Joining a FreeIPA domain

To join a FreeIPA domain with realmd you can use the realm command line tool:

$ realm join --verbose ipa.example.com

By specifying the --verbose it's easier to see what went wrong if the join fails.

Other tools also use realmd which can be used to perform the join operation, for example: GNOME Control Center.

The join operation does the following:

In addition an FreeIPA domain server's host name or IP address may be specified to join via that domain controller directly.

After the join operation is complete, domain accounts should be usable locally, although logins using domain accounts are not necessarily enabled.

You verify that domain accounts are working with with a command like this:

$ getent passwd admin@ipa.example.com

The join operation will create or update a computer account in the domain.