Forked from ruzickap/ipa.example.com - IPA server installation and configuration
Created
March 14, 2019 02:24
-
-
Save paulcalabro/eb45025e5d593c1c0676bf47ae262497 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo "Turn OFF Firewall" | |
| chkconfig firewalld off | |
| service firewalld stop | |
| echo "192.168.122.226 ipa.ec.example.com ipa" >> /etc/hosts | |
| echo "Change DNS server to 192.168.122.247 (ad.example.com)" | |
| cat >> /etc/dhcp/dhclient-eth0.conf << EOF | |
| supersede domain-name-servers 192.168.122.247; | |
| supersede domain-search "ec.example.com"; | |
| EOF | |
| service network restart | |
| echo "Install IPA packages" | |
| yum install -y ipa-server-trust-ad bind bind-dyndb-ldap | |
| echo "Install+Configure IPA" | |
| ipa-server-install --realm=EC.EXAMPLE.COM --domain=ec.example.com --ds-password=admin123 --admin-password=admin123 --mkhomedir --ssh-trust-dns --setup-dns --unattended --forwarder=192.168.122.247 --no-host-dns | |
| echo "Configure IPA server for cross-realm trusts" | |
| ipa-adtrust-install --admin-password=admin123 --netbios-name=EC --add-sids --unattended | |
| echo "Establish and verify cross-realm trust - Add trust with AD domain" | |
| echo -e "admin123\n" | ipa trust-add --type=ad example.com --admin Administrator --password | |
| echo "Check trusted domain" | |
| ipa trustdomain-find example.com | |
| echo "Add new server" | |
| ipa host-add centos7-client.ec.example.com --password=secret --ip-address=192.168.122.46 --os="CentOS 7" --platform="VMware" --location="My lab" --locality="Brno" --desc="Test server" | |
| #Enable kerberos in Firefox | |
| # about:config -> network.negotiate-auth.trusted-uris -> .example.com |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment