Toggle Menu

<-- Back to schedule

Tutorial: Identity Management with FreeIPA

Project: FreeIPA
Wiki Page: Tutorial: Identity Management with FreeIPA

FreeIPA is an integrated identity management solution providing
centralised user, host and service management, authentication and
authorisation in Linux/UNIX networked environments, with a focus on
ease of deployment and management. It is built on top of well-known
Open Source technologies and standards including 389 Directory
Server, MIT Kerberos and Dogtag Certificate System.

This hand-on workshop will provide participants with a comprehensive
introduction to FreeIPA including server deployment and
administration, client machine enrolment, and configuring server
software to use FreeIPA's centralised identity and policy store.

Participants will:

- Install a FreeIPA server and replica
- Enrol client machines in the domain
- Create and administer users
- Manage host-based access control (HBAC) policies
- Issue X.509 certificates for network services
- Configure a web server to use FreeIPA for user authentication and
access control

There will be a number of elective units which participants can
choose, based on their progress and particular use cases:

- OTP two-factor authentication
- Advanced certificate management: profiles, sub-CAs and user
- OpenSSH key management
- Federated identity with Ipsilon
- User self-service secret management
- ...and more!

If you are planning to attend the workshop please note that *some preparation is strongly advised*.

Preparation steps are outlined at

In brief, it amounts to "install Vagrant and VirtualBox, and download the VM image" so that you are ready to ``vagrant up`` at the start of the workshop. The `libvirt' provider is also supported.

Fraser Tweedale

Fraser is an identity management engineer at Red Hat where he works
on FreeIPA and Dogtag Certificate System. He is interested in
security and cryptography and cares about making it easier for
humans to use properly. By night Fraser writes programs in Haskell,
proves theorems in Coq and is gradually exploring dependent types,
category theory and other exciting intersections of mathematics and
computer science.

Geelong 2016

Our Emperor Penguin Sponsors


About Geelong

Geelong is Victoria's second largest city, located on Corio Bay, and within a short drive from popular beach-front communities on the Bellarine Peninsula as well as being the gateway to the famous Great Ocean Road

More Info » is widely regarded by delegates as one of the best community run Linux conferences worldwide and is the largest Linux and Open Source Software conference in the Asia-Pacific.

Read More »



Our Sponsors help make become the awesome conference everyone comes back to year after year. Come see who's on board this year, or find out how to get in contact with us

Sponsorship »