How to Configure FreeIPA Client on Ubuntu 18.04 / CentOS 7 for Centralize Authentication

In our previous article we have already discussed about FreeIPA and its installation steps on CentOS 7 Server, in this article we will discuss how an Ubuntu 18.04 and CentOS 7 machine can be integrated to FreeIPA Server for centralize authentication.

I am assuming “sysadm” user is already created on FreeIPA Sever for Linux Systems for centralize authentication, if not then execute the below commands from FreeIPA server to create the user,

First command is to get Kerberos credentials and second command to set default login shell for all users as “/bin/bash” and third command used for creating the user with name “sysadm

Steps to configure FreeIPA Client on Ubuntu 18.04 system

Step:1) Add DNS record of Ubuntu 18.04 system on FreeIPA Server

Login to your FreeIPA Server( In my case it is installed on CentOS 7) and run the beneath command to add dns record for FreeIPA client (i.e Ubuntu 18.04 system)

In the above command app01.linuxtechi.lan is my Ubuntu 18.04 system with IP address

Note: Make sure your FreeIPA Server and Clients are on the same timezone and getting the time from NTP Servers.

Step:2) Install FreeIPA client Packages using apt-get command

Run the below command from your ubuntu system to install freeipa-client along with the dependencies,

While installing the freeipa-client, we will below screen, Hit enter to Skip

Step:3) Update /etc/hosts file of FreeIPA client (Ubuntu 18.04)

Add below entries of your FreeIPA Server in /etc/hosts file

Change IP address and hostname that suits to your setup.

Step:4) Configure FreeIPA client using command ‘ipa-client-install’

Now run “ipa-client-install” command to configure freeipa-client on your ubuntu 18.04 system,

Change the FreeIPA Server address, domain name and realm that suits to your setup.

Output of above command would be something like below :

Now allow user’s home direction to be created automatically when they first time authenticated with FreeIPA Server.

Append the following line in the file “/usr/share/pam-configs/mkhomedir”

required umask=0022 skel=/etc/skel

Apply the above changes using following command,

Select OK and then hit enter,

Now try to login or ssh to your Ubuntu 18.04 system with sysadm user.

Step:5) Try to Login to your Ubuntu 18.04 System with sysadm user

Now ssh to your ubuntu 18.04 system using the sysadm user,

As we can see, at the first time authentication, it will prompt us to set the new password as the password is expired and will disconnect that session.

Now try to ssh ubuntu system and this time we should able to connect,

This confirms that we have successfully configure FreeIPA Client on Ubuntu 18.04 system.

Steps to configure FreeIPA Client on CentOS 7 System

Step:1) Add DNS record of CentOS 7 on FreeIPA Server

Run the following command from FreeIPA server,

Step:2) Add the FreeIPA Server details in /etc/hosts

Login to your centos 7 system and add the following in /etc/hosts file

Step:3 Install and Configure FreeIPA Client

Use the below command to install FreeIPA client on CentOS 7 system,

Now configure FreeIPA client using “ipa-client-install” command,

Use the same details and credentials that we have used while the same command in Ubuntu 18.04 system

If the above command is executed successfully then we should the output something like below,

Run the below command so that User’s home directory is created automatically at the first login,

Now you should able to login to CentOS 7 system with sysadm user.

Steps to uninstall FreeIPA Client from Ubuntu 18.04 / CentOS 7

That’s all from this article.

Facebook Comments

Show More

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button