Leaving a domain
Until now, we have been able to demonstrate true interoperability with the Active Directory through the use of delegated permissions using sudo
and ownership of files and directories with filesystems. This is outstanding and nothing less than what you would expect from an Enterprise Linux system; however outstanding this may be, there will be occurrences where the Linux server needs to be removed from a domain. Often, this is the case where it is removed from one domain before being added to another. Should this be required, the realm command makes the process easy, reversing the operation to the join
subcommand as follows:
$ sudo realm leave example.com --remove
The additional option: --remove
will ensure that the computer account is also deleted from the domain; otherwise, it should be deleted separately. For the moment, we will leave the computer in the domain.