From Fedora Project Wiki

(Initial page)
 
No edit summary
 
(5 intermediate revisions by 3 users not shown)
Line 2: Line 2:
|description=Join the current machine to an Active Directory, and prevent automatic installation of packages.
|description=Join the current machine to an Active Directory, and prevent automatic installation of packages.
|setup=
|setup=
# Fulfill the [[QA:Testcase_realmd_prerequisites|prerequisites and make sure your Active Directory domain access works]]. realmd 0.14.0+ and adcli 0.6+ are required.
# Make sure you have other required software:
#* realmd 0.14.0 or later
# Verify that your [[QA:Testcase_Active_Directory_Setup|Active Directory domain access works, or set a domain up]].
# You need a domain account as an administrator.
# You need a domain account as an administrator.
# Leave realm(s) you are currently joined to.
# Leave realm(s) you are currently joined to.
# Remove necessary packages for joining active directory:
# Remove necessary packages for joining active directory:
#: <pre>$ sudo yum remove sssd adcli sssd-tools</pre>
#: <pre>$ sudo yum remove sssd adcli sssd-tools</pre>
# Tell realmd not to automatically install packages, by placing these lines in your <code>/etc/realmd.conf</code>.
# Tell realmd not to automatically install packages, by placing these lines in your <code>/etc/realmd.conf</code>. If <code>/etc/realmd.conf</code> does not exist (which is the default behavior), you will need to create a new <code>/etc/realmd.conf</code> file.
<pre>[service]
<pre>[service]
automatic-install = no</pre>
automatic-install = no</pre>
Make sure realmd is restarted:
<pre>
$ sudo killall realmd
</pre>
|actions=
|actions=
# Discover the domain, which should list the required packages:
# Discover the domain, which should list the required packages:
Line 16: Line 23:
# Try to join the domain, which should fail and list packages needed:
# Try to join the domain, which should fail and list packages needed:
#: <pre>$ realm join --user=Administrator server.ad.example.com</pre>
#: <pre>$ realm join --user=Administrator server.ad.example.com</pre>
#: The packages needed should be listed, like: <code>sssd</code>, <code>adcli</code>, <code>sssd-tools</code>
#: The packages needed should be listed, like: <code>sssd</code>, <code>sssd-tools</code>
 
|results=
|results=
# Now install the packages listed above using a <code>yum</code> command:
# Now install the packages listed above using a <code>yum</code> command:
#: <pre>$ sudo yum install sssd adcli sssd-tools samba-common
#: <pre>$ sudo yum install sssd adcli sssd-tools samba-common</pre>
# Perform the join again, this time it should complete without error
# Perform the join again, this time it should complete without error
}}
}}

Latest revision as of 18:18, 9 May 2013

Description

Join the current machine to an Active Directory, and prevent automatic installation of packages.

Setup

  1. Make sure you have other required software:
    • realmd 0.14.0 or later
  2. Verify that your Active Directory domain access works, or set a domain up.
  3. You need a domain account as an administrator.
  4. Leave realm(s) you are currently joined to.
  5. Remove necessary packages for joining active directory:
    $ sudo yum remove sssd adcli sssd-tools
  6. Tell realmd not to automatically install packages, by placing these lines in your /etc/realmd.conf. If /etc/realmd.conf does not exist (which is the default behavior), you will need to create a new /etc/realmd.conf file.
[service]
automatic-install = no

Make sure realmd is restarted:

$ sudo killall realmd

How to test

  1. Discover the domain, which should list the required packages:
    $ realm discover ad.example.com
    Check the required-package lines.
  2. Try to join the domain, which should fail and list packages needed:
    $ realm join --user=Administrator server.ad.example.com
    The packages needed should be listed, like: sssd, sssd-tools

Expected Results

  1. Now install the packages listed above using a yum command:
    $ sudo yum install sssd adcli sssd-tools samba-common
  2. Perform the join again, this time it should complete without error



Troubleshooting

Use the --verbose argument to see details of what's being done during a join. Include verbose output in any bug reports.

$ realm join --verbose server.ad.example.com