A couple of days ago I posted full instructions for integrating an Ubuntu 14.04 LTS server into your Microsoft Active Directory Windows Domain. This is a short follow-up to that post which can be found here:

To make my life easier I wrote three shell scripts that can be run to automate the majority of the setup. You simply run them in order as a root user on your linux server (sudo su). The first and third shell script initiate a server reboot at the end. These reboots are necessary. You will need to modify the second and third scripts with information from your environment. I have commented both explaining what needs to be changed.

Without further ado, here are the scripts:


cd ~
wget 'http://download.beyondtrust.com/PBISO/'
chmod +x pbis-open-
bash 'pbis-open-'
shutdown now -r

## The above script downloads the latest version of of PBIS as of this script's creation. If a newer version comes out and you want it you will need to change the download link and the chmod and bash command lines.


if [ -z "$1" ]; then
  echo "Starting up visudo with this script as first parameter"
  export EDITOR=$0 && sudo -E visudo
  echo "Changing sudoers"
  echo '%linuxadmins ALL=(ALL:ALL) ALL' >> $1

### The last echo line adds the "linuxadmins" domain security group to the sudoers list. Change the name if you need to add another/different domain group. Active Directory Security Groups with spaces in their names will not work unless you format the name correctly and I am honestly not sure what the syntax is. Perhaps using a ^ for spaces will work?


cd ~
/opt/pbis/bin/domainjoin-cli join contoso.local administrator@contoso.local
/opt/pbis/bin/config UserDomainPrefix contoso
/opt/pbis/bin/config AssumeDefaultDomain true
/opt/pbis/bin/config LoginShellTemplate /bin/bash
/opt/pbis/bin/ad-cache --delete-all
sed -i 's/sufficient/[success=ok default=ignore]/' /etc/pam.d/common-session
shutdown now -r

##Line 3 - change "contoso.local" to your windows domain name. Change "administrator@contoso.local" to a domain admin account in your Windows domain.
##Line 5 - change "contoso" to your domain

One important note, don’t run the scripts with the “bash” command. Rather initiate them by simply navigating to the directory you put them in and running

Don’t forget to chmod +x them first, otherwise they won’t be executable.

Need help running scripts? Check out this link.

Hope this saves you some time!




1 of 1

7 comments on: Shell scripts for quickly integrating an Ubuntu 14.04 LTS server into a Microsoft Windows Server Active Directory Domain

  1. marko

    Thank you so much for this post/tutorial and of course the scripts!! Worked like a charm and saved me a lot of time! Great work!

    • nbeam

      You are very welcome! Getting Linux and Windows thrown together isn’t nearly as hard as it used to be. I owe everything to good Google searching and other people’s work. My frustration (and one of the reasons I started blogging) is that a lot of times things are definitely possible (because of the community’s hard work) but not readily accessible to the uninitiated 🙂 without doing loads of research. Anyhow, I am not a great shell scripter, I would love it if someone with more skills could come in behind me and perhaps figure out a way to merge everything into one script. This will get me where I need to go for now though 🙂 Thanks!

  2. Pingback: Add Ubuntu 14.04 LTS Server to a Windows Active Directory Domain – Fullest Integration | KiloRoot.com

  3. TheseDays

    For Active Directory groups I have found that _ works for spaces. %linux_admins would be for the AD group if a space existed.

  4. nol

    is this applicable in ubuntu 14.04 Desktop version.? i have installed the desktop version and i want this to add to our windows domain. hope to hear your reply. thanks noli

    • nbeam

      I haven’t tested this on the Desktop version of Ubuntu, only the server version. Based on comments on the main article for this topic though I am told it doesn’t work well for the desktop version of the OS :(.

  5. krushna

    can you create a single script with all values as parameter . That will really help to automate infrastructure .

    The procedure described working perfectly even without rebooting the ubuntu 14.04

Leave a Reply