How to install and configure FreeIPA on Red Hat Linux -

In this tutorial we will see how to install and configure a standalone FreeIPA server on a Red Hat Enterprise Linux 7.5. Note however, that in a production system you are advised to create at least one more replica to provide high availability. We'll be hosting the service on a virtual machine with 2 CPU cores and 2 GB of RAM - on a large system you might want to add some more resources. Our lab machine runs RHEL 7.5, base install. Let's get started.

This is a companion discussion topic for the original entry at

how can I do trust between my windows AD to linux freeipa domain

Hi Ramesh,

Welcome to our forums.

Building an IPA-AD trust is quite a nice, advanced task. I’d advice to check Red Hat’s integration guide from top to bottom, as there are multiple ways to do this, so you have to decide which solution suits your environment. It is certainly easier to set up with recent IPA and AD versions than used to be a few years back.
Generally you’ll have to install some additional packages like ipa-server-trust-ad, set up samba on your IPA server(s), then build the trust of your choice. The IPA servers must be the owners of their own domain, and will act like a Domain Controller (each) from the AD perspective. Proper DNS entries and time sync also need to be in place. The process forks from there depending on the type of trust to build.

There are some magic spells also that need to be cast on the Windows side, but I’m afraid that is out of my understanding.

I hope this will help,