What is FreeIPA ?
FreeIPA stand for Identit, Policy, Audit and FreeIPA is an integrated security information management solution combining Linux (Fedora), 389 Directory Server, MIT Kerberos, NTP, DNS, Dogtag (Certificate System). It consists of a web interface and command-line administration tools.
FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers.
FreeIPA is built on top of well known Open Source components and standard protocols with a very strong focus on ease of management and automation of installation and configuration tasks.
Our Scenario :
Server Name – dlp.server.world (192.168.0.100)
Dns Name – dlp.server.world (192.168.0.100)
WebServer – dlp.server.world (192.168.0.100)
Linux Client – http://www.server.world (192.168.0.101)
Configure IPA Server to share users’ account in your local network.
Step 1 : Install FreeIPA on server (dlp.server.world)
Note : Package Required to Configure FreeIPA
Step 2 : Add server name and ip address in the Host file.
Step 3 : Now start setting up the FreeIPA server.
[#] ipa-server-install –setup-dns
Step 4 : Get Kerberos tickets and change default shell.
[#] kinit Admin
Step 5 : Add user account on FreeIPA server . The password set here is required to change at the initial login.
[#] ipa user-add cent –first=Centos –last=Linux –password
Step 6 : Add DNS entry for FreeIPA client on FreeIPA server first
[#]ipa dnsrecord-add server.world www –a-rec 192.168.0.101
Client Configuration :
Step 1: Install Client tools on FreeIPA Client host and change DNS settings.
[#] yum -y install ipa-client
Step 2 : Set up free IPA client , Sync the time with FreeIPA server before it.
Step 3 : Configure mkhomedir if you need ( homedirs of users are created at inital login)
Step 4 : Now you can login with the user which you have created before.
Web Management Console of FreeIPA :
It’s possible to operate FreeIPA Server on Web Management Console.
Step 1 : Start Web browser on any Client on the same network of FreeIPA Server and access to “https://(FreeIPA server’s hostname or IP address)/”, then, login form to IPA server is shown like follows. Login with a FreeIPA user. This example use admin user like follows.
Note : FreeIPA server is also known as the Directory Server.
!!!!!!!!!!!!!!!!!!!!! FreeIPA server configuration completed successfully !!!!!!!!!!!!!!!!!!