> I want to install spacewalk with freeIPA and wondered whether anyone has > done that yet, or has any hints/resources. I have installed spacewalk > before a few times, but standalone. > > To my knowledge you still need to configure the users locally (at least I do) since you need to be able to assign them channel permissions etc...
In /etc/rhn/rhn.conf you will need: pam_auth_service = rhn-satellite That defines the service name for pam... In /etc/pam.d/rhn-satellite this will pass the authentication to SSSD which will then handle the rest: auth required pam_env.so auth sufficient pam_sss.so auth required pam_deny.so account sufficient pam_sss.so account required pam_deny.so Don't forget to put a rhn-satellite service in place for policies if you are using HBAC to limit access to services from users (my admins have a default allow all services ... so will vary by site). I've not popped a IPA signed certificate for the HTTPS service of spacewalk but it should be pretty trivial to do... On your clients don't forget to add the CA certificate for IPA to /etc/pki/tls/certs/ca-bundle.crt and any java keystores you are using as well. If you need more help when I have some more time I can assist more later... James
_______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
