notes for configuring freepia for use with Pure FlashArray

notes from Pure docs

https://support.purestorage.com/bundle/m_pure_fusion/page/Pure_Fusion/Pure_Fusion_Quick_Start_Guide/topics/concept/c_step_3_configure_directory_services_on_fa_andor_flashblade.html

https://support.purestorage.com/bundle/m_directory_services_on_flasharray/page/FlashArray/PurityFA/Directory_Services_on_FlashArray/topics/concept/c_integration_with_freeipa.html

deploy freeipa

on a rocky 10 vm.

install docker

a reboot is required due to not having legacy iptables. we also need to add daemon.json file for cgroupsv2.

dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
dnf install -y docker-ce
systemctl enable docker
echo '{ "userns-remap": "default" }' > /etc/docker/daemon.json
yum install -y yum-utils iptables-services iptables-utils
reboot

run freeipa

this will create a directory in /opt/freeipa for all stateful files.
also it is set to no run dns or ntp. change if needed.
change the password if you like. :)

docker run -d -h ipa.rfed.io -v /opt/freeipa:/data -e PASSWORD=Pa22word -p "80:80" -p "443:443" -p "389:389" -p "636:636" freeipa/freeipa-server:rocky-9 ipa-server-install -U -r rfed.io --no-ntp --no-host-dns

check the logs and wait until it is up.

test with ldapsearch

install and run ldapsearch

yum install -y openldap-clients
ldapsearch -x -H ldap://ipa.rfed.io -b "cn=users,cn=accounts,dc=rfed,dc=io"

did it work?

add freeipa users and groups

add them from the gui. :D

Pure FlashArray Config

example:

URIs	- ldap://ipa.rfed.io
Base DN	- CN=accounts,DC=rfed,DC=io
Bind User	- UID=clemenko,CN=users,CN=accounts,DC=rfed,DC=io
Bind Password	- 
User Login Attribute	- uid
User Object Class	- posixAccount
Check Peer	False
CA Certificate	-Edit

group / CN=groups

clemenko/freeipa_purefa_notes.md

Select an option

No results found