Differences

This shows you the differences between two versions of the page.

--- snippets:linux_quickshotsetups:ipa_server_rhel9 [2024/06/10 05:29] – created chris
+++ snippets:linux_quickshotsetups:ipa_server_rhel9 [2024/06/10 05:40] – chris
@@ Line 39: / Line 39: @@
 ipa user-add $USER --first Test --last User
 echo "test" | ipa passwd $USER
-ldappasswd -D uid=$USER,cn=users,cn=accounts,dc=fluxcoil,dc=net \
+ldappasswd -D uid=$USER,cn=users,cn=accounts,dc=local,dc=net \
   -H ldap://$(hostname -f) -w test -a test -ZZZ -s $PASS
 # to login using the web interface
-yum -y install firefox xauth
+dnf -y install firefox xauth
-yum -y install $(yum search xorg-x11-font|grep ^xorg-x11-font|sed -e 's,:.*,,')
+dnf -y install $(yum search xorg-x11-font|grep ^xorg-x11-font|sed -e 's,:.*,,')
 # log out and log in again, to have xauth properly setup
@@ Line 55: / Line 55: @@
 # verify plain ldap works
 # plain admin
-ldapsearch -x -b dc=fluxcoil,dc=net -h $(hostname -f) -w redhat12 \
+ldapsearch -x -b dc=local,dc=net -h $(hostname -f) -w redhat12 \
-  -D uid=admin,cn=users,cn=accounts,dc=fluxcoil,dc=net
+  -D uid=admin,cn=users,cn=accounts,dc=local,dc=net
 # plain chorn user
-ldapsearch -x -b dc=fluxcoil,dc=net -h $(hostname -f) -w redhat12 \
+ldapsearch -x -b dc=local,dc=net -h $(hostname -f) -w redhat12 \
-  -D uid=chorn,cn=users,cn=accounts,dc=fluxcoil,dc=net
+  -D uid=chorn,cn=users,cn=accounts,dc=local,dc=net
 # TLS chorn user
-ldapsearch -x -b dc=fluxcoil,dc=net -h $(hostname -f) -w redhat12 \
+ldapsearch -x -b dc=local,dc=net -h $(hostname -f) -w redhat12 \
-  -D uid=chorn,cn=users,cn=accounts,dc=fluxcoil,dc=net -ZZZ
+  -D uid=chorn,cn=users,cn=accounts,dc=local,dc=net -ZZZ
 # to retrieve the cacert:
-wget http://rhel8a.fluxcoil.net/ipa/config/ca.crt
+wget http://rhel9u4a.local.net/ipa/config/ca.crt
 # using ldapsearch
@@ Line 80: / Line 80: @@
 chmod +x createuser.sh
-for i in $(seq 2 2000); do
+for i in $(seq 2 20); do
   ./createuser.sh user$i;
 done
@@ Line 113: / Line 113: @@
 ipa user-add $USER --first Test --last User
 echo "test" | ipa passwd $USER
-ldappasswd -D uid=$USER,cn=users,cn=accounts,dc=fluxcoil,dc=net -H ldap://rhel6u3b.fluxcoil.net -w test -a test -s redhat42 -ZZ
+ldappasswd -D uid=$USER,cn=users,cn=accounts,dc=local,dc=net -H ldap://rhel6u3b.local.net -w test -a test -s redhat42 -ZZ
-</code>
-===== creating a IdM replica =====
-  * https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/installing_identity_management/index#preparing-the-system-for-ipa-replica-installation_installing-identity-management
-  * https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/installing_identity_management/index#installing-an-ipa-replica_installing-identity-management
-<code>
-replica$ yum module -y enable idm:DL1
-replica$ yum distro-sync -y
-replica$ yum module -y install idm:DL1/dns
-replica$ echo 'nameserver 192.168.4.22' >/etc/resolv.conf
-replica$ ipa-client-install --enable-dns-updates --force
-replica$ ipa-replica-install --setup-ca
-# verify DNS is ok
-DOMAIN=fluxcoil.net
-NAMESERVER=rhel8u4a.fluxcoil.net
-for i in _ldap._tcp _kerberos._tcp _kerberos._udp \
-  _kerberos-master._tcp _kerberos-master._udp _ntp._udp; do \
-  echo ""; \
-  dig @${NAMESERVER} ${i}.${DOMAIN} srv +nocmd +noquestion \
-     +nocomments +nostats +noaa +noadditional +noauthority; \
-done | egrep -v "^;" | egrep _
-# ..and on clients ensure they also access the replica for DNS!
 </code>

fluxcoil wiki

User Tools

Site Tools

Differences

Page Tools