** Also affects: livecd-rootfs (Ubuntu)
Importance: Undecided
Status: New
** Changed in: livecd-rootfs (Ubuntu)
Status: New => Fix Released
** Changed in: livecd-rootfs (Ubuntu)
Importance: Undecided => High
** Changed in: livecd-rootfs (Ubuntu Focal)
Importance: Undecided => High
** Changed in: livecd-rootfs (Ubuntu Focal)
Status: New => In Progress
** Description changed:
- TODO
-
[Impact]
This feature allows to join a machine to an Active Directory domain at
installation time.
It adds a check box in the user info stage, which once selected displays
a page to enter the credentials to join the domain.
It installs the required packages on the target filesystem and
configures SSSD and Kerberos so it works on first boot.
- This feature also required a change to the seed to include additional
packages for AD connectivity.
+ This feature also required:
+ 1. a change to the seed to include additional packages for AD connectivity.
https://git.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/+git/ubuntu/commit/?id=a83c543f5fb98d4a539815b89b43cf9076c00283
- and to the dependencies of Ubiquity to workaround bug 1921862 in Focal.
+ 2. A change to livecd-rootfs to add the required dependencies via a
+ chroot hook for the project ubuntu to workaround bug 1921862 in Focal.
[Test Plan]
Prerequisites:
A network with an up and running AD controller, DHCP and DNS.
1. Start the installer either from a live session or ubiquity-dm
2. Proceed to the step "Who are you?"
3. Enter the user and computer information. For the computer name, you must
use the FQDN.
4. Check box "Use Active Directory" and press continue.
5. Enter the address of the Active Directory controller and credentials of
the user allowed to add machines to the domain.
6. Verify that the server is reachable by pressing "Test Connection".
7. Once all the information has been entered and is valid, press "Continue"
to proceed with the remaining usual steps of the installation.
8. At the end of the installation you can reboot the machine and you are
ready to log in as a user of the domain on first boot
More information about initial installation on the ADSys' Wiki:
https://github.com/ubuntu/adsys/wiki/2.-Prerequisites
*Verification*
- - Log in as a user of the domain must succeed.
- - The home directory of the user must be created dynamically.
-
+ - Log in as a user of the domain must succeed.
+ - The home directory of the user must be created dynamically.
[Where problems could occur]
If the python code and debconf templates, Ubiquity won't start at all or
the user info page will not be displayed. So it will highly visible and
easy to diagnose.
Otherwise, SSSD and Kerberos may not be configured correctly and will
prevent login as an AD user. In this case, we still keep the local user
and it is possible to log in and diagnose and fix the issue.
[Other Info]
Built and tested on latest focal daily image.
** Description changed:
[Impact]
This feature allows to join a machine to an Active Directory domain at
installation time.
It adds a check box in the user info stage, which once selected displays
a page to enter the credentials to join the domain.
It installs the required packages on the target filesystem and
configures SSSD and Kerberos so it works on first boot.
This feature also required:
- 1. a change to the seed to include additional packages for AD connectivity.
+ 1. A change to the seed to include additional packages for AD connectivity.
https://git.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/+git/ubuntu/commit/?id=a83c543f5fb98d4a539815b89b43cf9076c00283
2. A change to livecd-rootfs to add the required dependencies via a
chroot hook for the project ubuntu to workaround bug 1921862 in Focal.
[Test Plan]
Prerequisites:
A network with an up and running AD controller, DHCP and DNS.
1. Start the installer either from a live session or ubiquity-dm
2. Proceed to the step "Who are you?"
3. Enter the user and computer information. For the computer name, you must
use the FQDN.
4. Check box "Use Active Directory" and press continue.
5. Enter the address of the Active Directory controller and credentials of
the user allowed to add machines to the domain.
6. Verify that the server is reachable by pressing "Test Connection".
7. Once all the information has been entered and is valid, press "Continue"
to proceed with the remaining usual steps of the installation.
8. At the end of the installation you can reboot the machine and you are
ready to log in as a user of the domain on first boot
More information about initial installation on the ADSys' Wiki:
https://github.com/ubuntu/adsys/wiki/2.-Prerequisites
*Verification*
- Log in as a user of the domain must succeed.
- The home directory of the user must be created dynamically.
[Where problems could occur]
If the python code and debconf templates, Ubiquity won't start at all or
the user info page will not be displayed. So it will highly visible and
easy to diagnose.
Otherwise, SSSD and Kerberos may not be configured correctly and will
prevent login as an AD user. In this case, we still keep the local user
and it is possible to log in and diagnose and fix the issue.
[Other Info]
Built and tested on latest focal daily image.
** Changed in: livecd-rootfs (Ubuntu Focal)
Assignee: (unassigned) => Jean-Baptiste Lallement (jibel)
** Description changed:
[Impact]
This feature allows to join a machine to an Active Directory domain at
installation time.
It adds a check box in the user info stage, which once selected displays
a page to enter the credentials to join the domain.
It installs the required packages on the target filesystem and
configures SSSD and Kerberos so it works on first boot.
This feature also required:
1. A change to the seed to include additional packages for AD connectivity.
https://git.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/+git/ubuntu/commit/?id=a83c543f5fb98d4a539815b89b43cf9076c00283
2. A change to livecd-rootfs to add the required dependencies via a
chroot hook for the project ubuntu to workaround bug 1921862 in Focal.
- [Test Plan]
+ [Test Plan Ubiquity]
Prerequisites:
A network with an up and running AD controller, DHCP and DNS.
1. Start the installer either from a live session or ubiquity-dm
2. Proceed to the step "Who are you?"
3. Enter the user and computer information. For the computer name, you must
use the FQDN.
4. Check box "Use Active Directory" and press continue.
5. Enter the address of the Active Directory controller and credentials of
the user allowed to add machines to the domain.
6. Verify that the server is reachable by pressing "Test Connection".
7. Once all the information has been entered and is valid, press "Continue"
to proceed with the remaining usual steps of the installation.
8. At the end of the installation you can reboot the machine and you are
ready to log in as a user of the domain on first boot
More information about initial installation on the ADSys' Wiki:
https://github.com/ubuntu/adsys/wiki/2.-Prerequisites
*Verification*
- Log in as a user of the domain must succeed.
- The home directory of the user must be created dynamically.
+ [Test Plan livecd-rootfs]
+ 1. Build an image with the patched version of livecd-rootfs
+ 2. Compare the manifest to an image without the patch
+
+ *Verification*
+ - No package should be removed with the patched version
+ - The following packages and their dependencies should be added: sssd,
realmd, adcli, krb5-config
+
+
[Where problems could occur]
If the python code and debconf templates, Ubiquity won't start at all or
the user info page will not be displayed. So it will highly visible and
easy to diagnose.
Otherwise, SSSD and Kerberos may not be configured correctly and will
prevent login as an AD user. In this case, we still keep the local user
and it is possible to log in and diagnose and fix the issue.
[Other Info]
Built and tested on latest focal daily image.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1921374
Title:
[SRU] New feature: Active Directory support
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/1921374/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
