FreeIPA is an integrated security information management solution combining Linux (Fedora), 389 Directory Server, MIT Kerberos, NTP, DNS, Dogtag (Certificate System). It consists of a web interface and command-line administration tools.
FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers.
FreeIPA is an open source alternative to Microsoft Directory Server. It provides the following functionality:
- Centralised LDAP based authorisation
- Time server
- Certificate Authority
- Host and Role based access control
and more, all with a reasonable web GUI and excellent command line tools.
This work will walk through an install of FreeIPA on a Fedora 35 Server install and configures three servers in a multi-master configuration. It should be similar on CentOS and RHEL (although the packages might be called ipa not freeipa).
You can find the code to create an IPA infrastructure at :
the code used for this project has been saved in github feel free to download