In below example: -
1. Set host name: -
Finally, you will see below login page of your Identity Management portal.
Username and Password – admin and redat@123 (given at the time of installation)
station1.example.com - 192.168.56.101 (IPA Server or Master server, station1=master)
station2.example.com - 192.168.56.102 (IPA Client1, station2=client1)
station3.example.com - 192.168.56.103 (IPA Client2, station3=client2)
station3.example.com - 192.168.56.103 (IPA Client2, station3=client2)
Note: - Please perform below listed steps on station1 (IPA
server), before start IPA installation let's complete prerequisites-
1. Set host name: -
#hostname station1.example.com (RHEL6)
#hostnamectl set-hostname station1.example.com (RHEL7)
2. Make host name permanent: -
#vim /etc/sysconfig/network
HOSTNAME=station1.example.com
#exec bash
3. Configure yum: -
3. Configure yum: -
Note-I am using rhel6.4 ISO you can use any ISO of RHEL6 or
RHEL7.
#vim
/etc/yum.repos.d/my.repo
[my]
baseurl=file:///media/RHEL_6.4\ x86_64\ Disc\ 1
gpgcheck=0
#yum repolist
Check if yum has configured properly, your output must as
below-
4. Manage DNS locally (it is not mandatory for you if you
have DNS in your environment)
Add IPA server and IPA client IP address in below file: -
#vim /etc/hosts
192.168.56.101 station1.example.com
192.168.56.102 station2.example.com
#scp /etc/hosts root@192.168.56.102:/etc/hosts
If everything is fine you would be able to ping both hosts
with hostname, please check before processed further
#ping station1.example.com
#ping station2.example.com
5. Check if the time of both hosts is in sync: -
#ssh root@station2.example.com date
#date
Remote system time (IPA Client) and your system (IPA server)
time must in sync.
Now we are good start installation of IPA server where -
--reamlm = EXAMPLE.COM
--idstart=As per your requirement
--idmax= As per your requirement
Admin password for LDAP and Kerberos = redhat@123
#yum install ipa-server
#yum install ipa-server
#ipa-server-install --realm=EXAMPLE.COM
--ds-password=redhat@123 --admin-password=redhat@123 --setup-dns --idstart=5000
--idmax=10000
Check by default parameters and hit enter key: -
Server host name [station1.example.com]:
Please confirm the domain name [example.com]:
Installation script will show these details below: -
Installation script will show these details below: -
Continue to configure the system
with these values? [no]: yes
It will take around 20-25 minutes to complete the
installation. If everything is correct you will see below output –
Note: - Please check the list of ports, these all must be
enabled on local as well as network firewall else your IPA server won’t work.
In my environment I don’t have network firewall hence
nothing to do with it and for local firewall I am disabling iptables-
# iptables -F
Else you can use below commands to enable firewall rules-
RHEL6
Else you can use below commands to enable firewall rules-
RHEL6
[root@master ~]# for port in 50 80 88 389 443 464 636; do iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport $port -j
ACCEPT; done
[root@master ~]# for port in 53 88 123 464; do iptables -I INPUT 5 -p udp -m state --state NEW -m udp --dport $port -j
ACCEPT; done
RHEL7
# service iptables saveRHEL7
[root@master ~]# firewall-cmd
--add-service=freeipa-ldap
success
[root@master ~]# firewall-cmd
--add-service=freeipa-ldaps
success
[root@master ~]# firewall-cmd
--add-service=freeipa-ldap --permanent
success
[root@master ~]# firewall-cmd
--add-service=freeipa-ldaps --permanent
success
[root@master
~]# firewall-cmd --add-service=dns
success
[root@master ~]# firewall-cmd
--add-service=dns --permanent
success
That’s all guys your IPA server is ready to access. Open
your web browser and try to access below URL, you will see a certificate error as shown in below screenshot. To fix this issue you should add IPA portal URL in trusted certificates
using “I Understand the Risks” option.
URL – https:// station1.example.comFinally, you will see below login page of your Identity Management portal.
Username and Password – admin and redat@123 (given at the time of installation)
Listed steps are easy to implement.
ReplyDeleteMy suggestion would be please add firewall rule addition commands and most important client side configurations as well.
Hello Mamta,
DeleteMany thanks for valuable suggestions.
I have added few steps to add firewall rules.
For client side configurations, I'll post these in my next post.
For client side configuration, please follow below post. https://rakeshkumar0504.blogspot.com/2018/12/red-hat-idmfreeipa-client-side.html
ReplyDeleteYour blog is very interesting. Thank you for your sharing this post.
ReplyDeleteDevOps Online Training
keep blogging about this article DevOps Training in Bangalore | Certification | Online Training Course institute | DevOps Training in Hyderabad | Certification | Online Training Course institute | DevOps Training in Coimbatore | Certification | Online Training Course institute | DevOps Online Training | Certification | Devops Training Online
ReplyDeleteThank a lot for this post that was very interesting. Keep posting like those amazing posts, this is really awesome :) wonderful article. Very interesting to read this article.I would like to thank you for the efforts you had made for writing this awesome article.
ReplyDeleteoracle training in chennai
oracle training institute in chennai
oracle training in bangalore
oracle training in hyderabad
oracle training
oracle online training
hadoop training in chennai
hadoop training in bangalore