Jack Wallen walks you thru the method of putting in an identification and authorization platform on CentOS 8.
FreeIPA is an open supply identification and authorization platform that gives centralized authorization for Linux, macOS, and Home windows. This resolution is predicated on the 389 Listing Server and makes use of Kerberos, SSSD, Dogtag, NTP, and DNS. The set up is not terribly difficult, and you will find a useful web-based interface that makes the platform simple to manage.
I’ll stroll you thru the steps of getting FreeIPA up and operating on CentOS 8.
SEE: CentOS: A how-to guide (free PDF) (TechRepublic)
What you may want
Methods to set your hostname
The very first thing you could do is ready your hostname. I’ll be demonstrating with a LAN-only FQDN (which then should be mapped in /and so on/hosts on any consumer machine that desires to entry the server).
Set your hostname with the command:
sudo hostnamectl set-hostname HOSTNAME
The place HOSTNAME is the FQDN of the server.
After you have set the hostname, you could add an entry within the server’s hosts file. Difficulty the command:
sudo nano /and so on/hosts
Add a line on the backside like this:
The place SERVER_IP is the IP handle of the server and HOSTNAME is the FQDN of the server.
Save and shut the file.
Methods to set up FreeIPA
The set up of FreeIPA begins with enabling the idm:DL1 repository with the command:
sudo module allow idm:DL1
When that command completes, sync the repository with the command:
sudo dnf distro-sync
Set up FreeIPA with the command:
sudo dnf set up ipa-server ipa-server-dns -y
Methods to arrange FreeIPA Server
Subsequent you must run the configuration script for FreeIPA Server. To do this, subject the command:
The primary query you could reply is whether or not or not you need to set up BIND for DNS. Settle for the default (no) by urgent Enter in your keyboard. It’s essential to then affirm the area and realm title, which is able to each be detected by the script. As soon as you have confirmed these entries, you may must set a listing supervisor password, an IPA admin password for the net interface, after which settle for the default (no) for the set up of chrony.
After you have taken care of the above, you may be offered with the main points of your set up (Determine A).
Kind y and hit Enter in your keyboard. The configuration will start. This does take a little bit of time, so both sit again and watch the textual content fly by or set about to handle one other process.
When the configuration completes, you are able to proceed on.
Methods to entry the net interface
Open a browser and level it to https://SERVER_IP (the place SERVER IP is the IP handle of the internet hosting server). Try to be prompted for a username and password (Determine B). The username is admin and the password is the one you set for IPA admin through the configuration.
Upon profitable login, you may end up on the FreeIPA foremost window, the place you may start managing your centralized authentication server (Determine C).
And that is all there may be to getting FreeIPA put in on CentOS. Now you can spend a while including customers and different bits to make your identification and authorization resolution work for your small business.