If you have a Windows Active Directory or Windows Domain Controller running on your network, you can easily connect or join Fedora 22 desktop with Windows AD. When Fedora 22 is joined to an AD, we login to Fedora 22 desktop using any users in the Active Directory. Here, I will show you how to connect or join Fedora 22 to an Active Directory. On this example, I am using Fedora 22 desktop and Univention Corporate Server domain controller.
Server (Active Directory) details:
- OS: Univention Corporate Server as Primary Domain Controller
- Version: 4.0.2
- Domain name: gamblisfx
- Host name: server.gamblisfx.lan
- IP address: 10.34.0.1
Client details:
- OS: Fedora 22
- Hostname: fedora.gamblisfx.lan
- IP address: 10.34.0.200
How to join Fedora 22 to Active Directory
A. Set hostname
First we need to set the Fedora 22 hostname to match the domain hostname. Please read my previous tutorial to change the Fedora 22 hostname. Or simply use the following command:
set-hostname –static fedora.gamblisfx.lan
Check if it correctly set
[root@fedora Downloads]# hostnamectl status
Static hostname: fedora.gamblisfx.lan
Icon name: computer-vm
Chassis: vm
Machine ID: 86dc7968ef804ba0a2eee16aa51849a8
Boot ID: a04d6ea91aa5443cb14e8e6723f3337e
Virtualization: oracle
Operating System: Fedora 22 (Twenty Two)
CPE OS Name: cpe:/o:fedoraproject:fedora:22
Kernel: Linux 4.0.8-300.fc22.x86_64
Architecture: x86-64
B. Install required packages
We need to install some packages in Fedora. Use this command to install those packages
su
dnf install realmd sssd oddjob oddjob-mkhomedir adcli samba-common
C. Join Active Directory
Change the DNS on Fedora to currently active DNS server on your network
nmcli c modify enp0s3 ipv4.dns 10.34.0.1
nmcli c down enp0s3 ; nmcli c up enp0s3
Output
Connection ‘enp0s3’ successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/0)
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)
Note: enp0s3 is my network interface. You will need to check your own network interface using ifconfig command
Discover the Active Directory
Next we need to discover the existing Active Directory on your network
realm discover server.gamblisfx.lan
Output:
[root@localhost Downloads]# realm discover server.gamblisfx.lan
gamblisfx.lan
type: kerberos
realm-name: GAMBLISFX.LAN
domain-name: gamblisfx.lan
configured: no
server-software: active-directory
client-software: sssd
required-package: oddjob
required-package: oddjob-mkhomedir
required-package: sssd
required-package: adcli
required-package: samba-common-tools
Now Join the Active Directory
realm join server.gamblisfx.lan
You will need to enter the Administrator password.
[root@localhost Downloads]# realm join server.vitruvian.lan
id mapping 0 0
Password for Administrator:
Get user ID info
id gamblisfx\\dhani
Output:
[root@localhost Downloads]# id gamblisfx\\dhani
uid=684201113(dhani@gamblisfx.lan) gid=684200513(domain users@gamblisfx.lan) groups=684200513(domain users@gamblisfx.lan),684200512(domain admins@gamblisfx.lan),684201114(gis@gamblisfx.lan),684200572(denied rodc password replication group@gamblisfx.lan)
Make sure its possible to switch to an AD user
su – gamblisfx\\dhani
Output:
Creating home directory for dhani@server.gamblisfx.lan
Now log out and login to Fedora using your AD user.
So I got as far as your step to query the id of the AD user and received ‘no such user’.
Any ideas?
I followed your instruction and setup everything and connected to Window AD but when I get user from AD it show “No such user” but user is exist in WD
make sure you type the user with the following format:
gamblisfx\username