[Freeipa-users] Connecting ubuntu, Centos 5.x and netbsd to IPA server
Dmitri Pal
dpal at redhat.com
Thu Jun 9 14:50:16 UTC 2011
On 06/08/2011 08:43 PM, Steven Jones wrote:
> Hi,
>
> I am still tryig to figure getting ubuntu connected....
>
> So to get a non-rhel client computer into freeipa the first thing I have to do is make a client computer instance in freepia first? or doesnt it matter? ie can a non rhel client only do authentication or can it be acted upon fully as per a rhel client?
>
Unless you want to have the client use Kerberos to protect your ldap
connection from host to IPA you do not need to have the host principal
in the server.
For not RHEL machines or machines that do not use SSSD you need to
configure only PAM and NSS.
For PAM you can use kerberos or ldap.
For NSS you need to use ldap.
Effectively you need to manually do what ipa-client on rhel 5.6 does for
you.
It is covered in the Freeipa v1 client config guides. Nothing changed there.
http://freeipa.org/docs/1.2/Client_Setup_Guide/en-US/html/
Hope this helps.
> Are there certificates for ssl or something that have to be copied over to the client(s)?
>
> I dont have it working yet beyond I can do a kinit and admin and give a password and then do klist etc....
>
> :/
>
> Its proving very painful....
>
> regards
>
> Steven
>
>
> 8><----
>
> Maybe this article could be a good jumping-off point?
> http://www.aput.net/~jheiss/krbldap/howto.html
>
> It's pretty old, but seems to bring together many things and overview them well, with enough static examples to give you a feel for what you're getting into.
>
> 8><---
>
> thanks, its helping.
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list