iTop (IT Operational Portal) is an open source web-based product for automating enterprise IT departments and service providers. iTop is designed around ITIL / ITSM best practices and is flexible enough to adapt to your organization’s processes.

The previous article covered installing iTop ITSM & CMDB on Rocky Linux.

To integrate iTop and FreeIPA, you need to create a service account in FreeIPA (for example: itopsv), and edit the configuration file config-itop.php

$ sudo nano /opt/itop/web/conf/production/config-itop.php
...
        'timezone' => 'Europe/Moscow',
...
        'authent-ldap' => array (
                'host' => 'ldap://ipa.example.loc',
                'port' => 389,
                'default_user' => 'uid=itopsv,cn=users,cn=accounts,dc=example,dc=loc',
                'default_pwd' => 'mysuperpasswd',
                'base_dn' => 'cn=users,cn=accounts,dc=example,dc=loc',
                'user_query' => '(&(uid=%1$s))',
                'options' => array (
                  17 => 3,
                  8 => 0,
                ),
                'start_tls' => false,
                'debug' => true,

Further in the iTop web-admin panel in the section “Configuration management»Create a new contact (type: Person)

Create a new contact

Fill in the required fields

Next, go to the section “Administrator tools – Accounts“And create a new account (type: LDAP User)

In the “Person” line, select the user (whom we created in the previous step). In the “Login” line, write the login from FreeIPA

If iTop cannot get FreeIPA users, all errors are shown in the log file error.log:

$ tail -f /opt/itop/web/log/error.log