How to Install FreeIPA Server on CentOS 8 / RHEL 8 (Step-by-Step Guide)
Introduction
FreeIPA is a robust open-source identity management system that integrates LDAP, Kerberos, DNS, and a Certificate Authority (CA). This guide will show you how to set up FreeIPA Server on CentOS 8 / RHEL 8.
Prerequisites
- A fresh CentOS 8 / RHEL 8 server
- A fully qualified domain name (FQDN), e.g.,
ipa.example.local - Root or sudo privileges
- Static IP address (recommended)
Step 1: Update Your System
sudo dnf update -y
sudo dnf install -y vim bash-completion firewalld
sudo systemctl enable firewalld --now
Step 2: Set the Hostname
sudo hostnamectl set-hostname ipa.example.local
echo "127.0.0.1 ipa.example.local ipa" | sudo tee -a /etc/hosts
Step 3: Install FreeIPA Server
sudo dnf install -y ipa-server ipa-server-dns
Step 4: Configure FreeIPA
sudo ipa-server-install
For automated installation:
sudo ipa-server-install --unattended \
--realm=EXAMPLE.LOCAL \
--domain=example.local \
--ds-password='StrongDS_Passw0rd!' \
--admin-password='StrongAdmin_Passw0rd!' \
--setup-dns \
--auto-forwarders \
--auto-reverse
Step 5: Configure Firewall
sudo firewall-cmd --permanent --add-service=freeipa-ldap
sudo firewall-cmd --permanent --add-service=freeipa-ldaps
sudo firewall-cmd --permanent --add-service=dns
sudo firewall-cmd --permanent --add-service=kerberos
sudo firewall-cmd --permanent --add-service=ntp
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload
Step 6: Verify Installation
kinit admin
klist
Step 7: Access Web Interface
Visit:
https://ipa.example.local
Conclusion
You now have FreeIPA Server running on CentOS 8 / RHEL 8, complete with DNS and web interface support.
