FreeIPA overview

FreeIPA is a free open source identity management system for Linux/UNIX environments. FreeIPA relies on Linux (Fedora), 389 Directory Server, MIT Kerberos, NTP, DNS, Dogtag (Certificate System) and its main purpose is to provide centralized account management and authentication.

To ensure security, Arenadata Hadoop makes use of Kerberos, LDAP, SSL certificates/keys, and other related technologies. For such a toolkit, FreeIPA is a good fit for the identity management system role.

To enable FreeIPA for an ADH cluster you should use ADCM. During the enablement, ADCM installs IPA clients on each cluster node and connects the clients to the FreeIPA server using the provided FreeIPA Kerberos parameters.

In this tutorial, a sample single-noded FreeIPA server is used to demonstrate examples. This is a basic FreeIPA installation on CentOS (yum install ipa-server) with default installation parameters.