Fedora 24
Sponsored Link

Configure FreeIPA Clients2016/06/23

 
Configure FreeIPA Client to connect to FreeIPA Server.
[1] Install Client tools on FreeIPA Client.
[root@www ~]#
dnf -y install freeipa-client
[2] Setup as a FreeIPA Client. Sync time with FreeIPA server before it.
# setup Client with specifying FreeIPA server and Domain name

[root@www ~]#
ipa-client-install --server=dlp.srv.world --domain SRV.WORLD

Autodiscovery of servers for failover cannot work with this configuration.
If you proceed with the installation, services will be configured to always access the discovered 
server for all operations and will not fail over to other servers in case of failure.
Proceed with fixed values and no DNS discovery? [no]: yes
Client hostname: www.srv.world
Realm: SRV.WORLD
DNS Domain: SRV.WORLD
IPA Server: dlp.srv.world
BaseDN: dc=srv,dc=world

# confirm settings and proceed with "yes"
Continue to configure the system with these values? [no]: yes
Skipping synchronizing time with NTP server.
# answer with admin
User authorized to enroll computers: admin
# admin password
Password for admin@SRV.WORLD:
Successfully retrieved CA cert
    Subject:     CN=Certificate Authority,O=SRV.WORLD
    Issuer:      CN=Certificate Authority,O=SRV.WORLD
    Valid From:  Fri Jun 24 02:12:11 2016 UTC
    Valid Until: Tue Jun 24 02:12:11 2036 UTC

Enrolled in IPA realm SRV.WORLD
.....
.....
SSSD enabled
Configured /etc/openldap/ldap.conf
Configured /etc/ssh/ssh_config
Configured /etc/ssh/sshd_config
Configuring SRV.WORLD as NIS domain.
Client configuration complete.

# configure mkhomedir if you need ( homedirs of users are created at inital login )

[root@www ~]#
authconfig --enablemkhomedir --update

getsebool: SELinux is disabled
[root@www ~]#
logout
Fedora 24 (Server Edition)
Kernel 4.5.5-300.fc24.x86_64 on an x86_64 (ttyS0)

Admin Console: https://10.0.0.31:9090/ or https://[fe80::5054:ff:fe24:6f38]:9090/

www login:
redhat
# IPA user

Password:
# password

Password expired. Change your password now.  
# required to change the password when initial login

Current Password:
# current password

New password:
# new password

Retype new password:
[redhat@www ~]$
# just logined
Matched Content