[Freeipa-users] cant authenticate using freeipa userid on ubuntu12.04
Todd Maugh
tmaugh at boingo.com
Mon Mar 31 22:30:28 UTC 2014
I have found this to be my only way to get Ubuntu to work with ipa as clients
Add the IDM servers to the hosts file
echo "{ip address of idmserver} {fqdn of idm server " >> /etc/hosts
Set the Hostname for the box
echo "ubuntu-idm-02.boingo.com" > /etc/hostname
Add ipa and sssd repos to box
apt-add-repository http://ppa.launchpad.net/freeipa/ppa/ubuntu
apt-add-repository 'http://ppa.launchpad.net/sssd/updates/ubuntu'
apt-get update
Install the Ipa Client
apt-get install -y freeipa-client
Realm: YOUR REALM
DOMAIN: YOUR DOMAIN
SERVER: FQDN OF YOUR IDMSERVER
user to enroll: admin
password : YOUR PASSWORD
Make some modifications to ubuntu
mkdir -p /etc/pki/nssdb
certutil -N --empty-password -d /etc/pki/nssdb
mkdir -p /var/run/ipa
Clear out original install
rm -f /etc/ipa/default.conf
Move aside and re version the python version
cp /usr/share/pyshared/ipapython/version.py /usr/share/pyshared/ipapython/version.py.bak
sed -i "s/API_VERSION=.*/API_VERSION=u'2.49'/g" /usr/share/pyshared/ipapython/version.py
install the ipa
ipa-client-install
restart sssd
service sssd restart
you should then have a walking talking Ubuntu client
-----Original Message-----
From: freeipa-users-bounces at redhat.com [mailto:freeipa-users-bounces at redhat.com] On Behalf Of Rob Crittenden
Sent: Monday, March 31, 2014 1:58 PM
To: Gustavo Berman; freeipa-users at redhat.com
Subject: Re: [Freeipa-users] cant authenticate using freeipa userid on ubuntu12.04
Gustavo Berman wrote:
>
> Sabin Ranjit <sabinranjit at ...> writes:
>
>>
>>
>> hi,
>> i followed this page for the installation of freeipa client over the
>> ubuntu 12.04
> server.http://www.redhat.com/archives/freeipa-users/2013-June/msg00091
> .html
>> everything seem to go as mentioned in the page. when i get at the
>> freeipa server with the command ipa host-find
>> i can even see my ubuntu server listed there with "Keytab:
>> True". The
> problem is that im not being able
>> to authenticate with the username listed in the freeipa server.
>> if i try to run : "su ldapuserid" ubuntu errors "unknown id:
>> ldapuserid"
>> i cant even ssh to the ubuntu server with the ldapuserid.
>> what can be the possible solutions?
>> please help. thanks.
>> regards,
>> sabin
>>
>
>
> Hi Sabin
> Please try my howto:
> http://askubuntu.com/questions/295075/freeipa-client-on-ubuntu
>
> I assembled it from that same mail and other sources
>
> Tavo.
Sabin, if you can confirm these steps maybe we can add this to the Howto section on freeipa.org. Except for the localhost thing (probably
unnecessary) and maybe messing with the version (we might agree to disagree on that) this looks really good.
cheers
rob
_______________________________________________
Freeipa-users mailing list
Freeipa-users at redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
More information about the Freeipa-users
mailing list