How can I add Ubuntu to a windows domain?

36,098

Solution 1

After searching a lot, i just find the way myself. The steps i have followed in ubuntu 10.10 to join windows domain are as follows,

Open up the Ubuntu Software Center.
Search for “centrify” (No quotes).
Click Install.
Type your sudo password and press Enter.
Once the installation is finished you can then close out the Ubuntu Software Center.

Configure nsswitch file:

Open the terminal and type the following,

sudo editor /etc/nsswitch
Search for the line that says

hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
Put # infront of that line and add a new line

hosts: files dns
So that the file will look like
Also edit the following file, sudo editor /etc/centrifydc/group.ignore

You need to add the group “admin” (no quotes) to this list. If you do not do this your sudo users will not longer have sudo privileges. Without sudo privileges your users will not be able to install applications or run anything that needs administrative permissions. Once you have configured that file, save it. You are now ready to join the domain.

Now its time to join the domain. Type the following in your terminal,

sudo adjoin -w DOMAIN -u USERNAME

You will get the following confirmation.

    karthick@karthick:~$ sudo adjoin -w XXX.XX.COM -u Administrator
    Administrator's Active Directory password: 
    Using writable domain controller: xxxxxx.xxx.xx.com
    Join to domain:XXX.XX.COM, zone:Auto Zone successful

    Centrify DirectControl started.
    Loading domains and trusts information


    You have successfully joined the Active Directory domain: XXX.XX.COM
    in the Centrify DirectControl zone: Auto Zone

    You may need to restart other services that rely upon PAM and NSS or simply
    reboot the computer for proper operation.  Failure to do so may result in
    login problems for AD users.

Solution 2

I'm not sure, but you also need to edit /etc/nsswitch.conf and change "host" line like this:

hosts:    wins files mdns4_minimal [NOTFOUND=return] dns mdns4

At least, it helped me

Solution 3

Have you checked the DC to see if the computer object already exists? If it does - delete it - then try to rejoin. If you have more problems you can try running the following command listed below to get some more verbose logging:

> domainjoin-cli --loglevel verbose
> --log /tmp/domainjoin.log join domain fqdn AD account

Solution 4

One way to check if domain works as should, is to get someone to log into your PC with his domain credentials. This should create a new user and let him in. I had the same username locally, as the one I had in domain I joined, and it didn't work well. I had to rename my old account and then log in from the login screen with the domain credentials to get the correct user priviledges etc. associated with my Ubuntu account.

Edit:

I see you're attempting to join the domain from the command line. When I install Likewise Open, a window pops up with an easy to use GUI for joining the Domain. Have you attempted to join the domain using it instead of the CLI? In your case, clicking Leave Domain should bring it up. If not, you could try reinstalling the package and waiting a minute to see if the Wizard pops up.

As one final tweak, I've found out on few occasions that I have needed to add the Domain machine into the /etc/hosts file of my workstation, in order for the joining to work.

10.10.86.200 fvs-dc001.ourdomain.local
10.10.86.200 ourdomain.local

I replaced our actual domain name with "ourdomain" in the example above.

View more solutions

36,098

karthick87

Updated on September 18, 2022

Comments

karthick87 almost 2 years
I have installed likewise-open, but when I add an Ubuntu machine (10.10) to a domain, I am getting the following error:
```
Leaving AD Domain:   XXX.XX.XXX`                              
Error: Lsass Error [code 0x00080047]                       
1387 (0x56B) ERROR_NO_SUCH_MEMBER - Unknown error
```
Can someone sort this out?

Likewise-open shows me as being connected to domain. But how do I verify this?
- AD is managed by a Windows 2003 server.
I tried red's answer but it didn't work.
```
root@karthick:~# domainjoin-cli join XXX.XX.COM xxxxxxx
Joining to AD Domain:   XXX.XX.COM
With Computer DNS Name: karthick.xxx.xx.com

[email protected]'s password: 

Error: Lsass Error [code 0x00080047]

31 (0x1F) ERROR_GEN_FAILURE - Unknown error
```
- Likewise-open Gui is already installed, but I am not able to leave the domain and re-join.
- See the following screen shot:
I searched google and i came up with this. Is that a problem? Or can anyone help me to debug the cause?
- Pedram about 13 years
  
  NO_SUCH_MEMBER.You must add your machine using a trusted user in domain.The error says the user that you're providing to the likewise does not exist.
- karthick87 about 13 years
  
  Yeah i have done that already..
- RobinJ almost 13 years
  
  Is the Windows domain being managed by Windows Vista/7 or by Windows 2000/XP?
karthick87 about 13 years

In the above command what is fqdn ?
cprofitt about 13 years

Fully Qualified Domain Name = fqdn
cprofitt about 13 years

so the fqdn for a computer named workstation-01 on the domain disney.com would be workstation-01.disney.com
karthick87 almost 13 years

I tried but it din help..
red almost 13 years

Updated answer.
karthick87 almost 13 years

I did this, pls see my updated question..
red almost 13 years

I don't see your updated question addressing the GUI steps or problems with it?
red almost 13 years

Had forgotten this, was required of me as well in 10.10 but not any longer in 11.04!
karthick87 almost 13 years

It was already enabled,but still no use..