How To Install FreeIPA on Rocky Linux 9
In this tutorial, we will show you how to install FreeIPA on Rocky Linux 9. For those of you who didn’t know, FreeIPA is the ultimate open-source solution for identity, policy, and audit management. It provides a secure and easy-to-use platform that allows you to manage your Linux systems and applications effortlessly. And the best part? Installing FreeIPA on Rocky Linux 9 is a breeze! In this guide, we’re going to walk you through every step of the installation process. From setting up the necessary repositories to configuring FreeIPA on your Rocky Linux 9 system, we’ve got you covered.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the FreeIPA on Rocky Linux. 9.
Prerequisites
- A server running one of the following operating systems: Rocky Linux 9.
- SSH access to the server (or just open Terminal if you’re on a desktop).
- An active internet connection. You’ll need an internet connection to download the necessary packages and dependencies for FreeIPA.
- A fully qualified domain name (FQDN) that resolves to the IP address of your server.
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install FreeIPA on Rocky Linux 9
Step 1. Update the System.
To begin, update your Rocky Linux 9 system to ensure you have the latest packages and security patches. Open a terminal and run the following command:
sudo dnf check-update sudo dnf update
Step 2. Configure Timezone.
To ensure accurate timestamps and synchronization across your FreeIPA environment, set the correct timezone for your server. Use the following command to configure the timezone:
sudo timedatectl set-timezone your_timezone
Replace your_timezone with the appropriate timezone, such as America/New_York or Europe/London.
Step 3. Installing FreeIPA on Rocky Linux 9.
By default, FreeIPA is available on the Rocky Linux 9 base repository. Now we install the required packages using dnf the command:
sudo dnf install ipa-server ipa-server-dns
Once the required packages are installed, the next step is to install and configure the IPA server. To do this, run the following command below:
sudo ipa-server-install
This command will start the installation process and prompt you for various configuration options. Here are the options that you need to configure:
- Enter the fully qualified domain name (FQDN) of your server when prompted.
- Choose a realm name for your IPA domain.
- Set the Directory Manager password and confirm it.
- Set the Kerberos master password and confirm it.
- Choose whether to configure the server as an IPA DNS server.
- Choose whether to enable automatic updates.
- Confirm the installation by typing “yes” when prompted.
Step 4. Configure Firewall.
By default, the firewall on Rocky Linux 9 blocks incoming traffic to the FreeIPA server. To allow incoming traffic, run the following command:
sudo firewall-cmd --add-service=freeipa-ldap --add-service=freeipa-ldaps --add-service=freeipa-replication --permanent sudo firewall-cmd --reload
Step 5. Accessing FreeIPA Web Interface.
Open a web browser and navigate to the FreeIPA web interface by entering https://your-IP-address/ipa. Ignore the private SSL warning and proceed to the FreeIPA server login page. Log in with the administrator credentials you specified during the installation process.
Once you have logged in to the FreeIPA web interface, you should get the FreeIPA web administration dashboard like the following screenshot below:
Congratulations! You have successfully installed FreeIPA. Thanks for using this tutorial for installing FreeIPA on your Rocky Linux 9 system. For additional help or useful information, we recommend you check the official FreeIPA website.
