freeipa/ipa-server/ipa-install/README

68 lines
1.5 KiB
Plaintext
Raw Normal View History

Required packages:
2007-06-29 10:30:10 -05:00
krb5-server
fedora-ds-base
fedora-ds-base-devel
openldap-clients
2007-09-07 17:18:51 -05:00
openldap-devel
2007-06-29 10:30:10 -05:00
krb5-server-ldap
cyrus-sasl-gssapi
0000-12-31 18:09:24 -05:50
httpd
mod_auth_kerb
0000-12-31 18:09:24 -05:50
ntp
openssl-devel
2007-09-07 17:18:51 -05:00
nspr-devel
nss-devel
mozldap-devel
mod_python
gcc
python-ldap
TurboGears
python-kerberos
python-krbV
python-tgexpandingformwidget
python-pyasn1
2007-06-29 10:30:10 -05:00
Installation example:
TEMPORARY: until bug https://bugzilla.redhat.com/show_bug.cgi?id=248169 is
fixed.
Please apply the fedora-ds.init.patch in freeipa/ipa-server/ipa-install/share/
to patch your init scripts before running ipa-server-install. This tells
FDS where to find its kerberos keytab.
2007-06-29 10:30:10 -05:00
Things done as root are denoted by #. Things done as a unix user are denoted
by %.
# cd freeipa
# patch -p0 < ipa-server/ipa-install/share/fedora-ds.init.patch
Now to do the installation.
# cd freeipa
# make install
To start an interactive installation use:
# /usr/sbin/ipa-server-install
For more verbose output add the -d flag run the command with -h to see all options
You have a basic working system with one super administrator (named admin).
To create another administrative user:
% kinit admin@FREEIPA.ORG
% /usr/sbin/ipa-adduser -f Test -l User test
% ldappasswd -Y GSSAPI -h localhost -s password uid=test,cn=users,cn=accounts,dc=freeipa,dc=org
% /usr/sbin/ipa-groupmod -a test admins
An admin user is just a regular user in the group admin.
Now you can destroy the old ticket and log in as test:
% kdestroy
% kinit test@FREEIPA.ORG
% /usr/sbin/ipa-finduser test