IpaCommandLineTools

IpaCommandLineTools#

IPA Command-Line Tools and Services#

IPA Command-Line Tools#

The following is a list of the available IPA command-line tools.

Note.pngNote:

Some of these tools require root privileges. Refer to the man pages for full details of each command.

  • ipa-adddelegation

    Description: Adds a new delegation. A delegation is used to grant write access to certain attributes from one group to another.

  • ipa-addgroup

    Description: Adds a new group.

  • ipa-addservice

    Description: Adds a new service principal.

  • ipa-adduser

    Description: Adds a new user.

  • ipa-client-install

    Description: Runs the IPA client installation script. This is currently only available for a limited number of operating systems.

  • ipa-deldelegation

    Description: Deletes an existing delegation.

  • ipa-delgroup

    Description: Deletes an existing group.

  • ipa-delservice

    Description: Deletes an existing service principal.

  • ipa-deluser

    Description: Deletes an existing user. Users are automatically removed from groups when they are deleted.

  • ipa-findgroup

    Description: Searches for a group that contains a specified string. The search is a substring search in the name and description attributes.

  • ipa-findservice

    Description: Searches for a service principal that contains a specified string. The search is a substring search in the service principal.

  • ipa-finduser

    Description: Searches for a user that contains a specified string. The search is a substring search in the username, given name, family name, telephone number, organization and title attributes.

  • ipa-getkeytab

    Description: Retrieves a Kerberos keytab and optionally adds a service principal.

  • ipa-listdelegation

    Description: Lists all current delegations.

  • ipa-lockuser

    Description: Locks or unlock a user account.

  • ipa-moddelegation

    Description: Modifies an existing delegation.

  • ipa-modgroup

    Description: Modifies an existing group.

  • ipa-moduser

    Description: Modifies an existing user.

  • ipa-passwd

    Description: Changes a user’s password.

  • ipa-pwpolicy

    Description: View and update the password policy.

  • ipa-replica-install

    Description: Runs the IPA replica installation script.

  • ipa-replica-manage

    Description: Manages (lists, adds, deletes) IPA server replicas.

  • ipa-replica-prepare

    Description: Creates a replica information file for use by ipa-replica-install.

  • ipa-server-certinstall

    Description: Installs a CA certificate for use by IPA.

  • ipa-server-install

    Description: Runs the IPA server installation script.

IPA Services#

  • ipactl

    Description: A wrapper script to start and stop IPA-related services.

  • ipa_kpasswd

    Description: Forwards password change operations to Directory Server.

  • ipa_webgui

    Description: The IPA Web gui service.