Join Active Directory domain with Ubuntu Hardy and Likewise-Open

Installing is simple as Likewise-open is now in the repositories:

sudo apt-get install likewise-open

However, I got an error message when trying to join the domain:

“Error: Unable to resolve DC name [code 0x00080026]resolving 'test.example.org' failed. Check that the domain name is correctly entered. Also check that your DNS server is reachable, and that your system is configured to use DNS in nsswitch."

Having checked the nsswitch.conf and resolve.conf files, and having followed the advice on the Ubuntu forums about setting a static IP for the domain joining process,  I checked the  nsswitch.conf file again and found that the entries for winbind were missing.

My revised /etc/nsswitch.conf looked like:

# /etc/nsswitch.conf
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         compat winbind lwidentity
group:          compat winbind lwidentity
shadow:         compat winbind

hosts:          files dns winbind
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis

Possibly related posts: (automatically generated)

~ by Paul Roach on March 19, 2008.

Posted in Active Directory, Ubuntu
Tags: , ,

10 Responses to “Join Active Directory domain with Ubuntu Hardy and Likewise-Open”

  1. If you put “winbind” then you’re bypassing the likewise-blackmagic, because in likewise winbind is substituted by lwidentity. How did you join the domain?

    Vide said this on April 25, 2008 at 11:58 am | Reply

  2. joined the domain using:

    >domainjoin-cli join domainname username password

    As mentioned…after setting a static IP, it joined fine and without fuss, but then wouldn’t let me log on using domain credentials. I’ve since found out that the method i used is a bit of a hack as it uses a combination of likewise to establish a computer account on the domain and then uses Samba/Winbind to authenticate afterwards….In theory, Likewise should just work if it allows the domain joining process to happen….

    Paul Roach said this on April 25, 2008 at 1:04 pm | Reply

  3. You post saved my life!

    chris plunkett said this on June 20, 2008 at 4:02 pm | Reply

  4. @Chris

    Glad to help :)

    Paul Roach said this on June 20, 2008 at 4:10 pm | Reply

  5. Thanks for yout post Paul!

    It works now!

    Is there a way to make a shortcut or to mount a user document share on the ad server on the Ubuntu client when the user logs in ?

    Francis said this on June 29, 2008 at 9:52 pm | Reply

  6. @ Francis

    Not done the automouting of /home directories here, but theres a tutorial here for Fedora that uses pam. I believe this should work as Likewise uses pam….scroll halfway down the post missing the domain joining process :)

    http://forums.fedoraforum.org/showthread.php?t=92804

    Roachy said this on June 30, 2008 at 7:28 am | Reply

  7. Thanks,

    I’m investigating this as i post but on the first look at it it seems a promissing solution!

    The big difficulty for me is that the files on Fedora and Ubuntu are a bit different in the naming! (im not a experimented linux user and this is making it hard to track the files needed to be changed)

    Thanks again Paul!

    Francis said this on June 30, 2008 at 6:10 pm | Reply

  8. Hi again,

    I’ve been trying to get the tuturial from the link at fedoraforum.org about pam mount but it seems that pam_mount is on fedora 9 differnt from fedora 8 so im unable to make this work.

    I have posted some topics asking for help on ubuntu forum and on fedoraforum on topics where there are other pepole asking for this or similar solutions but it seems that me and the others are asking for something like a tabu subject… i really dont know but i have psted several times being polite and until now 2 days passed and not even a reply.

    Do you think that this is not possible to do or could it be a tabu subject reserved only to canonical comercial support?

    Thanks again!

    Francis said this on July 1, 2008 at 12:02 pm | Reply

  9. Hardy 8.04 likewise-open package has a bug.
    My experience with it is that it did not start the likewise-open service on startup. Even after making sure the start up scripts were placed correctly on the /etc/rcN.d run levels.

    The package from the developers site works well. The only problem that I have noticed is that it takes a minute or so once the machine is rebooted to allow domain logons. It does allow cached logons however – this is OK for users who do not roam from one computer to another.

    TIP:
    Simply adding the line “winbind use default domain = yes” to the /etc/samba/lwiauth.conf file allows one to log in without having to specify the domain name.
    ie Just the active directory log on like you would use on a windows machine.

    Robert Warui said this on August 16, 2008 at 6:19 am | Reply

  10. Hello webmaster
    I would like to share with you a link to your site
    write me here preonrelt@mail.ru

    Alexwebmaster said this on March 3, 2009 at 10:00 am | Reply

Leave a Reply