Janelle wrote: > Hi everyone, Happy New Year. > > Was following this thread and wondering about those of us with a couple > of 2000-3000 servers to run ipa-client-install on? Any suggestions? Was > looking around for even the basics of puppet or chef configs, but > nothing exists. > > Any suggestions? One of the concerns I have is, even with puppet/chef, > you need credentials during the install to "add" the client on the > server. Security?
If you want puppet I'd start with https://github.com/purpleidea/puppet-ipa As for enrolling a slew of systems, it depends on whether they are new or to-be-deployed. You can generate an OTP for the clients to avoid having to pass around admin-level credentials, for example. You can do this for existing or new, but it can be easier on new systems as the OTP can be passed in during kickstart. rob > > ~J > > > On 1/5/15 3:27 AM, Martin Kosek wrote: >> On 12/29/2014 09:54 PM, Dmitri Pal wrote: >>> On 12/20/2014 05:02 AM, Ben .T.George wrote: >>>> Hi >>>> >>>> I was trying to configure centos as ipa client and got failed with >>>> that,. >>>> >>>> anyone please help me to configure centos as ipa client through manual >>>> configuration. >>>> >>>> Regards, >>>> Ben >>>> >>>> >>> Sorry for a delayed response. >>> What version of CentOS? What version of the server? >>> Why manually? On CentOS you can use ipa-client-install and it will do >>> the work >>> for you. >>> What did you do and what did not work? >> You can find some info here: >> http://www.freeipa.org/page/Troubleshooting#Client_Installation >> >> If I read correctly, you are trying to do manual configuration. This >> may be a >> tricky procedure and is not tested regularly. ipa-client-install is >> the way to >> go in most deployments as it helps you avoid the pitfalls you probably >> hit. >> >> Martin >> > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
