I have written articles on how to start using RealmD and SSSD for integrating ubuntu into a windows network. However, prior to that I wrote an article on using PBIS. RealmD and SSSD is, by far, the superior method IMHO and experience, so for all of those folks that want to switch, you probably want to get rid of PBIS on a bunch of servers. To that end, I just wanted to drop a line (for myself and anyone else that needs it) on how to remove an existing PBIS install on a server.
Thankfully, PBIS did make it pretty easy, the two following commands will get you there:
sudo /opt/pbis/bin/domainjoin-cli leave
sudo /opt/pbis/bin/uninstall.sh uninstall
The first command disconnects/unjoins your server from the domain. The second command removes PBIS.
There is probably some additional cleanup that can and should be done as well but I think that the above will at least clear the way for working with SSSD and RealmD.
Update 3/31/2016 – PBIS doesn’t work well as of late and this method has been superceded by this article here: http://www.kiloroot.com/add-ubuntu-14-04-server-or-desktop-to-microsoft-active-directory-domain-login-to-unity-with-domain-credentials/
Update 5/18/2014 – I created scripts to automate 90% of this process. I still recommend you read this post before just jumping in and using the scripts so that you know what exactly it is you are doing. However the scripts can save you a lot of time. You can get them by clicking here.
If you are like me and work in a mixed environment then the above topic is probably quite important to you. Especially if you also happen to be a security person for your organization and centralized account administration is a big deal.
In this tutorial, I will be walking through how to join an Ubuntu 14.04 LTS Server to a Windows Active Directory Domain. Furthermore, we will be adding a new domain group to the “sudoers” group on the box so that our Domain Admins will automatically have the ability to use sudo to administer your Ubuntu Servers as needed.
Additionally, we will also be making it easy for them to login (no appending of the domain onto their user account name) and giving them the more user-friendly BASH shell, rather than the default SH.
All commands reference the fictional domain “CONTOSO.COM” to make the syntax easier to understand. The Domain Controller (DC) for the domain will be at “192.168.0.100”. The domain controller is assumed to be running DNS services as this is tightly integrated with Active Directory. The name of the domain admin in the Windows domain is “admin”