realmd can discover Active Directory domains and join the current computer as an account on that domain. This allows using domain users locally, as well as use a domain account to log into the machine.
realmd discovers which domains or realms it can use or configure. It can discover and identify Active Directory domains by looking up the appropriate DNS SRV records.
The following DNS SRV records are required to be present for realmd to identify a provided realm as an Active Directory domain. The DNS server that comes with Active Directory on Windows Server automatically creates these DNS records.
# In this example the Active Directory domain is 'domain.example.com'
_ldap._tcp.dc._msdcs.domain.example.com.
An Active Directory specific UDP LDAP ping is sent to each server during discovery.
To see how realmd is discovering a
particular domain name, try a command like the following. Using
the --verbose
argument displays verbose
discovery information.
$ realm discover --verbose domain.example.com
* Resolving: _ldap._tcp.dc._msdcs.domain.example.com
* Sending MS-CLDAP ping to: 192.168.20.10
* Sending MS-CLDAP ping to: 192.168.12.12
* Successfully discovered: domain.example.com
...
In addition an Active Directory domain controller's host name or IP address may be specified directly.