Integration of iTop ITSM & CMDB and FreeIPA

iTop (IT Operational Portal) is an open source web-based product for automating enterprise IT departments and service providers. iTop is designed around ITIL / ITSM best practices and is flexible enough to adapt to your organization’s processes.

The previous article covered installing iTop ITSM & CMDB on Rocky Linux.

To integrate iTop and FreeIPA, you need to create a service account in FreeIPA (for example: itopsv), and edit the configuration file config-itop.php

$ sudo nano /opt/itop/web/conf/production/config-itop.php
...
        'timezone' => 'Europe/Moscow',
...
        'authent-ldap' => array (
                'host' => 'ldap://ipa.example.loc',
                'port' => 389,
                'default_user' => 'uid=itopsv,cn=users,cn=accounts,dc=example,dc=loc',
                'default_pwd' => 'mysuperpasswd',
                'base_dn' => 'cn=users,cn=accounts,dc=example,dc=loc',
                'user_query' => '(&(uid=%1$s))',
                'options' => array (
                  17 => 3,
                  8 => 0,
                ),
                'start_tls' => false,
                'debug' => true,

Further in the iTop web-admin panel in the section “Configuration management»Create a new contact (type: Person)

Integration of iTop ITSM & CMDB and FreeIPA 2Create a new contact

Fill in the required fields

Integration of iTop ITSM & CMDB and FreeIPA 3

Next, go to the section “Administrator toolsAccounts“And create a new account (type: LDAP User)

Integration of iTop ITSM & CMDB and FreeIPA 4

In the “Person” line, select the user (whom we created in the previous step). In the “Login” line, write the login from FreeIPA

Integration of iTop ITSM & CMDB and FreeIPA 5

If iTop cannot get FreeIPA users, all errors are shown in the log file error.log:

$ tail -f /opt/itop/web/log/error.log

Related Posts