Wether we like or not Windows, most of companies have a domain under Microsoft Windows and by the way a network managed with an Active Directory server. If a Windows desktop is easily integrable in this kind of domain, it's not the same thing with a desktop on a Linux system.
Until now, it was necessary to be patient during some services configuration (winbind, samba, etc...) in order to be well authenticated. Now, there is a tool doing all these configurations : Likewise-open.
Likewise-open installation is quiet simple :
When installed, we have to configure the desktop to connect it to the Active Directory domain.
By default, Ubuntu installs a tool which, on principle, simplifies network connections but bring some problems : Avahi. So, we have to deactivate it :
Now, the Active Directory domain connection :
The username used here is the networrk administrator username and you have to replace pavnay.local with your own domain name.
Once the administrator's password given, it's possible to be authenticated on the desktop using your own login / password from the Active Directory using the login as : "DomainNameUsername".
Capturing the domain name before the username is restrictive and painful.
To not capture it, add at the end of the /etc/samba/lwiauthd.conf file the following line :
To go further in the integration, it's possible to mount automaically network shared resources set up in the Active Directory at login.
To mount them, it's necessary to install 2 softwares : smbfs for shared file system and libpam-mount to setting up them :
Once these packages installed, it's time to configure the PAM module. In the /etc/security/pam_mount.conf.xml file, add shared resources definitions.
For example, here, we mount the common$ shared folder hosted by the srv server from the PAVNAY domain into the /home/pavnay/DomainUsername folder. This XML structure is to add into the <volumes/> tags.
Once the PAM module configured, we have to integrate it in the authentication process.
To do this, create the /etc/pam.d/common-pammount file and put inside the following lines :
Then add a the end of the /etc/pam.d/gdm file :
Et voilà, now the Ubuntu desktop is configured to do authentication with the Active Directory (local authentication is always possible) and to auto-mount shared folders.
Articles similaires
| Comments |
|
|
|||||||||||
|
|||||||||||
|
|||||||||||
|
|||||||||||
|
|||||||||||
|
|||||||||||
