Fedora 18
Sponsored Link


[1] IPAクライアントインストール
[root@www ~]#
vi /etc/hosts
# 自身のIPアドレスとホスト名を登録しておく www.srv.world www
[root@www ~]#
yum -y install freeipa-client
[2] IPAクライアントセットアップ。時刻はIPAサーバー側と合わせておいてください。
[root@www ~]#
# セットアップ

DNS discovery failed to determine your DNS domain
Please provide the domain name of your IPA server (ex: example.com):

DNS discovery failed to find the IPA Server
Please provide your IPA server name (ex: ipa.example.com):
The failure to use DNS to find your IPA server indicates that your
resolv.conf file is not properly configured.
Autodiscovery of servers for failover cannot work with this configuration.
If you proceed with the installation, services will be configured to always
access the discovered server for all operation and will not fail over to
other servers in case of failure.
Proceed with fixed values and no DNS discovery? [no]:

Hostname: www.srv.world
DNS Domain: srv.world
IPA Server: dlp.srv.world
BaseDN: dc=srv,dc=world
Continue to configure the system with these values? [no]:

User authorized to enroll computers:

Password for admin@SRV.WORLD:
# IPA admin パスワード

Synchronizing time with KDC...
Unable to sync time with IPA NTP server, assuming the time is in sync. Please check that 123 UDP port is opened.
Password for admin@SRV.WORLD:
Enrolled in IPA realm SRV.WORLD
Created /etc/ipa/default.conf
New SSSD config will be created
Configured /etc/sssd/sssd.conf
Configured /etc/krb5.conf for IPA realm SRV.WORLD
trying https://dlp.srv.world/ipa/xml
Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub
Forwarding 'host_mod' to server u'https://dlp.srv.world/ipa/xml'
Could not update DNS SSHFP records.
SSSD enabled
Configured /etc/openldap/ldap.conf
NTP enabled
Configured /etc/ssh/ssh_config
Configured /etc/ssh/sshd_config
Client configuration complete.
[root@www ~]#
vi /etc/pam.d/system-auth
# 必要であれば最終行に追記 ( ログイン時にホームディレクトリを自動作成 )

session     optional      pam_mkhomedir.so skel=/etc/skel umask=077

[root@www ~]#
systemctl enable sssd

ln -s '/usr/lib/systemd/system/sssd.service' '/etc/systemd/system/multi-user.target.wants/sssd.service'
[root@www ~]#
# ログアウト

Fedora release 18 (Spherical Cow)
Kernel 3.7.2-201.fc18.x86_64 on an x86_64 (ttyS0)
www login::
# IPAユーザー

# パスワード

Password expired. Change your password now.  
# 初回ログイン時はパスワードの即時変更が求められる

Current Password:
# 現在のパスワード

New password:
# 新しいパスワード

Retype new password:
Creating directory '/home/cow'.
[cow@www ~]$
# ログインできた