Information Technology Reference
In-Depth Information
7. Once you've configured the domain and DNS service using IdM, check the IdM
service status by running the following command:
[root@ipa ~]# ipactl status
Directory Service: RUNNING
KDC Service: RUNNING
KPASSWD Service: RUNNING
DNS Service: RUNNING
MEMCACHE Service: RUNNING
HTTP Service: RUNNING
CA Service: RUNNING
[root@ipa ~]#
Now, we are good to create a few directory server users in IdM as well as domain name
service records, if required, for the domain by accessing the IdM Web UI from supported
browsers. To access the web UI, perform the following steps:
1. To enable web UI access from the browser, edit the
/etc/httpd/conf.d/
ipa.conf
file using the Vim editor and make the following changes:
# Protect /ipa and everything below it in webspace
with Apache Kerberos auth
<Location ""/ipa"">
AuthType Kerberos
AuthName ""Kerberos Login""
KrbMethodNegotiate on
KrbMethodK5Passwd on ###<<<--- Change this line
from ""off"" to ""on""
KrbServiceName HTTP
KrbAuthRealms EXAMPLE.COM
Krb5KeyTab /etc/httpd/conf/ipa.keytab
KrbSaveCredentials on
KrbConstrainedDelegation on
Require valid-user
ErrorDocument 401 /ipa/errors/unauthorized.html
</Location>
2. To ensure that the preceding changes are reflected, restart HTTPD or the ipactl
service with the following command:
Search WWH ::
Custom Search