realmd.conf (5) Linux Manual Page

realmd.conf – Tweak behavior of realmd

Configuration File

realmd can be tweaked by network administrators to act in specific ways. This is done by placing settings in a /etc/realmd.conf. This file does not exist by default. The syntax of this file is the same as an INI file or Desktop Entry file.

In general, settings in this file only apply at the point of joining a domain or realm. Once the realm has been setup the settings have no effect. You may choose to configure m[blue]SSSDm[][1] or m[blue]Winbindm[][2] directly.

Only specify the settings you wish to override in the /etc/realmd.conf file. Settings not specified will be loaded from their packaged defaults. Only override the settings below. You may find other settings if you look through the realmd source code. However these are not guaranteed to remain stable.

There are various sections in the config file. Some sections are global topic sections, and are listed below. Other sections are specific to a given realm. These realm specific sections should always contain the domain name in lower case as their section header.

Examples of each setting is found below, including the header of the section it should be placed in. However in the resulting file only include each section once, and combine the various section setting together as lines underneath the section. For example

[users]
default-home = /home/%U
default-shell = /bin/bash

Active-Directory

These options should go in an [active-directory] section of the /etc/realmd.conf file. Only specify the settings you wish to override.

default-client

Specify the default-client setting in order to control which client software is the preferred default for use with Active Directory.

[active-directory]
default-client = sssd
# default-client = winbind

The default setting for this is sssd which uses m[blue]SSSDm[][1] as the Active Directory client. You can also specify winbind to use m[blue]Samba Winbindm[][2].

Some callers of realmd such as the realm command line tool allow specifying which client software should be used. Others, such as GNOME Control Center, simplify choose the default.

You can verify the preferred default client softawre by running the following command. The realm with the preferred client software will be listed first.

$ realm discover domain.example.com
domain.example.com
 configured: no
 server-software: active-directory
 client-software: sssd
 type: kerberos
 realm-name: AD.THEWALTER.LAN
 domain-name: ad.thewalter.lan
domain.example.com
 configured: no
 server-software: active-directory
 client-software: winbind
 type: kerberos
 realm-name: AD.THEWALTER.LAN
 domain-name: ad.thewalter.lan

os-name

(see below)

os-version

Specify the os-name and/or os-version settings to control the values that are placed in the computer account operatingSystem and operatingSystemVersion attributes.

This is an Active Directory specific option.

It is also possible to use the –os-name or –os-version argument of the realm command to override the default values.

[active-directory]
os-name = Gentoo Linux
os-version = 9.9.9.9.9

Service

These options should go in an [service] section of the /etc/realmd.conf file. Only specify the settings you wish to override.

automatic-install

Set this to no to disable automatic installation of packages via package-kit.

[service]
automatic-install = no
# automatic-install = yes

Users

These options should go in an [users] section of the /etc/realmd.conf file. Only specify the settings you wish to override.

default-home

Specify the default-home setting in order to control how to set the home directory for accounts that have no home directory explicitly set.

[users]
default-home = /home/%U@%D
# default-home = /nfs/home/%D-%U
# default-home = /home/%D/%U

The default setting for this is /home/%U@%D. The %D format is replaced by the domain name. The %U format is replaced by the user name.

You can verify the home directory for a user by running the following command.

$ getent passwd 'DOMAIN/User'

DOMAIN