Wednesday 4 December 2013

Ubuntu + Active Directory, enable normal users to edit network settings

I recently setup a Ubuntu Linux system using likewiseopen for AD integration, however I found that normal users (even if they had sudo rights) had the edit network connections options grayed out on the gui.

This however I found can be easily fixed by doing the following

edit: /var/lib/polkit-1/localauthority/10-vendor.d/com.ubuntu.desktop.pkla

and change:

[Adding or changing system-wide NetworkManager connections]
Identity=unix-group:admin;unix-group:sudo
Action=org.freedesktop.NetworkManager.settings.modify.system
ResultActive=yes

to:

[Adding or changing system-wide NetworkManager connections]
Identity=unix-group:admin;unix-group:sudo;unix-group:users
Action=org.freedesktop.NetworkManager.settings.modify.system
ResultActive=yes

Then in the terminal (using an account with sudo rights) do the following

sudo adduser ADOMAIN\\Ausername users

Where ADOMAIN is your domain name ie. if your FQDN is AD.linuxisgreat.com then you would put AD in place of ADOMAIN.

eg.

sudo adduser AD\\bsmith users

Finally logout and then login the changed account and the option to change network settings should now be active from the network icon in the system menu bar.

No comments:

Post a Comment