Adding an Ubuntu Machine to a Windows Domain

If you run a Linux server alongside Windows servers long enough, you'll eventually have the need (or request) to add that machine to a Windows domain. Thankfully, it's a rather easy process. Assuming you run Ubuntu, you can simply run the following commands, substituting the domain and a domain admin in place of EXAMPLE.COM and jsmith, respectively.

sudo apt-get install likewise-open
sudo domainjoin-cli join EXAMPLE.COM jsmith
sudo lwconfig AssumeDefaultDomain true

Out of the above lines, the first two are probably self-explanatory, but the third is likely a bit more opaque. After running the second line, our machine is on the domain, but domain logons need to be fully-qualifed. (e.g. EXAMPLE.COM\jsmith). This last line allows Likewise to accept just the username, by assuming that we are going to be using EXAMPLE.COM for domain logins.

With this complete, the only thing that is left is to give “Domain Admins” the ability to sudo. Otherwise, admins only have the ability to login, but not the ability to actually administer. On Windows, the name of the group to add would be “Domain Admins”. To figure out the name for Linux, we convert to lower case and replace spaces with carets. Thus “Domain Admins” on Windows is “domain^admins” on Linux. With this knowledge in hand, we can allow sudo privileges.

With your favorite text editor¹, add the following line to /etc/sudoers

%domain^admins   ALL=(ALL:ALL) ALL

Footnotes