diff options
Diffstat (limited to 'install/tools/man/ipa-server-install.1')
-rw-r--r-- | install/tools/man/ipa-server-install.1 | 48 |
1 files changed, 33 insertions, 15 deletions
diff --git a/install/tools/man/ipa-server-install.1 b/install/tools/man/ipa-server-install.1 index cae821a2f..40d86e70e 100644 --- a/install/tools/man/ipa-server-install.1 +++ b/install/tools/man/ipa-server-install.1 @@ -25,22 +25,19 @@ ipa\-server\-install [\fIOPTION\fR]... Configures the services needed by an IPA server. This includes setting up a Kerberos Key Distribution Center (KDC) with an LDAP back\-end, configuring Apache, configuring NTP and starting the ipa_kpasswd service provided by IPA. By default a dogtag\-based CA will be configured to issue server certificates. .SH "OPTIONS" .TP -\fB\-u\fR, \fB\-\-user\fR=\fIDS_USER\fR -The user that the Directory Server will run as -.TP -\fB\-r\fR, \fB\-\-realm\fR=\fIREALM_NAME\fR +\fB\-r\fR \fIREALM_NAME\fR, \fB\-\-realm\fR=\fIREALM_NAME\fR The Kerberos realm name for the IPA server .TP -\fB\-n\fR, \fB\-\-domain\fR=\fIDOMAIN_NAME\fR +\fB\-n\fR \fIDOMAIN_NAME\fR, \fB\-\-domain\fR=\fIDOMAIN_NAME\fR Your DNS domain name .TP -\fB\-p\fR, \fB\-\-ds\-password\fR=\fIDM_PASSWORD\fR +\fB\-p\fR \fIDM_PASSWORD\fR, \fB\-\-ds\-password\fR=\fIDM_PASSWORD\fR The password to be used by the Directory Server for the Directory Manager user .TP -\fB\-P\fR, \fB\-\-master\-password\fR=\fIMASTER_PASSWORD\fR +\fB\-P\fR \fIMASTER_PASSWORD\fR, \fB\-\-master\-password\fR=\fIMASTER_PASSWORD\fR The kerberos master password (normally autogenerated) .TP -\fB\-a\fR, \fB\-\-admin\-password\fR=\fIADMIN_PASSWORD\fR +\fB\-a\fR \fIADMIN_PASSWORD\fR, \fB\-\-admin\-password\fR=\fIADMIN_PASSWORD\fR The password for the IPA admin user .TP \fB\-d\fR, \fB\-\-debug\fR @@ -49,15 +46,21 @@ Enable debug logging when more verbose output is needed \fB\-\-selfsign\fR Configure a self\-signed CA instance for issuing server certificates instead of using dogtag for certificates .TP +\fB\-\-external\-ca\fR +Generate a CSR to be signed by an external CA +.TP +\fB\-\-external_cert_file\fR=\fIFILE\fR +File containing PKCS#10 certificate +.TP +\fB\-\-external_ca_file\fR=\fIFILE\fR +File containing PKCS#10 of the external CA chain +.TP \fB\-\-hostname\fR=\fIHOST_NAME\fR The fully\-qualified DNS name of this server .TP \fB\-\-ip\-address\fR=\fIIP_ADDRESS\fR The IP address of this server. If this address does not match the address the host resolves to and --setup-dns is not selected the installation will fail. .TP -\fB\-U\fR, \fB\-\-unattended\fR -An unattended installation that will never prompt for user input -.TP \fB\-\-setup\-dns\fR Generate a DNS zone if it does not exist already and configure the DNS server. This option requires that you either specify at least one DNS forwarder through @@ -76,17 +79,23 @@ the \fB\-\-no\-forwarders\fR option is specified. \fB\-\-no\-forwarders\fR Do not add any DNS forwarders. Root DNS servers will be used instead. .TP +\fB\-\-no\-reverse\fR +Do not create reverse DNS zone +.TP \fB\-\-zonemgr\fR The e\-mail address of the DNS zone manager. Defaults to root@host.domain .TP -\fB\-\-no\-host\-dns\fR -Do not use DNS for hostname lookup during installation +\fB\-U\fR, \fB\-\-unattended\fR +An unattended installation that will never prompt for user input +.TP +\fB\-\-uninstall\fR +Uninstall an existing IPA installation .TP \fB\-N\fR, \fB\-\-no\-ntp\fR Do not configure NTP .TP -\fB\-\-uninstall\fR -Uninstall an existing IPA installation +\fB\-\-no\-pkinit\fR +Disables pkinit setup steps .TP \fB\-\-dirsrv_pkcs12\fR=\fIFILE\fR PKCS#12 file containing the Directory Server SSL Certificate @@ -94,12 +103,21 @@ PKCS#12 file containing the Directory Server SSL Certificate \fB\-\-http_pkcs12\fR=\fIFILE\fR PKCS#12 file containing the Apache Server SSL Certificate .TP +\fB\-\-pkinit_pkcs12\fR=\fIFILE\fR +PKCS#12 file containing the Kerberos KDC SSL certificate +.TP \fB\-\-dirsrv_pin\fR=\fIDIRSRV_PIN\fR The password of the Directory Server PKCS#12 file .TP \fB\-\-http_pin\fR=\fIHTTP_PIN\fR The password of the Apache Server PKCS#12 file .TP +\fB\-\-pkinit_pin\fR=\fIPKINIT_PIN\fR +The password of the Kerberos KDC PKCS#12 file +.TP +\fB\-\-no\-host\-dns\fR +Do not use DNS for hostname lookup during installation +.TP \fB\-\-idstart\fR=\fIIDSTART\fR The starting user and group id number (default random) .TP |