A couple of days ago I posted full instructions for integrating an Ubuntu 14.04 LTS server into your Microsoft Active Directory Windows Domain. This is a short follow-up to that post which can be found here:
To make my life easier I wrote three shell scripts that can be run to automate the majority of the setup. You simply run them in order as a root user on your linux server (sudo su). The first and third shell script initiate a server reboot at the end. These reboots are necessary. You will need to modify the second and third scripts with information from your environment. I have commented both explaining what needs to be changed.
Without further ado, here are the scripts:
chmod +x pbis-open-126.96.36.1996.linux.x86_64.deb.sh
shutdown now -r
## The above script downloads the latest version of of PBIS as of this script's creation. If a newer version comes out and you want it you will need to change the download link and the chmod and bash command lines.
if [ -z "$1" ]; then
echo "Starting up visudo with this script as first parameter"
export EDITOR=$0 && sudo -E visudo
echo "Changing sudoers"
echo '%linuxadmins ALL=(ALL:ALL) ALL' >> $1
### The last echo line adds the "linuxadmins" domain security group to the sudoers list. Change the name if you need to add another/different domain group. Active Directory Security Groups with spaces in their names will not work unless you format the name correctly and I am honestly not sure what the syntax is. Perhaps using a ^ for spaces will work?
/opt/pbis/bin/domainjoin-cli join contoso.local [email protected]
/opt/pbis/bin/config UserDomainPrefix contoso
/opt/pbis/bin/config AssumeDefaultDomain true
/opt/pbis/bin/config LoginShellTemplate /bin/bash
sed -i 's/sufficient/[success=ok default=ignore]/' /etc/pam.d/common-session
shutdown now -r
##Line 3 - change "contoso.local" to your windows domain name. Change "[email protected]" to a domain admin account in your Windows domain.
##Line 5 - change "contoso" to your domain
One important note, don’t run the scripts with the “bash” command. Rather initiate them by simply navigating to the directory you put them in and running
Don’t forget to chmod +x them first, otherwise they won’t be executable.
Need help running scripts? Check out this link.
Hope this saves you some time!