Chapter 3. Using realmd to Connect to an Active Directory Domain

The realmd system provides a clear and simple way to discover and join identity domains to achieve direct domain integration. It configures underlying Linux system services, such as SSSD or Winbind, to connect to the domain.
Chapter 2, Using Active Directory as an Identity Provider for SSSD describes how to use the System Security Services Daemon (SSSD) on a local system and Active Directory as a back-end identity provider. Ensuring that the system is properly configured for this can be a complex task: there are a number of different configuration parameters for each possible identity provider and for SSSD itself. In addition, all domain information must be available in advance and then properly formatted in the SSSD configuration for SSSD to integrate the local system with AD.
The realmd system simplifies that configuration. It can run a discovery search to identify available AD and Identity Management domains and then join the system to the domain, as well as set up the required client services used to connect to the given identity domain and manage user access. Additionally, because SSSD as an underlying service supports multiple domains, realmd can discover and support multiple domains as well.

3.1. Supported Domain Types and Clients

The realmd system supports the following domain types:
  • Microsoft Active Directory
  • Red Hat Enterprise Linux Identity Management
The following domain clients are supported by realmd:
  • SSSD for both Red Hat Enterprise Linux Identity Management and Microsoft Active Directory
  • Winbind for Microsoft Active Directory