Imported Debian patch 4.0.5-6~numeezy

install/tools/man/ipa-adtrust-install.1

@@ -36,36 +36,14 @@ configuration of the local range cannot be changed by running
 ipa\-adtrust\-install a second time because with changes here other objects
 might be affected as well.
 
-.SS "Firewall Requirements"
-In addition to the IPA server firewall requirements, ipa\-adtrust\-install requires
-the following ports to be open to allow IPA and Active Directory to communicate together:
-
-\fBTCP Ports\fR
-.IP
-\(bu 135/tcp EPMAP
-.IP
-\(bu 138/tcp NetBIOS-DGM
-.IP
-\(bu 139/tcp NetBIOS-SSN
-.IP
-\(bu 445/tcp Microsoft-DS
-.IP
-\(bu 1024/tcp through 1300/tcp to allow EPMAP on port 135/tcp to create a TCP listener based
-on an incoming request.
-.TP
-\fBUDP Ports\fR
-.IP
-\(bu 138/udp NetBIOS-DGM
-.IP
-\(bu 139/udp NetBIOS-SSN
-.IP
-\(bu 389/udp LDAP
-
 .SH "OPTIONS"
 .TP
 \fB\-d\fR, \fB\-\-debug\fR
 Enable debug logging when more verbose output is needed
 .TP
+\fB\-\-ip\-address\fR=\fIIP_ADDRESS\fR
+The IP address of the IPA server. If not provided then this is determined based on the hostname of the server.
+.TP
 \fB\-\-netbios\-name\fR=\fINETBIOS_NAME\fR
 The NetBIOS name for the IPA domain. If not provided then this is determined
 based on the leading component of the DNS domain name. Running
@@ -101,7 +79,7 @@ are needed for the IPA domain which should point to all IPA servers:
 \(bu _kerberos._udp.Default-First-Site-Name._sites.dc._msdcs
 .TP
 \fB\-\-add\-sids\fR
-Add SIDs to existing users and groups as on of final steps of the
+Add SIDs to existing users and groups as a final step of the
 ipa\-adtrust\-install run. If there a many existing users and groups and a
 couple of replicas in the environment this operation might lead to a high
 replication traffic and a performance degradation of all IPA servers in the
@@ -110,19 +88,6 @@ ipa\-adtrust\-install is run and scheduled independently. To start this task
 you have to load an edited version of ipa-sidgen-task-run.ldif with the
 ldapmodify command info the directory server.
 .TP
-\fB\-\-add\-agents\fR
-Add IPA masters to the list that allows to serve information about
-users from trusted forests. Starting with FreeIPA 4.2, a regular IPA master
-can provide this information to SSSD clients. IPA masters aren't added
-to the list automatically as restart of the LDAP service on each of them
-is required. The host where ipa\-adtrust\-install is being run is added
-automatically.
-.IP
-Note that IPA masters where ipa\-adtrust\-install wasn't run, can serve
-information about users from trusted forests only if they are enabled
-via \ipa-adtrust\-install run on any other IPA master. At least SSSD
-version 1.13 on IPA master is required to be able to perform as a trust agent.
-.TP
 \fB\-U\fR, \fB\-\-unattended\fR
 An unattended installation that will never prompt for user input
 .TP
@@ -142,7 +107,7 @@ The name of the user with administrative privileges for this IPA server. Default
 \fB\-a\fR, \fB\-\-admin\-password\fR=\fIpassword\fR
 The password of the user with administrative privileges for this IPA server. Will be asked interactively if \fB\-U\fR is not specified.
 .TP
-The credentials of the admin user will be used to obtain Kerberos ticket before configuring cross-realm trusts support and afterwards, to ensure that the ticket contains MS-PAC information required to actually add a trust with Active Directory domain via 'ipa trust\-add \-\-type=ad' command.
+The credentials of the admin user will be used to obtain Kerberos ticket before configuring cross-realm trusts support and afterwards, to ensure that the ticket contains MS-PAC information required to actually add a trust with Active Directory domain via 'ipa trust-add --type=ad' command.
 .TP
 \fB\-\-enable\-compat\fR
 Enables support for trusted domains users for old clients through Schema Compatibility plugin.