I have found this to be my only way to get Ubuntu to work with ipa as clients

Add the IDM servers to the hosts file

                echo "{ip address of idmserver}   {fqdn of idm server " >> 
/etc/hosts

Set the Hostname for the box

                echo "ubuntu-idm-02.boingo.com" > /etc/hostname
        
Add ipa and sssd repos to box

                apt-add-repository http://ppa.launchpad.net/freeipa/ppa/ubuntu

                apt-add-repository 
'http://ppa.launchpad.net/sssd/updates/ubuntu'

                apt-get update

Install the Ipa Client

                apt-get install -y freeipa-client


Realm: YOUR REALM

DOMAIN: YOUR DOMAIN

SERVER: FQDN OF YOUR IDMSERVER

user to enroll: admin

password : YOUR PASSWORD


Make some modifications to ubuntu

                mkdir -p /etc/pki/nssdb

                certutil -N --empty-password -d /etc/pki/nssdb 

                mkdir -p /var/run/ipa

Clear out original install 

                rm -f /etc/ipa/default.conf

Move aside and re version the python version

                cp /usr/share/pyshared/ipapython/version.py 
/usr/share/pyshared/ipapython/version.py.bak

                sed -i "s/API_VERSION=.*/API_VERSION=u'2.49'/g" 
/usr/share/pyshared/ipapython/version.py

install the ipa

                ipa-client-install


                restart sssd

                service sssd restart



you should then have a walking talking Ubuntu client

-----Original Message-----
From: freeipa-users-boun...@redhat.com 
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Rob Crittenden
Sent: Monday, March 31, 2014 1:58 PM
To: Gustavo Berman; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] cant authenticate using freeipa userid on 
ubuntu12.04

Gustavo Berman wrote:
>
> Sabin Ranjit <sabinranjit@...> writes:
>
>>
>>
>>      hi,
>>      i followed this page for the installation of freeipa client over the
>>      ubuntu 12.04
> server.http://www.redhat.com/archives/freeipa-users/2013-June/msg00091
> .html
>>      everything seem to go as mentioned in the page. when i get at the
>>      freeipa server with the command ipa host-find
>>      i can even see my ubuntu server listed there with "Keytab: 
>> True". The
> problem is that im not being able
>>        to authenticate with the username listed in the freeipa server.
>>        if i try to run : "su ldapuserid" ubuntu errors "unknown id:
>>        ldapuserid"
>>        i cant even ssh to the ubuntu server with the ldapuserid.
>>        what can be the possible solutions?
>>        please help. thanks.
>>        regards,
>>        sabin
>>
>
>
> Hi Sabin
> Please try my howto:
> http://askubuntu.com/questions/295075/freeipa-client-on-ubuntu
>
> I assembled it from that same mail and other sources
>
> Tavo.

Sabin, if you can confirm these steps maybe we can add this to the Howto 
section on freeipa.org. Except for the localhost thing (probably
unnecessary) and maybe messing with the version (we might agree to disagree on 
that) this looks really good.

cheers

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to