Search

3.5. Removing a System from an Identity Domain

download PDF
To remove a system from an identity domain, use the realm leave command. The command removes the domain configuration from SSSD and the local system.
# realm leave ad.example.com
By default, the removal is performed as the default administrator. For AD, the administrator account is called Administrator; for IdM, it is called admin. If a different user was used to join to the domain, it might be required to perform the removal as that user. To specify a different user, use the -U option:
# realm leave ad.example.com -U 'AD.EXAMPLE.COM\user'
The command first attempts to connect without credentials, but it prompts for a password if required.
Note that when a client leaves a domain, the computer account is not deleted from the directory; the local client configuration is only removed. If you want to delete the computer account, run the command with the --remove option specified.
For more information about the realm leave command, see the realm(8) man page.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.