Description of problem: Update man page for ipa-adtrust-install by removing --no-msdcs option
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Run ipa-adtrust-install --help
2. Check the output.
--version show program's version number and exit
-h, --help show this help message and exit
-d, --debug print debugging information
NetBIOS name of the IPA domain
--rid-base=RID_BASE Start value for mapping UIDs and GIDs to RIDs
Start value of the secondary range for mapping UIDs
and GIDs to RIDs
-U, --unattended unattended installation never prompts the user
-a ADMIN_PASSWORD, --admin-password=ADMIN_PASSWORD
admin user kerberos password
-A ADMIN_NAME, --admin-name=ADMIN_NAME
admin user principal
--add-sids Add SIDs for existing users and groups as the final
--add-agents Add IPA masters to a list of hosts allowed to
serveinformation about users from trusted forests
--enable-compat Enable support for trusted domains for old clients
It doesn't list any option for '--no-msdcs' which is deprecated.
So we should be removing it from man page.
Do not create DNS service records for Windows in managed DNS server. Since those DNS service records are the only way to discover domain controllers of other domains they must be added manually to a different DNS server to allow trust reala‐tionships work properly. All needed service records are listed when ipa-adtrust-install finishes and either --no-msdcs was given or no IPA DNS service is configured. Typically service records for the following service names are needed for the IPA domain which should point to all IPA servers:
Tested on RHEL7.4.
Verified using ipa-server-trust-ad-4.5.0-13.el7.x86_64
--no-msdcs option has been removed from ipa-adtrust-install man page.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.