Ubuntu Desktops in enterprises using Entra ID?

Supporting Ubuntu Desktops in traditional Active Directory environments are working quite well using sssd, adsys and landscape.

But when it comes to an all cloud native environment using Entra ID, the traditional methods no longer works. So, what is the supported way to get Ubuntu Desktops to work in such an environment?
I’ve found this article https://ubuntu.com/blog/azure-ad-authentication-comes-to-ubuntu-desktop-23-04 However this seems already deprecated? Then there is the authd project here, https://github.com/ubuntu/authd but it’s unclear if this is a supported tool, and it doesn’t appear to be included in Ubuntu 24.04 LTS

Also, ADsys don’t work with Entra ID as there are no GPO’s in Entra. What’s the proposed way to manage clients then? MS InTune is very limited when it comes to what it can do in Linux. Landscape might be an alternative if one uses the cloud version. But even landscape lacks in functionality.

Does anyone have any insights? Thanks!

1 Like

Hi @jdoe53851 ! Your read of the status is correct, we’re reworking our aad_auth interim release implementation to support a wider range of use-cases and brokers. This work is happening in the new authd however we are not yet ready to land this work in the distro. We plan to bring it to Ubuntu 24.04 LTS with support for Entra ID in a future point release once the new functionality has been finalised and did not include aad_auth as a result. You can follow the development on Github and we’ll provide an update once its ready with additional documentation.

In terms of policy support this is a separate topic that is more complex as GPO support would indeed ideally be handled by MS Intune and therefore implemented by Microsoft.