Implementing FreeIPA as a central Identity Management Solution

Phase 1: Creating a centralised FreeIPA identity management server

Lets start with setting up FreeIPA.

For those of you who have come from a Microsoft background, you will be familiar with how Active Directory is set up. It is usually set as a central store for username/password information, DNS, time and user/group permissions.
We will be setting up FreeIPA in the exact same way.

To begin, you will require a clean installation of Red Hat Enterprise Linux 6 with the latest updates.

I will be performing my installation on a new system with the following details

Hostname: ds01.example.com
IP Addr:  10.0.1.11
Release:  Red Hat Enterprise Linux 6.3 x86_64

 

Step 1. Install the necessary packages

Install the following packages which will provide all the requirements for FreeIPA.

[root@ds01 ~]# yum install -y ipa-server bind bind-utils bind-dyndb-ldap

# Note: DNS is not mandatory in FreeIPA. If you do not wish to use integrated DNS management, you do not need to install these packages: bind bind-utils bind-dyndb-ldap

 

Step 2. Start the configuration of FreeIPA

My installation will be based on the following

Domain Name: example.com
Realm Name: EXAMPLE.COM
Integrated DNS: Yes
Directory Manager username: Directory Manager
Directory Manager password: redhat123
IPA Manager username: admin
IPA Manager password: redhat123
DNS Forwarder: 10.0.0.254
Reverse Lookup subnet: 10.0.1.x

2 comments on “Implementing FreeIPA as a central Identity Management Solution

  1. Kevin McNally May 6, 2015 19:31

    Cool. Great work.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>