Integrate Ubuntu 16.04 to AD as a Domain Member with Samba and Winbind – Part 8

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.95/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Matei Cezar

I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

45 Responses

  1. Darkcap says:

    Hi, This works all except that when i try getent doesn’t show AD users.

    Do i need to change something else.


  2. Juan says:

    Hi, nice job, but i’m getting trouble with GID and UID, not the same as the AD, and that generates that AD Shared folders have wrong permissions.

    • Matei Cezar says:

      Try to add the below lines in samba server and on clients:

      Idmap config *:backend = tdb
      idmap config *:range = 85000-86000
  3. Matei Cezar says:

    You need to generate the SSH key on the client and copy the public key on the server with ssh-copy-id command. But only if your AD user has permissions to authenticate on the domain server. Is there any reason why a AD user must authenticate on server-side via SSH? The scope of a AD central authentication server is to provide and verify the credentials required by a account to login on the local box.

  4. Muhammad Yousery says:

    If there is any way to achieve ssh public key authentication between AD and the Ubuntu, I have followed your tutorial and it is great but it achieves only password authentication, not by public keys stored on AD.

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *