ipa history - yar145/mytestrepo1 GitHub Wiki
installing ipa2 – replica
[root@ipa2 ~]# history
localectl set-locale LANG=en_US.UTF-8
yum install langpacks-en glibc-all-langpacks
yum update -y
yum install net-tools
yum install mc
systemctl status chronyd
chronyc sources -v
vi /etc/chrony.conf
systemctl restart chronyd
chronyc sources -v
hostnamectl set-hostname —static ipa2.more.on.com
vi /etc/hosts
yum module enable idm:DL1
yum distro-sync
yum module install idm:DL1/dns
sync
vi /etc/hosts
less /etc/chrony.conf
chronyc sources -v
vi /etc/resolv.conf
- add ipa1 as resolver instead of aws 172.16.0.2 – 172.16.0.5
systemctl stop firewalld
systemctl disable firewalld
systemctl stop iptables
systemctl disable iptables
ipa-replica-install —principal admin —admin-password ***pass*** —setup-ca —setup-kra —setup-dns —forwarder 172.16.0.2
ipa-replica-manage list
ipa1
localectl set-locale LANG=en_US.UTF-8
yum install langpacks-en glibc-all-langpacks
yum update -y
yum install net-tools
yum install mc
systemctl status chronyd
chronyc sources -v
vi /etc/chrony.conf
systemctl restart chronyd
chronyc sources -v
hostnamectl set-hostname —static ipa1.more.on.com
vi /etc/hosts
yum module enable idm:DL1
yum distro-sync
yum module install idm:DL1/dns
systemctl stop firewalld
systemctl disable firewalld
- ipa-server-install —allow-zone-overlap
ipa-server-install —allow-zone-overlap —setup-kra —setup-dns
cp /root/cacert.p12 ~ec2-user/
cd /etc/named/
vi ipa-options-ext.conf
allow-recursion { trusted_network; };
allow-query-cache { trusted_network; };
vi ipa-ext.conf
acl “trusted_network” {
localnets;
localhost;
234.234.234.0/24;
172.16.0.0/12;
};
systemctl restart named-pkcs11
systemctl stop iptables
systemctl disable iptables
openvpn
localectl set-locale LANG=en_US.UTF-8
yum install langpacks-en glibc-all-langpacks
yum update -y
yum install net-tools
yum install mc -y
#systemctl status chronyd
vi /etc/chrony.conf
added: server 169.254.169.123 prefer iburst minpoll 4 maxpoll 4
systemctl restart chronyd
- check sources : chronyc sources -v
hostnamectl set-hostname —static kot1.more.on.com
vi /etc/hosts
- add resolv name : 172.16.0.7 kot1.more.on.com dot1
systemctl stop firewalld
systemctl disable firewalld
- after reboot
systemctl disable iptables
systemctl stop iptables
#check /etc/resolv.conf
- as installed custom dhcp option at aws vpc
cat /etc/resolv.conf - Generated by NetworkManager
search more.on.com on.com kdo.com
nameserver 172.16.0.5
![image](https://user-images.githubusercontent.com/103827443/179244715-aced4642-5503-4e7a-aeb8-e3a40d4af479.png)