Joining an Active Directory or FreeIPA domain

Oliver Gutierrez Version F38 Last review: 2021-07-04

Fedora can join Active Directory and FreeIPA domains using the realm command.

If you want your Fedora machine to be part of an Active directory or FreeIPA domain just follow this steps

  1. Gather needed information

    • If your network is not configured to automatically setup the DNS to the domain DNS, you will need the domain DNS IP address.

    • You will need to provide the credentials of a domain user with permissions to join new machines to the domain.

  2. Configure the DNS to use the Active Directory or FreeIPA domain DNS servers (if your network uses DHCP to set this DNS to the correct server, skip this step) You can do this editing the network settings using the GNOME configuration panel or you can edit directly the file /etc/systemd/resolved.conf and add your DNS manually.

        [Resolve]
    DNS=192.168.122.143 172.17.0.2 1.0.0.1

  3. After saving the file, restart systemd-resolved service.

        $ sudo systemctl restart systemd-resolved

  4. Change the machine name to the machine name you want + the domain name.

        $ sudo hostnamectl set-hostname my_machine.example.domain

  5. Use the realm command to join the machine to the domain.

        $ sudo realm join example.domain -v

  6. After the command finished the machine should be part of the Active Directory or FreeIPA domain

Want to help? Learn how to contribute to Fedora Docs