Bug 990130
Summary: | Incorrect information in "ipa help host" | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Dmitri Pal <dpal> |
Component: | ipa | Assignee: | Martin Kosek <mkosek> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Namita Soman <nsoman> |
Severity: | unspecified | Docs Contact: | |
Priority: | medium | ||
Version: | 7.0 | CC: | rcritten, spoore |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-3.3.0-0.2.beta2.el7 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-06-13 13:02:32 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Dmitri Pal
2013-07-30 12:53:58 UTC
Fixed upstream: master: https://fedorahosted.org/freeipa/changeset/3bb6d3830868a50066569b55158fbba1f36654fd Verified. Version :: ipa-server-3.3.3-15.el7.x86_64 Test Results :: [root@master ~]# PAGER="cat" man ipa-client-install 2>/dev/null|grep "Re-enrollment of the host" Re-enrollment of the host [root@master ~]# ipa help host|grep "A host can only be enrolled once" [root@master ~]# From Man page: Re-enrollment of the host Requirements: 1. Host has not been un-enrolled (the ipa-client-install --uninstall command has not been run). 2. The host entry has not been disabled via the ipa host-disable command. If this has been the case, host can be re-enrolled using the usual methods. There are two method of authenticating a re-enrollment: 1. You can use --force-join option with ipa-client-install command. This authenticates the re-enrollment using the admin's credetials provided via the -w/--password option. 2. If providing the admin's password via the command line is not an option (e.g you want to create a script to re-enroll a host and keep the admin's password secure), you can use backed up keytab from the previous enrollment of this host to authenticate. See --keytab option. Consenquences of the re-enrollment on the host entry: 1. A new host certificate is issued 2. The old host certificate is revoked 3. New SSH keys are generated 4. ipaUniqueID is preserved This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request. |