How to join Fedora 22 to Windows Active Directory

If you have a Windows Active Directory or Windows Domain Controller running on your network, you can easily connect or join Fedora 22 desktop with Windows AD. When Fedora 22 is joined to an AD, we login to Fedora 22 desktop using any users in the Active Directory. Here, I will show you how to connect or join Fedora 22 to an Active Directory. On this example, I am using Fedora 22 desktop and Univention Corporate Server domain controller.

Server (Active Directory) details:

  • OS: Univention Corporate Server as Primary Domain Controller
  • Version: 4.0.2
  • Domain name: gamblisfx
  • Host name: server.gamblisfx.lan
  • IP address: 10.34.0.1

Client details:

  • OS: Fedora 22
  • Hostname: fedora.gamblisfx.lan
  • IP address: 10.34.0.200

How to join Fedora 22 to Active Directory

A. Set hostname

First we need to set the Fedora 22 hostname to match the domain hostname. Please read my previous tutorial to change the Fedora 22 hostname. Or simply use the following command:

set-hostname –static fedora.gamblisfx.lan

Check if it correctly set

[root@fedora Downloads]# hostnamectl status
Static hostname: fedora.gamblisfx.lan
Icon name: computer-vm
Chassis: vm
Machine ID: 86dc7968ef804ba0a2eee16aa51849a8
Boot ID: a04d6ea91aa5443cb14e8e6723f3337e
Virtualization: oracle
Operating System: Fedora 22 (Twenty Two)
CPE OS Name: cpe:/o:fedoraproject:fedora:22
Kernel: Linux 4.0.8-300.fc22.x86_64
Architecture: x86-64

B. Install required packages

We need to install some packages in Fedora. Use this command to install those packages

su
dnf install realmd sssd oddjob oddjob-mkhomedir adcli samba-common

C. Join Active Directory

Change the DNS on Fedora to currently active DNS server on your network

nmcli c modify enp0s3 ipv4.dns 10.34.0.1
nmcli c down enp0s3 ; nmcli c up enp0s3

Output

Connection ‘enp0s3’ successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/0)
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)

Note: enp0s3 is my network interface. You will need to check your own network interface using ifconfig command

Discover the Active Directory

Next we need to discover the existing Active Directory on your network

realm discover server.gamblisfx.lan

Output:

[root@localhost Downloads]# realm discover server.gamblisfx.lan
gamblisfx.lan
type: kerberos
realm-name: GAMBLISFX.LAN
domain-name: gamblisfx.lan
configured: no
server-software: active-directory
client-software: sssd
required-package: oddjob
required-package: oddjob-mkhomedir
required-package: sssd
required-package: adcli
required-package: samba-common-tools

Now Join the Active Directory

realm join server.gamblisfx.lan

You will need to enter the Administrator password.

[root@localhost Downloads]# realm join server.vitruvian.lan
id mapping 0 0
Password for Administrator:

Get user ID info

id gamblisfx\\dhani

Output:

[root@localhost Downloads]# id gamblisfx\\dhani
uid=684201113(dhani@gamblisfx.lan) gid=684200513(domain users@gamblisfx.lan) groups=684200513(domain users@gamblisfx.lan),684200512(domain admins@gamblisfx.lan),684201114(gis@gamblisfx.lan),684200572(denied rodc password replication group@gamblisfx.lan)

Make sure its possible to switch to an AD user

su – gamblisfx\\dhani

Output:

Creating home directory for dhani@server.gamblisfx.lan

Now log out and login to Fedora using your AD user.

Admin

3 Comments

  1. I followed your instruction and setup everything and connected to Window AD but when I get user from AD it show “No such user” but user is exist in WD

Leave a Reply

Your email address will not be published. Required fields are marked *