To support True SSO on an instant-cloned VM in a Horizon 7 Linux desktop environment on a RHEL/CentOS system, you must configure Samba on the master Linux VM.

The RHEL 7 realmd feature provides a simple way to discover and join identity domains. It does not connect the system to the domain itself, but it configures the underlying Linux system services, such as SSSD or Winbind, to connect to the domain. Use the following steps to use Samba to perform an offline domain join of a RHEL/CentOS desktop to Active Directory.


  • The RedHat Enterprise Linux (RHEL) system is subscribed to Red Hat Network (RHN) or has the yum tool installed locally.
  • The Active Directory (AD) server is resolvable by DNS on the Linux system.
  • The Network Time Protocol (NTP) is configured on the Linux system.


  1. Verify that the RHEL/CentOS system can discover the AD server. Use the following example, where must be replaced with your AD server information.
    sudo realm discover
  2. Install the Samba tdb-tools package.

    The Samba tdb-tools package is not available for download from the official Red Hat repository. You must download it manually. For example, use the following command to download it from a CentOS 7.5 system and install the downloaded package in your RHEL system.

    yumdownloader tdb-tools

    If you do not have a CentOS system, go to, download the tdb-tools-1.3.15-1.el7.x86_64.rpm package, and install it on your RHEL system.

  3. Install Samba and the dependency packages.
    sudo yum install sssd-tools sssd adcli samba-common pam_ldap pam_krb5 samba samba-client krb5-workstation
  4. Run the join command, using the following example, where must be replaced with the DNS domain path specific for your environment.
    sudo realm join -U administrator
    When the join command succeeds, you receive the following message.
    Successfully enrolled machine in realm
  5. Reboot your system and log back in.

What to do next

Configure True SSO on RHEL/CentOS Desktops