Identity Management on Linux using FreeIPA

How elegantly solve identity management across multiple platforms (Linux, Windows, UNIX, ...)? FreeIPA offers a robust solution to manage all user accounts, groups, roles and permissions, including SSH keys and SUDO rules. Based on integration with Microsoft Active Directory, you can gain a unique linking the worlds of Microsoft and UNIX / Linux. 

This course is intended for IT administrators of Linux systems who want to learn how FreeIPA works and learn how to install or operate. Within two days, the participants go through various scenarios, including deployment FreeIPA architecture design in multiple locations, integration with Microsoft AD domain, the migration of users from other systems and backup.

Audience

This course is intended for IT administrators to focus on practical deployment tools FreeIPA.

Goals

• Understand the principles of identity management
• Be able to design architecture for any IT environment
• Learn how to install and manage server FreeIPA
• Be able to design groups, roles and permissions correctly

Outlines

1. Introduction
   
   • Introduction to the issue of identity management
   • Architecture and Components Solutions FreeIPA
     
     
2. Creating architecture
   
   • Role models for deployment in various environments
   • Integration with Microsoft Active Directory
   • Knowledge from practice
     
     
3. The installation procedure FreeIPA in demo infrastructure
   
   • Sample CentOS 7 installation platform 
   • Acquaintance with management tools (WEB / CLI)
   • Initial Configuration
   • Configurations are for connection to IPA
     
     
4. Replica Server
   • Replica installation and configuration
     
     
5. Basic features FreeIPA
   • User management and User Groups management
   • Management systems and groups of systems
   • Services PKI
     
     
6. Managing Permissions
   
   • Design of roles and groups methodology 
   • Host-Based Access Control (RBAC) / Role Based Access Control (RBAC)
   • Creating services and service groups
   • Definition HBAC rules
   • Managing SSH keys
   • SUDO rules
     
     
7. Managing foreign objects
   
   • Establishing cross-forest trust with the domain MS Active Directory
   • Working with foreign objects using ID Views
   • Groups mapping 
     
     
8. Operation domain FreeIPA
   
   • Troubleshooting and debugging options
   • Backup and Recovery
   • Practical information from service domain FreeIPA
     
     
9. Final evaluation and discussion

Prerequisites

• Experience with managing systems RHEL or CentOS

Study materials

• Printed materials following the presentation