fidencio/deskprofile

Project ID: 10507

Description

FleetCommander integration with FreeIPA and SSSD.

Installation Instructions

Purpose

This repo is not supposed to be used for any purpose but testing the FleetCommander integration with FreeIPA and SSSD.

Content

The content of this repo consists in:

  • Up to date freeipa-desktop-profile
  • Up to date SSSD package with FleetCommander work rebased on top of current master

Testing

Testing Environment

For all the tests that I've done I've been using pki-vagans, written by Christian Heimes. So, as the first step, clone pki-vagans' repo and follow the instructions provided in the project webpage (FreeIPA section is the most important for us).

Server side

On the server side, you'll need to install the freeipa-deskprofile-plugin package. To login into the server machine, just do (from 'pki-vagans/ipa' folder): vagrant ssh ipamaster.

Once you're logged in, install the freeipa-deskprofile-plugin package from this very same copr repo and start playing with freeIPA.

Adding a new Desktop Profile Rule Example

  • kinit admin

  • Be sure you're logged in as root, otherwise you won't see the ipa-deskprofile-plugin option: sudo su

  • Set up the profiles' global policy: ipa deskprofileconfig-mod --priority=22

  • Create a desktop profile, "finance", by providing a base64 encoded FleetCommander's JSON File: ipa deskprofile-add finance --data=finance.json --desc="Finance Department Desktop"

  • Create a desktop profile mapping rule, "finance", to apply to "finance" desktop: ipa deskprofilerule-add finance --profile=finance --prio=100

  • Add an user to the "finance" mapping rule: ipa deskprofilerule-add-user finance --users=admin

  • Add a target host to the "finance" mapping rule: ipa deskprofile-add-host finance --hosts=client1.ipa.example

Client Side

On the client side, you'll need to install the SSSD package. To login into the client machine, just do (from 'pki-vagans/ipa' folder): vagrant ssh ipaclient.

Once you're logged in, install the SSSD package from this very same copr repo.

Testing SSSD

As SSSD should work out of the box, you only have to authenticate, ssh to the client1.ipa.example using the authenticated user and close the ssh connection:

  • kinit admin

  • ssh admin@client1.ipa.example

  • ^D

Once do that you'll notice that a file named 000100_000100_000000_000100_000000 has been created created at /var/lib/sss/deskprofile/ipa.example/admin/

Active Releases

The following unofficial repositories are provided as-is by owner of this project. Contact the owner directly for bugs or issues (IE: not bugzilla).

Release Architectures Repo Download
EPEL 7 x86_64 (1558)* EPEL 7 (110 downloads)

* Total number of packages downloaded in the last seven days.