Two factor authentication (2FA) is more and more emerging which is good to enhance security. Since the release of IPA4 it comes with 2FA included. Over time I made a lot of experiments and experience I wanted to share with you. Its is easy to set up and maintain as long as you use it ….Read More
Author: Luc de Louw
Migrating legacy servers to FreeIPA authentication using ID-views
ID-Views are a new feature of FreeIPA4 which allows you to map UID/GID user/group names to another. This is a very handy solution when migrating legacy servers. There are legacy servers in the field with a lot of history. They have been migrated from one operating system to another since the last decade(s). It is ….Read More
Building a virtual CEPH storage cluster
This post will guide you trough the procedure to build up a testbed on RHEL7 for a complete CEPH cluster. At the end you will have an admin server, one monitoring node and three storage nodes. CEPH is a object and block storage mostly used for virtual machine images and bulk BLOBS such as video- ….Read More
Using IPA to provide automount maps for NFSv4 home directories
Since the invention of NFSv4, automount NFS home directories is secure. Since the invention of IPA, its easier to set up and maintain. This article guides you trough the steps needed to set it up. The procedures have been tested on RHEL7.1 for the IPA servers, RHEL6.6 and 7.1 as clients but should work on ….Read More
hostapd can not find the wlan interface but interface is ready
Have you ever got an error when using hostapd complaining a network interface not be found but its actually there and ready? You probably have a space at the end of the line “interface”. Hostapd does not work when having a space in that line (and probably in other lines as well) in /etc/hostapd/hostapd.conf. ap:/etc/hostapd# ….Read More
Upgrading RHN Satellite 5.6 to 5.7
This post guides you trough the upgrade procedure for a Satellite 5.6 using the embedded database on RHEL6-x86_64. Further it guides you to setup of Kerberos authentication of Satellite users with IPA. Recently Redhat released Satellite Server 5.7. Despite Satellite 5.x will be outphased in the next few years, there are plenty of new features. ….Read More
Using OTP Tokens and 2FA with FreeIPA 4.0
On 2014-07-08 FreeIPA 4.0 was released. One of the most interesting new features is the support of two factor authentication (2FA). I was curious about how to set it up and get it running. Unfortunately the documentation does not tell much about the OTP setup. What is OTP and 2FA? An overview OTP stands for ….Read More
Providing SRV and TXT records for Kerberos and LDAP with dnsmasq
What if you have an application such as OVirt/RHEV-M that relies on DNS services records and you dont have the possibility to add them to the DNS servers because the DNS admins do not like to do its job? Fake them! DNSMasq is your friend 🙂 Install dnsmasq on the server in question and configure ….Read More