Ubuntu 14.04 Power Broker and Samba4
Power Broker allows users to log into Ubuntu Desktops using their AD usernames and passwords. There method described below in essence follows Spiceworks,
although a DNS issue arises when the AD is driven by Samba 4 (rather than Windows Server).
This issue can be resolved before following the method linked to above.
Handling Samba 4 DNS
sudoedit /etc/nsswitch.conf
Edit the line begining hosts to
hosts: dns [NOTFOUND=return]
Installing Power Broker
Now we follow Spiceworks directly.
Download the most current stable version of Power Broker Identity Services Open Edition
Go to the following address and download the most current version of PBIS:
Make the downloaded file executable.
chmod +x ...
Execute the file as root.
sudo ...
No for legacy links and yes for install.
sudo domainjoin-cli join --disable ssh domainname domainaccount
sudo reboot
Test
sudo getent passwd
If working you will see users from your domain.
From a terminal:
sudoedit /etc/pam.d/common-session
Find the line that states the following:
session sufficient pam_lsass.so
Replace it with:
session [success=ok default=ignore] pam_lsass.so
Edit the lightdm configuration file and append the following lines:
sudoedit /usr/share/lightdm/lightdm.conf.d/50-unity-greeter.conf
and append
allow-guest=false
greeter-show-manual-login=true
Reboot.
At the login screen, click Login, after which the username and password is requested. Users may log in with MYDOMAIN\domainusername
and their domain password. If this user has not logged on before, a new home directory is created /home/local/MYDOMAIN/domainusername
, although all that can be configured via Power Broker.
Recent Comments