[Freeipa-users] Announcing FreeIPA v2 Server Alpha 2 Release

Rob Crittenden rcritten at redhat.com
Thu Feb 18 19:07:54 UTC 2010

To all freeipa-interest, freeipa-users and freeipa-devel list members,

The FreeIPA project team is pleased to announce the availability of the 
Alpha 2 release of the long-awaited freeIPA 2.0 server [1].

This version of the server includes:

* Draft UI pages for all plugins that fit into a 
Create-Retrieve-Update-Delete model. After running the 
`ipa-server-install` script, point your browser to:


Replacing `yourhost.com` with the fully-qualified domain name of your 
IPA server.

Please take a moment to play with these pages. Please do not pay 
attention to style, rather focus attention to the work flow, layout and 
data being added, displayed or modified. We need to understand if the 
direction that this interface establishes is the right one. Should we 
continue with the proposed approach or do something else. What?

Your opinion is very important to us!

Please do not hesitate to share it with us on the mailing list:
freeipa-users at redhat.com

* Optionally installable DNS server
* Optionally installable Certificate Authority to manage server certificates
* NIS compatibility plug-in
* Simplified migration of the users from IPA v1 or external LDAP server
* IPA client component to configure SSSD to integrate with IPA
* Integration with "certmonger" certificate tracking utility. The 
utility allows automatic provisioning, tracking and renewal of 
certificates on a member server.
* General improvements and enhancements across the whole project.

The freeIPA 2.0 server is capable of:
* Providing Kerberos authentication of users and hosts
* Managing different objects via extensible CLI and UI framework
   * Managing user and host identities
   * Managing user and host groups
   * Managing kerberised services
   * Managing default kerberos policies
* Defining host-based access control rules that will be enforced
   on the client side by the IPA back end for SSSD
* Serving netgroups based on user and host objects stored in IPA
* Serving sets of different automount maps to different clients
* Finer-grained management delegation
* Group-based password policies
* Provisioning of the certificates for services running on member servers.

The FreeIPA 2.0 client machines can be configured in the same way as the 
clients of freeIPA 1.2 following the installation instructions [2]. 
FreeIPA 2.0 client machines running Red Hat Enterprise Linux 5.4, Fedora 
11 and 12 will be configured to take advantage of the SSSD client 
component. (Note that we currently only provide Fedora builds).

For more information about SSSD its features, how to build it and how
to manually configure it see the SSSD project page [3].
For Fedora 11 and 12 the SSSD component is available from the Fedora
repository. For Red Hat Enterprise Lunix 5.4 the SSSD can be
downloaded and built from sources.
To configure SSSD automatically install ipa-client package
and use ipa-client-install command. Use "--help" command line
argument to get full list of options for the ipa-client-install

For more information about features delivered in this release, see
documentation [4] on the freeIPA web site.
For all other freeIPA-related documentation [5], see freeIPA web site.

[1] http://www.freeipa.org/page/Downloads
[2] http://freeipa.org/docs/1.2/Client_Setup_Guide/en-US/html/
[3] https://fedorahosted.org/sssd/
[4] http://www.freeipa.org/page/IPAv2_development_status#Documentation
[5] http://www.freeipa.org/page/DocumentationPortal

More information about the Freeipa-users mailing list