FreeIPA

From Glee
Jump to: navigation, search

Install

http://freeipa.org/page/Downloads : 

yum install freeipa-server
ipa-server-install

The DNS part is optional and needs to be enabled at install time. Example : 

yum -y install bind bind-dyndb-ldap
ipa-server-install -r HERE.EXAMPLE.COM -n here.example.com \
    --ssh-trust-dns --subject="O=Example" \
    --setup-dns --forwarder=8.8.8.8 --reverse-zone=1.168.192.in-addr.arpa.

Server Configuration

Useful initial changes :

  • IPA Server
    • Configuration
      • Default shell: /bin/sh -> /bin/bash

Client Configuration

  • Copy over /etc/krb5.conf from the server.
  • Test obtaining a TGT : kinit admin, klist
  • Firefox : about:config : network.negotiate-auth.trusted-uris : Add your domain name(s) comma separated.
Retrieved from "https://glee.thias.es/w/index.php?title=FreeIPA&oldid=191"