Corey

How to: Install Centrify DirectControl Express on Ubuntu 10.04/10.10/11.04 using the Ubuntu partner repository

by Centrify ‎09-03-2010 01:28 PM - edited ‎05-15-2011 05:04 PM

 

Through the DirectManage Express or DirectControl Express downloads you can quickly and easily join a Ubuntu 10.04 LTS (Lucid) or 10.10 (Maverick) or 11.04 (Natty) servers and desktops to Active Directory. Using either of these approaches an intelligent install script is used to install the DirectControl Express agent and join the system to Active Directory.

 

Many Ubuntu users however prefer to install software packages like Centrify DirectControl Express using the built in package managers like Software Center, Synaptic, Adept, Aptitude, apt-get or others.

 

Recently, Canonical has certified and published Centrify DirectControl Express in both the 10.04 LTS Lucid and 10.10 Maverick and 11.04 Natty Partner Repositories. This article will describe how to ensure that the partner repository is available and describe how to install DirectControl Express and join a system to Active Directory...

 

 

Before you get started, make sure you have:

 

  • The sudo password and rights to install the software regardless of the method used.
  • The username and password of an Active Directory account that has permission to join a computer to AD.
NOTE: Both DirectManage Express and DirectControl Express normal installation methods automatically install the Centrify-Enabled OpenSSH package. The method described in this article does not. If you want to use the Centrify-Enabled version of OpenSSH you will need to install using either the DirectManage or DirectControl approach using the default installer.
Now you are ready to get started:

As there are many tools to do installations, I am only going to cover two of them - Software Center and the CLI using apt tools.

 

  • The first step is to enable the Lucid (or Maverick) partner repository where the DirectControl Express package is made available. Via the Software Center you need to select Edit ==> Software Sources ==> Other Software (tab) and make sure the checkbox is checked for the partner repository "http://archive.canonical.com/ubuntu lucid partner" (or Maverick or Natty) as follows:

    4iB13AE4F85CF5C8F5

    You can also add the partner repository from the command line as follows (for lucid):

 

sudo add-apt-repository "deb http://archive.canonical.com/ lucid partner"

or for maverick:

 

sudo add-apt-repository "deb http://archive.canonical.com/ maverick partner"

or for natty:

 

sudo add-apt-repository "deb http://archive.canonical.com/ natty partner"
  • Once you have the partner repository added you are now ready to find and install the DirectControl bits. 

    From the Software Center you can search for Centrify and you will find the following package:

    6i350AE1D353CF13A7

    Simply select install, enter your sudo password and wait for installation.

    Alternatively you can install via apt-get as follows:
 sudo apt-get install centrifydc
  • Once you have successfully install the centrifydc package you must join the system to Active Directory.

sudo adjoin -w domain.name
where domain.name is the name of your Active Directory domain. 
NOTE: You will need your Active Directory administrator password to run this command. You may specify a user other than the default administrator with the -u option (--user). See the adjoin manpage for more information on how to run the adjoin command as another user.
Assuming this is successful you should be able to run the following command to verify the join:
adinfo
and the output should look something like this:
cowillia@ubuntu:~$ adinfo
Local host name:   ubuntu
Joined to domain:  centrify.se
Joined as:         ubuntu.centrify.se
Pre-win2K name:    ubuntu
Current DC:        se-win2k8ent.centrify.se
Preferred site:    Default-First-Site-Name
Zone:              Auto Zone
CentrifyDC mode:   connected
Licensed Features: Disabled
cowillia@ubuntu:~$ adinfo
Local host name:   ubuntu
Joined to domain:  centrify.se
Joined as:         ubuntu.centrify.se
Pre-win2K name:    ubuntu
Current DC:        se-win2k8ent.centrify.se
Preferred site:    Default-First-Site-Name
Zone:              Auto Zone
CentrifyDC mode:   connected
Licensed Features: Disabled

That’s all you have to do! You have now joined your Linux system to Active Directory! Verify authentication by attempting to log on to the Linux computer by using any Active Directory user account. When using Centrify DirectControl Express Edition, you are connected to the domain through Auto Zone, which is essentially one super zone for the forest. By default, when you join a domain by connecting to Auto Zone, all users and groups defined in Active Directory for the forest automatically become valid users and groups on the Linux or Mac OS X computer.
NOTE: GDM needs to be restarted before login for an AD user will work, the easiest way is to simply restart the system.

Post a Comment
Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.