I'm setting up an Ubuntu server so that users can authenticate against a Windows AD server. Not knowing about realmd, I used Samba Winbind's net join
command to join the machine to the domain. Afterwards, I installed realmd and tried realm list
:
username@ubuntuhost:~$ realm list
thedomain.com
type: kerberos
realm-name: THEDOMAIN.COM
domain-name: thedomain.com
configured: kerberos-member
server-software: active-directory
client-software: winbind
required-package: winbind
required-package: libpam-winbind
required-package: samba-common-bin
login-formats: THEWORKGROUP\%U
login-policy: allow-any-login
thedomain.com
type: kerberos
realm-name: THEDOMAIN.COM
domain-name: thedomain.com
configured: kerberos-member
server-software: active-directory
client-software: sssd
required-package: sssd-tools
required-package: sssd
required-package: libnss-sss
required-package: libpam-sss
required-package: adcli
required-package: samba-common-bin
login-formats: %U
login-policy: allow-permitted-logins
permitted-logins:
permitted-groups:
It appears that I have two realms--the first managed by winbind and the second managed by sssd. Am I right? I don't really need both. How do I whittle this down to just one? I guess I'd prefer to use the sssd version. How do I remove the windbind entry?