---
document: modulemd
version: 2
data:
name: idm
stream: DL1
summary: The Red Hat Enterprise Linux Identity Management system module
description: >-
RHEL IdM is an integrated solution to provide centrally managed Identity (users,
hosts, services), Authentication (SSO, 2FA), and Authorization (host access control,
SELinux user roles, services). The solution provides features for further integration
with Linux based clients (SUDO, automount) and integration with Active Directory
based infrastructures (Trusts).
license:
module:
- MIT
dependencies:
- buildrequires:
389-ds: [1.4]
httpd: [2.4]
pki-core: [10.6]
platform: [el8.4.0]
requires:
389-ds: [1.4]
httpd: [2.4]
pki-core: [10.6]
platform: [el8]
references:
community: https://www.freeipa.org/
documentation: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/index
tracker: https://pagure.io/freeipa/issues
profiles:
adtrust:
description: RHEL IdM Server Integration with Active Directory
rpms:
- ipa-healthcheck
- ipa-healthcheck-core
- ipa-server-trust-ad
client:
description: RHEL IdM Client
rpms:
- ipa-client
common:
description: A default profile for RHEL IdM client
rpms:
- ipa-client
dns:
description: RHEL IdM with integrated DNS server and integrated CA
rpms:
- ipa-healthcheck
- ipa-healthcheck-core
- ipa-server
- ipa-server-dns
server:
description: Base RHEL IdM Server with integrated CA and no integrated DNS
rpms:
- ipa-healthcheck
- ipa-healthcheck-core
- ipa-server
components:
rpms:
bind-dyndb-ldap:
rationale: Driver for BIND to store DNS information in LDAP
ref: 90b94079ac37ee0abbd8ba5f23b47c7b888f8207
custodia:
rationale: Remote access to secrets and credentials in IdM topology
ref: 3e36f334a88b7492234af55861dcc6a6b8c26ffc
buildorder: 2
ipa:
rationale: Module API
ref: cac7278f2c24ccfb096a2f252fe6c54581d7d053
ipa-healthcheck:
rationale: A tool to detect issues in IdM clusters
ref: b9b3bb0d9fa5cda0260c4e8e9468bf458bc1c4a7
buildorder: 3
opendnssec:
rationale: An implementation of DNSSEC support for IdM integrated DNS server
ref: d0dd4952a8c2e7fe867eef12fb525e55e6eeb5fc
python-jwcrypto:
rationale: JSON Web Cryptographic Tokens used by Custodia
ref: 9d27e51a5724e549f2d33602bb75539e70b05b95
buildorder: 1
python-kdcproxy:
rationale: MS-KKDCP (kerberos proxy) WSGI module
ref: 3fdeea45c8fe51cf990894953e16e5668add2669
python-qrcode:
rationale: QR code generator for IdM two-factor authentication
ref: ee64e46fa4051fda939a71abaf15b540e3fcb520
python-yubico:
rationale: Support for Yubikey-based tokens for IdM two-factor authentication
ref: 980a54f66ef94a455fdd9d8d758e8bb0aff8a7e4
buildorder: 2
pyusb:
rationale: Python USB support to access USB tokens for IdM two-factor authentication
ref: ad586f2d793e73d20bed53df94ec24ccef550adb
buildorder: 1
slapi-nis:
rationale: Compatibility plugin to serve legacy clients
ref: d3c17a3357b283171f6f94c425d35968cf0e674f
arches: [aarch64, ppc64le, s390x, x86_64]
softhsm:
rationale: Software version of a PKCS#11 Hardware Security Module
ref: 3041c77316124b3ad35cd2c06f77ef4d38dce3cb
...