[root@utility ~]# ipa-server-install --realm LAB.EXAMPLE.COM --ds-password redhat123 --admin-password redhat123 --unattended...output omitted...
The IPA Master Server will be configured with:
Hostname: utility.lab.example.com
IP address(es): 192.168.50.125
Domain name: lab.example.com
Realm name: LAB.EXAMPLE.COM
The CA will be configured with:
Subject DN: CN=Certificate Authority,O=LAB.EXAMPLE.COM
Subject base: O=LAB.EXAMPLE.COM
Chaining: self-signed
...output omitted...
Next steps:
1. You must make sure these network ports are open:
TCP Ports:
* 80, 443: HTTP/HTTPS
* 389, 636: LDAP/LDAPS
* 88, 464: kerberos
UDP Ports:
* 88, 464: kerberos
* 123: ntp
2. You can now obtain a kerberos ticket using the command: 'kinit admin' This ticket will allow you to use the IPA tools (e.g., ipa user-add) and the web user interface.
Be sure to back up the CA certificates stored in /root/cacert.p12
These files are required to create replicas. The password for these
files is the Directory Manager password
The ipa-server-install command was successful
[root@utility ~]# ipa user-add developer --first=dev --last=user --passwordPassword:
Enter Password again to verify:
----------------------
Added user "developer"----------------------
User login: developer
First name: dev
Last name: user
Full name: dev user
Display name: dev user
Initials: du
Home directory: /home/developer
GECOS: dev user
Login shell: /bin/sh
Principal name: [email protected] Principal alias: [email protected] User password expiration: 20230401170910Z
Email address: [email protected] UID: 857400004 GID: 857400004 Password: True
Member of groups: ipausers
Kerberos keys available: True