Freeipa Rocky Installation
Zur Navigation springen
Zur Suche springen
Hostname muss in die /etc/hosts
- echo 172.26.55.6 freeipa.lab34.int >> /etc/hosts
- echo 2a02:24d8:71:3036::6 freeipa.lab34.int >> /etc/hosts
- Test
- hostname -i
2a02:24d8:71:3037::6 172.26.55.6
Firewall anpassen
- firewall-cmd --add-service=freeipa-ldap --add-service=freeipa-ldaps
- firewall-cmd --add-service=freeipa-ldap --add-service=freeipa-ldaps --permanent
Installation
- dnf install freeipa-server ipa-server-dns
Konfiguration des Paketes
- ipa-server-install
Do you want to configure integrated DNS (BIND)? [no]: Server host name [freeipa.lab34.linuggs.de]: Please confirm the domain name [lab34.linuggs.de]: Please provide a realm name [LAB34.LINUGGS.DE]: Directory Manager password: Password (confirm): IPA admin password: Password (confirm): NetBIOS domain name [LAB34] Do you want to configure chrony with NTP server or pool address? [no]: yes NetBIOS domain name [LAB34]: Do you want to configure chrony with NTP server or pool address? [no]: yes Enter NTP source server addresses separated by comma, or press Enter to skip: Enter a NTP source pool address, or press Enter to skip: The IPA Master Server will be configured with: Hostname: freeipa.lab34.linuggs.de IP address(es): 172.26.54.6, 2a02:24d8:71:3036::6 Domain name: lab34.linuggs.de Realm name: LAB34.LINUGGS.DE The CA will be configured with: Subject DN: CN=Certificate Authority,O=LAB34.LINUGGS.DE Subject base: O=LAB34.LINUGGS.DE Chaining: self-signed Continue to configure the system with these values? [no]: yes
Chrony als Zeitserver aktivieren
In der der /etc/chrony.conf diese beiden Zeilen einfügen:
allow 172.26.52.0/22 allow 2a02:24d8:71:3034::/62
- Neustart von chrony
- systemctl restart chronyd
- Test - 123 UDP muss offen sein.
- ss -lnup | grep 123
Test
- kinit admin
Password for admin@IPA.TEST:
- klist
Ticket cache: KCM:0 Default principal: admin@LAB34.LINUGGS.DE Valid starting Expires Service principal 10/07/2024 11:00:39 10/08/2024 10:47:22 krbtgt/LAB34.LINUGGS.DE@LAB34.LINUGGS.DE