Identity Management

Implementing FreeIPA as a central Identity Management Solution

Many of my customers from many companies that have a reliance on Microsoft Active Directory to manage their server and workstation estate. This is great if you have a Windows only organisation.

However, although you can add Linux systems directly to Active Directory, you don’t maintain the same level of control over the systems in the same way that you would have with a Windows server connected to the same domain.

Continue reading “Implementing FreeIPA as a central Identity Management Solution” »

Adding Yubikey 2 factor authentication to your Red Hat Enterprise Linux estate

A few weeks ago I covered how to integrate the YubiRadius Virtual Appliance into FreeIPA which you can find here, or Microsoft Active Directory which you can find here.

This article is a really quick walk though on how to take your authentication one step further, and add 2 factor authentication into the same process for your Red Hat Enterprise Linux server estate.

Continue reading “Adding Yubikey 2 factor authentication to your Red Hat Enterprise Linux estate” »

YubiRadius integration with group-validated Active Directory Users using LDAP

This article will show you how to set up the YubiRadius Virtual Appliance (v. 3.5.1) for User validation against a Microsoft Active Directory 2008R2 infrastructure.

You can obtain the YubiRadius Virtual Appliance from the good people over at Yubico, or just click here

This guide is not meant to show you how to configure a virtual appliance in your choice of Virtualization technology, although as I am using KVM, a special thanks to Gavin Spurgeon for getting this VA converted and working smoothly (even with virtio for the icing on the cake).

Continue reading “YubiRadius integration with group-validated Active Directory Users using LDAP” »

Auto-creation of user home directories in Linux

Many of my viewers are seeking to find some information on “oddjob”, so I thought I might give some details that should help clear the air.

All Linux distributions that I have ever tested are subject to this situation, however please don’t see this as a problem. It is merely something that has not been configured (yet, as it is entirely optional).

If you have ever created a local user on a Linux system, you will find that the home directory for the new user is automatically created for you. As a user or an admin of the system in question, no further work needs to be performed.

However, many people in production environments integrated their Linux servers into some form of Identity Management solution.

This could be Microsoft Active Directory, Red Hat Directory Server, FreeIPA, or one of many other forms of IDM.

Continue reading “Auto-creation of user home directories in Linux” »

YubiRadius integration with group-validated FreeIPA Users using LDAPS

This article will show you how to set up the YubiRadius Virtual Appliance (v. 3.5.1) for User validation against a FreeIPA infrastructure on Red Hat Enterprise Linux 6.3.

You can obtain the YubiRadius Virtual Appliance from the good people over at Yubico, or just click here

This guide is not meant to show you how to configure a virtual appliance in your choice of Virtualization technology, although as I am using KVM, a special thanks to Gavin Spurgeon for getting this VA converted and working smoothly (even with virtio for the icing on the cake).

For details in configuring the Virtual Appliance you can reference the Yubico’s provided documentation here if you wish.

Continue reading “YubiRadius integration with group-validated FreeIPA Users using LDAPS” »