is it posible to install freeipa-password on a diffrent machine rather then domain controler

[ELCarmen01]

Hi, and help will be appreciated.

I am attempting to install freeipa-password-reset on a password self service CentOS 7 rather then my freeipa domain server, I was able to follow all the steps provided on the instruction with some add it steps like Join the self service server to the domain. I done all steps on this server with the exemption the "Configure FreeIPA" I did this part on the Domain server.

everything wend well no errors but when I try to load the reset page at my domain https://192.168.2.71/reset

I get a: Service Unavailable

The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.

is this error because I running it on separate server?

[Yukesh4791]

Hi @ELCarmen01 , it is possible to run freeipa-password-reset from a different host, you will need to use a different configuration for your httpd. Try the below config by replacing it in ipa-password-reset.conf

<VirtualHost *:80>
    ServerName your.subdomain.com

    <Location "/">
      RedirectMatch 301 ^/$ /reset/
    </Location>

    <Location "/reset/">
       ProxyPass "http://127.0.0.1:8000/reset/"
    </Location>

</VirtualHost>

Change the your.subdomain.com to your FQDN. Also, make sure that you freeipa server is accessible to the freeipa-password-reset server.