1ipa-replica-conncheck(1)     FreeIPA Manual Pages     ipa-replica-conncheck(1)
2
3
4

NAME

6       ipa-replica-conncheck  -  Check  a  replica-master  network  connection
7       before installation
8

SYNOPSIS

10       ipa-replica-conncheck [OPTION]...
11

DESCRIPTION

13       When an IPA replica is being installed a network connection  between  a
14       replica  machine and a replicated IPA master machine has to be prepared
15       for master-replica communication. In case of a  flawed  connection  the
16       installation  may  fail with inconvenient error messages. A common con‐
17       nection problem is a misconfigured firewall with closed  required  port
18       on a replica or master machine.
19
20       The  connection  is  checked by running a set of tests from both master
21       and   replica   machines.    The    program    is    incorporated    to
22       ipa-replica-install(1) but can be also run separately.
23
24

OPTIONS

26   REPLICA MACHINE OPTIONS
27       This  set of options is used when the connection check is run on a pre‐
28       pared IPA replica machine.
29
30       -m MASTER, --master=MASTER
31              Remote master machine address
32
33       -a, --auto-master-check
34              Automatically log in to master machine and  execute  the  master
35              machine  part of the connection check. The following options for
36              replica part are only evaluated when this option is set
37
38       -r REALM, --realm=REALM
39              The Kerberos realm name for the IPA server
40
41       -k KDC, --kdc=KDC
42              KDC server address. Defaults to MASTER
43
44       -p PRINCIPAL, --principal=PRINCIPAL
45              Authorized Kerberos  principal  to  use  to  log  in  to  master
46              machine. Defaults to admin
47
48       -w PASSWORD, --password=PASSWORD
49              Password  for  given  principal.  The  password will be prompted
50              interactively when this option is missing
51
52
53   MASTER MACHINE OPTIONS
54       This set of options is used when the connection check is run on a  mas‐
55       ter  machine  against  a  running ipa-replica-conncheck(1) on a replica
56       machine.
57
58       -R REPLICA, --replica=REPLICA
59              Remote replica machine address
60
61
62   COMMON OPTIONS
63       -c, --check-ca
64              Include in a check also a set of dogtag connection requirements.
65              Only  needed  when  the  master  was  installed with Dogtag 9 or
66              lower.
67
68       -h HOSTNAME, --hostname=HOSTNAME
69              The hostname of this server (FQDN). By  default  the  result  of
70              getfqdn() call from Python's socket module is used.
71
72       -d, --debug
73              Print debugging information
74
75       -q, --quiet
76              Output only errors
77
78

EXAMPLES

80       ipa-replica-conncheck -m master.example.com
81              Run  a  replica machine connection check against a remote master
82              master.example.com. If  the  connection  to  the  remote  master
83              machine  is successful the program will switch to listening mode
84              and prompt for running the master machine part. The second  part
85              check the connection from master to replica.
86
87       ipa-replica-conncheck -R replica.example.com
88              Run  a  master machine connection check part. This is either run
89              automatically by replica part of the  connection  check  program
90              (when  -a option is set) or manually by the user. A running ipa-
91              replica-conncheck(1) in a listening mode must be already running
92              on a replica machine.
93
94       ipa-replica-conncheck  -m master.example.com -a -r EXAMPLE.COM -w pass‐
95       word
96              Run a replica-master connection check.  In  case  of  a  success
97              switch  to  listening  mode,  automatically  log to master.exam‐
98              ple.com in a realm EXAMPLE.COM with a password password and  run
99              the second part of the connection check.
100
101

EXIT STATUS

103       0 if the connection check was successful
104
105       1 if an error occurred
106

SEE ALSO

108       ipa-replica-install(1)
109
110
111
112FreeIPA                           Jun 2 2011          ipa-replica-conncheck(1)
Impressum