Friday, June 26, 2009

Adding Ubuntu 9.04 Desktop to Windows 2008 Domain

As a present to one of my co-workers, I replaced his Vista system with Ubuntu 9.04 desktop. Below is how I added to my unit's Windows 2008 Active Directory. Please take note that you cannot add a computer object first and then reset it in AD.

Ran from a Terminal on the Ubuntu system:

sudo apt-get update
sudo apt-get install likewise-open
sudo domainjoin-cli join xxx.xxx.xxx yyyyyy

xxx.xxx.xxx = your fully qualified domain name
yyyyyy = domain admin user id

You will be prompted for the password of the domain admin account. Enter it and watch the fun. Reboot the system and login with xxx.xxx.xxx\userid.

As far as administrative privileges go, you can add an AD group or single account to sudeors on the Ubuntu system. At the terminal type in the following command:

sudo visudo

Under the
privilege section add either an individual AD account or group by adding:

xxx\\userid ALL=(ALL) ALL
%xxx\\groupid ALL=(ALL) ALL

xxx = YourDomain

Please note you will have to use the double back slashes.