Re: [Freeipa-users] cant authenticate using freeipa userid on ubuntu12.04
I have found this to be my only way to get Ubuntu to work with ipa as clients
Add the IDM servers to the hosts file
echo "{ip address of idmserver} {fqdn of idm server " >>
/etc/hosts
Set the Hostname for the box
echo "ubuntu-idm-02.boingo.com" > /etc/hostname
Add ipa and sssd repos to box
apt-add-repository http://ppa.launchpad.net/freeipa/ppa/ubuntu
apt-add-repository
'http://ppa.launchpad.net/sssd/updates/ubuntu'
apt-get update
Install the Ipa Client
apt-get install -y freeipa-client
Realm: YOUR REALM
DOMAIN: YOUR DOMAIN
SERVER: FQDN OF YOUR IDMSERVER
user to enroll: admin
password : YOUR PASSWORD
Make some modifications to ubuntu
mkdir -p /etc/pki/nssdb
certutil -N --empty-password -d /etc/pki/nssdb
mkdir -p /var/run/ipa
Clear out original install
rm -f /etc/ipa/default.conf
Move aside and re version the python version
cp /usr/share/pyshared/ipapython/version.py
/usr/share/pyshared/ipapython/version.py.bak
sed -i "s/API_VERSION=.*/API_VERSION=u'2.49'/g"
/usr/share/pyshared/ipapython/version.py
install the ipa
ipa-client-install
restart sssd
service sssd restart
you should then have a walking talking Ubuntu client
-Original Message-
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Rob Crittenden
Sent: Monday, March 31, 2014 1:58 PM
To: Gustavo Berman; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] cant authenticate using freeipa userid on
ubuntu12.04
Gustavo Berman wrote:
>
> Sabin Ranjit writes:
>
>>
>>
>> hi,
>> i followed this page for the installation of freeipa client over the
>> ubuntu 12.04
> server.http://www.redhat.com/archives/freeipa-users/2013-June/msg00091
> .html
>> everything seem to go as mentioned in the page. when i get at the
>> freeipa server with the command ipa host-find
>> i can even see my ubuntu server listed there with "Keytab:
>> True". The
> problem is that im not being able
>>to authenticate with the username listed in the freeipa server.
>>if i try to run : "su ldapuserid" ubuntu errors "unknown id:
>>ldapuserid"
>>i cant even ssh to the ubuntu server with the ldapuserid.
>>what can be the possible solutions?
>>please help. thanks.
>>regards,
>>sabin
>>
>
>
> Hi Sabin
> Please try my howto:
> http://askubuntu.com/questions/295075/freeipa-client-on-ubuntu
>
> I assembled it from that same mail and other sources
>
> Tavo.
Sabin, if you can confirm these steps maybe we can add this to the Howto
section on freeipa.org. Except for the localhost thing (probably
unnecessary) and maybe messing with the version (we might agree to disagree on
that) this looks really good.
cheers
rob
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] cant authenticate using freeipa userid on ubuntu12.04
Gustavo Berman wrote: Sabin Ranjit writes: hi, i followed this page for the installation of freeipa client over the ubuntu 12.04 server.http://www.redhat.com/archives/freeipa-users/2013-June/msg00091.html everything seem to go as mentioned in the page. when i get at the freeipa server with the command ipa host-find i can even see my ubuntu server listed there with "Keytab: True". The problem is that im not being able to authenticate with the username listed in the freeipa server. if i try to run : "su ldapuserid" ubuntu errors "unknown id: ldapuserid" i cant even ssh to the ubuntu server with the ldapuserid. what can be the possible solutions? please help. thanks. regards, sabin Hi Sabin Please try my howto: http://askubuntu.com/questions/295075/freeipa-client-on-ubuntu I assembled it from that same mail and other sources Tavo. Sabin, if you can confirm these steps maybe we can add this to the Howto section on freeipa.org. Except for the localhost thing (probably unnecessary) and maybe messing with the version (we might agree to disagree on that) this looks really good. cheers rob ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] cant authenticate using freeipa userid on ubuntu12.04
Sabin Ranjit writes: > > > hi, > i followed this page for the installation of freeipa client over the > ubuntu 12.04 server.http://www.redhat.com/archives/freeipa-users/2013-June/msg00091.html > everything seem to go as mentioned in the page. when i get at the > freeipa server with the command ipa host-find > i can even see my ubuntu server listed there with "Keytab: True". The problem is that im not being able > to authenticate with the username listed in the freeipa server. > if i try to run : "su ldapuserid" ubuntu errors "unknown id: > ldapuserid" > i cant even ssh to the ubuntu server with the ldapuserid. > what can be the possible solutions? > please help. thanks. > regards, > sabin > Hi Sabin Please try my howto: http://askubuntu.com/questions/295075/freeipa-client-on-ubuntu I assembled it from that same mail and other sources Tavo. ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] cant authenticate using freeipa userid on ubuntu12.04
Sabin Ranjit wrote: hi, i followed this page for the installation of freeipa client over the ubuntu 12.04 server. http://www.redhat.com/archives/freeipa-users/2013-June/msg00091.html everything seem to go as mentioned in the page. when i get at the freeipa server with the command ipa host-find i can even see my ubuntu server listed there with "Keytab: True". The problem is that im not being able to authenticate with the username listed in the freeipa server. if i try to run : "su ldapuserid" ubuntu errors "unknown id: ldapuserid" i cant even ssh to the ubuntu server with the ldapuserid. what can be the possible solutions? I would check the sssd logs, and potentially increase debug logging. rob ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
