To support True SSO on an instant-cloned VM in a Horizon 7 Linux desktop environment on a RHEL/CentOS 7.x system, you must configure Samba on the golden-image Linux VM.

The RHEL/CentOS 7.x realmd feature provides a simple way to discover and join identity domains. Instead of connecting the system to the domain itself, realmd configures underlying Linux system services, such as SSSD or Winbind, to connect to the domain. The following steps describe how to use realmd and Samba to perform an offline domain join of a RHEL/CentOS 7.x desktop to Active Directory.

Prerequisites

  • The RedHat Enterprise Linux (RHEL) system is subscribed to Red Hat Network (RHN) or has the yum tool installed locally.
  • The Active Directory (AD) server is resolvable by DNS on the Linux system.
  • The Network Time Protocol (NTP) is configured on the Linux system.

Procedure

  1. Verify that the RHEL/CentOS system can discover the AD server. Use the following example, where ADdomain.example.com must be replaced with your AD server information.
    sudo realm discover ADdomain.example.com
  2. Install the Samba tdb-tools package.

    The Samba tdb-tools package is not available for download from the official Red Hat repository. You must download it manually. For example, use the following command to download it from a CentOS 7.5 system and install the downloaded package in your RHEL system.

    yumdownloader tdb-tools

    If you do not have a CentOS system, go to https://rpmfind.net/linux/rpm2html/search.php?query=tdb-tools&submit=Search+...&system=&arch, download the tdb-tools-1.3.15-1.el7.x86_64.rpm package, and install it on your RHEL system.

  3. Install Samba and the dependency packages.
    sudo yum install sssd-tools sssd adcli samba-common pam_ldap pam_krb5 samba samba-client krb5-workstation
  4. Run the join command, using the following example, where DNSdomain.example.com must be replaced with the DNS domain path specific for your environment.
    sudo realm join DNSdomain.example.com -U administrator
     
    When the join command succeeds, you receive the following message.
    Successfully enrolled machine in realm
  5. Reboot your system and log back in.

What to do next

Configure True SSO on RHEL/CentOS 7.x Desktops