|
Configure FreeIPA Client
2017/07/20 |
|
Configure FreeIPA Client to connect to FreeIPA Server.
|
|
| [1] | Install Client tools on FreeIPA Client. |
|
[root@www ~]# dnf -y install freeipa-client
|
| [2] | Setup as a FreeIPA Client. Sync time with FreeIPA server before it. |
|
# setup Client with specifying FreeIPA server and Domain name [root@www ~]# ipa-client-install --server=dlp.srv.world --domain SRV.WORLD Autodiscovery of servers for failover cannot work with this configuration. If you proceed with the installation, services will be configured to always access the discovered server for all operations and will not fail over to other servers in case of failure. Proceed with fixed values and no DNS discovery? [no]: yes Client hostname: www.srv.world Realm: SRV.WORLD DNS Domain: SRV.WORLD IPA Server: dlp.srv.world BaseDN: dc=srv,dc=world # confirm settings and proceed with [yes] Continue to configure the system with these values? [no]: yes Skipping synchronizing time with NTP server. # answer with admin User authorized to enroll computers: admin # admin password Password for admin@SRV.WORLD: Successfully retrieved CA cert Subject: CN=Certificate Authority,O=SRV.WORLD Issuer: CN=Certificate Authority,O=SRV.WORLD Valid From: Fri Jul 21 00:41:31 2017 UTC Valid Until: Tue Jul 21 00:41:31 2037 UTC Enrolled in IPA realm SRV.WORLD ..... ..... SSSD enabled Configured /etc/openldap/ldap.conf Configured /etc/ssh/ssh_config Configured /etc/ssh/sshd_config Configuring srv.world as NIS domain. Client configuration complete. # configure mkhomedir if you need ( homedirs of users are created at inital login ) [root@www ~]# authconfig --enablemkhomedir --update
logout
Fedora 26 (Server Edition) Kernel 4.11.9-300.fc26.x86_64 on an x86_64 (ttyS0) Admin Console: https://10.0.0.31:9090/ or https://[fe80::5054:ff:fef1:c2af]:9090/www login: redhat # IPA user Password: # password Password expired. Change your password now. # required to change the password when initial login Current Password: # current password New password: # new password Retype new password: Creating home directory for redhat. [redhat@www ~]$ # just logined |