Can't login to Active Directory although Ubuntu 22.04.3 is joined to Active Directory successfully

TurgayK

8/17/24, 7:29 PM

I have an Active Directory setup on a physical server Windows Server 2022 Datacenter Edition. I'm trying to join an Ubuntu 22.04.3 virtual machine to that AD. I follow the guide at this link (https://ubuntu.com/server/docs/service-sssd-ad). The first 4 steps at the guide work perfect (Software Installation, Join the domain, SSSD Configuration, Automatic home directory creation). AD Users and Computers shows the Ubuntu machine has joined the domain successfully. Then, I try the next step (which is to fetch information about AD users) using "getent passwd ..." and "groups ...".But those commands return nothing, even error. So, the "sudo login" with an AD user account doesn't work as well. Any help will be appreciated. Thanks.

1 + 0

active-directory

sssd

Score:0

Ubuntu

TurgayK

8/30/24, 11:09 AM

Ref-1: https://ubuntu.com/server/docs/service-sssd-ad

Ref-2: https://ubuntu.com/engage/microsoft-active-directory Integration of Ubuntu Desktop with Microsoft Active Directory (White Paper)

Ref-3: https://thesecmaster.com/step-by-step-procedure-to-join-ubuntu-to-an-active-directory-certificate-authority/ item 3: "Set The DNS Server To Point To The DC Controller: Discover The Realm"

Ref-4: Wrong nameserver set by resolvconf and NetworkManager answer# 82 "changing the symbolic link"

Sample domain: sampledomain.local

Active Directory Server IP: 10.0.0.1

Active Directory Server name: dc.sampledomain.local

Ubuntu client name: ubuntuBox

Follow these steps:

Make sure the clocks of dc and ubuntuBox are synchronized (max 5 min difference)
Make sure the DNS service is configured and started on the dc.sampledomain.local
On ubuntuBox ping 10.0.0.1
Make sure ubuntuBox resolves the IP address of dc as 10.0.0.1 (type "nslookup dc.sampledomain.local").

If can not resolve, you can try following:

Change the DNS Server address on ubuntuBox to 10.0.0.1 and then type the following:

sudo rm -f /etc/resolv.conf

sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

reboot

Then retry "nslookup dc.sampledomain.local" command to return 10.0.0.1

On ubuntuBox type "hostname -f"

It it returns ubuntuBox.sampledomain.local, it is ok.

If it returns only ubuntuBox, you can try changing ubuntuBox in both /etc/hostname and /etc/hosts files to ubuntuBox.sampledomain.local

Then retry "hostname -f".

Then follow the steps in https://ubuntu.com/server/docs/service-sssd-ad

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Can't login to Active Directory although Ubuntu 22.04.3 is joined to Active Directory successfully

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.