Recently I had the opportunity to operate inside of an environment managed by FreeIPA. I wanted to take the time to share some of the lessons I learned about FreeIPA, how it works, and my methodology behind attacking it.

First things first, what is FreeIPA, and why should I care about it?

Well to be honest I had no idea until I actually ran into it in the wild. After a bit of research, I discovered that it is an open source alternative to Microsoft Windows Active Directory, primarily used as an integrated management solution for Unix environments. Similar to Active Directory, FreeIPA implements a full LDAP directory infrastructure backed by an MIT Kerberos Key Distribution Center. It uses the Dogtag Certificate System for CA & RA certificate management, giving it the ability to handle multi-factor authentication, including smartcards. SSSD is used to integrate FreeIPA into the standard Unix authentication process.

So all together we have a Unix host management system, complete with LDAP and Kerberos that allows for multi-factor authentication.