Last active
December 28, 2016 08:24
-
-
Save WildDogOne/425e7ba7791593f564da to your computer and use it in GitHub Desktop.
Install PBIS on Ubuntu 15.04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1. download powerbroker frome here http://download1.beyondtrust.com/Technical-Support/Downloads/PowerBroker-Identity-Services-Open-Edition/?Pass=True | |
2. sudo chmod a+x {filename} | |
sudo ./pibsfilename.sh | |
3. sudo domainjoin-cli join --disable ssh contoso.local administrator@contoso.local | |
4. sudo vim /etc/pam.d/common-session | |
add: "session [success=ok default=ignore] pam_lsass.so" | |
5. run this command to config, like lwconfig in likewise (run from home folder), use caret ^ for spaces in group names | |
/opt/pbis/bin/config Requiremembershipof "contoso.local\\ASecurityGroupFromYourDomain" "contoso.local\\plus^other^group" | |
/opt/pbis/bin/config AssumeDefaultDomain true | |
/opt/pbis/bin/config UserDomainPrefix contoso.local | |
6. if you want a username to be sudoer do as follows | |
sudo vim /etc/sudoers | |
after root line add the line below | |
%DOMAINNAME\\Power^Users ALL=(ALL:ALL) ALL | |
else you can also add the Usernames to the respective group(s) under /etc/group | |
7. sudo vim /usr/share/lightdm/lightdm.conf.d/50-unity-greeter.conf | |
add | |
allow-guest=false | |
greeter-show-remote-login=false | |
greeter-show-manual-login=true | |
If the Unit file is not made by the Installer (early version of 15.04) | |
Do these steps before joining the domain (or else error "Unit lwsmd.service failed to load" will happen) | |
1. Create the file lwsmd.service in /lib/systemd/system like this: | |
sudo vim /lib/systemd/system/lwsmd.service | |
[Unit] | |
Description=BeyondTrust PBIS Service Manager | |
After=network.target | |
[Service] | |
Type=forking | |
EnvironmentFile=/opt/pbis/libexec/init-base.sh | |
ExecStart=/opt/pbis/sbin/lwsmd --start-as-daemon | |
ExecReload=/opt/pbis/bin/lwsm refresh | |
ExecStop=/opt/pbis/bin/lwsm shutdown | |
# We want systemd to give lwsmd some time to finish gracefully, but still want | |
# it to kill lwsmd after TimeoutStopSec if something went wrong during the | |
# graceful stop. Normally, Systemd sends SIGTERM signal right after the | |
# ExecStop, which would kill lwsmd. We are sending useless SIGCONT here to give | |
# lwsmd time to finish. | |
KillSignal=SIGCONT | |
PrivateTmp=true | |
[Install] | |
WantedBy=multi-user.target nss-lookup.target | |
2. sudo cd /etc/systemd/system | |
sudo ln -s /lib/systemd/system/lwsmd.service | |
3. service lwsmd status | |
4. service lwsmd start | |
5. systemctl enable lwsmd.service | |
6. Reboot | |
7. Domainjoin | |
8. Login with domain user, it is possible that you'll have to login as a local user first, and logout again. | |
I am not sure why this is | |
Good Guide for debugging: | |
http://download1.beyondtrust.com/Technical-Support/Downloads/files/PBISO/Manuals/PBISO_Installation_and_Administration_Guide_V7.0.pdf |
Hi dear all,
I want to join my Ubuntu 15.04 client to samba4 AD DC, and I'm installing PBIS but by unknown reason the /opt directory is removed. So, I can't install it, and join to AD DC.
When I trying to install the following message is displayed
root@king:/home/king# ./pbis-open-8.2.2.2993.linux.x86.rpm.sh
Creating directory pbis-open-8.2.2.2993.linux.x86.rpm
Verifying archive integrity... All good.
Uncompressing pbis-open-8.2.2.2993.linux.x86.rpm............
Would you like to install package for legacy links? (i.e. /opt/likewise/bin/lw-find-user-by-name -> /opt/pbis/bin/find-user-by-name) (yes/no)
Would you like to install package for legacy links? (i.e. /opt/likewise/bin/lw-find-user-by-name -> /opt/pbis/bin/find-user-by-name) (yes/no) y
Would you like to install now? (yes/no) y
Installing packages and old packages will be removed
Missing package file for pbis-open-upgrade
Missing package file for pbis-open
so, if any one who have a solution please!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Systemctl Enable Error
Not sure if it is possible to make a pull request for this or I would just have done that.
I found errors for steps 2 through 5. Here are the fixes that stop the error "Failed to execute operation: Too many levels of symbolic links" which happens on step 5.