May 9th meeting: FreeIPA
Topic: FreeIPA Presenter: Jeremy Agee & Chris Hudson When: Thursday, May 9, 7pm Where: Red Hat HQ, NCSU Centennial Campus, 1801 Varsity Dr, Raleigh, NC Map: Google Maps Video: G+ Hangout Live and on YouTube [live stream and then archived on youtube] Slides: Slides [ODP], Install Log [TXT], Demo Video [YouTube]
FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers.
This talk will describe the different parts of IPA and what each one does:
- What is an IdM system and why do i need one?
- What do we need to manage?
- overview of how do these parts work together NTP, LDAP, PKI, KDC, HTTPD, and DNS
- client parts sssd, certmonger
The talk will then switch to a live demo of installing and configuring a FreeIPA server, and adding a client to the IPA infrastructure. The demo will cover CLI and Web UI for admins, dns management, krb5+nfs4 for file access, SSO for ssh + key management, and sssd caching for when IPA servers are unavailable (anyone use a laptop?).
If there is enough time after the demo, we can go into enterprise features like HBAC, sudo rules, Automount maps, selinux users, and AD cross-realm trusts.