Ubuntu 14.04 Power Broker and Samba4

Power Broker allows users to log into Ubuntu Desktops using their AD usernames and passwords. There method described below in essence follows Spiceworks,
although a DNS issue arises when the AD is driven by Samba 4 (rather than Windows Server).

This issue can be resolved before following the method linked to above.

Handling Samba 4 DNS

sudoedit /etc/nsswitch.conf

Edit the line begining hosts to

hosts: dns [NOTFOUND=return]


Installing Power Broker

Now we follow Spiceworks directly.

Download the most current stable version of Power Broker Identity Services Open Edition
Go to the following address and download the most current version of PBIS:

Make the downloaded file executable.

chmod +x ...

Execute the file as root.

sudo ...

No for legacy links and yes for install.

sudo domainjoin-cli join --disable ssh domainname domainaccount

sudo reboot

Test

sudo getent passwd

If working you will see users from your domain.

From a terminal:
sudoedit /etc/pam.d/common-session

Find the line that states the following:
session sufficient pam_lsass.so

Replace it with:
session [success=ok default=ignore] pam_lsass.so

Edit the lightdm configuration file and append the following lines:

sudoedit /usr/share/lightdm/lightdm.conf.d/50-unity-greeter.conf
and append

allow-guest=false
greeter-show-manual-login=true

Reboot.

At the login screen, click Login, after which the username and password is requested. Users may log in with MYDOMAIN\domainusername and their domain password. If this user has not logged on before, a new home directory is created /home/local/MYDOMAIN/domainusername, although all that can be configured via Power Broker.