The easiest way, at least for me, is to use the
likewise-open package. You can find the official documentation here. Under Ubuntu you can simple install this package using
apt-get install likewise-open
Once you have installed it, you can join a Active Directory (AD) as follow.
domainjoin-cli join --ou Hosting/<path>/<to>/<your>/<organization-unit> <server> <login-user>
where you need to define the path to your organization unit, which is displayed in the AD as a folder. The second parameter is the server and the last parameter is the user, that have rights to add new things in the AD.
Without any configuration, all AD users have login rights to your server. At first login, each user is getting a personal user folder under
/home/likewise-open and then a subfolder named as his username.
Restricting access to specific groups
By default, LikewiseOpen allows all AD users to logon. To limit this to specific groups you need to add required membership settings as follow:
lwconfig RequireMembershipOf "<server>\\<group-1>" "<erver>\\<group-2>" lw-update-dns
If you forget which groups have access to you server, you could check it by running the following command:
lwconfig --detail RequireMembershipOf
Now you are able to login to your server using active directory authentication: