join Linux client to Samba4 Domain server
http://download1.beyondtrust.com/Technical-Support/Downloads/PowerBroker-Identity-Services-Open-Edition/?Pass=True
Q: Is it possible to join Linux client to Samba4 Domain server? If Yes, How?
A: Yes it is possible. You can use a third party client tool to do the same i.e. Power Breaker Integration Services i.e PBIS earlier known as Likewise which is now purchased by BeyondTrust.
For this article I will assume that you already have a working Samba 4 Domain Controller.
Login to the client Linux machine and download the pbis package from the below link
Download BeyondTrust PBIS package for linux or Mac
NOTE: Since I am using RedHat I have used rpm package for the demo, please download the package as per your OS and bit size
To check the bit size of your linux machine follow the below link
Find bit size of your *nix machine
Once the package is downloaded, make the file executable as shown below
Install the package
So the installation step was complete successfully now time to join your linux client to the domain server
Once the machine is successfully joined reboot the client machine for the change to take affect
After reboot verify if all the users under domain server are reflected on your client
NOTE: Since you are using pbis so the commands to list users will differ, you can get list of all the commands under /opt/likewise/bin or /opt/pbis/bin
Use the below command and syntax domain\\username
So as you see administrator user from my domain server is visible on my client. Now I also have a domain user "deepak" on my domain server. let me try to login from deepak on my client
So I have successfully logged in but into "sh" shell and my home location also shows different.
Well these are few things which has to be manually changed. Follow the below steps to do the same
On client
You can view all the configuration using the below command
Look out for the parameters you want to change. For example
To avoid using your domain name every time you login for a user (in case you only have one domain added to your client)
To change the default home directory location for domain users
To change the default login shell
Next try to view your domain users
http://www.golinuxhub.com/2014/05/how-to-configure-linux-client-to-join.html
http://download1.beyondtrust.com/Technical-Support/Downloads/PowerBroker-Identity-Services-Open-Edition/?Pass=True
Q: Is it possible to join Linux client to Samba4 Domain server? If Yes, How?
A: Yes it is possible. You can use a third party client tool to do the same i.e. Power Breaker Integration Services i.e PBIS earlier known as Likewise which is now purchased by BeyondTrust.
For this article I will assume that you already have a working Samba 4 Domain Controller.
Login to the client Linux machine and download the pbis package from the below link
Download BeyondTrust PBIS package for linux or Mac
NOTE: Since I am using RedHat I have used rpm package for the demo, please download the package as per your OS and bit size
To check the bit size of your linux machine follow the below link
Find bit size of your *nix machine
Once the package is downloaded, make the file executable as shown below
# chmod +x pbis-open-8.0.0.2016.linux.x86_64.rpm.sh
Install the package
# ./pbis-open-8.0.0.2016.linux.x86_64.rpm.sh
Creating directory pbis-open-8.0.0.2016.linux.x86_64.rpm
Verifying archive integrity... All good.
Uncompressing pbis-open-8.0.0.2016.linux.x86_64.rpm............
Would you like to install package for legacy links? (i.e. /opt/likewise/bin/lw
-find-user-by-name ->
/opt/pbis/bin/find-user-by-name) (yes/no) yes
Would you like to install now? (yes/no) yes
Installing packages and old packages will be removed
Preparing... ########################################### [100%]
1:pbis-open-upgrade ########################################### [100%]
Preparing... ########################################### [100%]
1:pbis-open ########################################### [100%]
Setting up SELinux Policy Module
Importing registry...
Preparing... ########################################### [100%]
1:pbis-open-gui ########################################### [100%]
Preparing... ########################################### [100%]
1:pbis-open-legacy ########################################### [100%]
Installing Packages was successful
New libraries and configurations have been installed for PAM and NSS.
Please reboot so that all processes pick up the new versions.
As root, run domainjoin-gui or domainjoin-cli to join a domain so you can log o n
with Active Directory credentials. Example:
domainjoin-cli join MYDOMAIN.COM MyJoinAccount
So the installation step was complete successfully now time to join your linux client to the domain server
# domainjoin-cli join TEST.COM administrator
Joining to AD Domain: TEST.COM
With Computer DNS Name: server2.test.com
administrator@TEST.COM's password: [administrator password of Samba4 Domain server]
Warning: System restart required
Your system has been configured to authenticate to Active Directory for
the first time. It is recommended that you restart your system to
ensure that all applications
recognize the new settings.
SUCCESS
Once the machine is successfully joined reboot the client machine for the change to take affect
After reboot verify if all the users under domain server are reflected on your client
NOTE: Since you are using pbis so the commands to list users will differ, you can get list of all the commands under /opt/likewise/bin or /opt/pbis/bin
Use the below command and syntax domain\\username
# /opt/pbis/bin/find-user-by-name test.com\\administrator
User info (Level-0):
====================
Name: administrator
SID: S-1-5-21-2928479140-2576742891-3975546437-500
Uid: 1709179380
Gid: 1709179393
Gecos: <null>
Shell: /bin/sh
Home dir: /home/administrator
Logon restriction: NO
So as you see administrator user from my domain server is visible on my client. Now I also have a domain user "deepak" on my domain server. let me try to login from deepak on my client
login as: test.com\deepak
Using keyboard-interactive authentication.
Password: [password for deepak]
Last login: Wed May 7 11:16:29 2014 from 192.168.1.2
sh-4.1$ pwd
/home/local/TEST/deepak
So I have successfully logged in but into "sh" shell and my home location also shows different.
Well these are few things which has to be manually changed. Follow the below steps to do the same
On client
You can view all the configuration using the below command
# /opt/pbis/bin/config --dump
Look out for the parameters you want to change. For example
To avoid using your domain name every time you login for a user (in case you only have one domain added to your client)
# /opt/pbis/bin/config AssumeDefaultDomain true
To change the default home directory location for domain users
# /opt/pbis/bin/config HomeDirTemplate "%H/%U"
# /opt/pbis/bin/config Local_HomeDirTemplate "%H/%U"
To change the default login shell
# /opt/pbis/bin/config LoginShellTemplate /bin/bash
# /opt/pbis/bin/config Local_LoginShellTemplate /bin/bash
Next try to view your domain users
# /opt/pbis/bin/find-user-by-name deepak
User info (Level-0):
====================
Name: deepak
SID: S-1-5-21-2928479140-2576742891-3975546437-1107
Uid: 1709179987
Gid: 1709179393
Gecos: deepak
Shell: /bin/bash
Home dir: /home/deepak
Logon restriction: NO http://www.golinuxhub.com/2014/05/how-to-configure-linux-client-to-join.html
No comments:
Post a Comment