How to join Ubuntu 15.04 to a Windows Domain using PBIS Open

On my previous post, I have written a tutorial on how to join Debian 8 Jessie to Windows Domain using manual way. Now, I want to show you how to join Ubuntu 15.04 to a Windows Domain using PBIS Open. By using PBIS Open package, joining an Ubuntu system to Windows Domain is easier. We don’t have to manually edit the conf files.

A. Download and install PBIS Open on Ubuntu 15.04

Open Terminal and use this command to download and install latest stable version of PBIS Open

cd ~/Downloads
wget http://download.beyondtrust.com/PBISO/8.2.2/linux.deb.x64/pbis-open-8.2.2.2993.linux.x86_64.deb.sh

or

cd ~/Downloads
wget http://download.beyondtrust.com/PBISO/8.2.2/linux.deb.i386/pbis-open-8.2.2.2993.linux.x86.deb.sh

Now install the package

For 64 bit system

cd ~/Downloads
chmod + x pbis-open-8.2.2.2993.linux.x86_64.deb.sh
sudo ./pbis-open-8.2.2.2993.linux.x86_64.deb.sh

For 32 bit system

cd ~/Downloads
chmod + x pbis-open-8.2.2.2993.linux.x86.deb.sh
sudo ./pbis-open-8.2.2.2993.linux.x86.deb.sh

At this point, PBIS Open is installed. But to get better result, we still need to configure few things.

Install ssh

sudo apt-get install ssh

B. Join Ubuntu 15.04 to Windows Domain

Still on terminal, execute this command to start joining Ubuntu 15.04 to existing Windows Domain

cd /opt/pbis/bin
sudo domainjoin-cli –disable ssh join gamblisfx.co.id administrator

Output

dhani@vervet:/opt/pbis/bin$ sudo domainjoin-cli join –disable ssh gamblisfx.co.id administrator
[sudo] password for dhani:
Joining to AD Domain: gamblisfx.co.id
With Computer DNS Name: vervet.gamblisfx.co.id

administrator@GAMBLISFX.CO.ID’s password:
SUCCESS

join ubuntu to windows domain

Change gamblisfx.co.id and administrator with your own Domain Controller credentials. Make sure it returned SUCCESS at the end of the result.

On my first trial, I got error on the lwsmd service. But there is a smart solution here. Create lwsmd service manually

sudo nano /lib/systemd/system/lwsmd.service

Add the following lines to the lwsmd.service file

[Unit]
Description=BeyondTrust PBIS Service Manager
After=network.target

[Service]
Type=forking
EnvironmentFile=/opt/pbis/libexec/init-base.sh
ExecStart=/opt/pbis/sbin/lwsmd –start-as-daemon
ExecReload=/opt/pbis/bin/lwsm refresh
ExecStop=/opt/pbis/bin/lwsm shutdown
# We want systemd to give lwsmd some time to finish gracefully, but still want
# it to kill lwsmd after TimeoutStopSec if something went wrong during the
# graceful stop. Normally, Systemd sends SIGTERM signal right after the
# ExecStop, which would kill lwsmd. We are sending useless SIGCONT here to give
# lwsmd time to finish.
KillSignal=SIGCONT
PrivateTmp=true

[Install]
WantedBy=multi-user.target nss-lookup.target

Now create symlinks

cd /etc/systemd/system
sudo ln -s /lib/systemd/system/lwsmd.service
sudo systemctl enable lwsmd.service

Now start lwsmd

sudo service lwsmd start

 

C. Edit lightdm configuration file

We need to edit the lightdm configuration file so we can login with other user (Domain users)

sudo nano /usr/share/lightdm/lightdm.conf.d/50-unity-greeter.conf

allow-guest=false
greeter-show-manual-login=true

Now reboot your Ubuntu and login with Domain Users.

join ubuntu to windows domain 2

 

Admin

5 Comments

  1. It is possible to use the profile path described on the AD user or access to the x drive ?

  2. Didn’t work for me. When running: sudo service lwsmd start
    I get:
    Job for lwsmd.service failed. See “systemctl status lwsmd.service” and “journalctl -xe” for details.

    Details of which are:
    ● lwsmd.service – BeyondTrust PBIS Service Manager
    Loaded: loaded (/lib/systemd/system/lwsmd.service; enabled; vendor preset: enabled)
    Active: failed (Result: signal) since Tue 2015-08-04 14:41:08 BST; 2min 41s ago
    Process: 6633 ExecStart=/opt/pbis/sbin/lwsmd –start-as-daemon (code=killed, signal=KILL)

    Aug 04 14:38:08 UKGRID0009 lwsmd[6633]: 20150804143808:INFO:lwsm-ipc: Listener started
    Aug 04 14:38:08 UKGRID0009 lwsmd[6633]: 20150804143808:INFO:lwsm-ipc: Listening on endpoint /var/lib/pbis/.lwsc
    Aug 04 14:38:08 UKGRID0009 lwsmd[6633]: 20150804143808:INFO:lwsm-ipc: Listener started
    Aug 04 14:38:08 UKGRID0009 lwsmd[6633]: 20150804143808:INFO: Likewise Service Manager startup complete
    Aug 04 14:39:38 UKGRID0009 systemd[1]: lwsmd.service start operation timed out. Terminating.
    Aug 04 14:41:08 UKGRID0009 systemd[1]: lwsmd.service stop-final-sigterm timed out. Killing.
    Aug 04 14:41:08 UKGRID0009 systemd[1]: lwsmd.service: control process exited, code=killed status=9
    Aug 04 14:41:08 UKGRID0009 systemd[1]: Failed to start BeyondTrust PBIS Service Manager.
    Aug 04 14:41:08 UKGRID0009 systemd[1]: Unit lwsmd.service entered failed state.
    Aug 04 14:41:08 UKGRID0009 systemd[1]: lwsmd.service failed.

    Suggestions welcome!

    • Hi,

      I’ve found the same problem when starting lwsmd service.

      After some investigation, it was an error due to copy paste in file “lwsmd.service”, line:

      ExecStart=/opt/pbis/sbin/lwsmd –start-as-daemon

      It should be:
      ExecStart=/opt/pbis/sbin/lwsmd –start-as-daemon

      Hope this helps other people.

      Nice article, helped me allot! :)

      • masga,

        “After some investigation, it was an error due to copy paste in file “lwsmd.service”, line:

        ExecStart=/opt/pbis/sbin/lwsmd –start-as-daemon

        It should be:
        ExecStart=/opt/pbis/sbin/lwsmd –start-as-daemon”

        Those look to be the exact same lines that you corrected. Am I missing something?

Leave a Reply

Your email address will not be published. Required fields are marked *