[Freeipa-users] Announcing FreeIPA v2 Server Alpha 2 Release
rcritten at redhat.com
Thu Feb 18 19:07:54 UTC 2010
To all freeipa-interest, freeipa-users and freeipa-devel list members,
The FreeIPA project team is pleased to announce the availability of the
Alpha 2 release of the long-awaited freeIPA 2.0 server .
This version of the server includes:
* Draft UI pages for all plugins that fit into a
Create-Retrieve-Update-Delete model. After running the
`ipa-server-install` script, point your browser to:
Replacing `yourhost.com` with the fully-qualified domain name of your
Please take a moment to play with these pages. Please do not pay
attention to style, rather focus attention to the work flow, layout and
data being added, displayed or modified. We need to understand if the
direction that this interface establishes is the right one. Should we
continue with the proposed approach or do something else. What?
Your opinion is very important to us!
Please do not hesitate to share it with us on the mailing list:
freeipa-users at redhat.com
* Optionally installable DNS server
* Optionally installable Certificate Authority to manage server certificates
* NIS compatibility plug-in
* Simplified migration of the users from IPA v1 or external LDAP server
* IPA client component to configure SSSD to integrate with IPA
* Integration with "certmonger" certificate tracking utility. The
utility allows automatic provisioning, tracking and renewal of
certificates on a member server.
* General improvements and enhancements across the whole project.
The freeIPA 2.0 server is capable of:
* Providing Kerberos authentication of users and hosts
* Managing different objects via extensible CLI and UI framework
* Managing user and host identities
* Managing user and host groups
* Managing kerberised services
* Managing default kerberos policies
* Defining host-based access control rules that will be enforced
on the client side by the IPA back end for SSSD
* Serving netgroups based on user and host objects stored in IPA
* Serving sets of different automount maps to different clients
* Finer-grained management delegation
* Group-based password policies
* Provisioning of the certificates for services running on member servers.
The FreeIPA 2.0 client machines can be configured in the same way as the
clients of freeIPA 1.2 following the installation instructions .
FreeIPA 2.0 client machines running Red Hat Enterprise Linux 5.4, Fedora
11 and 12 will be configured to take advantage of the SSSD client
component. (Note that we currently only provide Fedora builds).
For more information about SSSD its features, how to build it and how
to manually configure it see the SSSD project page .
For Fedora 11 and 12 the SSSD component is available from the Fedora
repository. For Red Hat Enterprise Lunix 5.4 the SSSD can be
downloaded and built from sources.
To configure SSSD automatically install ipa-client package
and use ipa-client-install command. Use "--help" command line
argument to get full list of options for the ipa-client-install
For more information about features delivered in this release, see
documentation  on the freeIPA web site.
For all other freeIPA-related documentation , see freeIPA web site.
More information about the Freeipa-users