Set the existing idm server as the system DNS server.
Install required packets:
dnf update
dnf install ipa-clientGenerate a new token:
Register the host as a client. (The server can also be specified with the –server directive, otherwhise it will autodiscover the ipa-server behind the dns):
[root@idm4 ~]# ipa-client-install --mkhomedir --password=xxxTokenxxx
This program will set up IPA client.
Version 4.11.0
Skip bnidm4.thub.local: not an IPA server
Discovery was successful!
Do you want to configure chrony with NTP server or pool address? [no]:
Client hostname: idm4.thub.local
Realm: THUB.LOCAL
DNS Domain: thub.local
IPA Server: idm2.thub.local
BaseDN: dc=thub,dc=local
Continue to configure the system with these values? [no]: yes
Synchronizing time
No SRV records of NTP servers found and no NTP server or pool address was provided.
Using default chrony configuration.
Attempting to sync time with chronyc.
Time synchronization was successful.
Do you want to download the CA cert from http://idm2.thub.local/ipa/config/ca.crt ?
(this is INSECURE) [no]: yes
Successfully retrieved CA cert
Subject: CN=Certificate Authority,O=THUB.LOCAL
Issuer: CN=Certificate Authority,O=THUB.LOCAL
Valid From: 2022-12-11 09:43:25+00:00
Valid Until: 2042-12-11 09:43:25+00:00
Enrolled in IPA realm THUB.LOCAL
Created /etc/ipa/default.conf
Configured /etc/sssd/sssd.conf
Systemwide CA database updated.
Adding SSH public key from /etc/ssh/ssh_host_ed25519_key.pub
Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub
SSSD enabled
Configured /etc/openldap/ldap.conf
Principal is not set when enrolling with OTP or PKINIT; using principal 'admin@thub.local' for 'getent passwd'.
Configured /etc/ssh/ssh_config
Configured /etc/ssh/sshd_config.d/04-ipa.conf
Configuring thub.local as NIS domain.
Configured /etc/krb5.conf for IPA realm THUB.LOCAL
Client configuration complete.
The ipa-client-install command was successful