management? • Understand high-level architecture of FreeIPA • Gain experience and become comfortable with... • Deploying FreeIPA • Enrolling client machines • Managing users, services and access policies • Using IPA for authentication and authorisation on web
and identity management • Set up Vagrant + VirtualBox environment • Hopefully you already did this! • Workshop curriculum • Installing FreeIPA server • Enrolling client machine • User management • Host-based Access Control (HBAC) • Web app authnz using FreeIPA • … and more!
• Authentication: passwords, 2FA, SSO • Authorisation: identity-related policies • Management: how to manage these concerns in a large organisation (thousands of users/machines)?
service (AS); receives Ticket Granting Ticket (TGT) • When client want to talk to service, requests service ticket from ticket granting service (TGS), presenting TGT • Client uses service ticket to authenticate to application • AS and TGS together comprise the Key Distribution Centre (KDC)