User Tools

Site Tools


snippets:linux_quickshotsetups:ipa_server_rhel7

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
snippets:linux_quickshotsetups:ipa_server_rhel7 [2019/10/02 09:46]
chris [What?]
snippets:linux_quickshotsetups:ipa_server_rhel7 [2019/10/09 08:33] (current)
chris
Line 6: Line 6:
  
 <​code>​ <​code>​
-# use atleast ​rhel7 or rhel8. +# use at least rhel7 or rhel8. 
-hostnamectl set-hostname rhel7u7a.fluxcoil.net +hostnamectl set-hostname rhel7u7a.fluxcoil.net.local
 vi /etc/hosts vi /etc/hosts
 # now ensure proper entry, i.e. # now ensure proper entry, i.e.
-192.168.4.2 rhel7u7a.fluxcoil.net rhel7u7a+192.168.4.2 rhel7u7a.fluxnet.net.local ​rhel7u7a
  
 yum -y install ipa-server bind bind-dyndb-ldap ipa-server-dns yum -y install ipa-server bind bind-dyndb-ldap ipa-server-dns
   ​   ​
-ipa-server-install --realm=FLUXCOIL.NET --domain=fluxcoil.net \+ipa-server-install --realm=FLUXCOIL.NET.LOCAL ​--domain=fluxcoil.net.local ​\
   --no-ntp --ds-password=redhat12 --ssh-trust-dns --setup-dns \   --no-ntp --ds-password=redhat12 --ssh-trust-dns --setup-dns \
   --admin-password=redhat12 --hostname=$(hostname -f) --idstart=10000 \   --admin-password=redhat12 --hostname=$(hostname -f) --idstart=10000 \
Line 35: Line 34:
 ipa user-add $USER --first Test --last User ipa user-add $USER --first Test --last User
 echo "​test"​ | ipa passwd $USER echo "​test"​ | ipa passwd $USER
-ldappasswd -D uid=$USER,​cn=users,​cn=accounts,​dc=fluxcoil,​dc=net \+ldappasswd -D uid=$USER,​cn=users,​cn=accounts,​dc=fluxcoil,​dc=net,​dc=local ​\
   -H ldap://​$(hostname -f) -w test -a test -ZZZ -s $PASS   -H ldap://​$(hostname -f) -w test -a test -ZZZ -s $PASS
  
Line 51: Line 50:
 # verify plain ldap works # verify plain ldap works
 # plain admin # plain admin
-ldapsearch -x -b dc=fluxcoil,​dc=net -h $(hostname -f) -w redhat12 \ +ldapsearch -x -b dc=fluxcoil,​dc=net,​dc=local ​-h $(hostname -f) -w redhat12 \ 
-  -D uid=admin,​cn=users,​cn=accounts,​dc=fluxcoil,​dc=net+  -D uid=admin,​cn=users,​cn=accounts,​dc=fluxcoil,​dc=net,dc=local
 # plain chorn user # plain chorn user
-ldapsearch -x -b dc=fluxcoil,​dc=net -h $(hostname -f) -w redhat12 \ +ldapsearch -x -b dc=fluxcoil,​dc=net,​dc=local ​-h $(hostname -f) -w redhat12 \ 
-  -D uid=chorn,​cn=users,​cn=accounts,​dc=fluxcoil,​dc=net+  -D uid=chorn,​cn=users,​cn=accounts,​dc=fluxcoil,​dc=net,dc=local
 # TLS chorn user # TLS chorn user
-ldapsearch -x -b dc=fluxcoil,​dc=net -h $(hostname -f) -w redhat12 \ +ldapsearch -x -b dc=fluxcoil,​dc=net,​dc=local ​-h $(hostname -f) -w redhat12 \ 
-  -D uid=chorn,​cn=users,​cn=accounts,​dc=fluxcoil,​dc=net -ZZZ+  -D uid=chorn,​cn=users,​cn=accounts,​dc=fluxcoil,​dc=net,​dc=local ​-ZZZ
  
 # to retrieve the cacert: # to retrieve the cacert:
-wget http://rhel6u2a.fluxcoil.net/​ipa/​config/​ca.crt+wget http://rhel7u2a.fluxcoil.net.local/​ipa/​config/​ca.crt
  
 # using ldapsearch # using ldapsearch
Line 92: Line 91:
 ipa user-add $1 --first Test --last User ipa user-add $1 --first Test --last User
 echo "​test"​ | ipa passwd $1 echo "​test"​ | ipa passwd $1
-ldappasswd -D uid=$1,​cn=users,​cn=accounts,​dc=example,​dc=org -w test -a test -s $2+ldappasswd -D uid=$1,​cn=users,​cn=accounts,​dc=example,​dc=org,​dc=local ​-w test -a test -s $2
 --------------------------------------------------------------------------------- ---------------------------------------------------------------------------------
  
Line 109: Line 108:
 ipa user-add $USER --first Test --last User ipa user-add $USER --first Test --last User
 echo "​test"​ | ipa passwd $USER echo "​test"​ | ipa passwd $USER
-ldappasswd -D uid=$USER,​cn=users,​cn=accounts,​dc=fluxcoil,​dc=net -H ldap://​rhel6u3b.fluxcoil.net -w test -a test -s redhat42 -ZZ+ldappasswd -D uid=$USER,​cn=users,​cn=accounts,​dc=fluxcoil,​dc=net,​dc=local ​-H ldap://​rhel6u3b.fluxcoil.net -w test -a test -s redhat42 -ZZ
 </​code>​ </​code>​
  
snippets/linux_quickshotsetups/ipa_server_rhel7.txt · Last modified: 2019/10/09 08:33 by chris