HOWTO: Active Directory authentication in Ubuntu 8.04 and 8.10
This is a second version of this other guide that applied to previous Ubuntu versions.
Since Ubuntu 8.04 (Hardy Heron), and now Ubuntu 8.10 (Intrepid Ibex) it come the Likewise Open package that makes basic Active Directory authentication in Ubuntu a breeze.
Just follow these steps:
sudo apt-get update
sudo apt-get install likewise-open
sudo domainjoin-cli join fqdn.of.your.domain Administrator
sudo update-rc.d likewise-open defaults
sudo /etc/init.d/likewise-open start
and you can now log into your machine using your DOMAIN\user credentials. Remember that the DOMAIN\ part is mandatory and that it represents the short name of your Active Directory domain. You can join the domain using any user with sufficient privileges (there’s no need to use Administrator), and you can even directly join the PC in a particular OU passing the –ou argument to domainjoin-cli. The fourth point maybe won’t be necessary when Ubuntu 8.04 LTS wil be released because it seems to be a bug in the package (it won’t start likewise on reboot, so if you don’t issue this command it would seem that nothing is working after a reboot).
I’ve just started to use this method on a test machine so I’ll leave more opinions on this product in the future.
EDIT: First impressions
After some days of not so extensive usage, I’ve seen a couple of things that it’s worth notice:
- the likewise-open process seems to “die” from time to time, blocking all your login accesses with a “ERROR” message. Restarting it through init script solves the issue… but it’s something that definitely should not happen
- It informs you on login if your password is going to expire in X days (as set in your GPO). Very nice indeed.
Notes to the readers: if you’re experiencing installation problem, the best way is to report them to the likewise-open-discuss mailing list. There you can contact directly likewise developers (of Samba fame) and solve your problems or doubts.
EDIT2: it seems that with the final Ubuntu 8.04 update, likewise-open package is now 100% stable, I didn’t have a single failure since last update (one week up, while before it died at least once per day)
EDIT3: as mentioned in the comment, with likewise-open 4.x you can add
winbind use default domain = yes
/etc/samba/lwiauthd.conf so you d’nt have to specify the DOMAIN\ part every time you log in your box.