Join Active Directory domain with Ubuntu Hardy and Likewise-Open

March 19, 2008 by Paul Morgan-Roach 11 Comments

Installing is simple as Likewise-open is now in the repositories:

sudo apt-get install likewise-open

However, I got an error message when trying to join the domain:

“Error: Unable to resolve DC name resolving ‘test.example.org’ failed. Check that the domain name is correctly entered. Also check that your DNS server is reachable, and that your system is configured to use DNS in nsswitch.”

Having checked the nsswitch.conf and resolve.conf files, and having followed the advice on the Ubuntu forums about setting a static IP for the domain joining process,  I checked the  nsswitch.conf file again and found that the entries for winbind were missing.

My revised /etc/nsswitch.conf looked like:

# /etc/nsswitch.conf
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference’ and `info’ packages installed, try:
# `info libc “Name Service Switch”‘ for information about this file.

passwd:         compat winbind lwidentity
group:          compat winbind lwidentity
shadow:         compat winbind

hosts:          files dns winbind
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis


Filed under Active Directory, Ubuntu Tagged with , ,

11 Responses to Join Active Directory domain with Ubuntu Hardy and Likewise-Open

  1. Vide says:
    April 25, 2008 at 11:58 am

    If you put “winbind” then you’re bypassing the likewise-blackmagic, because in likewise winbind is substituted by lwidentity. How did you join the domain?

    Reply
  2. Paul Roach says:
    April 25, 2008 at 1:04 pm

    joined the domain using:

    >domainjoin-cli join domainname username password

    As mentioned…after setting a static IP, it joined fine and without fuss, but then wouldn’t let me log on using domain credentials. I’ve since found out that the method i used is a bit of a hack as it uses a combination of likewise to establish a computer account on the domain and then uses Samba/Winbind to authenticate afterwards….In theory, Likewise should just work if it allows the domain joining process to happen….

    Reply
  3. chris plunkett says:
    June 20, 2008 at 4:02 pm

    You post saved my life!

    Reply
  4. Paul Roach says:
    June 20, 2008 at 4:10 pm

    @Chris

    Glad to help :)

    Reply
  5. Francis says:
    June 29, 2008 at 9:52 pm

    Thanks for yout post Paul!

    It works now!

    Is there a way to make a shortcut or to mount a user document share on the ad server on the Ubuntu client when the user logs in ?

    Reply
  6. Roachy says:
    June 30, 2008 at 7:28 am

    @ Francis

    Not done the automouting of /home directories here, but theres a tutorial here for Fedora that uses pam. I believe this should work as Likewise uses pam….scroll halfway down the post missing the domain joining process :)

    http://forums.fedoraforum.org/showthread.php?t=92804

    Reply
  7. Francis says:
    June 30, 2008 at 6:10 pm

    Thanks,

    I’m investigating this as i post but on the first look at it it seems a promissing solution!

    The big difficulty for me is that the files on Fedora and Ubuntu are a bit different in the naming! (im not a experimented linux user and this is making it hard to track the files needed to be changed)

    Thanks again Paul!

    Reply
  8. Francis says:
    July 1, 2008 at 12:02 pm

    Hi again,

    I’ve been trying to get the tuturial from the link at fedoraforum.org about pam mount but it seems that pam_mount is on fedora 9 differnt from fedora 8 so im unable to make this work.

    I have posted some topics asking for help on ubuntu forum and on fedoraforum on topics where there are other pepole asking for this or similar solutions but it seems that me and the others are asking for something like a tabu subject… i really dont know but i have psted several times being polite and until now 2 days passed and not even a reply.

    Do you think that this is not possible to do or could it be a tabu subject reserved only to canonical comercial support?

    Thanks again!

    Reply
  9. Robert Warui says:
    August 16, 2008 at 6:19 am

    Hardy 8.04 likewise-open package has a bug.
    My experience with it is that it did not start the likewise-open service on startup. Even after making sure the start up scripts were placed correctly on the /etc/rcN.d run levels.

    The package from the developers site works well. The only problem that I have noticed is that it takes a minute or so once the machine is rebooted to allow domain logons. It does allow cached logons however – this is OK for users who do not roam from one computer to another.

    TIP:
    Simply adding the line “winbind use default domain = yes” to the /etc/samba/lwiauth.conf file allows one to log in without having to specify the domain name.
    ie Just the active directory log on like you would use on a windows machine.

    Reply
  10. Alexwebmaster says:
    March 3, 2009 at 10:00 am

    Hello webmaster
    I would like to share with you a link to your site
    write me here preonrelt@mail.ru

    Reply
  11. BastianBBux says:
    December 14, 2009 at 8:19 pm

    the most common problem about joining a domain via likewise-open is the mdns (which causes the resolve problem). just uninstall it, and once you joined the domain you may reinstall libnss-mdns and/or lib32nss-mdns (last one is needed by google-earth).
    This is a very anoying bug/missing feature in likewise open.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>