1ipa-replica-conncheck(1) FreeIPA Manual Pages ipa-replica-conncheck(1)
2
6 ipa-replica-conncheck - Check a replica-master network connection
7 before installation
8
10 ipa-replica-conncheck [OPTION]...
11
13 When an IPA replica is being installed a network connection between a
14 replica machine and a replicated IPA master machine has to be prepared
15 for master-replica communication. In case of a flawed connection the
16 installation may fail with inconvenient error messages. A common con‐
17 nection problem is a misconfigured firewall with closed required port
18 on a replica or master machine.
19 The connection is checked by running a set of tests from both master
21 and replica machines. The program is incorporated to
22 ipa-replica-install(1) but can be also run separately.
23
26 REPLICA MACHINE OPTIONS
27 This set of options is used when the connection check is run on a pre‐
28 pared IPA replica machine.
29 -m MASTER, --master=MASTER
31 Remote master machine address
32 -a, --auto-master-check
34 Automatically log in to master machine and execute the master
35 machine part of the connection check. The following options for
36 replica part are only evaluated when this option is set
37 -r REALM, --realm=REALM
39 The Kerberos realm name for the IPA server
40 -k KDC, --kdc=KDC
42 KDC server address. Defaults t MASTER
43 -p PRINCIPAL, --principal=PRINCIPAL
45 Authorized Kerberos principal to use to log in to master
46 machine. Defaults to admin
47 -w PASSWORD, --password=PASSWORD
49 Password for given principal. The password will be prompted
50 interactively when this option is missing
51 MASTER MACHINE OPTIONS
54 This set of options is used when the connection check is run on a mas‐
55 ter machine against a running ipa-replica-conncheck(1) on a replica
56 machine.
57 -R REPLICA, --replica=REPLICA
59 Remote replica machine address
60 COMMON OPTIONS
63 -c, --check-ca
64 Include in a check also a set of dogtag connection requirements.
65 When a replica is self-sign this option is not needed.
66 -h HOSTNAME, --hostname=HOSTNAME
68 The hostname of this server (FQDN). By default a nodename from
69 uname(2) is used
70 -d, --debug
72 Print debugging information
73 -q, --quiet
75 Output only errors
76
79 ipa-replica-conncheck -m master.example.com
80 Run a replica machine connection check against a remote master
81 master.example.com. If the connection to the remote master
82 machine is successful the program will switch to listening mode
83 and prompt for running the master machine part. The second part
84 check the connection from master to replica.
85 ipa-replica-conncheck -R replica.example.com
87 Run a master machine connection check part. This is either run
88 automatically by replica part of the connection check program
89 (when -a option is set) or manually by the user. A running ipa-
90 replica-conncheck(1) in a listening mode must be already running
91 on a replica machine.
92 ipa-replica-conncheck -m master.example.com -a -r EXAMPLE.COM -w pass‐
94 word
95 Run a replica-master connection check. In case of a success
96 switch to listening mode, automatically log to master.exam‐
97 ple.com in a realm EXAMPLE.COM with a password password and run
98 the second part of the connection check.
99
102 0 if the connection check was successful
103 1 if an error occurred
105
107 ipa-replica-install(1)
108FreeIPA Jun 2 2011 ipa-replica-conncheck(1)