[Freeipa-users] Re: freeipa server + how to joining opensuse clients
Simo Sorce
ssorce at redhat.com
Fri Mar 13 12:35:23 UTC 2009
Reply moved to freeipa-users.
On Fri, 2009-03-13 at 15:51 +0800, Byambaa Mendbayar wrote:
> Dear developers,
>
> I want to join my linux clients (opensuse 11.1) in freeipa server domain
> (rmwg.mn.), how can I do that. Of course before I had read some
> documents from freeipa.org web site [1]. But I have still unclear to
> joining my clients on my server domain.
In v1, there isn't actually a formal join to perform.
All you need to get users and authenticate is configure nss_ldap to
point to your server and pam_krb for krb authentication.
If you also want to offer kerberized services (like SSO auth via sshd)
then you can use ipa-addservice to add a 'host' service for your machine
and ipa-getkeytab to retrieve a keytab for the machine.
Details on the single operations are in the docs.
> Should I use 'Yast->Network Services->Windows Domain Membership'
> function for joining my opensuse client to the freeipa server's
> domain?
No.
> [1] -
> http://www.freeipa.org/page/Implementing_FreeIPA_in_a_mixed_Environment_(Windows/Linux)_-_Step_by_step
This page is to configure windows clients, you want to read this one for
linux/unix clients:
http://www.freeipa.org/page/ClientConfigurationGuide
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list