Fedora 23
Sponsored Link

Configure FreeIPA Client2015/11/05
 
Configure FreeIPA Client to connect to FreeIPA Server.
[1] Add DNS entry for FreeIPA client on FreeIPA server first.
# ipa dnsrecord-add [domain name] [record name] [record type] [record]

[root@dlp ~]#
ipa dnsrecord-add srv.world client01 --a-rec 10.0.0.31 

  Record name: client01
  A record: 10.0.0.31
[2] Install Client tools on FreeIPA Client Host and change DNS settings.
[root@client01 ~]#
dnf -y install freeipa-client
[root@client01 ~]#
nmcli c modify eno16777736 ipv4.dns 10.0.0.30

[root@client01 ~]#
nmcli c down eno16777736; nmcli c up eno16777736

[3] Setup as a FreeIPA Client. Sync time with FreeIPA server before it.
[root@client01 ~]#
ipa-client-install 

Discovery was successful!
Hostname: client01.srv.world
Realm: SRV.WORLD
DNS Domain: srv.world
IPA Server: dlp.srv.world
BaseDN: dc=srv,dc=world
# confirm settings and proceed with "yes"

Continue to configure the system with these values? [no]:
yes

# answer with admin

User authorized to enroll computers:
admin

Synchronizing time with KDC...
Unable to sync time with IPA NTP server, assuming the time is in sync. Please check that 123 UDP port is opened.
Password for admin@SRV.WORLD:
Successfully retrieved CA cert
    Subject:     CN=Certificate Authority,O=SRV.WORLD
    Issuer:      CN=Certificate Authority,O=SRV.WORLD
    Valid From:  Thu Nov 05 07:34:55 2015 UTC
    Valid Until: Mon Nov 05 07:34:55 2035 UTC

Enrolled in IPA realm SRV.WORLD
.....
.....
SSSD enabled
Configured /etc/openldap/ldap.conf
Configured /etc/ssh/ssh_config
Configured /etc/ssh/sshd_config
Configuring srv.world as NIS domain.
Client configuration complete.
# configure mkhomedir if you need ( homedirs of users are created at inital login )

[root@client01 ~]#
authconfig --enablemkhomedir --update

getsebool: SELinux is disabled
[root@client01 ~]#
exit

logout 
Fedora 23 (Server Edition)
Kernel 4.2.5-300.fc23.x86_64 on an x86_64 (ttyS0)

Admin Console: https://10.0.0.31:9090/ or https://[fe80::5054:ff:feae:73e1]:9090/
client01 login:
redhat
# FreeIPA user

Password:
# password

Password expired. Change your password now.  
# required to change the password when initial login

Current Password:
# current password

New password:
# new password

Retype new password:
[redhat@client01 ~]$
# just logined
Matched Content