HowTo join xUbuntu 16.04 Desktop to NethServer-7 AD and automount ServerHomeDir


(fpausp) #1

HowTo join xUbuntu 16.04 Desktop to NethServer-7 Active Directory and automount ServerHomeDir

Please feel free to give me a feedback to be able to correct my howto. I mean technical and formulation (I am not a nativ speaker).

Warning:
This is based upon limited testing, and a small number of users. Both, Client and Server, were installed as VPS under Proxmox PVE.

Server prerequisites:
Installed NethServer 7.4 Server and updated from command line. Active Directory has been configured and the domain-name example.org was given.

Client prerequisites:
Installed xubuntu 16.04 (xubuntu-16.04.3-desktop-amd64.iso), with one local user who has local admin rights. DHCP-Client was activ to get an IP from the NethServer who is acting as DHCP-and AD-Server. It is important that the Debian Client can resolv DNS correctly.

**Info:**
Servername = neth7
Domainname = example.org

Now we can join the Domain example.org with:
+-+ Open a Terminal:

+-+ Get root:
sudo su

+-+ install some packages:
apt-get install realmd ntp adcli sssd libsss-sudo libpam-mount cifs-utils

+-+ Join Domain:
realm join --user=administrator example.org

+-+ Add override_homedir and override_shell, on the end:
nano /etc/sssd/sssd.conf
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
override_homedir = /home/%u@%d
override_shell = /bin/bash
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

+-+ Enable and start sssd:
systemctl enable sssd
systemctl start sssd

+-+ (all in one line)
echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0022" | sudo tee -a /etc/pam.d/common-session

+-+ Set sudoers permission:
echo "administrator@example.org ALL=(ALL) ALL" | sudo tee -a /etc/sudoers
echo "admin@example.org ALL=(ALL) ALL" | sudo tee -a /etc/sudoers

+-+ Automount Homedir (all in one line, after Volume definitions ):
nano /etc/security/pam_mount.conf.xml
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
               <!-- Volume definitions -->
<volume user="*" sgrp="domain users@example.org" fstype="cifs" server="neth7" path="%(DOMAIN_USER)" mountpoint="~/nethome" options="nosuid,nodev" />
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

+-+ Reboot xUbuntu 16.04 Desktop:
reboot

+-+ After the reboot, click on other and logon with:
user: administrator@example.org
pass: your-administrator-password

Cifs on nethserver 7
Problems getting my Ubuntu machines to join the AD
Ubuntu client NT_STATUS_WRONG_PASSWORD