Deployed 569ecf7 with MkDocs version: 1.6.1

index.html

@@ -3699,11 +3699,22 @@ <h4 id="1031-hieradata">10.3.1 hieradata</h4>
 <p>Examples of LDAP user definition with hieradata are provided in
 <a href="https://github.com/computecanada/puppet-magic_castle#profileusersldapusers">puppet-magic_castle documentation</a>.</p>
 <h4 id="1032-command-line">10.3.2 Command-Line</h4>
-<p>To add a user account after the cluster is built, log in <code>mgmt1</code> and call:
+<p>To add a user account after the cluster is built, log in <code>mgmt1</code> and call:</p>
 <div class="highlight"><pre><span></span><code>kinit<span class="w"> </span>admin
 <span class="nv">IPA_GUEST_PASSWD</span><span class="o">=</span>&lt;new_user_passwd&gt;<span class="w"> </span>/sbin/ipa_create_user.py<span class="w"> </span>&lt;username&gt;<span class="w"> </span><span class="o">[</span>--group<span class="w"> </span>&lt;group_name&gt;<span class="o">]</span>
 kdestroy
-</code></pre></div></p>
+</code></pre></div>
+<details>
+
+<summary>Tips on using command-line to configure FreeIPA</summary>
+
+1. Once connected to a login node, access `mgmt1` with `[centos@login1 ~]$ ssh mgmt1`.
+2. Retrieve the `profile::freeipa::server::admin_password` encrypted value following instructions in section [10.13](#1013-read-and-edit-secret-values-generated-at-boot) (you only need the value in between '[...]' brackets).
+3. Log in to FreeIPA with `kinit admin` using the password retrieved in step 2.
+4. The `ipa` command now is available to accomplish administrator tasks, here's a [detailed guide](https://www.freeipa.org/page/Administrators_Guide.html).
+
+</details>
+
 <h4 id="1033-mokey">10.3.3 Mokey</h4>
 <p>If user sign-up with Mokey is enabled, users can create their own account at
 <div class="highlight"><pre><span></span><code>https://mokey.yourcluster.domain.tld/auth/signup
@@ -3713,7 +3724,7 @@ <h4 id="1033-mokey">10.3.3 Mokey</h4>
 <div class="highlight"><pre><span></span><code>https://ipa.yourcluster.domain.tld/
 </code></pre></div></p>
 <p>The FreeIPA administrator credentials can be retrieved from an encrypted file
-on the Puppet server. Refer to section <a href="#1014-read-and-edit-secret-values-generated-at-boot">10.14</a>
+on the Puppet server. Refer to section <a href="#1013-read-and-edit-secret-values-generated-at-boot">10.13</a>
 to know how.</p>
 <h3 id="104-increase-the-number-of-guest-accounts">10.4 Increase the Number of Guest Accounts</h3>
 <p>To increase the number of guest accounts after creating the cluster with Terraform,
@@ -3837,7 +3848,7 @@ <h3 id="1012-create-a-compute-node-image">10.12 Create a compute node image</h3>
 <li>Configure Magic Castle Terraform code to use the new image</li>
 </ol>
 <p>The following subsection explains how to accomplish each step.</p>
-<p><strong>Warning</strong>: While it will work in most cases, avoid re-using the compute node image of a
+<p><strong>Warning</strong>: While it will work in most cases, avoid reusing the compute node image of a
 previous deployment. The preparation steps cleans most
 of the deployment specific configuration and secrets, but there is no guarantee
 that the configuration will be entirely compatible with a different deployment.</p>