If you need a quick LDAP and Kerberos system up and running to provide authentication and user information, FreeIPA is for you. IPA is documented at “https://www.freeipa.org/page/Main_Page”. This article demonstrates how to set up FreeIPA on CentOS 7. By the end of this article, you’ll have a working FreeIPS system allowing you to manage users with a web portal.
Install FreeIPA dependencies:
yum install epel-release yum install bind-utils ipa-server ipa-server-dns bindipa-server bind-dyndb-ldap
If you don’t have DNS working in your environment, cheat by adding an entry into your server’s “/etc/hosts” file:
# Where "10.0.0.1" is this host's IP address 10.0.0.1 ipa.agix.local
And set the server’s hostname:
hostnamectl set-hostname ipa.agix.local
Execute the following to start the installation process. You should enable DNS services during the following process:
ipa-server-install
Follow the prompts to complete the setup wizard.
Set up your firewall:
firewall-cmd --add-service={dns,freeipa-ldap,freeipa-ldaps} --permanent firewall-cmd --reload
Now you should be able to access the secure portal at:
https://ipa.agix.local
You can test your new LDAP services from the server or a client using the following. Replace “admin” with any user you’ve created in LDAP:
ldapsearch -x -h ipa.agix.local -b dc=agix,dc=local uid=admin
I used some information from “https://computingforgeeks.com/install-freeipa-server-centos-7/” to create this article.