Install FreeIPA Fedora 40
FreeIPA is an integrated security information management solution combining Linux (Fedora), 389 Directory Server, MIT Kerberos, NTP, DNS, Dogtag (Certificate System). It consists of a web interface and command-line administration tools.
FreeIPA requires access to the following ports for the services listed below:
| Ports | Service | Protocol |
|---|---|---|
| 80, 443 | HTTP/HTTPS | TCP |
| 389, 636 | LDAP/LDAPS | TCP |
| 88, 464 | Kerberos | TCP/UDP |
| 53 | DNS | TCP/UDP |
| 123 | NTP | UDP |
Preparation
1. Set the hostname to match the domain you will be using for the FreeIPA server.
sudo hostname ipa.example.comor edit file /etc/hostname.
2. map ip address to hostname with edit file /etc/host
10.0.0.1 server.ipa.test serverSet Up the FreeIPA Server
#dnf install ipa-server freeipa-server-dns freeipa-clientOnce the software has been downloaded, begin the installation process by entering the following command:
#ipa-server-installOnce the installation is complete, you will you will be provided with instructions on how to create a Kerberos ticket for the admin user, allowing you to begin working with Kerberos.
kinit adminThe kerberos admin server will be freely accessible via it’s domain in a web browser.
open port for freeipa service
firewall-cmd --permanent --add-port={80/tcp,443/tcp,389/tcp,636/tcp,88/tcp,464/tcp,53/tcp,88/udp,464/udp,53/udp,123/udp}reload firewall
firewall-cmd --reloadOpen browser and access the freeipa server
