ipa-csreplica-manage(1) [centos man page]
ipa-csreplica-manage(1) IPA Manual Pages ipa-csreplica-manage(1) NAME
ipa-csreplica-manage - Manage an IPA CS replica SYNOPSIS
ipa-csreplica-manage [OPTION]... [connect|disconnect|del|list|re-initialize|force-sync] DESCRIPTION
Manages the CA replication agreements of an IPA server. connect [SERVER_A] <SERVER_B> - Adds a new replication agreement between SERVER_A/localhost and SERVER_B disconnect [SERVER_A] <SERVER_B> - Removes a replication agreement between SERVER_A/localhost and SERVER_B del <SERVER> - Removes all replication agreements and data about SERVER list [SERVER] - Lists all the servers or the list of agreements of SERVER re-initialize - Forces a full re-initialization of the IPA CA server retrieving data from the server specified with the --from option force-sync - Immediately flush any data to be replicated from a server specified with the --from option The connect and disconnect options are used to manage the replication topology. When a replica is created it is only connected with the master that created it. The connect option may be used to connect it to other existing replicas. The disconnect option cannot be used to remove the last link of a replica. To remove a replica from the topology use the del option. If a replica is deleted and then re-added within a short time-frame then the 389-ds instance on the master that created it should be restarted before re-installing the replica. The master will have the old service principals cached which will cause replication to fail. OPTIONS
-H HOST, --host=HOST The IPA server to manage. The default is the machine on which the command is run Not honoured by the re-initialize command. -p DM_PASSWORD, --password=DM_PASSWORD The Directory Manager password to use for authentication -v, --verbose Provide additional information -f, --force Ignore some types of errors --from=SERVER The server to pull the data from, used by the re-initialize and force-sync commands. EXAMPLES
List a server's replication agreements. # ipa-csreplica-manage list srv1.example.com srv2.example.com srv3.example.com Re-initialize a replica: # ipa-csreplica-manage re-initialize --from srv2.example.com This will re-initialize the data on the server where you execute the command, retrieving the data from the srv2.example.com replica Add a new replication agreement: # ipa-csreplica-manage connect srv2.example.com srv4.example.com Remove an existing replication agreement: # ipa-csreplica-manage disconnect srv1.example.com srv3.example.com Completely remove a replica: # ipa-csreplica-manage del srv4.example.com Using connect/disconnect you can manage the replication topology. EXIT STATUS
0 if the command was successful 1 if an error occurred IPA
Jul 14 2011 ipa-csreplica-manage(1)
Check Out this Related Man Page
ipa-replica-install(1) IPA Manual Pages ipa-replica-install(1) NAME
ipa-replica-install - Create an IPA replica SYNOPSIS
ipa-replica-install [OPTION]... replica_file DESCRIPTION
Configures a new IPA server that is a replica of the server that generated it. Once it has been created it is an exact copy of the original IPA server and is an equal master. Changes made to any master are automatically replicated to other masters. The replica_file is created using the ipa-replica-prepare utility. If the installation fails you may need to run ipa-server-install --uninstall before running ipa-replica-install again. The installation will fail if the host you are installing the replica on exists as a host in IPA or an existing replication agreement exists (for example, from a previously failed installation). A replica should only be installed on the same or higher version of IPA on the remote system. OPTIONS
BASIC OPTIONS --setup-ca Install and configure a CA on this replica. If a CA is not configured then certificate operations will be forwarded to a master with a CA installed. --ip-address=IP_ADDRESS The IP address of this server. If this address does not match the address the host resolves to and --setup-dns is not selected the installation will fail. If the server hostname is not resolvable, a record for the hostname and IP_ADDRESS is added to /etc/hosts. -p DM_PASSWORD, --password=DM_PASSWORD Directory Manager (existing master) password -w ADMIN_PASSWORD, --admin-password=ADMIN_PASSWORD Admin user Kerberos password used for connection check --mkhomedir Create home directories for users on their first login -N, --no-ntp Do not configure NTP --no-ui-redirect Do not automatically redirect to the Web UI. --ssh-trust-dns Configure OpenSSH client to trust DNS SSHFP records. --no-ssh Do not configure OpenSSH client. --no-sshd Do not configure OpenSSH server. --skip-conncheck Skip connection check to remote master -d, --debug Enable debug logging when more verbose output is needed -U, --unattended An unattended installation that will never prompt for user input CERTIFICATE SYSTEM OPTIONS --skip-schema-check Skip check for updated CA DS schema on the remote master DNS OPTIONS --setup-dns Generate a DNS zone if it does not exist already and configure the DNS server. This option requires that you either specify at least one DNS forwarder through the --forwarder option or use the --no-forwarders option. --forwarder=IP_ADDRESS Add a DNS forwarder to the DNS configuration. You can use this option multiple times to specify more forwarders, but at least one must be provided, unless the --no-forwarders option is specified. --no-forwarders Do not add any DNS forwarders. Root DNS servers will be used instead. --reverse-zone=REVERSE_ZONE The reverse DNS zone to use --no-reverse Do not create new reverse DNS zone. If a reverse DNS zone already exists for the subnet, it will be used. --no-host-dns Do not use DNS for hostname lookup during installation --no-dns-sshfp Do not automatically create DNS SSHFP records. EXIT STATUS
0 if the command was successful 1 if an error occurred 3 if the host exists in the IPA server or a replication agreement to the remote master already exists IPA
May 16 2012 ipa-replica-install(1)