1ipa-replica-conncheck(1) FreeIPA Manual Pages ipa-replica-conncheck(1)
2
6 ipa-replica-conncheck - Check a replica-master network connection
7 before installation
8
10 ipa-replica-conncheck [OPTION]...
11
13 When an IPA replica is being installed a network connection between a
14 replica machine and a replicated IPA master machine has to be prepared
15 for master-replica communication. In case of a flawed connection the
16 installation may fail with inconvenient error messages. A common con‐
17 nection problem is a misconfigured firewall with closed required port
18 on a replica or master machine.
19 The connection is checked by running a set of tests from both master
21 and replica machines. The program is incorporated to
22 ipa-replica-install(1) but can be also run separately.
23
26 REPLICA MACHINE OPTIONS
27 This set of options is used when the connection check is run on a pre‐
28 pared IPA replica machine.
29 -m MASTER, --master=MASTER
31 Remote master machine address
32 -a, --auto-master-check
34 Automatically log in to master machine and execute the master
35 machine part of the connection check. The following options for
36 replica part are only evaluated when this option is set
37 -r REALM, --realm=REALM
39 The Kerberos realm name for the IPA server
40 -k KDC, --kdc=KDC
42 KDC server address. Defaults to MASTER
43 -p PRINCIPAL, --principal=PRINCIPAL
45 Authorized Kerberos principal to use to log in to master
46 machine. Defaults to admin
47 -w PASSWORD, --password=PASSWORD
49 Password for given principal. The password will be prompted
50 interactively when this option is missing
51 MASTER MACHINE OPTIONS
54 This set of options is used when the connection check is run on a mas‐
55 ter machine against a running ipa-replica-conncheck(1) on a replica
56 machine.
57 -R REPLICA, --replica=REPLICA
59 Remote replica machine address
60 COMMON OPTIONS
63 -c, --check-ca
64 Include in a check also a set of dogtag connection requirements.
65 Only needed when the master was installed with Dogtag 9 or
66 lower.
67 -h HOSTNAME, --hostname=HOSTNAME
69 The hostname of this server (FQDN). By default the result of
70 getfqdn() call from Python's socket module is used.
71 -d, --debug
73 Print debugging information
74 -q, --quiet
76 Output only errors
77
80 ipa-replica-conncheck -m master.example.com
81 Run a replica machine connection check against a remote master
82 master.example.com. If the connection to the remote master
83 machine is successful the program will switch to listening mode
84 and prompt for running the master machine part. The second part
85 check the connection from master to replica.
86 ipa-replica-conncheck -R replica.example.com
88 Run a master machine connection check part. This is either run
89 automatically by replica part of the connection check program
90 (when -a option is set) or manually by the user. A running ipa-
91 replica-conncheck(1) in a listening mode must be already running
92 on a replica machine.
93 ipa-replica-conncheck -m master.example.com -a -r EXAMPLE.COM -w pass‐
95 word
96 Run a replica-master connection check. In case of a success
97 switch to listening mode, automatically log to master.exam‐
98 ple.com in a realm EXAMPLE.COM with a password password and run
99 the second part of the connection check.
100
103 0 if the connection check was successful
104 1 if an error occurred
106
108 ipa-replica-install(1)
109FreeIPA Jun 2 2011 ipa-replica-conncheck(1)