码迷,mamicode.com
首页 > 其他好文 > 详细

基于CentOS6.5进行IPA服务的搭建——客户端配置

时间:2014-05-21 02:42:18      阅读:301      评论:0      收藏:0      [点我收藏+]

标签:linux   ipa   centos6.5   

前面介绍了IPA服务端的配置,IPA服务可以为Linux系统提供用户的集中化管理服务。下面我们看一下客户端的具体配置。

操作步骤:

(1)在另外一台主机上安装CentOS6.5操作系统,作为IPA客户端主机

(2)配置客户端网络参数(配置完成后重启系统)

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:0C:29:F4:B0:3A
TYPE=Ethernet
UUID=7a646205-4bcd-4c58-a425-e6e0735f9e2e
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.0.200
NETMASK=255.255.255.0
DNS1=192.168.0.100
[root@localhost ~]# vim /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=client.example.com

(3)安装软件包

[root@client ~]# yum -y install ipa-client

(4)安装客户端

[root@client ~]# ipa-client-install --mkhomedir -p admin
Discovery was successful!
Hostname: client.example.com
Realm: EXAMPLE.COM
DNS Domain: example.com
IPA Server: ipa.example.com
BaseDN: dc=example,dc=com
Continue to configure the system with these values? [no]: yes
Synchronizing time with KDC...
Password for admin@EXAMPLE.COM:
Successfully retrieved CA cert
    Subject:     CN=Certificate Authority,O=EXAMPLE.COM
    Issuer:      CN=Certificate Authority,O=EXAMPLE.COM
    Valid From:  Sat May 17 10:32:32 2014 UTC
    Valid Until: Wed May 17 10:32:32 2034 UTC
Enrolled in IPA realm EXAMPLE.COM
Created /etc/ipa/default.conf
New SSSD config will be created
Configured /etc/sssd/sssd.conf
Configured /etc/krb5.conf for IPA realm EXAMPLE.COM
trying https://ipa.example.com/ipa/xml
Forwarding ‘env‘ to server u‘https://ipa.example.com/ipa/xml‘
Hostname (client.example.com) not found in DNS
DNS server record set to: client.example.com -> 192.168.0.200
Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub
Forwarding ‘host_mod‘ to server u‘https://ipa.example.com/ipa/xml‘
SSSD enabled
Configured /etc/openldap/ldap.conf
NTP enabled
/etc/ssh/ssh_config not found, skipping configuration
Configured /etc/ssh/sshd_config
Client configuration complete.

到此为止,客户端配置完成。


客户端测试:

[root@client ~]# su - user01
[user01@client ~]$ id
uid=1682400001(user01) gid=1682400001(user01) groups=1682400001(user01) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[user01@client ~]$ pwd
/home/user01
[user01@client ~]$ su - user02
Password:
[user02@client ~]$ id
uid=1682400003(user02) gid=1682400003(user02) groups=1682400003(user02) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[user02@client ~]$ pwd
/home/user02


本文出自 “BlackArt” 博客,请务必保留此出处http://blackart.blog.51cto.com/1142352/1413125

基于CentOS6.5进行IPA服务的搭建——客户端配置,布布扣,bubuko.com

基于CentOS6.5进行IPA服务的搭建——客户端配置

标签:linux   ipa   centos6.5   

原文地址:http://blackart.blog.51cto.com/1142352/1413125

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!