summaryrefslogtreecommitdiffstats
path: root/install/tools
diff options
context:
space:
mode:
authorMartin Kosek <mkosek@redhat.com>2011-05-04 10:09:44 +0200
committerRob Crittenden <rcritten@redhat.com>2011-05-12 16:55:27 -0400
commit9de10f3674078ef8c423522e30fe704a2d09a7c2 (patch)
treed5d8e7bb79a162a53fad0d25811e2f5d5f1bdd8d /install/tools
parent8d35089780abbc8a877ebd3bd991a3a3ba8a6f3e (diff)
downloadfreeipa-9de10f3674078ef8c423522e30fe704a2d09a7c2.tar.gz
freeipa-9de10f3674078ef8c423522e30fe704a2d09a7c2.tar.xz
freeipa-9de10f3674078ef8c423522e30fe704a2d09a7c2.zip
Consolidate man pages and IPA tools help
IPA tools options are not consistent with information in man pages. https://fedorahosted.org/freeipa/ticket/1163 https://fedorahosted.org/freeipa/ticket/1178
Diffstat (limited to 'install/tools')
-rw-r--r--install/tools/man/ipa-dns-install.117
-rw-r--r--install/tools/man/ipa-replica-install.115
-rw-r--r--install/tools/man/ipa-replica-manage.111
-rw-r--r--install/tools/man/ipa-replica-prepare.112
-rw-r--r--install/tools/man/ipa-server-install.148
5 files changed, 74 insertions, 29 deletions
diff --git a/install/tools/man/ipa-dns-install.1 b/install/tools/man/ipa-dns-install.1
index 5871168a4..f6f99c125 100644
--- a/install/tools/man/ipa-dns-install.1
+++ b/install/tools/man/ipa-dns-install.1
@@ -25,24 +25,27 @@ ipa\-dns\-install [\fIOPTION\fR]...
Adds DNS as an IPA\-managed service. This requires that the IPA server is already installed and configured.
.SH "OPTIONS"
.TP
-\fB\-p\fR <fl>DM_PASSWORD\fR, \fB\-\-ds\-password\fR=\fIDM_PASSWORD\fR
+\fB\-p\fR \fIDM_PASSWORD\fR, \fB\-\-ds\-password\fR=\fIDM_PASSWORD\fR
The password to be used by the Directory Server for the Directory Manager user
.TP
+\fB\-d\fR, \fB\-\-debug\fR
+Enable debug logging when more verbose output is needed
+.TP
\fB\-\-ip\-address\fR=\fIIP_ADDRESS\fR
The IP address of the IPA server. If not provided then this is determined based on the hostname of the server.
.TP
-\fB\-\-forwarders\fR=\fIFORWARDERS\fR
-A forwarder is a DNS server where queries for a specific non\-resolvable address can be directed. To define multiple forwarders use mutliple instances of \fB\-\-forwarders\fR
+\fB\-\-forwarder\fR=\fIFORWARDER\fR
+A forwarder is a DNS server where queries for a specific non\-resolvable address can be directed. To define multiple forwarders use multiple instances of \fB\-\-forwarder\fR
.TP
-\fB\-\-noforwarders\fR
+\fB\-\-no\-forwarders\fR
Do not add any DNS forwarders, send non\-resolvable addresses to the DNS root servers.
.TP
+\fB\-\-no\-reverse\fR
+Do not create reverse DNS zone
+.TP
\fB\-\-zonemgr\fR
The e\-mail address of the DNS zone manager. Defaults too root@host.domain
.TP
-\fB\-d\fR, \fB\-\-debug\fR
-Enable debug logging when more verbose output is needed
-.TP
\fB\-U\fR, \fB\-\-unattended\fR
An unattended installation that will never prompt for user input
.SH "EXIT STATUS"
diff --git a/install/tools/man/ipa-replica-install.1 b/install/tools/man/ipa-replica-install.1
index a9a217f24..3ee304224 100644
--- a/install/tools/man/ipa-replica-install.1
+++ b/install/tools/man/ipa-replica-install.1
@@ -27,12 +27,12 @@ Configures a new IPA server that is a replica of the server that generated it. O
The replica_file is created using the ipa\-replica\-prepare utility.
.SH "OPTIONS"
.TP
+\fB\-N\fR, \fB\-\-no\-ntp\fR
+Do not configure NTP
+.TP
\fB\-d\fR, \fB\-\-debug
Enable debug logging when more verbose output is needed
.TP
-\fB\-n\fR, \fB\-\-no\-ntp\fR
-Do not configure NTP
-.TP
\fB\-p\fR, \fB\-\-password\fR=\fIDM_PASSWORD\fR
Directory Manager (existing master) password
.TP
@@ -49,8 +49,17 @@ the \fB\-\-no\-forwarders\fR option is specified.
\fB\-\-no\-forwarders\fR
Do not add any DNS forwarders. Root DNS servers will be used instead.
.TP
+\fB\-\-no\-reverse\fR
+Do not create reverse DNS zone
+.TP
\fB\-\-no\-host\-dns\fR
Do not use DNS for hostname lookup during installation
+.TP
+\fB\-\-no\-pkinit\fR
+Disables pkinit setup steps
+.TP
+\fB\-U\fR, \fB\-\-unattended\fR
+An unattended installation that will never prompt for user input
.SH "EXIT STATUS"
0 if the command was successful
diff --git a/install/tools/man/ipa-replica-manage.1 b/install/tools/man/ipa-replica-manage.1
index 6c243cab6..dba5bc534 100644
--- a/install/tools/man/ipa-replica-manage.1
+++ b/install/tools/man/ipa-replica-manage.1
@@ -43,19 +43,19 @@ Manages the replication agreements of an IPA server.
\- Immediately flush any data to be replicated from a server specified with the --from option
.SH "OPTIONS"
.TP
-\fB\-H HOST\fR, \fB\-\-host\fR=\fIHOST\fR
+\fB\-H\fR \fIHOST\fR, \fB\-\-host\fR=\fIHOST\fR
The IPA server to manage.
The default is the machine on which the command is run
Not honoured by the re-initialize command.
.TP
-\fB\-p DM_PASSWORD\fR, \fB\-\-password\fR=\fIDM_PASSWORD\fR
+\fB\-p\fR \fIDM_PASSWORD\fR, \fB\-\-password\fR=\fIDM_PASSWORD\fR
The Directory Manager password to use for authentication
.TP
\fB\-v\fR, \fB\-\-verbose\fR
Provide additional information
.TP
-\fB\-\-winsync\fR
-Specifies to create/use a Windows Sync Agreement
+\fB\-f\fR, \fB\-\-force\fR
+Ignore some types of errors
.TP
\fB\-\-binddn\fR=\fIADMIN_DN\fR
Bind DN to use with remote server (default is cn=Directory Manager) \- Be careful to quote this value on the command line
@@ -63,6 +63,9 @@ Bind DN to use with remote server (default is cn=Directory Manager) \- Be carefu
\fB\-\-bindpw\fR=\fIADMIN_PWD\fR
Password for Bind DN to use with remote server (default is the DM_PASSWORD above)
.TP
+\fB\-\-winsync\fR
+Specifies to create/use a Windows Sync Agreement
+.TP
\fB\-\-cacert\fR=\fI/path/to/cacertfile\fR
Full path and filename of CA certificate to use with TLS/SSL to the remote server \- this CA certificate will be installed in the directory server's certificate database
.TP
diff --git a/install/tools/man/ipa-replica-prepare.1 b/install/tools/man/ipa-replica-prepare.1
index 115c102d6..88da6f4fe 100644
--- a/install/tools/man/ipa-replica-prepare.1
+++ b/install/tools/man/ipa-replica-prepare.1
@@ -45,8 +45,20 @@ The password of the Directory Server PKCS#12 file
\fB\-\-http_pin\fR=\fIHTTP_PIN\fR
The password of the Apache Server PKCS#12 file
.TP
+\fB\-\-pkinit_pin\fR=\fIPKINIT_PIN\fR
+The password of the Apache Server PKCS#12 file
+.TP
+\fB\-p\fR \fIDM_PASSWORD\fR, \fB\-\-password\fR=\fIDM_PASSWORD\fR
+Directory Manager (existing master) password
+.TP
\fB\-\-ip\-address\fR=\fIIP_ADDRESS\fR
IP address of the replica server. If you provide this option, the A and PTR records will be added to the DNS.
+.TP
+\fB\-\-ca\fR=\fICA_FILE\fR
+Location of CA PKCS#12 file, default /root/cacert.p12
+.TP
+\fB\-\-no\-pkinit\fR
+Disables pkinit setup steps
.SH "EXIT STATUS"
0 if the command was successful
diff --git a/install/tools/man/ipa-server-install.1 b/install/tools/man/ipa-server-install.1
index cae821a2f..40d86e70e 100644
--- a/install/tools/man/ipa-server-install.1
+++ b/install/tools/man/ipa-server-install.1
@@ -25,22 +25,19 @@ ipa\-server\-install [\fIOPTION\fR]...
Configures the services needed by an IPA server. This includes setting up a Kerberos Key Distribution Center (KDC) with an LDAP back\-end, configuring Apache, configuring NTP and starting the ipa_kpasswd service provided by IPA. By default a dogtag\-based CA will be configured to issue server certificates.
.SH "OPTIONS"
.TP
-\fB\-u\fR, \fB\-\-user\fR=\fIDS_USER\fR
-The user that the Directory Server will run as
-.TP
-\fB\-r\fR, \fB\-\-realm\fR=\fIREALM_NAME\fR
+\fB\-r\fR \fIREALM_NAME\fR, \fB\-\-realm\fR=\fIREALM_NAME\fR
The Kerberos realm name for the IPA server
.TP
-\fB\-n\fR, \fB\-\-domain\fR=\fIDOMAIN_NAME\fR
+\fB\-n\fR \fIDOMAIN_NAME\fR, \fB\-\-domain\fR=\fIDOMAIN_NAME\fR
Your DNS domain name
.TP
-\fB\-p\fR, \fB\-\-ds\-password\fR=\fIDM_PASSWORD\fR
+\fB\-p\fR \fIDM_PASSWORD\fR, \fB\-\-ds\-password\fR=\fIDM_PASSWORD\fR
The password to be used by the Directory Server for the Directory Manager user
.TP
-\fB\-P\fR, \fB\-\-master\-password\fR=\fIMASTER_PASSWORD\fR
+\fB\-P\fR \fIMASTER_PASSWORD\fR, \fB\-\-master\-password\fR=\fIMASTER_PASSWORD\fR
The kerberos master password (normally autogenerated)
.TP
-\fB\-a\fR, \fB\-\-admin\-password\fR=\fIADMIN_PASSWORD\fR
+\fB\-a\fR \fIADMIN_PASSWORD\fR, \fB\-\-admin\-password\fR=\fIADMIN_PASSWORD\fR
The password for the IPA admin user
.TP
\fB\-d\fR, \fB\-\-debug\fR
@@ -49,15 +46,21 @@ Enable debug logging when more verbose output is needed
\fB\-\-selfsign\fR
Configure a self\-signed CA instance for issuing server certificates instead of using dogtag for certificates
.TP
+\fB\-\-external\-ca\fR
+Generate a CSR to be signed by an external CA
+.TP
+\fB\-\-external_cert_file\fR=\fIFILE\fR
+File containing PKCS#10 certificate
+.TP
+\fB\-\-external_ca_file\fR=\fIFILE\fR
+File containing PKCS#10 of the external CA chain
+.TP
\fB\-\-hostname\fR=\fIHOST_NAME\fR
The fully\-qualified DNS name of this server
.TP
\fB\-\-ip\-address\fR=\fIIP_ADDRESS\fR
The IP address of this server. If this address does not match the address the host resolves to and --setup-dns is not selected the installation will fail.
.TP
-\fB\-U\fR, \fB\-\-unattended\fR
-An unattended installation that will never prompt for user input
-.TP
\fB\-\-setup\-dns\fR
Generate a DNS zone if it does not exist already and configure the DNS server.
This option requires that you either specify at least one DNS forwarder through
@@ -76,17 +79,23 @@ the \fB\-\-no\-forwarders\fR option is specified.
\fB\-\-no\-forwarders\fR
Do not add any DNS forwarders. Root DNS servers will be used instead.
.TP
+\fB\-\-no\-reverse\fR
+Do not create reverse DNS zone
+.TP
\fB\-\-zonemgr\fR
The e\-mail address of the DNS zone manager. Defaults to root@host.domain
.TP
-\fB\-\-no\-host\-dns\fR
-Do not use DNS for hostname lookup during installation
+\fB\-U\fR, \fB\-\-unattended\fR
+An unattended installation that will never prompt for user input
+.TP
+\fB\-\-uninstall\fR
+Uninstall an existing IPA installation
.TP
\fB\-N\fR, \fB\-\-no\-ntp\fR
Do not configure NTP
.TP
-\fB\-\-uninstall\fR
-Uninstall an existing IPA installation
+\fB\-\-no\-pkinit\fR
+Disables pkinit setup steps
.TP
\fB\-\-dirsrv_pkcs12\fR=\fIFILE\fR
PKCS#12 file containing the Directory Server SSL Certificate
@@ -94,12 +103,21 @@ PKCS#12 file containing the Directory Server SSL Certificate
\fB\-\-http_pkcs12\fR=\fIFILE\fR
PKCS#12 file containing the Apache Server SSL Certificate
.TP
+\fB\-\-pkinit_pkcs12\fR=\fIFILE\fR
+PKCS#12 file containing the Kerberos KDC SSL certificate
+.TP
\fB\-\-dirsrv_pin\fR=\fIDIRSRV_PIN\fR
The password of the Directory Server PKCS#12 file
.TP
\fB\-\-http_pin\fR=\fIHTTP_PIN\fR
The password of the Apache Server PKCS#12 file
.TP
+\fB\-\-pkinit_pin\fR=\fIPKINIT_PIN\fR
+The password of the Kerberos KDC PKCS#12 file
+.TP
+\fB\-\-no\-host\-dns\fR
+Do not use DNS for hostname lookup during installation
+.TP
\fB\-\-idstart\fR=\fIIDSTART\fR
The starting user and group id number (default random)
.TP