SupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

3.9. Additional Configuration for the Active Directory Domain Entry

Custom settings for each individual domain can be defined in the /etc/realmd.conf file. Each domain can have its own configuration section; the name of the section must match the domain name. For example: 
[ad.example.com]
attribute = value
attribute = value

Important

Changing the configuration as described in this section only works if the realm join command has not been run yet. If a system is already joined, changing these settings does not have any effect. In such situations, you must leave the domain, as described in Section 3.5, “Removing a System from an Identity Domain”, and then join again, as described in the section called “Joining a Domain”. Note that joining requires the domain administrator's credentials.
To change the configuration for a domain, edit the corresponding section in /etc/realmd.conf. The following example disables ID mapping for the ad.example.com domain, sets the host principal, and adds the system to the specified subtree: 
[ad.example.com]
computer-ou = ou=Linux Computers,DC=domain,DC=example,DC=com
user-principal = host/linux-client@AD.EXAMPLE.COM
automatic-id-mapping = no
Note that the same configuration can also be set when originally joining the system to the domain using the realm join command, described in the section called “Joining a Domain”: 
# realm join --computer-ou="ou=Linux Computers,dc=domain,dc=com" --automatic-id-mapping=no --user-principal=host/linux-client@AD.EXAMPLE.COM
Table 3.2, “Realm Configuration Options” lists the most notable options that can be set in the domain default section in /etc/realmd.conf. For complete information about the available configuration options, see the realmd.conf(5) man page.
Table 3.2. Realm Configuration Options
Option Description
computer-ou Sets the directory location for adding computer accounts to the domain. This can be the full DN or an RDN, relative to the root entry. The subtree must already exist.
user-principal Sets the userPrincipalName attribute value of the computer account to the provided Kerberos principal.
automatic-id-mapping Sets whether to enable dynamic ID mapping or disable the mapping and use POSIX attributes configured in Active Directory.
Red Hat logoGithubRedditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

© 2024 Red Hat, Inc.