Phase 1: Creating a centralised FreeIPA identity management server
Lets start with setting up FreeIPA.
For those of you who have come from a Microsoft background, you will be familiar with how Active Directory is set up. It is usually set as a central store for username/password information, DNS, time and user/group permissions.
We will be setting up FreeIPA in the exact same way.
To begin, you will require a clean installation of Red Hat Enterprise Linux 6 with the latest updates.
I will be performing my installation on a new system with the following details
Hostname: ds01.example.com IP Addr: 10.0.1.11 Release: Red Hat Enterprise Linux 6.3 x86_64
Step 1. Install the necessary packages
Install the following packages which will provide all the requirements for FreeIPA.
[root@ds01 ~]# yum install -y ipa-server bind bind-utils bind-dyndb-ldap
# Note: DNS is not mandatory in FreeIPA. If you do not wish to use integrated DNS management, you do not need to install these packages: bind bind-utils bind-dyndb-ldap
Step 2. Start the configuration of FreeIPA
My installation will be based on the following
Domain Name: example.com Realm Name: EXAMPLE.COM Integrated DNS: Yes Directory Manager username: Directory Manager Directory Manager password: redhat123 IPA Manager username: admin IPA Manager password: redhat123 DNS Forwarder: 10.0.0.254 Reverse Lookup subnet: 10.0.1.x
Great write-up!
Cool. Great work.