SYNOPSIS
ipa-replica-prepare [OPTION]... hostnameDESCRIPTION
Generates a replica file that may be used with ipa-replica-install to create a replica of an IPA server.A replica can only be created on an IPA server installed with ipa-server-install (the first server).
You must provide the fully-qualified hostname of the machine you want to install the replica on and a host-specific replica_file will be created. It is host-specific because SSL server certificates are generated as part of the process and they are specific to a particular hostname.
If IPA manages the DNS for your domain, you should either use the --ip-address option or add the forward and reverse records manually using IPA plugins.
Once the file has been created it will be named replica-hostname. This file can then be moved across the network to the target machine and a new IPA replica setup by running ipa-replica-install replica-hostname.
A replica should only be installed on the same or higher version of IPA on the remote system.
OPTIONS
- --dirsrv_pkcs12=FILE
- PKCS#12 file containing the Directory Server SSL Certificate and Private Key
- --http_pkcs12=FILE
- PKCS#12 file containing the Apache Server SSL Certificate and Private Key
- --pkinit_pkcs12=FILE
- PKCS#12 file containing the Kerberos KDC Certificate and Private Key
- --dirsrv_pin=DIRSRV_PIN
- The password of the Directory Server PKCS#12 file
- --http_pin=HTTP_PIN
- The password of the Apache Server PKCS#12 file
- --pkinit_pin=PKINIT_PIN
- The password of the Kerberos KDC PKCS#12 file
- -p DM_PASSWORD, --password=DM_PASSWORD
- Directory Manager (existing master) password
- --ip-address=IP_ADDRESS
- IP address of the replica server. If you provide this option, the A and PTR records will be added to the DNS.
- --reverse-zone=REVERSE_ZONE
- The reverse DNS zone to use
- --no-reverse
- Do not create reverse DNS zone
- --ca=CA_FILE
- Location of CA PKCS#12 file, default /root/cacert.p12
- --no-pkinit
- Disables pkinit setup steps
- --debug
- Prints info log messages to the output
EXIT STATUS
0 if the command was successful1 if an error occurred