diff options
| author | Martin Kosek <mkosek@redhat.com> | 2012-02-20 15:24:21 +0100 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2012-02-27 17:50:46 +0100 |
| commit | dc47f77dc1f7df8aafa09ed6d9baa7f209016f35 (patch) | |
| tree | bb317d25334908bdc4c20bab3a429caa936679fd /ipa-client/man/ipa-client-install.1 | |
| parent | e9ed7f7ca1948c1eded115f215b914987b79cea7 (diff) | |
| download | freeipa-dc47f77dc1f7df8aafa09ed6d9baa7f209016f35.tar.gz freeipa-dc47f77dc1f7df8aafa09ed6d9baa7f209016f35.tar.xz freeipa-dc47f77dc1f7df8aafa09ed6d9baa7f209016f35.zip | |
Add client hostname requirements to man
Changing a client hostname after ipa-client-install would break
the enrollment on IPA server. Update relevant man pages to contain
such information.
https://fedorahosted.org/freeipa/ticket/1967
Diffstat (limited to 'ipa-client/man/ipa-client-install.1')
| -rw-r--r-- | ipa-client/man/ipa-client-install.1 | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/ipa-client/man/ipa-client-install.1 b/ipa-client/man/ipa-client-install.1 index 96b019bd9..07b0089b6 100644 --- a/ipa-client/man/ipa-client-install.1 +++ b/ipa-client/man/ipa-client-install.1 @@ -30,6 +30,11 @@ An authorized user is required to join a client machine to IPA. This can take th This same tool is used to unconfigure IPA and attemps to return the machine to its previous state. Part of this process is to unenroll the host from the IPA server. Unenrollment consists of disabling the prinicipal key on the IPA server so that it may be re\-enrolled. The machine principal in /etc/krb5.keytab (host/<fqdn>@REALM) is used to authenticate to the IPA server to unenroll itself. If this principal does not exist then unenrollment will fail and an administrator will need to disable the host principal (ipa host\-disable <fqdn>). +.SS "HOSTNAME REQUIREMENTS" +Client must use a \fBstatic hostname\fR. If the machine hostname changes for example due to a dynamic hostname assignment by a DHCP server, client enrollment to IPA server breaks and user then would not be able to perform Kerberos authentication. + +--hostname option may be used to specify a static hostname that is set in machine system configuration and persist over reboot. + .SH "OPTIONS" .SS "BASIC OPTIONS" .TP @@ -55,7 +60,7 @@ Prompt for the password for joining a machine to the IPA realm. Configure PAM to create a users home directory if it does not exist. .TP \fB\-\-hostname\fR -The hostname of this server (FQDN). If specified, the hostname will be set and the system configuration will be updated to persist over reboot. By default a nodename result from uname(2) is used. +The hostname of this machine (FQDN). If specified, the hostname will be set and the system configuration will be updated to persist over reboot. By default a nodename result from uname(2) is used. .TP \fB\-\-ntp\-server\fR=\fINTP_SERVER\fR Configure ntpd to use this NTP server. |