Skip to content

Instantly share code, notes, and snippets.

@devynspencer

devynspencer/freeipa_debian.sh

Created March 1, 2016 22:25
Show Gist options
  • Save devynspencer/2b10510c5ef747f4638b to your computer and use it in GitHub Desktop.
Save devynspencer/2b10510c5ef747f4638b to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. devynspencer created this gist Mar 1, 2016.
    30 changes: 30 additions & 0 deletions freeipa_debian.sh
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,30 @@
    #!/bin/bash

    # hostname server.domain.com
    # vi /etc/hostname

    # deb http://apt.numeezy.fr wheezy main
    # deb-src http://apt.numeezy.fr wheezy main
    # wget -qO - http://apt.numeezy.fr/numeezy.asc | apt-key add -

    apt-get update
    apt-get install -y freeipa-client

    # create certificate database directory
    mkdir -p /etc/pki/nssdb

    # create empty certificate database
    certutil -N -d /etc/pki/nssdb

    mkdir -p /var/run/ipa
    rm -f /etc/ipa/default.conf

    ipa-client-install --no-ntp --no-dns-sshfp --mkhomedir
    echo 'session required pam_mkhomedir.so' >> /etc/pam.d/common-session

    # Add following lines to /etc/nsswitch.conf file or update existing lines
    echo 'passwd: files sss' >> /etc/nsswitch.conf
    echo 'group: files sss' >> /etc/nsswitch.conf
    echo 'shadow: files sss' >> /etc/nsswitch.conf

    shutdown -r now