Join Ubuntu to Active Directory PBIS

# This will join your linux system to the domain, ensure that your system name does not already exist as a computer account in the domain.  We will then restrict SSH access to only Domain Admins and then give Domain Admins SUDO on the system.

# You can replace domain admins with any AD group you create, for simplicity sake do not use spaces in the group you create.

# Replace bold with your information.  Contoso is your domain name and username is the name of a user in that domain that has the rights to join computers to the domain.

# add the repository key to your system

sudo wget -O - http://repo.pbis.beyondtrust.com/apt/RPM-GPG-KEY-pbis|sudo apt-key add -

# Create a file and copy the repository configuration to it

sudo wget -O /etc/apt/sources.list.d/pbiso.list http://repo.pbis.beyondtrust.com/apt/pbiso.list

# Update your package list

sudo apt-get update

# Install Power Broker

sudo apt-get install pbis-open

# Change Directory to the PBIS directory

cd /opt/pbis/bin/

# Join computer to domain

sudo domainjoin-cli join CONTOSO USERNAME

# Restrict SSH access to just domain admins

sudo /opt/pbis/bin/config RequireMembershipOf CONTOSO\\domain^admins

# Open the sudoers file for editing

sudo nano /etc/sudoers

# Add this to the end of the file so that domain admins have sudo rights

%CONTOSO\\domain^admins ALL=(ALL:ALL) ALL