Author Topic: Unable to Joing an Ubuntu 16.04 Desktop to my Domain  (Read 1439 times)

tinchux

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Unable to Joing an Ubuntu 16.04 Desktop to my Domain
« on: July 30, 2017, 09:29:40 pm »
Hello folks!
 
I'm working hard with this issue but I can not solve it. I joined successfully an ubuntu 14.04 workstation to the domain, also using the graphical interface with a domain user.

MY ISSUE IS THAT I CAN JOIN AN UBUNTU 16.04 WORKSTATION USING THE COMMAND LINE ... BUT I CAN NOT LOGIN A DOMAIN USER USING DE GRAPHICAL INTERFACE.

The command below works fine and  I see the workstation in the zentyal manager console...

Code: [Select]
$ sudo net ads join -U ad_admin_user
I changed the  workstation LightDM display manager by editing /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf file adding

Code: [Select]
greeter-show-manual-login=true
greeter-hide-users=true

Can somebody help me?

Regards!
Martín

opensesame

  • Zen Apprentice
  • *
  • Posts: 3
  • Karma: +2/-0
    • View Profile
Re: Unable to Joing an Ubuntu 16.04 Desktop to my Domain
« Reply #1 on: August 21, 2017, 06:36:08 am »
What behaviour do you see when you try to log in through the GUI?
What are you seeing in /var/log/auth.log?

I usually use realmd and sssd to handle the configuration of clients, so my overall process is slightly different to what you are doing. But the additional steps I take are as follows.

Create /etc/lightdm/lightdm.conf.d/50-manual-login.conf:
Code: [Select]
[Seat:*]
greeter-hide-users=true
greeter-show-manual-login=true

Edit /etc/security/group.conf to specify what local groups domain users should be added to during a session. Example:
Code: [Select]
*;*;*;Al0000-2400;cdrom,dip,plugdev,lpadmin

Create /usr/share/pam-configs/groups-ldap with the following content:
(File must NOT have a trailing blank line)
Code: [Select]
Name: Activate /etc/security/group.conf
Default: no
Priority: 900
Auth-Type: Primary
Auth:
        required                        pam_group.so use_first_pass

Enable the group settings and creation of the user's home directory on login:
Code: [Select]
$ sudo pam-auth-update
Make sure the following are enabled (do not disable others):
  Activate /etc/security/group.conf
  Create home directory on login