Wondering how to install a FreeIPA client on Ubuntu? We can help you with it.
Here at Bobcares, we have seen several such Ubuntu related installations as part of our Server Management Services for web hosts and online service providers.
Today we’ll see how to install FreeIPA on Ubuntu.
How to install FreeIPA client on Ubuntu
Now let’s see how our Support Engineers install the FreeIPA.
1. Preparing the IPA Client
First, we need to ensure that the Ubuntu server is ready to run the FreeIPA client. For that, we’ll set the server hostname, update the system packages, and check that the DNS records are propagated.
The hostname of your Ubuntu server must match with the FQDN for the FreeIPA client to work. Here, we are considering ipa-client.example.com to be the FQDN.
In case, yours is a new server then you can set the hostname when you create the server.
But, if you already have a server then you can use the below hostname command.
hostname ipa-client.example.comIf you are willing to change the server’s hostname then do change it manually in the /etc/hostname file as well.
nano /etc/hostnameThere should only be one line in the /etc/hosts file with the server’s original hostname:
your_original_hostnameNow, change it to the full FQDN of your client.
ipa-client.example.comThen save the file and close it.
After setting the hostname of the server correctly, update the package repositories.
apt-get updateFinally, verify the DNS propagation by running the below command.
dig +short ipa-client.example.com AThis must return your_server_ipv4.
But, if you have IPv6 enabled, you can test the AAAA record the same way.
dig +short ipa-client.example.com AAAAThis must return your_server_ipv6.
2. Install the FreeIPA Client
The FreeIPA client is included in the default repositories in Ubuntu 16.04.
apt-get install freeipa-clientThen run the FreeIPA installation command.
ipa-client-install --mkhomedirThe –mkhomedir flag will tell FreeIPA to create home directories for IPA users when they login to the machine for the first time. However, you can omit this flag if you don’t need this behavior.
The installer will prompt for the IPA domain. It is set when you configure the server.
Provide the domain name of your IPA server (ex: example.com): ipa.example.com
Then enter the domain name of the IPA server. This must be exactly the same as the URL that you access in the IPA web.
Provide your IPA server name (ex: ipa.example.com): ipa.example.com
With a single server, failover will not work. However, FreeIPA will warn you about this, and you should enter yes to proceed.
Autodiscovery of servers for failover cannot work with this configuration. If you proceed with the installation, services will be configured to always access the discovered server for all operations and will not fail over to other servers in case of failure. Proceed with fixed values and no DNS discovery? [no]: yes
Continue after confirming all the options are correct.
Continue to configure the system with these values? [no]: yes
After this, enter an admin username.
User authorized to enroll computers: admin
Then enter the password for your IPA admin user.
Now, its time to verify that our system shows up in the IPA web interface.
3. Verifying Authentication
Now go to the IPA web UI that is https://ipa.example.com. Then log in to the web UI with the IPA admin account you used previously.
Here, navigate to the Hosts tab. You will see the IPA server listed as well as the client you just configured. Click on the entry for your IPA client which will take you to an overview of the host.
Here, you can enter the information about the client machine as well as managing groups and roles for the machine. Also, you can try to log into the machine with an IPA user from the local terminal.
ssh admin@ipa-client.example.comOnce logging into your machine as an IPA user. you can exit back after it is successful.
[Need any further assistance with Ubuntu queries? – We are here to help you.]
Conclusion
In today’s writeup, we saw how our Support Engineers install the FreeIPA client on Ubuntu.
0 Comments