ad

Joining linux servers to Microsoft AD for user login and authentication can be a daunting task. The following is the simplest (in my opinion) way to join an Ubuntu server or workstation to AD. This method was tested on Ubuntu 18.04 LTS and allows the use of AD group for SSH access and file permissions. It also automatically creates the local home directory when a user logs in. Enable the universe repository (required for krb5-user package):

When a domain controller has been offline for more than the specified tombstone lifetime, it is considered bad and will no longer replicate properly with the other controllers. When this happens, new users, groups, and other objects will not be synchronized anymore on this server. It can cause issues with emails sent to these new users. If the email server can still check for the user in the AD against the bad server, emails won’t be delivered since it thinks that the user does not exist.