Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

ipa-csreplica-manage(1) [centos man page]

ipa-csreplica-manage(1) 					 IPA Manual Pages					   ipa-csreplica-manage(1)

NAME
ipa-csreplica-manage - Manage an IPA CS replica SYNOPSIS
ipa-csreplica-manage [OPTION]... [connect|disconnect|del|list|re-initialize|force-sync] DESCRIPTION
Manages the CA replication agreements of an IPA server. connect [SERVER_A] <SERVER_B> - Adds a new replication agreement between SERVER_A/localhost and SERVER_B disconnect [SERVER_A] <SERVER_B> - Removes a replication agreement between SERVER_A/localhost and SERVER_B del <SERVER> - Removes all replication agreements and data about SERVER list [SERVER] - Lists all the servers or the list of agreements of SERVER re-initialize - Forces a full re-initialization of the IPA CA server retrieving data from the server specified with the --from option force-sync - Immediately flush any data to be replicated from a server specified with the --from option The connect and disconnect options are used to manage the replication topology. When a replica is created it is only connected with the master that created it. The connect option may be used to connect it to other existing replicas. The disconnect option cannot be used to remove the last link of a replica. To remove a replica from the topology use the del option. If a replica is deleted and then re-added within a short time-frame then the 389-ds instance on the master that created it should be restarted before re-installing the replica. The master will have the old service principals cached which will cause replication to fail. OPTIONS
-H HOST, --host=HOST The IPA server to manage. The default is the machine on which the command is run Not honoured by the re-initialize command. -p DM_PASSWORD, --password=DM_PASSWORD The Directory Manager password to use for authentication -v, --verbose Provide additional information -f, --force Ignore some types of errors --from=SERVER The server to pull the data from, used by the re-initialize and force-sync commands. EXAMPLES
List a server's replication agreements. # ipa-csreplica-manage list srv1.example.com srv2.example.com srv3.example.com Re-initialize a replica: # ipa-csreplica-manage re-initialize --from srv2.example.com This will re-initialize the data on the server where you execute the command, retrieving the data from the srv2.example.com replica Add a new replication agreement: # ipa-csreplica-manage connect srv2.example.com srv4.example.com Remove an existing replication agreement: # ipa-csreplica-manage disconnect srv1.example.com srv3.example.com Completely remove a replica: # ipa-csreplica-manage del srv4.example.com Using connect/disconnect you can manage the replication topology. EXIT STATUS
0 if the command was successful 1 if an error occurred IPA
Jul 14 2011 ipa-csreplica-manage(1)

Check Out this Related Man Page

ipa-rmkeytab(1) 						 IPA Manual Pages						   ipa-rmkeytab(1)

NAME
ipa-rmkeytab - Remove a kerberos principal from a keytab SYNOPSIS
ipa-rmkeytab [ -p principal-name ] [ -k keytab-file ] [ -r realm ] [ -d ] DESCRIPTION
Removes a kerberos principal from a keytab. Kerberos keytabs are used for services (like sshd) to perform kerberos authentication. A keytab is a file with one or more secrets (or keys) for a kerberos principal. A kerberos service principal is a kerberos identity that can be used for authentication. Service principals contain the name of the ser- vice, the hostname of the server, and the realm name. ipa-rmkeytab provides two ways to remove principals. A specific principal can be removed or all principals for a given realm can be removed. All encryption types and versions of a principal are removed. The realm may be included when removing a specific principal but it is not required. NOTE: removing a principal from the keytab does not affect the Kerberos principal stored in the IPA server. It merely removes the entry from the local keytab. OPTIONS
-p principal-name The non-realm part of the full principal name. -k keytab-file The keytab file to append the principal(s) from. -r realm A realm to remove all principals for. -d Debug mode. Additional information is displayed. EXAMPLES
Remove the NFS service principal on the host foo.example.com from /tmp/nfs.keytab. # ipa-rmkeytab -p nfs/foo.example.com -k /tmp/nfs.keytab Remove the ldap service principal on the host foo.example.com from /etc/krb5.keytab. # ipa-rmkeytab -p ldap/foo.example.com -k /etc/krb5.keytab Remove all principals for the realm EXAMPLE.COM. # ipa-rmkeytab -r EXAMPLE.COM -k /etc/krb5.keytab EXIT STATUS
The exit status is 0 on success, nonzero on error. 1 Kerberos initialization failed 2 Memory allocation error 3 Unable to open keytab 4 Unable to parse the principal name 5 Principal name or realm not found in keytab 6 Unable to remove principal from keytab IPA
Oct 30 2009 ipa-rmkeytab(1)
Man Page