Adding Ubuntu to a Windows Server 2008 Active Directory

This post is a step by step guide for joining an Ubuntu based Operating System to a Windows Server 2008 Active Directory. After a successful join the computer can then be accessed by AD users (as long as they have the required permissions by the administrator). The Operating System used in this example is Ubuntu 9.04 but this guide should work for all Ubuntu/Debian based systems like Backtrack 4. Step 1 – Configure nsswitch.conf Firstly, we need to configure the nsswitch.conf configuration file by adding/modifying the “hosts” line with the “files” and “dns” parameters. It is recommended that “files” should appear before “dns”. sudo nano /etc/nsswitch.conf

Step 3 – Installing likewise-open Likewise Open is a free, open source application that joins Linux, Unix, and Mac machines to

conf file and add/change the “prepend” line by adding the DNS server IP sudo nano /etc/dhcp3/dhclient.conf . we need to edit the /etc/dhclient.Microsoft Active Directory and securely authenticates users with their domain URL: http://www.conf file although this is NOT recommended since Ubuntu’s Network Manager plugin overwrites if you reboot your system. Therefore.likewise.php sudo apt-get install likewise-open Note that the following ports should be opened by the firewall Port Protocol Use 53 UDP/TCP DNS 88 UDP/TCP Kerberos 123 UDP NTP 137 UDP NetBIOS Name Service 139 TCP NetBIOS Session (SMB) 389 UDP/TCP LDAP 445 TCP SMB over TCP 464 UDP/TCP Machine password changes 3268 TCP Global Catalog search Step 2 – Manually registering Domain DNS server (If it is not automatically assigned by DHCP) The server could be registered by modifying the /etc/resolv.

Finally we ping a hostname registered with the Domains DNS server in order to make sure that is working sudo ifconfig eth0 down sudo ifconfig eth0 up ping ishlocal.”) Step 3 – Resetting the network connection In order for Network Manager to refresh the new settings we need to reset the network .Then add your Domain DNS servers IPs seperated by comma (“.

after restarting the system we can login using our Active Directory credentials .com Administrator Step 5 – Reboot and Login Finally.Step 4 – Registering with domain We can now join the domain by running the following command and authenticating as Administrator (as specified below). sudo domainjoin-cli join ishlocal.

our computer is registered with the Active Directory server .As you can see the user is authenticated and further information like fullname is retrieved Finally.