Ansible Role: IPA Client

This role installs the IPA Client Service and sets it up.

Requirements

You need access to an IPA Server to configure. We are using the FreeIPA server provided by Red Hat, which you can find here.

Role Variables

Required Variables

Here are the required variables with default values:

• ipaserver_realm: "DEMO1.FREEIPA.ORG"
• ipaserver_domain: "demo1.freeipa.org"
• ipaserver_admin_username: your_admin_username
• ipaserver_admin_password: your_admin_password

Optional Variables

Here are the optional variables with default values:

• ipaclient_reconfigure: False
• ipaclient_configure_ssh: True
• ipaclient_configure_sshd: True
• ipaclient_mkhomedir: True
• ipaclient_ssh_trust_dns: False
• ipaclient_setup_ntp: False # Use 'ansible-role-common' for NTP setup

Dependencies

• yabhinav.common

Example Playbook

- hosts: localhost
  become_user: True
  gather_facts: True
  
  roles:
    - yabhinav.ipaserver

Issues

• It is not recommended to run this role from Ansible on Python virtualenv on Ubuntu 16.04 due to this issue. Check the same issue here and here for other problems with the IPA client installer script.
• The FreeIPA admin tools are only available in Ubuntu 16.04. Support for Debian 7, 8, and Ubuntu 12.04 and 14.04 is not included.
• rpcbind installation hangs when installing the IPA client on the CentOS7 image. This causes both Ansible playbook and Docker exec commands to hang, so it should be added directly to the image as a required package.

License

MIT

Author Information

Created by Abhinav Yalamanchili