mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
05055870c9
We can't use arbitrary ports anyway. And neither AD has any way to use non stadard ports. So remove this unnecessary option.
109 lines
4.0 KiB
Groff
109 lines
4.0 KiB
Groff
.\" A man page for ipa-replica-manage
|
|
.\" Copyright (C) 2008 Red Hat, Inc.
|
|
.\"
|
|
.\" This program is free software; you can redistribute it and/or modify
|
|
.\" it under the terms of the GNU General Public License as published by
|
|
.\" the Free Software Foundation, either version 3 of the License, or
|
|
.\" (at your option) any later version.
|
|
.\"
|
|
.\" This program is distributed in the hope that it will be useful, but
|
|
.\" WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
.\" General Public License for more details.
|
|
.\"
|
|
.\" You should have received a copy of the GNU General Public License
|
|
.\" along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
.\"
|
|
.\" Author: Rob Crittenden <rcritten@redhat.com>
|
|
.\"
|
|
.TH "ipa-replica-manage" "1" "Mar 14 2008" "freeipa" ""
|
|
.SH "NAME"
|
|
ipa\-replica\-manage \- Manage an IPA replica
|
|
.SH "SYNOPSIS"
|
|
ipa\-replica\-manage [\fIOPTION\fR]... [connect|disconnect|del|list|re-initialize|force-sync]
|
|
.SH "DESCRIPTION"
|
|
Manages the replication agreements of an IPA server.
|
|
.TP
|
|
\fBconnect\fR [SERVER_A] <SERVER_B>
|
|
\- Adds a new replication agreement between SERVER_A/localhost and SERVER_B
|
|
.TP
|
|
\fBdisconnect\fR [SERVER_A] <SERVER_B>
|
|
\- Removes a replication agreement between SERVER_A/localhost and SERVER_B
|
|
.TP
|
|
\fBdel\fR <SERVER>
|
|
\- Removes all replication agreements and data about SERVER
|
|
.TP
|
|
\fBlist\fR [SERVER]
|
|
\- Lists all the servers or the list of agreements of SERVER
|
|
.TP
|
|
\fBre-initialize\fR
|
|
\- Forces a full re-initialization of the IPA server retrieving data from the server specified with the --from option
|
|
.TP
|
|
\fBforce-sync\fR
|
|
\- Immediately flush any data to be replicated from a server specified with the --from option
|
|
.SH "OPTIONS"
|
|
.TP
|
|
\fB\-H HOST\fR, \fB\-\-host\fR=\fIHOST\fR
|
|
The IPA server to manage.
|
|
The default is the machine on which the command is run
|
|
Not honoured by the re-initialize command.
|
|
.TP
|
|
\fB\-p DM_PASSWORD\fR, \fB\-\-password\fR=\fIDM_PASSWORD\fR
|
|
The Directory Manager password to use for authentication
|
|
.TP
|
|
\fB\-v\fR, \fB\-\-verbose\fR
|
|
Provide additional information
|
|
.TP
|
|
\fB\-\-winsync\fR
|
|
Specifies to create/use a Windows Sync Agreement
|
|
.TP
|
|
\fB\-\-binddn\fR=\fIADMIN_DN\fR
|
|
Bind DN to use with remote server (default is cn=Directory Manager) \- Be careful to quote this value on the command line
|
|
.TP
|
|
\fB\-\-bindpw\fR=\fIADMIN_PWD\fR
|
|
Password for Bind DN to use with remote server (default is the DM_PASSWORD above)
|
|
.TP
|
|
\fB\-\-cacert\fR=\fI/path/to/cacertfile\fR
|
|
Full path and filename of CA certificate to use with TLS/SSL to the remote server \- this CA certificate will be installed in the directory server's certificate database
|
|
.TP
|
|
\fB\-\-win\-subtree\fR=\fIcn=Users,dc=example,dc=com\fR
|
|
DN of Windows subtree containing the users you want to sync (default cn=Users,<domain suffix> \- this is typically what Windows AD uses as the default value) \- Be careful to quote this value on the command line
|
|
.TP
|
|
\fB\-\-passsync\fR=\fIPASSSYNC_PWD\fR
|
|
Password for the Windows PassSync user.
|
|
.TP
|
|
\fB\-\-from\fR=\fISERVER\fR
|
|
The server to pull the data from, used by the re-initialize and force-sync commands.
|
|
.SH "EXAMPLES"
|
|
.TP
|
|
List all masters:
|
|
# ipa\-replica\-manage list
|
|
srv1.example.com
|
|
srv2.example.com
|
|
srv3.example.com
|
|
srv4.example.com
|
|
.TP
|
|
List a server's replication agreements.
|
|
# ipa\-replica\-manage list srv1.example.com
|
|
srv2.example.com
|
|
srv3.example.com
|
|
.TP
|
|
Re-initialize a replica:
|
|
# ipa\-replica\-manage re-initialize --from srv2.example.com
|
|
|
|
This will re\-initialize the data on the server where you execute the command, retrieving the data from the srv2.example.com replica
|
|
.TP
|
|
Add a new replication agreement:
|
|
# ipa replica\-manage connect srv2.example.com srv4.example.com
|
|
.TP
|
|
Remove an existing replication agreement:
|
|
# ipa replica\-manage disconnect srv1.example.com srv3.example.com
|
|
.TP
|
|
Completely remove a replica:
|
|
# ipa replica\-manage del srv4.example.com
|
|
.TP
|
|
Using connect/disconnect you can manage the replication topology.
|
|
.SH "EXIT STATUS"
|
|
0 if the command was successful
|
|
1 if an error occurred
|