturers

Build 2013 devices: waiting for manufacturers

2025
Back to top button