|author||Rob Crittenden <firstname.lastname@example.org>||2010-05-05 14:52:39 -0400|
|committer||Jason Gerard DeRose <email@example.com>||2010-05-06 09:05:30 -0600|
Call certmonger after krb5, avoid uninstall errors, better password handling.
- Move the ipa-getcert request to after we set up /etc/krb5.conf - Don't try removing certificates that don't exist - Don't tell certmonger to stop tracking a cert that doesn't exist - Allow --password/-w to be the kerberos password - Print an error if prompting for a password would happen in unattended mode - Still support echoing a password in when in unattended mode
Diffstat (limited to 'ipa-client/man')
1 files changed, 9 insertions, 5 deletions
diff --git a/ipa-client/man/ipa-client-install.1 b/ipa-client/man/ipa-client-install.1
index 9eb0b39..4a1fcb5 100644
@@ -50,26 +50,30 @@ Unattended installation. The user will not be prompted.
Do not configure or enable NTP.
+Configure ntpd to use this NTP server.
+Do not configure or enable NTP.
Do not configure the client to use SSSD for authentication, use nss_ldap instead.
The client is being configured on an IPA server.
-Password for joining a machine to the IPA realm.
+\fB\-w\fR \fIPASSWORD\fR, \fB\-\-password\fR=\fIPASSWORD\fR
+Password for joining a machine to the IPA realm. Assumes bulk password unless principal is also set.
Prompt for the password for joining a machine to the IPA realm.
-Principal to use to join the IPA realm.
+Authorized kerberos principal to use to join the IPA realm.
-Set the SSSD access rules to permit all access. Otherwise the machine will be controlled by the Host-based Access Controls on the IPA server.
+Configure SSSD to permit all access. Otherwise the machine will be controlled by the Host-based Access Controls (HBAC) on the IPA server.
-Create a users home directory if it does not exist.
+Configure pam to create a users home directory if it does not exist.
Remove the IPA client software and restore the configuration to the pre-IPA state.