This is an old revision of the document!
Scope: Setup a ubuntu 12.04 client to authenticate to Active Directory and access mapped drives
apt-get install cifs-utils samba winbind ntp krb5-kdc krb5-admin-server rng-tools libpam-mount
sudo add-apt-repository ppa:webupd8team/nemo sudo apt-get update sudo apt-get install nemo nemo-fileroller
We will be using Samba or more specifically winbind to authenticate/lookup user via pam First we need to make a /etc/samba/smb/conf
[global] workgroup = DOMAIN realm = DOMAIN.NET preferred master = no server string = security = ADS encrypt passwords = true log level = 3 log file = /var/log/samba/smb.log max log size = 50 printcap name = cups printing = cups winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind nested groups = Yes winbind separator = + template homedir = /vol1/homes/%U idmap uid = 2000-20000 idmap gid = 2000-20000 ;template primary group = "Domain Users" template shell = /bin/bash obey pam restrictions = yes
Now we need to tell nsswitch to look to winbind for user data
# /etc/nsswitch.conf # # Example configuration of GNU Name Service Switch functionality. # If you have the `glibc-doc-reference' and `info' packages installed, try: # `info libc "Name Service Switch"' for information about this file. passwd: winbind compat group: winbind compat shadow: winbind compat hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis
Finally we need to join to the Active Directory Domain
net ads -U administrator join /etc/init.d/winbind restart
Now if you enter wbinfo -u you should get a complete list of AD users.