.\" A man page for ipa-adtrust-install .\" Copyright (C) 2011 Red Hat, Inc. .\" .\" This program is free software; you can redistribute it and/or modify .\" it under the terms of the GNU General Public License as published by .\" the Free Software Foundation, either version 3 of the License, or .\" (at your option) any later version. .\" .\" This program is distributed in the hope that it will be useful, but .\" WITHOUT ANY WARRANTY; without even the implied warranty of .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU .\" General Public License for more details. .\" .\" You should have received a copy of the GNU General Public License .\" along with this program. If not, see . .\" .\" Author: Sumit Bose .\" .TH "ipa-adtrust-install" "1" "Aug 23 2011" "FreeIPA" "FreeIPA Manual Pages" .SH "NAME" ipa\-adtrust\-install \- Prepare an IPA server to be able to establish trust relationships with AD domains .SH "SYNOPSIS" ipa\-adtrust\-install [\fIOPTION\fR]... .SH "DESCRIPTION" Adds all necesary objects and configuration to allow an IPA server to create a trust to an Active Directory domain. This requires that the IPA server is already installed and configured. .SH "OPTIONS" .TP \fB\-d\fR, \fB\-\-debug\fR Enable debug logging when more verbose output is needed .TP \fB\-\-ip\-address\fR=\fIIP_ADDRESS\fR The IP address of the IPA server. If not provided then this is determined based on the hostname of the server. .TP \fB\-\-netbios\-name\fR=\fINETBIOS_NAME\fR The NetBIOS name for the IPA domain. If not provided then this is determined based on the leading component of the DNS domain name. .TP \fB\-\-no\-msdcs\fR Do not create DNS service records for Windows in managed DNS server .TP \fB\-U\fR, \fB\-\-unattended\fR An unattended installation that will never prompt for user input .TP \fB\-A\fR, \fB\-\-admin\-name\fR=\fIADMIN_NAME\fR The name of the user with administrative privileges for this IPA server. Defaults to 'admin'. .TP \fB\-a\fR, \fB\-\-admin\-password\fR=\fIpassword\fR The password of the user with administrative privileges for this IPA server. Will be asked interactively if \fB\-U\fR is not specified. .TP The credentials of the admin user will be used to obtain Kerberos ticket before configuring cross-realm trusts support and afterwards, to ensure that the ticket contains MS-PAC information required to actually add a trust with Active Directory domain via 'ipa trust-add --type=ad' command. .TP .SH "EXIT STATUS" 0 if the installation was successful 1 if an error occurred