Join Ubuntu to LDAP/Active Directory

Install these packages:

$ sudo apt-get update
$ sudo apt-get install realmd sssd packagekit

Join the domain

realm join domain-name --user admin_user

$ sudo realm join domain-name -U 'admin_user@domain-name'

List the domain

$ realm list
$ realm list --all

Leave the domain

realm leave domain-name --user admin_user

$ realm leave domain-name -U 'admin_user@domain-name'

/etc/sssd/sssd.conf

By default you will need to login with [email protected]. To login using username without @domain.name, change the use_fully_qualified_names to false.

#use_fully_qualified_names = True
use_fully_qualified_names = False

/etc/sudoers

If you find yourself unable to execute sudo, then you might want to edit these lines. You also can add yourself in sudo domain group.

Please note that if you set the use_fully_qualified_names = False you don’t need to add @domain.name postfix.

# -- DEFAULT --
# User privilege specification
root	ALL=(ALL:ALL) ALL

# Allow members of group sudo to execute any command
%sudo	ALL=(ALL:ALL) ALL

# -- TESTED --
user@DOMAIN	ALL=(ALL) ALL
%Domain\ Admins@DOMAIN	ALL=(ALL) ALL
"%Domain Admins@DOMAIN"	ALL=(ALL) ALL

# -- NOT TESTED --
DOMAIN\\user
%DOMAIN\\group

References:

• Quickstart: Joining a Linux VM to a domain (google.com)
• Ubuntu Manpage: realm – Manage enrollment in realms
• 3.3. realmd Commands Red Hat Enterprise Linux 7 | Red Hat Customer Portal