summaryrefslogtreecommitdiffstats
path: root/ipa-client/man
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2009-10-08 11:10:21 -0400
committerRob Crittenden <rcritten@redhat.com>2009-10-12 14:50:02 -0400
commit1d6e23136a0664a86b765c67a9308f0951652f74 (patch)
treec8c7e7e937262e4dc4503a7dbc99efc0c2f0eb0a /ipa-client/man
parentb4cef3b79bc6974f2ea899bbfe40295cc412411b (diff)
downloadfreeipa-1d6e23136a0664a86b765c67a9308f0951652f74.zip
freeipa-1d6e23136a0664a86b765c67a9308f0951652f74.tar.gz
freeipa-1d6e23136a0664a86b765c67a9308f0951652f74.tar.xz
Add man page for ipa-join command
Diffstat (limited to 'ipa-client/man')
-rw-r--r--ipa-client/man/Makefile.am3
-rw-r--r--ipa-client/man/ipa-join.160
2 files changed, 62 insertions, 1 deletions
diff --git a/ipa-client/man/Makefile.am b/ipa-client/man/Makefile.am
index 7d0a3aa..eee7144 100644
--- a/ipa-client/man/Makefile.am
+++ b/ipa-client/man/Makefile.am
@@ -6,7 +6,8 @@ NULL =
man_MANS = \
ipa-getkeytab.1 \
- ipa-client-install.1
+ ipa-client-install.1 \
+ ipa-join.1
install-data-hook:
@for i in $(man_MANS) ; do gzip -f $(DESTDIR)$(man1dir)/$$i ; done
diff --git a/ipa-client/man/ipa-join.1 b/ipa-client/man/ipa-join.1
new file mode 100644
index 0000000..d4a1433
--- /dev/null
+++ b/ipa-client/man/ipa-join.1
@@ -0,0 +1,60 @@
+.\" A man page for ipa-join
+.\" Copyright (C) 2009 Red Hat, Inc.
+.\"
+.\" This is free software; you can redistribute it and/or modify it under
+.\" the terms of the GNU Library General Public License as published by
+.\" the Free Software Foundation; version 2 only
+.\"
+.\" This program is distributed in the hope that it will be useful, but
+.\" WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+.\" General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU Library General Public
+.\" License along with this program; if not, write to the Free Software
+.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+.\"
+.\" Author: Rob Crittenden <rcritten@redhat.com>
+.\"
+.TH "ipa-join" "1" "Oct 8 2009" "freeipa" ""
+.SH "NAME"
+ipa\-join \- Join a machine to an IPA realm and get a keytab for the host service principal
+.SH "SYNOPSIS"
+ipa\-join [ \fB\-h\fR hostname ] [ \fB\-k\fR keytab\-file ] [ \fB\-w\fR bulk\-bind\-password ] [ \fB\-d\fR ] [ \fB\-q\fR ]
+
+.SH "DESCRIPTION"
+Joins a host to an IPA realm and retrieves a kerberos \fIkeytab\fR for the host service principal.
+
+Kerberos keytabs are used for services (like sshd) to perform kerberos authentication. A keytab is a file with one or more secrets (or keys) for a kerberos principal.
+
+The ipa\-join command will create and retrieve a service principal for host/foo.example.com@EXAMPLE.COM and place it by default into /etc/krb5.keytab. The location can be overridden with the \-k option.
+
+The IPA server to contact is set in /etc/ipa/default.conf
+.SH "OPTIONS"
+.TP
+\fB\-h hostname\fR
+The hostname of this server (FQDN). By default of nodename from uname(2) is used.
+.TP
+\fB\-k keytab\-file\fR
+The keytab file where to append the new key (will be created if it does not exist). Default: /etc/krb5.keytab
+.TP
+\fB\-q\fR
+Quiet mode. Only errors are displayed.
+.TP
+\fB\-d\fR
+Debug mode.
+.SH "EXAMPLES"
+Join IPA domain and retrieve a keytab with kerberos credentials.
+
+ # kinit admin
+ # ipa\-join
+
+Join IPA domain and retrieve a keytab using a one\-time password.
+
+ # ipa\-join \-w secret123
+
+Join IPA domain and save the keytab in another location.
+
+ # ipa\-join \-k /tmp/host.keytab
+.SH "EXIT STATUS"
+The exit status is 0 on success, nonzero on error.