24.3.1 Configuring IPA Authentication

To be able to configure IPA authentication, use yum to install the ipa-client and ipa-admintools packages. The ipa-server package is only required if you want to configure a system as an IPA server.

You can choose between two versions of IPA in the Authentication Configuration GUI:

  • FreeIPA (effectively, IPAv1) supports identity management and authentication of users and groups, and does not require you to join your system to an IPA realm. Enter information about the LDAP and Kerberos configuration.

  • IPAv2, which supports identity management and authentication of machines, requires you to join your system to an IPA realm. Enter information about the IPA domain configuration, optionally choose to configure NTP, and click Join Domain to create a machine account on the IPA server. After your system has obtained permission to join the IPA realm, you can select and configure the authentication method.

For more information about configuring IPA, see http://freeipa.org/page/Documentation.