Configure FreeIPA Server in Linux Centos 7

freeipa_logo_by_pookstar

What is FreeIPA ?

FreeIPA stand for Identit, Policy, Audit and FreeIPA is an integrated security information management solution combining Linux (Fedora), 389 Directory Server, MIT Kerberos, NTP, DNS, Dogtag (Certificate System). It consists of a web interface and command-line administration tools.

FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers.

FreeIPA is built on top of well known Open Source components and standard protocols with a very strong focus on ease of management and automation of installation and configuration tasks.

Our Scenario :

Server Name – dlp.server.world (192.168.0.100)

Dns Name – dlp.server.world (192.168.0.100)

WebServer – dlp.server.world (192.168.0.100)

Linux Client – http://www.server.world (192.168.0.101)

Configure IPA Server to share users’ account in your local network.

Step 1 : Install FreeIPA on server (dlp.server.world)

Note : Package Required to Configure FreeIPA

  • ipa-server
  • ipa-server-dns
  • bind
  • bind-dyndb-ldap

1

Step 2 : Add server name and ip address in the Host file.

1

Step 3 : Now start setting up the FreeIPA server.

[#] ipa-server-install  –setup-dns

1.PNG

Step 4 : Get Kerberos tickets and change default shell.

[#] kinit Admin

1

1.PNG1.PNG

Step 5 : Add user account on FreeIPA server . The password set here is required to change at the initial login.

[#]  ipa user-add cent –first=Centos –last=Linux –password

1

Step 6 : Add DNS entry for FreeIPA client on FreeIPA server first

[#]ipa  dnsrecord-add  server.world  www  –a-rec  192.168.0.101

1

Client Configuration :

Step 1: Install Client tools on FreeIPA Client host and change DNS settings.

[#] yum -y install ipa-client

1.PNG

1.PNG

Step 2 : Set up free IPA client , Sync the time with FreeIPA  server before it.

1.PNG

Step 3 : Configure mkhomedir if you need ( homedirs of users are created at inital login)

1

Step 4 : Now you can login with the user which you have created before.

Web Management Console of FreeIPA :

It’s possible to operate FreeIPA Server on Web Management Console.

Step 1 : Start Web browser on any Client on the same network of FreeIPA Server and access to “https://(FreeIPA server’s hostname or IP address)/”, then, login form to IPA server is shown like follows. Login with a FreeIPA user. This example use admin user like follows.

12.png

123

Win xp ( Linux Client)-2017-03-26-01-33-23

Note : FreeIPA server is also known as the Directory Server.

!!!!!!!!!!!!!!!!!!!!! FreeIPA server configuration completed successfully !!!!!!!!!!!!!!!!!!

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s