Categories
Red Hat IDM

Get rid of Error “LDAP Connect error You are attempting to import a cert with the same issuer”

When you come across this error “LDAP Error: Connect error: TLS error -8054:You are attempting to import a cert with the same issuer” enrolling a client to FreeIPA/IDM server, it means that the existing certificate does not match the one on the IDM server and can be fixed quite easily with just one command. The scenario in which this can happen is that you might have had the client enrolled to a different IDM server previously and the old cert is still lying around.

Categories
Puppet

Install Puppet Master and Agent on same host/node – Puppet – CentOS/Red Hat

It’s now possible to install both Puppet Master and Agent on the same host with different certs for each, to avoid future conflicts when managing master server with puppet. You need to have 2 seperate entries on puppet.conf, one in [master] and one in [agent] so that separate certs are generated.

Categories
Puppet

Automate iptables using Puppet – Red Hat/CentOS

This article shows you how to Automate iptables for the whole infrastructure (linux/unix) and maintain the state during the lifecycle of a host. We would need to install 2 modules from PuppetLabs so that we can assign Rules based on the requirements, whether its from one destination to another or from one host to multiple destinations or vice-versa.

  1. puppetlabs/Firewall = Standard module for iptables.
  2. puppetlabs/Firewall_multi = Module that takes care off when adding multiple source/destination/ports in one Rule.
Categories
Red Hat IDM

IPA user-add multiple users via script

When adding multiple users in IDM/freeIPA its a pain inputting each user and its time consuming. This script/one liner allows you to enter multiple users at one go and it includes non-interactively specifying a password. The following script allows creating multipe users in IPA and then adding the required attributes as well.

Categories
Puppet

Configure Puppetmaster and PuppetDB on separate nodes/hosts using PostgreSQL

This article covers the setup and configuration of PuppetDB and Puppetmaster on separate nodes/hosts. I have used PostgreSQL as PuppetDB backend instead of HSQLDB as it’s much easier to query and troubleshoot any issues you comes across especially when using Puppet exported resources. Follow this easy-to-follow guide and you should be up and running with a basic config of Puppetmaster and PuppetDB in no time.

Categories
Red Hat IDM

One liner command to retrieve list of active users – IPA/Red Hat IDM

It’s possible to get a list of users of active users in IDM/IPA with formatted date and time by running this one liner command. It gets you the list of users with last successsful authentications to IDM/IPA server. Very handy command when it’s required for Audit purposes. It will also give you the list of users who last changed password and you can modify it according to your requirements.

Categories
Spacewalk (CentOS Satellite Version)

Create Kickstart Tree Automatically for provisioning – Spacewalk

It’s very easy to create a Kickstart tree in Spacewalk and that to in a Automated fashion for provisioning hosts. All you have to do is create a Base Channel for CentOS and then create a Repo and then marry both and then at the time of Repo sync choose the option of “Creating a kickstartable tree”.

Categories
Puppet

Install and configure Puppetdb using PostgreSQL

Its possible to configure Puppetdb with PostgreSQL as its much more manageable as compared to the in-built DB that comes with Puppetdb i.e. HSQLDB. Plus its much easier to query and troubleshoot any issues you comes across especially when using Puppet Hiera and exported resources. Follow this easy to follow guide and you should be up and running with a basic config of Puppetdb in no time.

Categories
Puppet

Install Puppet on CentOS and RHEL

It’s easy to setup Puppet server and a client in CentOS and RHEL by following the easy-to-follow steps given in this guide. You will need ROOT access for the install and setup.

Pre-requisites (minimal):

Hardware & Software

CPU: 2 vCPU

RAM: 2GB

Hard Disk : 30GB

OS: CentOS, Red Hat Enterprise Linux v 6.x.x

Architecture : x64

Packages: puppet-server and puppet

Categories
Red Hat IDM

Automate kinit (Kerberos Ticket) during SSH login

It is possible to automatically get a Kerberos Ticket (kinit) generated everytime you login via SSH to a host by editing “.bash_profile”. This also applies to a scenario wherin you are using Red Hat IDM/IPA and want to automate “kinit” instead of a user have to manually type in kinit everytime they login.