This page contains the steps for a quick EL6 FreeIPA installation and generation of a Kerberos keytab for use with Aquilon.
This is just a quick start, security/reliability considerations are out of scope. The official FreeIPA documentation covers these topics. Refer to http://www.freeipa.org/page/Quick_Start_Guide
- Install FreeIPA
yum install ipa-server
ipa-server-install -a VerySecretPassword --hostname=aquilon.example.com -r EXAMPLE.COM -p VerySecretPassword -n example.com -U
- Add a new principal (in our case:aqd/aquilon.example.com)
ipa service-add --force
- Generate keytab
ipa-getkeytab -s aquilon.example.com -p aqd/aquilon.example.com@EXAMPLE.COM -k /etc/krb5.keytab
Keytab successfully retrieved and stored in: /etc/krb5.keytab