ntp ipa ssh

原创

千寒子 2016-10-12 21:03:31 ©著作权

文章标签 2016-10-12 文章分类 数字化转型

©著作权归作者所有：来自51CTO博客作者千寒子的原创作品，请联系作者获取转载授权，否则将追究法律责任

On per-vm
#systemctl stop dhcpd
#systemctl disable dhcpd

#tzselect   //time zone selection
[root@workstation ~]#yum -y install ntp
#vim /etc/ntp.conf  //#server0,1,2,3,
restrict 192.168.85.0 mask 255.255.255.0 nomodify notrap
server asia.pool.ntp.org iburst
#systemctl restart ntpd
#systemctl enable ntpd
[root@server1 ~]#vim /etc/ntp.conf
server 192.168.85.100 iburst
#ntpq -p     //Standard NTP query program
; #chrony(graphical)
   remote           refid      st t when poll reach   delay   offset jitter
==============================================================================
192.168.85.100 .INIT.          16 u    -   64    0    0.000    0.000   0.000
#date
#timedatectl
----------------------------------------------------------------------
#yum -y install ipa-server ipa-server-dns bind bind-dyndb-ldap
#echo "192.168.85.100 workstation.example.com" >> /etc/hosts
#ipa-server-install --setup-dns
; The IPA Master server will be configured with :
; Hostname:  workstation.example.com
; IP address(es): 192.168.85.100
; Domain name:  example.com
; Realm name:  EXAMPLE.COM
;
; BIND DNS server will be configured to serve IPA domain with:
; Forwarder:  8.8.8.8
; Reverse zone(s): No reverse zone
===============================================================
; Next steps:
; 1. You must make sure these network ports are open:
;  TCP Ports:
;  * 80, 443: HTTP/HTTPS
;  * 389, 636: LDAP/LDAPS
;  * 88, 464: kerberos
;  * 53: bind
;  UDP Ports:
;   * 88, 464: kerberos
;  * 53: bind
;  * 123: ntp
; 2. You can now obtain a kerberos ticket using the command: 'kinit admin'
;    This ticket will
#kinit admin
#klist
#ipa user-add ruiyung --firt=Yun --last=Rui --password
password:
#ipa user-find ruiyung
#ipa dnsrecord-add example.com server1 --a-rec 192.168.85.201   ????
#ipa dnsrecord-add example.com server2 --a-rec 192.168.85.202  ????
#ipa dnsrecord-add example.com database --a-rec 192.168.85.203  ????
MAIL-----------------------------A record
====================================================================

On server1,server2,database.
#nmcli c m "System eno16777736" ipv4.dns 192.168.85.100
#systemctl restart network
#ipa-client-install
#authconfig --enablemkhomedir --update