[CentOS] FreeIPA

Wed Apr 8 14:24:27 UTC 2009
Rob Kampen <rkampen at kampensonline.com>

Craig White wrote:
> On Wed, 2009-04-08 at 10:31 +0200, Rainer Duffner wrote:
>   
>> Craig White schrieb:
>>     
>>> ----
>>> Sure but that's not typically the realm I play in. My typical client is
>>> < 50 users and having a server just for authentication is harder to
>>> justfiy.
>>>   
>>>       
>> In that case, shelling out the 7-something grand for RHE-IPA is probably
>> also not an option, I assume.
>>     
> ----
> Reminds me of the old joke whose punchline goes something like, we've
> already determined what you are and now we're just haggling over the
> price.
> ----
>   
>>> I myself have an older server which doesn't support hardware
>>> virtualization. Perhaps you're right, I set up something in
>>> virtualization and use Fedora but the churn rate of Fedora is just too
>>> much, especially for an authentication server.
>>>
>>>       
>
>   
>> But maybe this is of help:
>> http://www.howtoforge.com/how-to-build-rhel-ipa-rpms-for-centos-5
>>     
> ----
> I listed that URL in my first post on this thread. I used that as a
> semi-guide but got build requisites from EPEL & Fedora-10-SRPMS instead
> just to have a shot at building 1.2.0 instead of the 1.0.0 version
> discussed on that page.
>
> Thanks
>
> Craig
>
>
>   
I've been watching the discussion and read the RHEL docs about IPA and 
thought "At Last" something that brings together all the bits for the 
little guy. Now it appears the RH is going to drop the ball.
I have tried OpenLDAP and currently have a CentOS-DS running but am 
missing the bits that glue it all together. The actual core services 
(LDAP (either variant) Kerberos PAM samba etc) are simple enough to 
install on CentOS but the stuff that makes it "just work" is very 
difficult for me to get my head around and thus I've never actually got 
a setup working well enough to risk on my clients.
The excellent how-to for amavis http://wiki.centos.org/HowTos/Amavisd is 
just wonderful.
Congratulations and thanks to the author - it just works. We need more 
of this!!
Back to secure authentication and having a single (replicated) place for 
all the users/groups/policy....
It seems enterprises have the bucks and folk to learn all the 
mumbo-jumbo needed to get it working, or the other scenario is 
integrating with microsoft based ads, neither of which fits my needs.
I have purchased text books on LDAP etc and still cannot get a recipe 
that works for a small enterprise with maybe two or three servers, one 
or two locations and less than 50 people.
I end up doing all the admin by hand - samba is working, the clients can 
simply log in once on their windoze machine but oh the back ground work 
to keep it going.....sigh.
Any good documents or apps out there?
Rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rkampen.vcf
Type: text/x-vcard
Size: 196 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20090408/753bfc03/attachment-0005.vcf>