diff options
author | Rob Crittenden <rcritten@redhat.com> | 2010-02-24 11:38:59 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2010-03-02 18:20:07 -0500 |
commit | 889cf124d8cba470dadf2ca88bcbb07d13bc928b (patch) | |
tree | 7e4e35cf4686ba87c503c046b5284002c3e9a805 /ipa-client/man/ipa-join.1 | |
parent | 3b4c4acfd24fcfd1d4b34a355a684f0683edee38 (diff) | |
download | freeipa-889cf124d8cba470dadf2ca88bcbb07d13bc928b.tar.gz freeipa-889cf124d8cba470dadf2ca88bcbb07d13bc928b.tar.xz freeipa-889cf124d8cba470dadf2ca88bcbb07d13bc928b.zip |
Update available options and descriptions in client man pages
Diffstat (limited to 'ipa-client/man/ipa-join.1')
-rw-r--r-- | ipa-client/man/ipa-join.1 | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/ipa-client/man/ipa-join.1 b/ipa-client/man/ipa-join.1 index d4a143375..672cd6bae 100644 --- a/ipa-client/man/ipa-join.1 +++ b/ipa-client/man/ipa-join.1 @@ -20,7 +20,7 @@ .SH "NAME" ipa\-join \- Join a machine to an IPA realm and get a keytab for the host service principal .SH "SYNOPSIS" -ipa\-join [ \fB\-h\fR hostname ] [ \fB\-k\fR keytab\-file ] [ \fB\-w\fR bulk\-bind\-password ] [ \fB\-d\fR ] [ \fB\-q\fR ] +ipa\-join [ \fB\-h\fR hostname ] [ \fB\-k\fR keytab\-file ] [ \fB\-s\fR server ] [ \fB\-w\fR bulk\-bind\-password ] [ \fB\-d\fR ] [ \fB\-q\fR ] .SH "DESCRIPTION" Joins a host to an IPA realm and retrieves a kerberos \fIkeytab\fR for the host service principal. @@ -29,19 +29,35 @@ Kerberos keytabs are used for services (like sshd) to perform kerberos authentic The ipa\-join command will create and retrieve a service principal for host/foo.example.com@EXAMPLE.COM and place it by default into /etc/krb5.keytab. The location can be overridden with the \-k option. -The IPA server to contact is set in /etc/ipa/default.conf +The IPA server to contact is set in /etc/ipa/default.conf by default and can be overridden using the -s,--server option. + +In order to join the machine needs to be authenticated. This can happen in one of two ways: + +* Authenticate using the current kerberos principal + +* Provide a password to authenticate with + +If a client host has already been joined to the IPA realm the ipa-join command will fail. The host will need to be removed from the server using `ipa host-del FQDN` in order to join the client to the realm. + +This command is normally executed by the ipa-client-install command as part of the enrollment process. .SH "OPTIONS" .TP -\fB\-h hostname\fR +\fB\-h,--hostname hostname\fR +The hostname of this server (FQDN). By default of nodename from uname(2) is used. +.TP +\fB\-s,--server server\fR The hostname of this server (FQDN). By default of nodename from uname(2) is used. .TP -\fB\-k keytab\-file\fR +\fB\-k,--keytab keytab\-file\fR The keytab file where to append the new key (will be created if it does not exist). Default: /etc/krb5.keytab .TP -\fB\-q\fR +\fB\-w,--bindpw password\fR +The password to use if not using kerberos to authenticate +.TP +\fB\-q,--quiet\fR Quiet mode. Only errors are displayed. .TP -\fB\-d\fR +\fB\-d,--debug\fR Debug mode. .SH "EXAMPLES" Join IPA domain and retrieve a keytab with kerberos credentials. |