Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
guides:freeipa [2017/05/03 04:37] jamesdro LDAPS needs cacert |
guides:freeipa [2017/11/29 21:11] (current) jamesdro NTP is important, mmkay |
||
|---|---|---|---|
| Line 15: | Line 15: | ||
| ===== Client ===== | ===== Client ===== | ||
| - | On RHEL based ones, install `freeipa-client`. Super easy. However, if you're on debian-master-race, you don't need hand holding and an "automated client". Let's dig into some config files. | + | On RHEL based ones (and Ubuntu 16.04), install `freeipa-client`. Super easy. Then run: |
| + | |||
| + | ``` | ||
| + | ipa-client-install --mkhomedir --enable-dns-updates --ssh-trust-dns | ||
| + | ``` | ||
| + | |||
| + | However, if you're on debian-master-race, you don't need hand holding and an "automated client". Let's dig into some config files. | ||
| ===== Debian Installation ===== | ===== Debian Installation ===== | ||
| Line 30: | Line 36: | ||
| - `AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys` | - `AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys` | ||
| - `AuthorizedKeysCommandUser nobody` | - `AuthorizedKeysCommandUser nobody` | ||
| + | - Append the following line to `/etc/systemd/timesyncd.conf` | ||
| + | - `Servers=tick.cse.buffalo.edu tock.cse.buffalo.edu ticktock.cse.buffalo.edu` | ||
| + | - Enable NTP: `timedatectl set-ntp yes` | ||
| - GG, you're done. | - GG, you're done. | ||