Fedora 40
Sponsored Link

FreeIPA : क्लाइंट कॉन्फ़िगर करें2024/05/14

FreeIPA क्लाइंट कॉन्फ़िगर करें.
[1] FreeIPA सर्वर पर एकीकृत DNS में FreeIPA क्लाइंट के लिए DNS प्रविष्टि जोड़ें।
(यदि FreeIPA एकीकृत DNS का उपयोग नहीं कर रहे हैं, तो इस चरण को छोड़ दें)
# ipa dnsrecord-add [domain name] [record name] [record type] [record]

[root@dlp ~]#
ipa dnsrecord-add ipa.srv.world node01 --a-rec

  Record name: node01
  A record:
[3] FreeIPA क्लाइंट पैकेज स्थापित करें।
[root@node01 ~]#
dnf -y install freeipa-client
[4] FreeIPA क्लाइंट सेटअप करें।
# DNS को FreeIPA सर्वर होस्ट पर सेट करें

[root@node01 ~]#
nmcli connection modify enp1s0 ipv4.dns

[root@node01 ~]#
nmcli connection up enp1s0
# FreeIPA सर्वर और डोमेन नाम निर्दिष्ट करने के साथ क्लाइंट सेटअप करें

[root@node01 ~]#
ipa-client-install --server=dlp.ipa.srv.world --domain ipa.srv.world

This program will set up IPA client.
Version 4.11.1

Autodiscovery of servers for failover cannot work with this configuration.
If you proceed with the installation, services will be configured to always access the discovered server for all operations and will not fail over to other servers in case of failure.
Proceed with fixed values and no DNS discovery? [no]: yes
Do you want to configure chrony with NTP server or pool address? [no]:
Client hostname: node01.ipa.srv.world
DNS Domain: ipa.srv.world
IPA Server: dlp.ipa.srv.world
BaseDN: dc=ipa,dc=srv,dc=world

# सेटिंग्स की पुष्टि करें और उत्तर दें [yes]
Continue to configure the system with these values? [no]: yes
Synchronizing time
No SRV records of NTP servers found and no NTP server or pool address was provided.
Using default chrony configuration.
Attempting to sync time with chronyc.
Time synchronization was successful.
# व्यवस्थापक उपयोगकर्ता के साथ प्रमाणित करें
User authorized to enroll computers: admin
Password for admin@IPA.SRV.WORLD:
Successfully retrieved CA cert
    Subject:     CN=Certificate Authority,O=IPA.SRV.WORLD
    Issuer:      CN=Certificate Authority,O=IPA.SRV.WORLD
    Valid From:  2024-05-14 00:01:09+00:00
    Valid Until: 2044-05-14 00:01:09+00:00

Enrolled in IPA realm IPA.SRV.WORLD
Created /etc/ipa/default.conf
Configured /etc/sssd/sssd.conf
Systemwide CA database updated.
Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_ed25519_key.pub
Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub
Could not update DNS SSHFP records.
SSSD enabled
Configured /etc/openldap/ldap.conf
Configured /etc/ssh/ssh_config
Configured /etc/ssh/sshd_config.d/04-ipa.conf
Configuring ipa.srv.world as NIS domain.
Configured /etc/krb5.conf for IPA realm IPA.SRV.WORLD
Client configuration complete.
The ipa-client-install command was successful

# यदि आपको आवश्यकता हो तो सेट करें (प्रारंभिक लॉगिन पर होम निर्देशिका बनाएं)

[root@node01 ~]#
authselect enable-feature with-mkhomedir

[root@node01 ~]#
systemctl enable --now oddjobd
[root@node01 ~]#
Fedora Linux 40 (Server Edition)
Kernel 6.8.7-300.fc40.x86_64 on an x86_64 (ttyS0)

Activate the web console with: systemctl enable --now cockpit.socket

node01 login: redhat      # FreeIPA उपयोगकर्ता
Password:                 # पासवर्ड
Password expired. Change your password now.  # प्रारंभिक लॉगिन पर पासवर्ड बदलना आवश्यक है
Current Password:         # वर्तमान पासवर्ड
New password:             # नया पासवर्ड
Retype new password:
[redhat@node01 ~]$        # लॉगिन किया गया
मिलान सामग्री