path: root/ipa.1
diff options
authorRob Crittenden <>2010-07-26 17:54:38 -0400
committerRob Crittenden <>2010-08-16 10:35:27 -0400
commit1df10a88cd8b36be8b9b4d47c49dd9e7d1d12bc0 (patch)
tree965da3c4c157e0aaba6b876b578ebcf8a7dc190d /ipa.1
parent3e6f0f5721f76977475792f09758f6b8dcc4ed4e (diff)
Add support for client failover to the ipa command-line.
This adds a new global option to the ipa command, -f/--no-fallback. If this is included then just the server configured in /etc/ipa/default.conf is used. Otherwise that is tried first then all servers in DNS with the ldap SRV record are tried. Create a new Local() Command class for local-only commands. The help command is one of these. It shouldn't need a remote connection to execute. ticket #15
Diffstat (limited to 'ipa.1')
1 files changed, 13 insertions, 0 deletions
diff --git a/ipa.1 b/ipa.1
index 67a1237..e340988 100644
--- a/ipa.1
+++ b/ipa.1
@@ -52,6 +52,9 @@ Don't prompt for any parameters of \fBCOMMAND\fR, even if they are required.
\fB\-a\fR, \fB\-\-prompt\-all\fR
Prompt for ALL values (even if optional)
+\fB\-f\fR, \fB\-\-no\-fallback\fR
+Don't fall back to other IPA servers if the default doesn't work.
\fB\-v\fR, \fB\-\-verbose\fR
Produce verbose output. A second \-v displays the XML\-RPC request
@@ -157,6 +160,16 @@ Only the user with the specified IPA unique ID would match the search criteria.
\fBipa user\-find\fR
All users would match the search criteria (as there are none).
+The ipa client will determine which server to connect to in this order:
+1. The server configured in \fB/etc/ipa/default.conf\fR in the \fIxmlrpc_uri\fR directive.
+2. An unordered list of servers from the ldap DNS SRV records.
+If a kerberos error is raised by any of the requests then it will stop processing and display the error message.