Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

ipa-replica-prepare(1) [centos man page]

ipa-replica-prepare(1)						 IPA Manual Pages					    ipa-replica-prepare(1)

NAME

       ipa-replica-prepare - Create an IPA replica file

SYNOPSIS

       ipa-replica-prepare [OPTION]... hostname

DESCRIPTION

       Generates a replica file that may be used with ipa-replica-install to create a replica of an IPA server.

       A replica can only be created on an IPA server installed with ipa-server-install (the first server).

       You  must  provide  the fully-qualified hostname of the machine you want to install the replica on and a host-specific replica_file will be
       created. It is host-specific because SSL server certificates are generated as part of the process and they are  specific  to  a	particular
       hostname.

       If IPA manages the DNS for your domain, you should either use the --ip-address option or add the forward and reverse records manually using
       IPA plugins.

       Once the file has been created it will be named replica-hostname. This file can then be moved across the network to the target machine  and
       a new IPA replica setup by running ipa-replica-install replica-hostname.

       A replica should only be installed on the same or higher version of IPA on the remote system.

OPTIONS

       --dirsrv_pkcs12=FILE
	      PKCS#12 file containing the Directory Server SSL Certificate and Private Key

       --http_pkcs12=FILE
	      PKCS#12 file containing the Apache Server SSL Certificate and Private Key

       --dirsrv_pin=DIRSRV_PIN
	      The password of the Directory Server PKCS#12 file

       --http_pin=HTTP_PIN
	      The password of the Apache Server PKCS#12 file

       -p DM_PASSWORD, --password=DM_PASSWORD
	      Directory Manager (existing master) password

       --ip-address=IP_ADDRESS
	      IP address of the replica server. If you provide this option, the A and PTR records will be added to the DNS.

       --reverse-zone=REVERSE_ZONE
	      The reverse DNS zone to use

       --no-reverse
	      Do not create reverse DNS zone

       --ca=CA_FILE
	      Location of CA PKCS#12 file, default /root/cacert.p12

       --debug
	      Prints info log messages to the output

EXIT STATUS

       0 if the command was successful

       1 if an error occurred

IPA
								    Mar 14 2008 					    ipa-replica-prepare(1)

Check Out this Related Man Page

ipa-csreplica-manage(1) 					 IPA Manual Pages					   ipa-csreplica-manage(1)

NAME

       ipa-csreplica-manage - Manage an IPA CS replica

SYNOPSIS

       ipa-csreplica-manage [OPTION]...  [connect|disconnect|del|list|re-initialize|force-sync]

DESCRIPTION

       Manages the CA replication agreements of an IPA server.

       connect [SERVER_A] <SERVER_B>
	      - Adds a new replication agreement between SERVER_A/localhost and SERVER_B

       disconnect [SERVER_A] <SERVER_B>
	      - Removes a replication agreement between SERVER_A/localhost and SERVER_B

       del <SERVER>
	      - Removes all replication agreements and data about SERVER

       list [SERVER]
	      - Lists all the servers or the list of agreements of SERVER

       re-initialize
	      - Forces a full re-initialization of the IPA CA server retrieving data from the server specified with the --from option

       force-sync
	      - Immediately flush any data to be replicated from a server specified with the --from option

       The  connect  and  disconnect  options are used to manage the replication topology. When a replica is created it is only connected with the
       master that created it. The connect option may be used to connect it to other existing replicas.

       The disconnect option cannot be used to remove the last link of a replica. To remove a replica from the topology use the del option.

       If a replica is deleted and then re-added within a short time-frame then the 389-ds instance on	the  master  that  created  it	should	be
       restarted before re-installing the replica. The master will have the old service principals cached which will cause replication to fail.

OPTIONS

       -H HOST, --host=HOST
	      The IPA server to manage.  The default is the machine on which the command is run Not honoured by the re-initialize command.

       -p DM_PASSWORD, --password=DM_PASSWORD
	      The Directory Manager password to use for authentication

       -v, --verbose
	      Provide additional information

       -f, --force
	      Ignore some types of errors

       --from=SERVER
	      The server to pull the data from, used by the re-initialize and force-sync commands.

EXAMPLES

       List a server's replication agreements.
	       # ipa-csreplica-manage list srv1.example.com
	       srv2.example.com
	       srv3.example.com

       Re-initialize a replica:
	       # ipa-csreplica-manage re-initialize --from srv2.example.com

	      This will re-initialize the data on the server where you execute the command, retrieving the data from the srv2.example.com replica

       Add a new replication agreement:
	       # ipa-csreplica-manage connect srv2.example.com srv4.example.com

       Remove an existing replication agreement:
	       # ipa-csreplica-manage disconnect srv1.example.com srv3.example.com

       Completely remove a replica:
	       # ipa-csreplica-manage del srv4.example.com

       Using connect/disconnect you can manage the replication topology.

EXIT STATUS

       0 if the command was successful

       1 if an error occurred

IPA
								    Jul 14 2011 					   ipa-csreplica-manage(1)
Man Page