freeipa/install/tools/man/ipa-replica-install.1
Jan Cholasta c00bf9e38a Configure ssh and sshd during ipa-client-install.
For ssh, VerifyHostKeyDNS option is set to 'yes' if --ssh-trust-dns
ipa-client-install option is used.

For sshd, KerberosAuthentication, GSSAPIAuthentication and UsePAM
options are enabled (this can be disabled using --no-sshd
ipa-client-install option).

ticket 1634
2012-02-13 22:21:47 -05:00

101 lines
3.7 KiB
Groff

.\" A man page for ipa-replica-install
.\" Copyright (C) 2008 Red Hat, Inc.
.\"
.\" This program is free software; you can redistribute it and/or modify
.\" it under the terms of the GNU General Public License as published by
.\" the Free Software Foundation, either version 3 of the License, or
.\" (at your option) any later version.
.\"
.\" This program is distributed in the hope that it will be useful, but
.\" WITHOUT ANY WARRANTY; without even the implied warranty of
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
.\" General Public License for more details.
.\"
.\" You should have received a copy of the GNU General Public License
.\" along with this program. If not, see <http://www.gnu.org/licenses/>.
.\"
.\" Author: Rob Crittenden <rcritten@redhat.com>
.\"
.TH "ipa-replica-install" "1" "Sep 5 2011" "FreeIPA" "FreeIPA Manual Pages"
.SH "NAME"
ipa\-replica\-install \- Create an IPA replica
.SH "SYNOPSIS"
ipa\-replica\-install [\fIOPTION\fR]... replica_file
.SH "DESCRIPTION"
Configures a new IPA server that is a replica of the server that generated it. Once it has been created it is an exact copy of the original IPA server and is an equal master. Changes made to any master are automatically replicated to other masters.
The replica_file is created using the ipa\-replica\-prepare utility.
.SH "OPTIONS"
.SS "BASIC OPTIONS"
.TP
\fB\-\-setup\-ca\fR
Install and configure a CA on this replica. If a CA is not configured then
certificate operations will be forwarded to a master with a CA installed.
.TP
\fB\-\-ip\-address\fR=\fIIP_ADDRESS\fR
The IP address of this server. If this address does not match the address the host resolves to and --setup-dns is not selected the installation will fail. If the server hostname is not resolvable, a record for the hostname and IP_ADDRESS is added to /etc/hosts.
.TP
\fB\-p\fR \fIDM_PASSWORD\fR, \fB\-\-password\fR=\fIDM_PASSWORD\fR
Directory Manager (existing master) password
.TP
\fB\-w\fR \fIADMIN_PASSWORD\fR, \fB\-\-admin\-password\fR=\fIADMIN_PASSWORD\fR
Admin user Kerberos password used for connection check
.TP
\fB\-N\fR, \fB\-\-no\-ntp\fR
Do not configure NTP
.TP
\fB\-\-no\-ui\-redirect\fR
Do not automatically redirect to the Web UI.
.TP
\fB\-\-ssh\-trust\-dns\fR
Configure OpenSSH client to trust DNS SSHFP records.
.TP
\fB\-\-no\-sshd\fR
Do not configure OpenSSH server.
.TP
\fB\-\-skip\-conncheck\fR
Skip connection check to remote master
.TP
\fB\-d\fR, \fB\-\-debug
Enable debug logging when more verbose output is needed
.TP
\fB\-U\fR, \fB\-\-unattended\fR
An unattended installation that will never prompt for user input
.SS "CERTIFICATE SYSTEM OPTIONS"
.TP
\fB\-\-no\-pkinit\fR
Disables pkinit setup steps
.SS "DNS OPTIONS"
.TP
\fB\-\-setup\-dns\fR
Generate a DNS zone if it does not exist already and configure the DNS server.
This option requires that you either specify at least one DNS forwarder through
the \fB\-\-forwarder\fR option or use the \fB\-\-no\-forwarders\fR option.
.TP
\fB\-\-forwarder\fR=\fIIP_ADDRESS\fR
Add a DNS forwarder to the DNS configuration. You can use this option multiple
times to specify more forwarders, but at least one must be provided, unless
the \fB\-\-no\-forwarders\fR option is specified.
.TP
\fB\-\-no\-forwarders\fR
Do not add any DNS forwarders. Root DNS servers will be used instead.
.TP
\fB\-\-reverse\-zone\fR=\fIREVERSE_ZONE\fR
The reverse DNS zone to use
.TP
\fB\-\-no\-reverse\fR
Do not create new reverse DNS zone. If a reverse DNS zone already exists for the subnet, it will be used.
.TP
\fB\-\-no\-host\-dns\fR
Do not use DNS for hostname lookup during installation
.TP
\fB\-\-no\-dns\-sshfp\fR
Do not automatically create DNS SSHFP records.
.SH "EXIT STATUS"
0 if the command was successful
1 if an error occurred