setup-mit-trust¶
- subtitle
Setup cross-realm trust between FreeIPA and MIT Kerberos.
- version
0.9.153
Description¶
Initiates cross-realm trust setup between FreeIPA and MIT Kerberos. After this operation completes, configure the MIT Kerberos side of the trust relationship by completing the steps returned by getTrustSetupCommands. Then call finish-setup-trust to validate and activate the trust for production use.
Synopsis¶
setup-mit-trust
--environment <value>
--kdc-servers <value>
--kdc-realm <value>
--remote-environment-crn <value>
--dns-server-ips <value>
[--trust-secret <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton]
Options¶
--environment (string)
Environment name or CRN that identifies the Hybrid Environment.
--kdc-servers (array)
The list of the Key Distribution Center (KDC) servers (currently only one KDC server is supported; multi-server support is under development).
Shorthand Syntax:
fqdn=string,ip=string ... (separate items with spaces)
JSON Syntax:
[
{
"fqdn": "string",
"ip": "string"
}
...
]
--kdc-realm (string)
Cross-realm trust REALM name (uppercase by convention).
--remote-environment-crn (string)
Environment CRN that identifies an on-premises cluster.
--dns-server-ips (array)
Domain Name System (DNS) server IPv4 addresses (currently only a single address is supported; multi-server support is under development).
Syntax:
"string" "string" ...
--trust-secret (string)
Existing trust secret. If not provided, CDP will generate a secure random secret.
--cli-input-json (string)
Performs service operation based on the JSON string provided. The JSON string follows the format provided by
--generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values.
--generate-cli-skeleton (boolean)
Prints a sample input JSON to standard output. Note the specified operation is not run if this argument is specified. The sample input can be used as an argument for
--cli-input-json.
Form Factors¶
public, private