From Fedora Project Wiki

Revision as of 04:05, 23 January 2009 by Sparks (talk | contribs) (Docs/Beats/Security/FreeIPA moved to Documentation Security Beat/FreeIPA: Natural language name change.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

FreeIPA

Free IPA is a centrally managed identity, policy, and audit installation.

The IPA server installer assumes a relatively clean system, installing and configuring several services:

  • a Fedora Directory Server instance
  • KDC
  • Apache
  • ntpd
  • TurboGears

Some effort is made to be able to roll back the changes made but they are not guaranteed. Similarly the ipa-client-install tool overwrites PAM (/etc/pam.conf) and Kerberos (/etc/krb5.conf) configurations.

IPA does not support other instances of Fedora Directory Server on the same machine at install time, even listening on different ports. In order to install IPA, other instances must be removed. IPA itself can handle this removal.

There is currently no mechanism for migrating existing users into an IPA server.

For more information, refer to the feature page:

http://fedoraproject.org/wiki/Features/freeIPA