obel1x.de

Benutzer-Werkzeuge

Webseiten-Werkzeuge

Zuletzt angesehen:
content:serverbasics:docker-freeipa

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen der Seite angezeigt.

Link zu der Vergleichsansicht

Beide Seiten, vorherige ÜberarbeitungVorherige Überarbeitung
Nächste Überarbeitung		Vorherige Überarbeitung
content:serverbasics:docker-freeipa [2025/04/09 14:00] – [Install Kerberos-Client and enroll your PC to the Domain] obel1xcontent:serverbasics:docker-freeipa [2025/06/05 23:38] (aktuell) – [Docker composer] obel1x
Zeile 101: Zeile 101:
  ipa_journal:  ipa_journal:
  caddy_data:  caddy_data:
 +
 +networks:
 +# Still needs to be defined while without it won't enable ipv6
 +  default:
 +    driver: bridge
 +    enable_ipv6: true
  
 </file> </file>
Zeile 107: Zeile 113:
  
 __**STRONG ADVISE: Do not open Ports of your firewall of the services Kerberos, LDAP or DNS until you configured everything first, otherwise your Server will be very insecure at this stage!**__ __**STRONG ADVISE: Do not open Ports of your firewall of the services Kerberos, LDAP or DNS until you configured everything first, otherwise your Server will be very insecure at this stage!**__
 +
 +
 ===== Caddyfile ===== ===== Caddyfile =====
  
Zeile 657: Zeile 665:
 Go to your IPAs ipa.domain.tld/ipa/config/ssbrowser.html website. You can also find the LInk at the initial Logon-Page. Go to your IPAs ipa.domain.tld/ipa/config/ssbrowser.html website. You can also find the LInk at the initial Logon-Page.
  
-For me, the Button ''Import Certificate''  did not install automagically - use right- click and save to a file named ipa.crt.+For me, the Button ''Import Certificate'' did not install automagically - use right- click and save to a file named ipa.crt.
  
 Than open Firefox settings, Privacy and Security, Authorities- Tab and select Import. Use the downloaded file and select all Checkboxes. This installs your IPA- Authority to your Browser as trusted CA. Than open Firefox settings, Privacy and Security, Authorities- Tab and select Import. Use the downloaded file and select all Checkboxes. This installs your IPA- Authority to your Browser as trusted CA.
Zeile 666: Zeile 674:
  
 If not, check if your klist shows some vaild Tickets. Otherwise inspect if this works: If not, check if your klist shows some vaild Tickets. Otherwise inspect if this works:
-<code> 
  
 +<code>
 HOSTNAME:~ # kinit admin HOSTNAME:~ # kinit admin
 Password for admin@DOMAIN.TLD: Password for admin@DOMAIN.TLD:
Zeile 680: Zeile 688:
  
 This should be all needed to work for Firefox. This should be all needed to work for Firefox.
 +
 +==== Setup Sudoers with FreeIPA/SSSD ====
 +
 +This is quite a cool feature to have client admin- users managed by putting them in an IPA- group. When Loggin in with SSSD they will get added to the sudoers, making them admin on the given machines. Check this out: [[https://www.howtoforge.de/anleitung/wie-integriere-ich-sudoers-in-den-freeipa-server/|https://www.howtoforge.de/anleitung/wie-integriere-ich-sudoers-in-den-freeipa-server/]]
 +
  
 ===== Next Steps ===== ===== Next Steps =====
content/serverbasics/docker-freeipa.1744200033.txt.gz · Zuletzt geändert: von obel1x
Falls nicht anders bezeichnet, ist der Inhalt dieses Wikis unter der folgenden Lizenz veröffentlicht: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki