Can't login to Active Directory although Ubuntu 22.04.3 is joined to Active Directory successfully

Question

I have an Active Directory setup on a physical server Windows Server 2022 Datacenter Edition. I'm trying to join an Ubuntu 22.04.3 virtual machine to that AD. I follow the guide at this link (https://ubuntu.com/server/docs/service-sssd-ad). The first 4 steps at the guide work perfect (Software Installation, Join the domain, SSSD Configuration, Automatic home directory creation). AD Users and Computers shows the Ubuntu machine has joined the domain successfully. Then, I try the next step (which is to fetch information about AD users) using "getent passwd ..." and "groups ...".But those commands return nothing, even error. So, the "sudo login" with an AD user account doesn't work as well. Any help will be appreciated. Thanks.

Answer 1

Ref-1: https://ubuntu.com/server/docs/service-sssd-ad

Ref-2: https://ubuntu.com/engage/microsoft-active-directory Integration of Ubuntu Desktop with Microsoft Active Directory (White Paper)

Ref-3: https://thesecmaster.com/step-by-step-procedure-to-join-ubuntu-to-an-active-directory-certificate-authority/ item 3: "Set The DNS Server To Point To The DC Controller: Discover The Realm"

Ref-4: Wrong nameserver set by resolvconf and NetworkManager answer# 82 "changing the symbolic link"

Sample domain: sampledomain.local

Active Directory Server IP: 10.0.0.1

Active Directory Server name: dc.sampledomain.local

Ubuntu client name: ubuntuBox

Follow these steps:

1. Make sure the clocks of dc and ubuntuBox are synchronized (max 5 min difference)
2. Make sure the DNS service is configured and started on the dc.sampledomain.local
3. On ubuntuBox ping 10.0.0.1
4. Make sure ubuntuBox resolves the IP address of dc as 10.0.0.1 (type "nslookup dc.sampledomain.local").

If can not resolve, you can try following:

Change the DNS Server address on ubuntuBox to 10.0.0.1 and then type the following:

sudo rm -f /etc/resolv.conf

sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

reboot

Then retry "nslookup dc.sampledomain.local" command to return 10.0.0.1

5. On ubuntuBox type "hostname -f"

It it returns ubuntuBox.sampledomain.local, it is ok.

If it returns only ubuntuBox, you can try changing ubuntuBox in both /etc/hostname and /etc/hosts files to ubuntuBox.sampledomain.local

Then retry "hostname -f".

6. Then follow the steps in https://ubuntu.com/server/docs/service-sssd-ad