Latest revision as of 19:32, 12 May 2023

ipa selfservice-add 'user can read employeeNumber' --attrs=employeeNumber --permissions=read

https://www.freeipa.org/page/HowTo/LDAP

Only works on Ubuntu 20.04 Not 22.04

 set -eu

docker rm freeipa-server || true
# sudo rm -rf ipa-data
# mkdir -p ipa-data
# sudo chmod 0777 ipa-data

    # --tmpfs /tmp --tmpfs /run --tmpfs /run/lock --tmpfs /sys/fs/cgroup \
docker run -ti -h ipa.example.test --read-only \
    --tmpfs /tmp --tmpfs /run --tmpfs /run/lock -v /sys/fs/cgroup:/sys/fs/cgroup:ro \
    -v ./ipa-data:/data \
    --name freeipa-server \
    -e PASSWORD=ChangeMe \
    -p 80:80 -p 443:443 \
    -p 389:389 -p 636:636 \
    -p 88:88 -p 464:464 -p 88:88/udp -p 464:464/udp \
    --sysctl net.ipv6.conf.all.disable_ipv6=0 \
    freeipa/freeipa-server:centos-8-stream-4.9.11
    # freeipa/freeipa-server:centos-8-stream-4.9.11 ipa-server-install -U -r EXAMPLE.TEST --no-ntp

# login with admin and -e PASSWORD var ChangeMe

ldapsearch -x -h 127.0.0.1  -b dc=example,dc=test uid=admin
ldapsearch -x -h 127.0.0.1  -b cn=users,cn=accounts,dc=example,dc=test uid=app1user

docker run --name freeipa-server-container -ti \
    -e IPA_SERVER_IP=10.12.0.98 \
    -p 53:53/udp -p 53:53 \
    -p 8880:80 -p 8443:443 -p 389:389 -p 636:636 -p 88:88 -p 464:464 \
    -p 88:88/udp -p 464:464/udp -p 123:123/udp \
    -h ipa.example.test --read-only \
    -v /sys/fs/cgroup:/sys/fs/cgroup:ro \
    -v /var/lib/ipa-data:/data:Z \
    freeipa-server

Difference between revisions of "Freeipa"

Latest revision as of 19:32, 12 May 2023

Only works on Ubuntu 20.04 Not 22.04

Navigation menu

Search

@@ Line 8: / Line 8: @@
 https://www.linkedin.com/pulse/how-install-freeipa-ubuntu-docker-packopsdev-farshad-nickfetrat
+https://serverfault.com/questions/727330/freeipa-without-web-ui-or-change-of-ports
+https://serverfault.com/questions/742994/restrict-ldap-attribute-read-to-self-in-freeipa-redhat-idm
+```
+ipa selfservice-add 'user can read employeeNumber' --attrs=employeeNumber --permissions=read
+```
+https://www.freeipa.org/page/HowTo/LDAP
+#Only works on Ubuntu 20.04 Not 22.04
+```
+ set -eu
+docker rm freeipa-server || true
+# sudo rm -rf ipa-data
+# mkdir -p ipa-data
+# sudo chmod 0777 ipa-data
+    # --tmpfs /tmp --tmpfs /run --tmpfs /run/lock --tmpfs /sys/fs/cgroup \
+docker run -ti -h ipa.example.test --read-only \
+    --tmpfs /tmp --tmpfs /run --tmpfs /run/lock -v /sys/fs/cgroup:/sys/fs/cgroup:ro \
+    -v ./ipa-data:/data \
+    --name freeipa-server \
+    -e PASSWORD=ChangeMe \
+    -p 80:80 -p 443:443 \
+    -p 389:389 -p 636:636 \
+    -p 88:88 -p 464:464 -p 88:88/udp -p 464:464/udp \
+    --sysctl net.ipv6.conf.all.disable_ipv6=0 \
+    freeipa/freeipa-server:centos-8-stream-4.9.11
+    # freeipa/freeipa-server:centos-8-stream-4.9.11 ipa-server-install -U -r EXAMPLE.TEST --no-ntp
+# login with admin and -e PASSWORD var ChangeMe
+```
+```
+ldapsearch -x -h 127.0.0.1  -b dc=example,dc=test uid=admin
+ldapsearch -x -h 127.0.0.1  -b cn=users,cn=accounts,dc=example,dc=test uid=app1user
+```
+```
+docker run --name freeipa-server-container -ti \
+    -e IPA_SERVER_IP=10.12.0.98 \
+    -p 53:53/udp -p 53:53 \
+    -p 8880:80 -p 8443:443 -p 389:389 -p 636:636 -p 88:88 -p 464:464 \
+    -p 88:88/udp -p 464:464/udp -p 123:123/udp \
+    -h ipa.example.test --read-only \
+    -v /sys/fs/cgroup:/sys/fs/cgroup:ro \
+    -v /var/lib/ipa-data:/data:Z \
+    freeipa-server
+```