ipa history - yar145/mytestrepo1 GitHub Wiki

installing ipa2 – replica

[root@ipa2 ~]# history

localectl set-locale LANG=en_US.UTF-8
yum install langpacks-en glibc-all-langpacks
yum update -y
yum install net-tools
yum install mc
systemctl status chronyd
chronyc sources -v
vi /etc/chrony.conf
systemctl restart chronyd
chronyc sources -v
hostnamectl set-hostname —static ipa2.more.on.com
vi /etc/hosts
yum module enable idm:DL1
yum distro-sync
yum module install idm:DL1/dns
sync

vi /etc/hosts
less /etc/chrony.conf
chronyc sources -v
vi /etc/resolv.conf

  1. add ipa1 as resolver instead of aws 172.16.0.2 – 172.16.0.5

systemctl stop firewalld
systemctl disable firewalld
systemctl stop iptables
systemctl disable iptables

ipa-replica-install —principal admin —admin-password ***pass*** —setup-ca —setup-kra —setup-dns —forwarder 172.16.0.2

ipa-replica-manage list

ipa1

localectl set-locale LANG=en_US.UTF-8
yum install langpacks-en glibc-all-langpacks
yum update -y
yum install net-tools
yum install mc
systemctl status chronyd
chronyc sources -v
vi /etc/chrony.conf
systemctl restart chronyd
chronyc sources -v
hostnamectl set-hostname —static ipa1.more.on.com
vi /etc/hosts
yum module enable idm:DL1
yum distro-sync
yum module install idm:DL1/dns
systemctl stop firewalld
systemctl disable firewalld

  1. ipa-server-install —allow-zone-overlap
    ipa-server-install —allow-zone-overlap —setup-kra —setup-dns
    cp /root/cacert.p12 ~ec2-user/
    cd /etc/named/
    vi ipa-options-ext.conf

allow-recursion { trusted_network; };
allow-query-cache { trusted_network; };

vi ipa-ext.conf
acl “trusted_network” {
localnets;
localhost;
234.234.234.0/24;
172.16.0.0/12;
};

systemctl restart named-pkcs11
systemctl stop iptables
systemctl disable iptables

openvpn

localectl set-locale LANG=en_US.UTF-8
yum install langpacks-en glibc-all-langpacks

yum update -y
yum install net-tools
yum install mc -y

#systemctl status chronyd
vi /etc/chrony.conf
added: server 169.254.169.123 prefer iburst minpoll 4 maxpoll 4
systemctl restart chronyd

  1. check sources : chronyc sources -v

hostnamectl set-hostname —static kot1.more.on.com
vi /etc/hosts

  1. add resolv name : 172.16.0.7 kot1.more.on.com dot1

systemctl stop firewalld
systemctl disable firewalld

  1. after reboot
    systemctl disable iptables
    systemctl stop iptables

#check /etc/resolv.conf

  1. as installed custom dhcp option at aws vpc
    cat /etc/resolv.conf
  2. Generated by NetworkManager
    search more.on.com on.com kdo.com
    nameserver 172.16.0.5

![image](https://user-images.githubusercontent.com/103827443/179244715-aced4642-5503-4e7a-aeb8-e3a40d4af479.png)

⚠️ **GitHub.com Fallback** ⚠️