Net-FreeIPA/lib/Net/FreeIPA/API/Data.pod
=pod
=head2 Generated API data version v2.230
=over
=cut
=item aci_add
JSON data for API method aci_add
Create new ACI.
=over
=item Required arguments
=over
=item aciname: ACI name (type unicode class Str)
=back
=item Options
=over
=item permission: Permission ACI grants access to (type unicode class Str)
=item group: User group ACI grants access to (type unicode class Str)
=item permissions: Permissions to grant(read, write, add, delete, all) (mandatory arrayref of type unicode class Str)
=item attrs: Attributes (arrayref of type unicode class Str)
=item type: type of IPA object (user, group, host, hostgroup, service, netgroup) (type unicode class StrEnum)
=item memberof: Member of a group (type unicode class Str)
=item filter: Legal LDAP filter (e.g. ou=Engineering) (type unicode class Str)
=item subtree: Subtree to apply ACI to (type unicode class Str)
=item targetgroup: Group to apply ACI to (type unicode class Str)
=item selfaci: Apply ACI to your own entry (self) (type bool class Flag)
=item aciprefix: Prefix used to distinguish ACI types (permission, delegation, selfservice, none) (mandatory type unicode class StrEnum)
=item test: Test the ACI syntax but don't write anything (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item aci_del
JSON data for API method aci_del
Delete ACI.
=over
=item Required arguments
=over
=item aciname: ACI name (type unicode class Str)
=back
=item Options
=over
=item aciprefix: Prefix used to distinguish ACI types (permission, delegation, selfservice, none) (mandatory type unicode class StrEnum)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item aci_find
JSON data for API method aci_find
Search for ACIs.
Returns a list of ACIs
EXAMPLES:
To find all ACIs that apply directly to members of the group ipausers:
ipa aci-find --memberof=ipausers
To find all ACIs that grant add access:
ipa aci-find --permissions=add
Note that the find command only looks for the given text in the set of
ACIs, it does not evaluate the ACIs to see if something would apply.
For example, searching on memberof=ipausers will find all ACIs that
have ipausers as a memberof. There may be other ACIs that apply to
members of that group indirectly.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item aciname: ACI name (type unicode class Str)
=item permission: Permission ACI grants access to (type unicode class Str)
=item group: User group ACI grants access to (type unicode class Str)
=item permissions: Permissions to grant(read, write, add, delete, all) (arrayref of type unicode class Str)
=item attrs: Attributes (arrayref of type unicode class Str)
=item type: type of IPA object (user, group, host, hostgroup, service, netgroup) (type unicode class StrEnum)
=item memberof: Member of a group (type unicode class Str)
=item filter: Legal LDAP filter (e.g. ou=Engineering) (type unicode class Str)
=item subtree: Subtree to apply ACI to (type unicode class Str)
=item targetgroup: Group to apply ACI to (type unicode class Str)
=item selfaci: Apply ACI to your own entry (self) (type bool class Bool)
=item aciprefix: Prefix used to distinguish ACI types (permission, delegation, selfservice, none) (type unicode class StrEnum)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item aci_mod
JSON data for API method aci_mod
Modify ACI.
=over
=item Required arguments
=over
=item aciname: ACI name (type unicode class Str)
=back
=item Options
=over
=item permission: Permission ACI grants access to (type unicode class Str)
=item group: User group ACI grants access to (type unicode class Str)
=item permissions: Permissions to grant(read, write, add, delete, all) (arrayref of type unicode class Str)
=item attrs: Attributes (arrayref of type unicode class Str)
=item type: type of IPA object (user, group, host, hostgroup, service, netgroup) (type unicode class StrEnum)
=item memberof: Member of a group (type unicode class Str)
=item filter: Legal LDAP filter (e.g. ou=Engineering) (type unicode class Str)
=item subtree: Subtree to apply ACI to (type unicode class Str)
=item targetgroup: Group to apply ACI to (type unicode class Str)
=item selfaci: Apply ACI to your own entry (self) (type bool class Flag)
=item aciprefix: Prefix used to distinguish ACI types (permission, delegation, selfservice, none) (mandatory type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item aci_rename
JSON data for API method aci_rename
Rename an ACI.
=over
=item Required arguments
=over
=item aciname: ACI name (type unicode class Str)
=back
=item Options
=over
=item permission: Permission ACI grants access to (type unicode class Str)
=item group: User group ACI grants access to (type unicode class Str)
=item permissions: Permissions to grant(read, write, add, delete, all) (arrayref of type unicode class Str)
=item attrs: Attributes (arrayref of type unicode class Str)
=item type: type of IPA object (user, group, host, hostgroup, service, netgroup) (type unicode class StrEnum)
=item memberof: Member of a group (type unicode class Str)
=item filter: Legal LDAP filter (e.g. ou=Engineering) (type unicode class Str)
=item subtree: Subtree to apply ACI to (type unicode class Str)
=item targetgroup: Group to apply ACI to (type unicode class Str)
=item selfaci: Apply ACI to your own entry (self) (type bool class Flag)
=item aciprefix: Prefix used to distinguish ACI types (permission, delegation, selfservice, none) (mandatory type unicode class StrEnum)
=item newname: New ACI name (mandatory type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item aci_show
JSON data for API method aci_show
Display a single ACI given an ACI name.
=over
=item Required arguments
=over
=item aciname: ACI name (type unicode class Str)
=back
=item Options
=over
=item aciprefix: Prefix used to distinguish ACI types (permission, delegation, selfservice, none) (mandatory type unicode class StrEnum)
=item location: Location of the ACI (type DN class DNParam)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item adtrust_is_enabled
JSON data for API method adtrust_is_enabled
Determine whether ipa-adtrust-install has been run on this system
=over
=item No required arguments
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automember_add
JSON data for API method automember_add
Add an automember rule.
=over
=item Required arguments
=over
=item cn: Automember Rule (type unicode class Str)
=back
=item Options
=over
=item description: A description of this auto member rule (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item type: Grouping to which the rule applies (mandatory type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automember_add_condition
JSON data for API method automember_add_condition
Add conditions to an automember rule.
=over
=item Required arguments
=over
=item cn: Automember Rule (type unicode class Str)
=back
=item Options
=over
=item description: A description of this auto member rule (type unicode class Str)
=item automemberinclusiveregex: Inclusive Regex (arrayref of type unicode class Str)
=item automemberexclusiveregex: Exclusive Regex (arrayref of type unicode class Str)
=item key: Attribute to filter via regex. For example fqdn for a host, or manager for a user (mandatory type unicode class Str)
=item type: Grouping to which the rule applies (mandatory type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automember_default_group_remove
JSON data for API method automember_default_group_remove
Remove default (fallback) group for all unmatched entries.
=over
=item No required arguments
=item Options
=over
=item description: A description of this auto member rule (type unicode class Str)
=item type: Grouping to which the rule applies (mandatory type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automember_default_group_set
JSON data for API method automember_default_group_set
Set default (fallback) group for all unmatched entries.
=over
=item No required arguments
=item Options
=over
=item description: A description of this auto member rule (type unicode class Str)
=item automemberdefaultgroup: Default (fallback) group for entries to land (mandatory type unicode class Str)
=item type: Grouping to which the rule applies (mandatory type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automember_default_group_show
JSON data for API method automember_default_group_show
Display information about the default (fallback) automember groups.
=over
=item No required arguments
=item Options
=over
=item type: Grouping to which the rule applies (mandatory type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automember_del
JSON data for API method automember_del
Delete an automember rule.
=over
=item Required arguments
=over
=item cn: Automember Rule (arrayref of type unicode class Str)
=back
=item Options
=over
=item type: Grouping to which the rule applies (mandatory type unicode class StrEnum)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automember_find
JSON data for API method automember_find
Search for automember rules.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item description: A description of this auto member rule (type unicode class Str)
=item type: Grouping to which the rule applies (mandatory type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("automember-rule") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automember_find_orphans
JSON data for API method automember_find_orphans
Search for orphan automember rules. The command might need to be run as
a privileged user user to get all orphan rules.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item description: A description of this auto member rule (type unicode class Str)
=item type: Grouping to which the rule applies (mandatory type unicode class StrEnum)
=item remove: Remove orphan automember rules (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("automember-rule") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automember_mod
JSON data for API method automember_mod
Modify an automember rule.
=over
=item Required arguments
=over
=item cn: Automember Rule (type unicode class Str)
=back
=item Options
=over
=item description: A description of this auto member rule (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item type: Grouping to which the rule applies (mandatory type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automember_rebuild
JSON data for API method automember_rebuild
Rebuild auto membership.
=over
=item No required arguments
=item Options
=over
=item type: Grouping to which the rule applies (type unicode class StrEnum)
=item users: Rebuild membership for specified users (arrayref of type unicode class Str)
=item hosts: Rebuild membership for specified hosts (arrayref of type unicode class Str)
=item no_wait: Don't wait for rebuilding membership (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automember_remove_condition
JSON data for API method automember_remove_condition
Remove conditions from an automember rule.
=over
=item Required arguments
=over
=item cn: Automember Rule (type unicode class Str)
=back
=item Options
=over
=item description: A description of this auto member rule (type unicode class Str)
=item automemberinclusiveregex: Inclusive Regex (arrayref of type unicode class Str)
=item automemberexclusiveregex: Exclusive Regex (arrayref of type unicode class Str)
=item key: Attribute to filter via regex. For example fqdn for a host, or manager for a user (mandatory type unicode class Str)
=item type: Grouping to which the rule applies (mandatory type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automember_show
JSON data for API method automember_show
Display information about an automember rule.
=over
=item Required arguments
=over
=item cn: Automember Rule (type unicode class Str)
=back
=item Options
=over
=item type: Grouping to which the rule applies (mandatory type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountkey_add
JSON data for API method automountkey_add
Create a new automount key.
=over
=item Required arguments
=over
=item automountlocationcn: Automount location name. (type unicode class Str)
=item automountmapautomountmapname: Automount map name. (type unicode class IA5Str)
=back
=item Options
=over
=item automountkey: Automount key name. (mandatory type unicode class IA5Str)
=item automountinformation: Mount information (mandatory type unicode class IA5Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountkey_del
JSON data for API method automountkey_del
Delete an automount key.
=over
=item Required arguments
=over
=item automountlocationcn: Automount location name. (type unicode class Str)
=item automountmapautomountmapname: Automount map name. (type unicode class IA5Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item automountkey: Automount key name. (mandatory type unicode class IA5Str)
=item automountinformation: Mount information (type unicode class IA5Str)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountkey_find
JSON data for API method automountkey_find
Search for an automount key.
=over
=item Required arguments
=over
=item automountlocationcn: Automount location name. (type unicode class Str)
=item automountmapautomountmapname: Automount map name. (type unicode class IA5Str)
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item automountkey: Automount key name. (type unicode class IA5Str)
=item automountinformation: Mount information (type unicode class IA5Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountkey_mod
JSON data for API method automountkey_mod
Modify an automount key.
=over
=item Required arguments
=over
=item automountlocationcn: Automount location name. (type unicode class Str)
=item automountmapautomountmapname: Automount map name. (type unicode class IA5Str)
=back
=item Options
=over
=item automountkey: Automount key name. (mandatory type unicode class IA5Str)
=item automountinformation: Mount information (type unicode class IA5Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item newautomountinformation: New mount information (type unicode class IA5Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item rename: Rename the automount key object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountkey_show
JSON data for API method automountkey_show
Display an automount key.
=over
=item Required arguments
=over
=item automountlocationcn: Automount location name. (type unicode class Str)
=item automountmapautomountmapname: Automount map name. (type unicode class IA5Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item automountkey: Automount key name. (mandatory type unicode class IA5Str)
=item automountinformation: Mount information (type unicode class IA5Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountlocation_add
JSON data for API method automountlocation_add
Create a new automount location.
=over
=item Required arguments
=over
=item cn: Automount location name. (type unicode class Str)
=back
=item Options
=over
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountlocation_del
JSON data for API method automountlocation_del
Delete an automount location.
=over
=item Required arguments
=over
=item cn: Automount location name. (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountlocation_find
JSON data for API method automountlocation_find
Search for an automount location.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Automount location name. (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("location") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountlocation_show
JSON data for API method automountlocation_show
Display an automount location.
=over
=item Required arguments
=over
=item cn: Automount location name. (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountlocation_tofiles
JSON data for API method automountlocation_tofiles
Generate automount files for a specific location.
=over
=item Required arguments
=over
=item cn: Automount location name. (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountmap_add
JSON data for API method automountmap_add
Create a new automount map.
=over
=item Required arguments
=over
=item automountlocationcn: Automount location name. (type unicode class Str)
=item automountmapname: Automount map name. (type unicode class IA5Str)
=back
=item Options
=over
=item description: Description (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountmap_add_indirect
JSON data for API method automountmap_add_indirect
Create a new indirect mount point.
=over
=item Required arguments
=over
=item automountlocationcn: Automount location name. (type unicode class Str)
=item automountmapname: Automount map name. (type unicode class IA5Str)
=back
=item Options
=over
=item description: Description (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item key: Mount point (mandatory type unicode class Str)
=item parentmap: Name of parent automount map (default: auto.master). (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountmap_del
JSON data for API method automountmap_del
Delete an automount map.
=over
=item Required arguments
=over
=item automountlocationcn: Automount location name. (type unicode class Str)
=item automountmapname: Automount map name. (arrayref of type unicode class IA5Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountmap_find
JSON data for API method automountmap_find
Search for an automount map.
=over
=item Required arguments
=over
=item automountlocationcn: Automount location name. (type unicode class Str)
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item automountmapname: Automount map name. (type unicode class IA5Str)
=item description: Description (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("map") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountmap_mod
JSON data for API method automountmap_mod
Modify an automount map.
=over
=item Required arguments
=over
=item automountlocationcn: Automount location name. (type unicode class Str)
=item automountmapname: Automount map name. (type unicode class IA5Str)
=back
=item Options
=over
=item description: Description (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item automountmap_show
JSON data for API method automountmap_show
Display an automount map.
=over
=item Required arguments
=over
=item automountlocationcn: Automount location name. (type unicode class Str)
=item automountmapname: Automount map name. (type unicode class IA5Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item batch
JSON data for API method batch
=over
=item Required arguments
=over
=item methods: Nested Methods to execute (arrayref of type dict class Dict)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item ca_add
JSON data for API method ca_add
Create a CA.
=over
=item Required arguments
=over
=item cn: Name for referencing the CA (type unicode class Str)
=back
=item Options
=over
=item description: Description of the purpose of the CA (type unicode class Str)
=item ipacasubjectdn: Subject Distinguished Name (mandatory type DN class DNParam)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item chain: Include certificate chain in output (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item ca_del
JSON data for API method ca_del
Delete a CA.
=over
=item Required arguments
=over
=item cn: Name for referencing the CA (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item ca_disable
JSON data for API method ca_disable
Disable a CA.
=over
=item Required arguments
=over
=item cn: Name for referencing the CA (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item ca_enable
JSON data for API method ca_enable
Enable a CA.
=over
=item Required arguments
=over
=item cn: Name for referencing the CA (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item ca_find
JSON data for API method ca_find
Search for CAs.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Name for referencing the CA (type unicode class Str)
=item description: Description of the purpose of the CA (type unicode class Str)
=item ipacaid: Dogtag Authority ID (type unicode class Str)
=item ipacasubjectdn: Subject Distinguished Name (type DN class DNParam)
=item ipacaissuerdn: Issuer Distinguished Name (type DN class DNParam)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item ca_is_enabled
JSON data for API method ca_is_enabled
Checks if any of the servers has the CA service enabled.
=over
=item No required arguments
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item ca_mod
JSON data for API method ca_mod
Modify CA configuration.
=over
=item Required arguments
=over
=item cn: Name for referencing the CA (type unicode class Str)
=back
=item Options
=over
=item description: Description of the purpose of the CA (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item rename: Rename the Certificate Authority object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item ca_show
JSON data for API method ca_show
Display the properties of a CA.
=over
=item Required arguments
=over
=item cn: Name for referencing the CA (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item chain: Include certificate chain in output (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_add
JSON data for API method caacl_add
Create a new CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item description: Description (type unicode class Str)
=item ipaenabledflag: Enabled (type bool class Bool)
=item ipacacategory: CA category the ACL applies to (type unicode class StrEnum)
=item ipacertprofilecategory: Profile category the ACL applies to (type unicode class StrEnum)
=item usercategory: User category the ACL applies to (type unicode class StrEnum)
=item hostcategory: Host category the ACL applies to (type unicode class StrEnum)
=item servicecategory: Service category the ACL applies to (type unicode class StrEnum)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_add_ca
JSON data for API method caacl_add_ca
Add CAs to a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item ca: Certificate Authorities to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_add_host
JSON data for API method caacl_add_host
Add target hosts and hostgroups to a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to add (arrayref of type unicode class Str)
=item hostgroup: host groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_add_profile
JSON data for API method caacl_add_profile
Add profiles to a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item certprofile: Certificate Profiles to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_add_service
JSON data for API method caacl_add_service
Add services to a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item service: services to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_add_user
JSON data for API method caacl_add_user
Add users and groups to a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_del
JSON data for API method caacl_del
Delete a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_disable
JSON data for API method caacl_disable
Disable a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_enable
JSON data for API method caacl_enable
Enable a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_find
JSON data for API method caacl_find
Search for CA ACLs.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: ACL name (type unicode class Str)
=item description: Description (type unicode class Str)
=item ipaenabledflag: Enabled (type bool class Bool)
=item ipacacategory: CA category the ACL applies to (type unicode class StrEnum)
=item ipacertprofilecategory: Profile category the ACL applies to (type unicode class StrEnum)
=item usercategory: User category the ACL applies to (type unicode class StrEnum)
=item hostcategory: Host category the ACL applies to (type unicode class StrEnum)
=item servicecategory: Service category the ACL applies to (type unicode class StrEnum)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_mod
JSON data for API method caacl_mod
Modify a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item description: Description (type unicode class Str)
=item ipaenabledflag: Enabled (type bool class Bool)
=item ipacacategory: CA category the ACL applies to (type unicode class StrEnum)
=item ipacertprofilecategory: Profile category the ACL applies to (type unicode class StrEnum)
=item usercategory: User category the ACL applies to (type unicode class StrEnum)
=item hostcategory: Host category the ACL applies to (type unicode class StrEnum)
=item servicecategory: Service category the ACL applies to (type unicode class StrEnum)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_remove_ca
JSON data for API method caacl_remove_ca
Remove CAs from a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item ca: Certificate Authorities to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_remove_host
JSON data for API method caacl_remove_host
Remove target hosts and hostgroups from a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to remove (arrayref of type unicode class Str)
=item hostgroup: host groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_remove_profile
JSON data for API method caacl_remove_profile
Remove profiles from a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item certprofile: Certificate Profiles to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_remove_service
JSON data for API method caacl_remove_service
Remove services from a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item service: services to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_remove_user
JSON data for API method caacl_remove_user
Remove users and groups from a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item caacl_show
JSON data for API method caacl_show
Display the properties of a CA ACL.
=over
=item Required arguments
=over
=item cn: ACL name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item cert_find
JSON data for API method cert_find
Search for existing certificates.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item certificate: Base-64 encoded certificate. (type Certificate class Certificate)
=item issuer: Issuer DN (type DN class DNParam)
=item revocation_reason: Reason for revoking the certificate (0-10). Type "ipa help cert" for revocation reason details. (type int class Int)
=item cacn: Name of issuing CA (type unicode class Str)
=item subject: Subject (type unicode class Str)
=item min_serial_number: minimum serial number (type int class Int)
=item max_serial_number: maximum serial number (type int class Int)
=item exactly: match the common name exactly (type bool class Flag)
=item validnotafter_from: Valid not after from this date (YYYY-mm-dd) (type datetime class DateTime)
=item validnotafter_to: Valid not after to this date (YYYY-mm-dd) (type datetime class DateTime)
=item validnotbefore_from: Valid not before from this date (YYYY-mm-dd) (type datetime class DateTime)
=item validnotbefore_to: Valid not before to this date (YYYY-mm-dd) (type datetime class DateTime)
=item issuedon_from: Issued on from this date (YYYY-mm-dd) (type datetime class DateTime)
=item issuedon_to: Issued on to this date (YYYY-mm-dd) (type datetime class DateTime)
=item revokedon_from: Revoked on from this date (YYYY-mm-dd) (type datetime class DateTime)
=item revokedon_to: Revoked on to this date (YYYY-mm-dd) (type datetime class DateTime)
=item pkey_only: Results should contain primary key attribute only ("certificate") (type bool class Flag)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: Search for certificates with these owner users. (arrayref of type unicode class Str)
=item no_user: Search for certificates without these owner users. (arrayref of type unicode class Str)
=item host: Search for certificates with these owner hosts. (arrayref of type unicode class Str)
=item no_host: Search for certificates without these owner hosts. (arrayref of type unicode class Str)
=item service: Search for certificates with these owner services. (arrayref of type Principal class Principal)
=item no_service: Search for certificates without these owner services. (arrayref of type Principal class Principal)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item cert_remove_hold
JSON data for API method cert_remove_hold
Take a revoked certificate off hold.
=over
=item Required arguments
=over
=item serial_number: Serial number in decimal or if prefixed with 0x in hexadecimal (type int class Int)
=back
=item Options
=over
=item cacn: Name of issuing CA (type unicode class Str)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item cert_request
JSON data for API method cert_request
Submit a certificate signing request.
=over
=item Required arguments
=over
=item csr: CSR (type CertificateSigningRequest class CertificateSigningRequest)
=back
=item Options
=over
=item request_type: <request_type> (type unicode class Str)
=item profile_id: Certificate Profile to use (type unicode class Str)
=item cacn: Name of issuing CA (type unicode class Str)
=item principal: Principal for this certificate (e.g. HTTP/test.example.com) (mandatory type Principal class Principal)
=item add: automatically add the principal if it doesn't exist (service principals only) (type bool class Flag)
=item chain: Include certificate chain in output (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item cert_revoke
JSON data for API method cert_revoke
Revoke a certificate.
=over
=item Required arguments
=over
=item serial_number: Serial number in decimal or if prefixed with 0x in hexadecimal (type int class Int)
=back
=item Options
=over
=item revocation_reason: Reason for revoking the certificate (0-10). Type "ipa help cert" for revocation reason details. (type int class Int)
=item cacn: Name of issuing CA (type unicode class Str)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item cert_show
JSON data for API method cert_show
Retrieve an existing certificate.
=over
=item Required arguments
=over
=item serial_number: Serial number in decimal or if prefixed with 0x in hexadecimal (type int class Int)
=back
=item Options
=over
=item cacn: Name of issuing CA (type unicode class Str)
=item out: File to store the certificate in. (type unicode class Str)
=item chain: Include certificate chain in output (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item cert_status
JSON data for API method cert_status
Check the status of a certificate signing request.
=over
=item Required arguments
=over
=item request_id: Request id (type int class Int)
=back
=item Options
=over
=item cacn: Name of issuing CA (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certmap_match
JSON data for API method certmap_match
Search for users matching the provided certificate.
This command relies on SSSD to retrieve the list of matching users and
may return cached data. For more information on purging SSSD cache,
please refer to sss_cache documentation.
=over
=item Required arguments
=over
=item certificate: Base-64 encoded user certificate (type Certificate class Certificate)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certmapconfig_mod
JSON data for API method certmapconfig_mod
Modify Certificate Identity Mapping configuration.
=over
=item No required arguments
=item Options
=over
=item ipacertmappromptusername: Prompt for the username when multiple identities are mapped to a certificate (type bool class Bool)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certmapconfig_show
JSON data for API method certmapconfig_show
Show the current Certificate Identity Mapping configuration.
=over
=item No required arguments
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certmaprule_add
JSON data for API method certmaprule_add
Create a new Certificate Identity Mapping Rule.
=over
=item Required arguments
=over
=item cn: Certificate Identity Mapping Rule name (type unicode class Str)
=back
=item Options
=over
=item description: Certificate Identity Mapping Rule description (type unicode class Str)
=item ipacertmapmaprule: Rule used to map the certificate with a user entry (type unicode class Str)
=item ipacertmapmatchrule: Rule used to check if a certificate can be used for authentication (type unicode class Str)
=item associateddomain: Domain where the user entry will be searched (arrayref of type DNSName class DNSNameParam)
=item ipacertmappriority: Priority of the rule (higher number means lower priority (type int class Int)
=item ipaenabledflag: Enabled (type bool class Flag)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certmaprule_del
JSON data for API method certmaprule_del
Delete a Certificate Identity Mapping Rule.
=over
=item Required arguments
=over
=item cn: Certificate Identity Mapping Rule name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certmaprule_disable
JSON data for API method certmaprule_disable
Disable a Certificate Identity Mapping Rule.
=over
=item Required arguments
=over
=item cn: Certificate Identity Mapping Rule name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certmaprule_enable
JSON data for API method certmaprule_enable
Enable a Certificate Identity Mapping Rule.
=over
=item Required arguments
=over
=item cn: Certificate Identity Mapping Rule name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certmaprule_find
JSON data for API method certmaprule_find
Search for Certificate Identity Mapping Rules.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Certificate Identity Mapping Rule name (type unicode class Str)
=item description: Certificate Identity Mapping Rule description (type unicode class Str)
=item ipacertmapmaprule: Rule used to map the certificate with a user entry (type unicode class Str)
=item ipacertmapmatchrule: Rule used to check if a certificate can be used for authentication (type unicode class Str)
=item associateddomain: Domain where the user entry will be searched (arrayref of type DNSName class DNSNameParam)
=item ipacertmappriority: Priority of the rule (higher number means lower priority (type int class Int)
=item ipaenabledflag: Enabled (type bool class Bool)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("rulename") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certmaprule_mod
JSON data for API method certmaprule_mod
Modify a Certificate Identity Mapping Rule.
=over
=item Required arguments
=over
=item cn: Certificate Identity Mapping Rule name (type unicode class Str)
=back
=item Options
=over
=item description: Certificate Identity Mapping Rule description (type unicode class Str)
=item ipacertmapmaprule: Rule used to map the certificate with a user entry (type unicode class Str)
=item ipacertmapmatchrule: Rule used to check if a certificate can be used for authentication (type unicode class Str)
=item associateddomain: Domain where the user entry will be searched (arrayref of type DNSName class DNSNameParam)
=item ipacertmappriority: Priority of the rule (higher number means lower priority (type int class Int)
=item ipaenabledflag: Enabled (type bool class Flag)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certmaprule_show
JSON data for API method certmaprule_show
Display information about a Certificate Identity Mapping Rule.
=over
=item Required arguments
=over
=item cn: Certificate Identity Mapping Rule name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certprofile_del
JSON data for API method certprofile_del
Delete a Certificate Profile.
=over
=item Required arguments
=over
=item cn: Profile ID for referring to this profile (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certprofile_find
JSON data for API method certprofile_find
Search for Certificate Profiles.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Profile ID for referring to this profile (type unicode class Str)
=item description: Brief description of this profile (type unicode class Str)
=item ipacertprofilestoreissued: Whether to store certs issued using this profile (type bool class Bool)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("id") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certprofile_import
JSON data for API method certprofile_import
Import a Certificate Profile.
=over
=item Required arguments
=over
=item cn: Profile ID for referring to this profile (type unicode class Str)
=back
=item Options
=over
=item description: Brief description of this profile (mandatory type unicode class Str)
=item ipacertprofilestoreissued: Whether to store certs issued using this profile (mandatory type bool class Bool)
=item file: Filename of a raw profile. The XML format is not supported. (mandatory type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certprofile_mod
JSON data for API method certprofile_mod
Modify Certificate Profile configuration.
=over
=item Required arguments
=over
=item cn: Profile ID for referring to this profile (type unicode class Str)
=back
=item Options
=over
=item description: Brief description of this profile (type unicode class Str)
=item ipacertprofilestoreissued: Whether to store certs issued using this profile (type bool class Bool)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item file: File containing profile configuration (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item certprofile_show
JSON data for API method certprofile_show
Display the properties of a Certificate Profile.
=over
=item Required arguments
=over
=item cn: Profile ID for referring to this profile (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item out: Write profile configuration to file (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item class_find
JSON data for API method class_find
Search for classes.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item class_show
JSON data for API method class_show
Display information about a class.
=over
=item Required arguments
=over
=item full_name: Full name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item command_defaults
JSON data for API method command_defaults
=over
=item Required arguments
=over
=item full_name: Full name (type unicode class Str)
=back
=item Options
=over
=item params: <params> (arrayref of type unicode class Str)
=item kw: <kw> (type dict class Dict)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item command_find
JSON data for API method command_find
Search for commands.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item command_show
JSON data for API method command_show
Display information about a command.
=over
=item Required arguments
=over
=item full_name: Full name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item compat_is_enabled
JSON data for API method compat_is_enabled
Determine whether Schema Compatibility plugin is configured to serve trusted domain users and groups
=over
=item No required arguments
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item config_mod
JSON data for API method config_mod
Modify configuration options.
=over
=item No required arguments
=item Options
=over
=item ipamaxusernamelength: Maximum username length (type int class Int)
=item ipahomesrootdir: Default location of home directories (type unicode class IA5Str)
=item ipadefaultloginshell: Default shell for new users (type unicode class Str)
=item ipadefaultprimarygroup: Default group for new users (type unicode class Str)
=item ipadefaultemaildomain: Default e-mail domain (type unicode class Str)
=item ipasearchtimelimit: Maximum amount of time (seconds) for a search (-1 or 0 is unlimited) (type int class Int)
=item ipasearchrecordslimit: Maximum number of records to search (-1 or 0 is unlimited) (type int class Int)
=item ipausersearchfields: A comma-separated list of fields to search in when searching for users (type unicode class IA5Str)
=item ipagroupsearchfields: A comma-separated list of fields to search in when searching for groups (type unicode class IA5Str)
=item ipamigrationenabled: Enable migration mode (type bool class Bool)
=item ipagroupobjectclasses: Default group objectclasses (comma-separated list) (arrayref of type unicode class Str)
=item ipauserobjectclasses: Default user objectclasses (comma-separated list) (arrayref of type unicode class Str)
=item ipapwdexpadvnotify: Number of days's notice of impending password expiration (type int class Int)
=item ipaconfigstring: Extra hashes to generate in password plug-in (arrayref of type unicode class StrEnum)
=item ipaselinuxusermaporder: Order in increasing priority of SELinux users, delimited by $ (type unicode class Str)
=item ipaselinuxusermapdefault: Default SELinux user when no match is found in SELinux map rule (type unicode class Str)
=item ipakrbauthzdata: Default types of PAC supported for services (arrayref of type unicode class StrEnum)
=item ipauserauthtype: Default types of supported user authentication (arrayref of type unicode class StrEnum)
=item ca_renewal_master_server: Renewal master for IPA certificate authority (type unicode class Str)
=item ipadomainresolutionorder: colon-separated list of domains used for short name qualification (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item config_show
JSON data for API method config_show
Show the current configuration.
=over
=item No required arguments
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item cosentry_add
JSON data for API method cosentry_add
=over
=item Required arguments
=over
=item cn: <cn> (type unicode class Str)
=back
=item Options
=over
=item krbpwdpolicyreference: <krbpwdpolicyreference> (mandatory type DN class DNParam)
=item cospriority: <cospriority> (mandatory type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item cosentry_del
JSON data for API method cosentry_del
=over
=item Required arguments
=over
=item cn: <cn> (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item cosentry_find
JSON data for API method cosentry_find
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: <cn> (type unicode class Str)
=item krbpwdpolicyreference: <krbpwdpolicyreference> (type DN class DNParam)
=item cospriority: <cospriority> (type int class Int)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("cn") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item cosentry_mod
JSON data for API method cosentry_mod
=over
=item Required arguments
=over
=item cn: <cn> (type unicode class Str)
=back
=item Options
=over
=item krbpwdpolicyreference: <krbpwdpolicyreference> (type DN class DNParam)
=item cospriority: <cospriority> (type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item cosentry_show
JSON data for API method cosentry_show
=over
=item Required arguments
=over
=item cn: <cn> (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item delegation_add
JSON data for API method delegation_add
Add a new delegation.
=over
=item Required arguments
=over
=item aciname: Delegation name (type unicode class Str)
=back
=item Options
=over
=item permissions: Permissions to grant (read, write). Default is write. (arrayref of type unicode class Str)
=item attrs: Attributes to which the delegation applies (mandatory arrayref of type unicode class Str)
=item memberof: User group to apply delegation to (mandatory type unicode class Str)
=item group: User group ACI grants access to (mandatory type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item delegation_del
JSON data for API method delegation_del
Delete a delegation.
=over
=item Required arguments
=over
=item aciname: Delegation name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item delegation_find
JSON data for API method delegation_find
Search for delegations.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item aciname: Delegation name (type unicode class Str)
=item permissions: Permissions to grant (read, write). Default is write. (arrayref of type unicode class Str)
=item attrs: Attributes to which the delegation applies (arrayref of type unicode class Str)
=item memberof: User group to apply delegation to (type unicode class Str)
=item group: User group ACI grants access to (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item delegation_mod
JSON data for API method delegation_mod
Modify a delegation.
=over
=item Required arguments
=over
=item aciname: Delegation name (type unicode class Str)
=back
=item Options
=over
=item permissions: Permissions to grant (read, write). Default is write. (arrayref of type unicode class Str)
=item attrs: Attributes to which the delegation applies (arrayref of type unicode class Str)
=item memberof: User group to apply delegation to (type unicode class Str)
=item group: User group ACI grants access to (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item delegation_show
JSON data for API method delegation_show
Display information about a delegation.
=over
=item Required arguments
=over
=item aciname: Delegation name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dns_is_enabled
JSON data for API method dns_is_enabled
Checks if any of the servers has the DNS service enabled.
=over
=item No required arguments
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dns_resolve
JSON data for API method dns_resolve
Resolve a host name in DNS. (Deprecated)
=over
=item Required arguments
=over
=item hostname: Hostname (FQDN) (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dns_update_system_records
JSON data for API method dns_update_system_records
Update location and IPA server DNS records
=over
=item No required arguments
=item Options
=over
=item dry_run: Do not update records only return expected records (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsconfig_mod
JSON data for API method dnsconfig_mod
Modify global DNS configuration.
=over
=item No required arguments
=item Options
=over
=item idnsforwarders: Global forwarders. A custom port can be specified for each forwarder using a standard format "IP_ADDRESS port PORT" (arrayref of type unicode class Str)
=item idnsforwardpolicy: Global forwarding policy. Set to "none" to disable any configured global forwarders. (type unicode class StrEnum)
=item idnsallowsyncptr: Allow synchronization of forward (A, AAAA) and reverse (PTR) records (type bool class Bool)
=item idnszonerefresh: An interval between regular polls of the name server for new DNS zones (type int class Int)
=item ipadnsversion: IPA DNS version (type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsconfig_show
JSON data for API method dnsconfig_show
Show the current global DNS configuration.
=over
=item No required arguments
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsforwardzone_add
JSON data for API method dnsforwardzone_add
Create new DNS forward zone.
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item name_from_ip: IP network to create reverse zone name from (type unicode class Str)
=item idnsforwarders: Per-zone forwarders. A custom port can be specified for each forwarder using a standard format "IP_ADDRESS port PORT" (arrayref of type unicode class Str)
=item idnsforwardpolicy: Per-zone conditional forwarding policy. Set to "none" to disable forwarding to global forwarder for this zone. In that case, conditional zone forwarders are disregarded. (type unicode class StrEnum)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item skip_overlap_check: Force DNS zone creation even if it will overlap with an existing zone. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsforwardzone_add_permission
JSON data for API method dnsforwardzone_add_permission
Add a permission for per-forward zone access delegation.
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsforwardzone_del
JSON data for API method dnsforwardzone_del
Delete DNS forward zone.
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (arrayref of type DNSName class DNSNameParam)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsforwardzone_disable
JSON data for API method dnsforwardzone_disable
Disable DNS Forward Zone.
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsforwardzone_enable
JSON data for API method dnsforwardzone_enable
Enable DNS Forward Zone.
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsforwardzone_find
JSON data for API method dnsforwardzone_find
Search for DNS forward zones.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=item name_from_ip: IP network to create reverse zone name from (type unicode class Str)
=item idnszoneactive: Is zone active? (type bool class Bool)
=item idnsforwarders: Per-zone forwarders. A custom port can be specified for each forwarder using a standard format "IP_ADDRESS port PORT" (arrayref of type unicode class Str)
=item idnsforwardpolicy: Per-zone conditional forwarding policy. Set to "none" to disable forwarding to global forwarder for this zone. In that case, conditional zone forwarders are disregarded. (type unicode class StrEnum)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsforwardzone_mod
JSON data for API method dnsforwardzone_mod
Modify DNS forward zone.
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item name_from_ip: IP network to create reverse zone name from (type unicode class Str)
=item idnsforwarders: Per-zone forwarders. A custom port can be specified for each forwarder using a standard format "IP_ADDRESS port PORT" (arrayref of type unicode class Str)
=item idnsforwardpolicy: Per-zone conditional forwarding policy. Set to "none" to disable forwarding to global forwarder for this zone. In that case, conditional zone forwarders are disregarded. (type unicode class StrEnum)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsforwardzone_remove_permission
JSON data for API method dnsforwardzone_remove_permission
Remove a permission for per-forward zone access delegation.
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsforwardzone_show
JSON data for API method dnsforwardzone_show
Display information about a DNS forward zone.
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsrecord_add
JSON data for API method dnsrecord_add
Add new DNS resource record.
=over
=item Required arguments
=over
=item dnszoneidnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=item idnsname: Record name (type DNSName class DNSNameParam)
=back
=item Options
=over
=item dnsttl: Time to live (type int class Int)
=item dnsclass: <dnsclass> (type unicode class StrEnum)
=item arecord: Raw A records (arrayref of type unicode class ARecord)
=item a_part_ip_address: A IP Address (type unicode class Str)
=item a_extra_create_reverse: Create reverse record for this IP Address (type bool class Flag)
=item aaaarecord: Raw AAAA records (arrayref of type unicode class AAAARecord)
=item aaaa_part_ip_address: AAAA IP Address (type unicode class Str)
=item aaaa_extra_create_reverse: Create reverse record for this IP Address (type bool class Flag)
=item a6record: Raw A6 records (arrayref of type unicode class A6Record)
=item a6_part_data: A6 Record data (type unicode class Str)
=item afsdbrecord: Raw AFSDB records (arrayref of type unicode class AFSDBRecord)
=item afsdb_part_subtype: AFSDB Subtype (type int class Int)
=item afsdb_part_hostname: AFSDB Hostname (type DNSName class DNSNameParam)
=item aplrecord: Raw APL records (arrayref of type unicode class APLRecord)
=item certrecord: Raw CERT records (arrayref of type unicode class CERTRecord)
=item cert_part_type: CERT Certificate Type (type int class Int)
=item cert_part_key_tag: CERT Key Tag (type int class Int)
=item cert_part_algorithm: CERT Algorithm (type int class Int)
=item cert_part_certificate_or_crl: CERT Certificate/CRL (type unicode class Str)
=item cnamerecord: Raw CNAME records (arrayref of type unicode class CNAMERecord)
=item cname_part_hostname: A hostname which this alias hostname points to (type DNSName class DNSNameParam)
=item dhcidrecord: Raw DHCID records (arrayref of type unicode class DHCIDRecord)
=item dlvrecord: Raw DLV records (arrayref of type unicode class DLVRecord)
=item dlv_part_key_tag: DLV Key Tag (type int class Int)
=item dlv_part_algorithm: DLV Algorithm (type int class Int)
=item dlv_part_digest_type: DLV Digest Type (type int class Int)
=item dlv_part_digest: DLV Digest (type unicode class Str)
=item dnamerecord: Raw DNAME records (arrayref of type unicode class DNAMERecord)
=item dname_part_target: DNAME Target (type DNSName class DNSNameParam)
=item dsrecord: Raw DS records (arrayref of type unicode class DSRecord)
=item ds_part_key_tag: DS Key Tag (type int class Int)
=item ds_part_algorithm: DS Algorithm (type int class Int)
=item ds_part_digest_type: DS Digest Type (type int class Int)
=item ds_part_digest: DS Digest (type unicode class Str)
=item hiprecord: Raw HIP records (arrayref of type unicode class HIPRecord)
=item ipseckeyrecord: Raw IPSECKEY records (arrayref of type unicode class IPSECKEYRecord)
=item keyrecord: Raw KEY records (arrayref of type unicode class KEYRecord)
=item kxrecord: Raw KX records (arrayref of type unicode class KXRecord)
=item kx_part_preference: Preference given to this exchanger. Lower values are more preferred (type int class Int)
=item kx_part_exchanger: A host willing to act as a key exchanger (type DNSName class DNSNameParam)
=item locrecord: Raw LOC records (arrayref of type unicode class LOCRecord)
=item loc_part_lat_deg: LOC Degrees Latitude (type int class Int)
=item loc_part_lat_min: LOC Minutes Latitude (type int class Int)
=item loc_part_lat_sec: LOC Seconds Latitude (type Decimal class Decimal)
=item loc_part_lat_dir: LOC Direction Latitude (type unicode class StrEnum)
=item loc_part_lon_deg: LOC Degrees Longitude (type int class Int)
=item loc_part_lon_min: LOC Minutes Longitude (type int class Int)
=item loc_part_lon_sec: LOC Seconds Longitude (type Decimal class Decimal)
=item loc_part_lon_dir: LOC Direction Longitude (type unicode class StrEnum)
=item loc_part_altitude: LOC Altitude (type Decimal class Decimal)
=item loc_part_size: LOC Size (type Decimal class Decimal)
=item loc_part_h_precision: LOC Horizontal Precision (type Decimal class Decimal)
=item loc_part_v_precision: LOC Vertical Precision (type Decimal class Decimal)
=item mxrecord: Raw MX records (arrayref of type unicode class MXRecord)
=item mx_part_preference: Preference given to this exchanger. Lower values are more preferred (type int class Int)
=item mx_part_exchanger: A host willing to act as a mail exchanger (type DNSName class DNSNameParam)
=item naptrrecord: Raw NAPTR records (arrayref of type unicode class NAPTRRecord)
=item naptr_part_order: NAPTR Order (type int class Int)
=item naptr_part_preference: NAPTR Preference (type int class Int)
=item naptr_part_flags: NAPTR Flags (type unicode class Str)
=item naptr_part_service: NAPTR Service (type unicode class Str)
=item naptr_part_regexp: NAPTR Regular Expression (type unicode class Str)
=item naptr_part_replacement: NAPTR Replacement (type unicode class Str)
=item nsrecord: Raw NS records (arrayref of type unicode class NSRecord)
=item ns_part_hostname: NS Hostname (type DNSName class DNSNameParam)
=item nsecrecord: Raw NSEC records (arrayref of type unicode class NSECRecord)
=item ptrrecord: Raw PTR records (arrayref of type unicode class PTRRecord)
=item ptr_part_hostname: The hostname this reverse record points to (type DNSName class DNSNameParam)
=item rrsigrecord: Raw RRSIG records (arrayref of type unicode class RRSIGRecord)
=item rprecord: Raw RP records (arrayref of type unicode class RPRecord)
=item sigrecord: Raw SIG records (arrayref of type unicode class SIGRecord)
=item spfrecord: Raw SPF records (arrayref of type unicode class SPFRecord)
=item srvrecord: Raw SRV records (arrayref of type unicode class SRVRecord)
=item srv_part_priority: Lower number means higher priority. Clients will attempt to contact the server with the lowest-numbered priority they can reach. (type int class Int)
=item srv_part_weight: Relative weight for entries with the same priority. (type int class Int)
=item srv_part_port: SRV Port (type int class Int)
=item srv_part_target: The domain name of the target host or '.' if the service is decidedly not available at this domain (type DNSName class DNSNameParam)
=item sshfprecord: Raw SSHFP records (arrayref of type unicode class SSHFPRecord)
=item sshfp_part_algorithm: SSHFP Algorithm (type int class Int)
=item sshfp_part_fp_type: SSHFP Fingerprint Type (type int class Int)
=item sshfp_part_fingerprint: SSHFP Fingerprint (type unicode class Str)
=item tlsarecord: Raw TLSA records (arrayref of type unicode class TLSARecord)
=item tlsa_part_cert_usage: TLSA Certificate Usage (type int class Int)
=item tlsa_part_selector: TLSA Selector (type int class Int)
=item tlsa_part_matching_type: TLSA Matching Type (type int class Int)
=item tlsa_part_cert_association_data: TLSA Certificate Association Data (type unicode class Str)
=item txtrecord: Raw TXT records (arrayref of type unicode class TXTRecord)
=item txt_part_data: TXT Text Data (type unicode class Str)
=item urirecord: Raw URI records (arrayref of type unicode class URIRecord)
=item uri_part_priority: Lower number means higher priority. Clients will attempt to contact the URI with the lowest-numbered priority they can reach. (type int class Int)
=item uri_part_weight: Relative weight for entries with the same priority. (type int class Int)
=item uri_part_target: Target Uniform Resource Identifier according to RFC 3986 (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item force: force NS record creation even if its hostname is not in DNS (type bool class Flag)
=item structured: Parse all raw DNS records and return them in a structured way (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsrecord_del
JSON data for API method dnsrecord_del
Delete DNS resource record.
=over
=item Required arguments
=over
=item dnszoneidnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=item idnsname: Record name (type DNSName class DNSNameParam)
=back
=item Options
=over
=item dnsttl: Time to live (type int class Int)
=item dnsclass: <dnsclass> (type unicode class StrEnum)
=item arecord: Raw A records (arrayref of type unicode class ARecord)
=item aaaarecord: Raw AAAA records (arrayref of type unicode class AAAARecord)
=item a6record: Raw A6 records (arrayref of type unicode class A6Record)
=item afsdbrecord: Raw AFSDB records (arrayref of type unicode class AFSDBRecord)
=item aplrecord: Raw APL records (arrayref of type unicode class APLRecord)
=item certrecord: Raw CERT records (arrayref of type unicode class CERTRecord)
=item cnamerecord: Raw CNAME records (arrayref of type unicode class CNAMERecord)
=item dhcidrecord: Raw DHCID records (arrayref of type unicode class DHCIDRecord)
=item dlvrecord: Raw DLV records (arrayref of type unicode class DLVRecord)
=item dnamerecord: Raw DNAME records (arrayref of type unicode class DNAMERecord)
=item dsrecord: Raw DS records (arrayref of type unicode class DSRecord)
=item hiprecord: Raw HIP records (arrayref of type unicode class HIPRecord)
=item ipseckeyrecord: Raw IPSECKEY records (arrayref of type unicode class IPSECKEYRecord)
=item keyrecord: Raw KEY records (arrayref of type unicode class KEYRecord)
=item kxrecord: Raw KX records (arrayref of type unicode class KXRecord)
=item locrecord: Raw LOC records (arrayref of type unicode class LOCRecord)
=item mxrecord: Raw MX records (arrayref of type unicode class MXRecord)
=item naptrrecord: Raw NAPTR records (arrayref of type unicode class NAPTRRecord)
=item nsrecord: Raw NS records (arrayref of type unicode class NSRecord)
=item nsecrecord: Raw NSEC records (arrayref of type unicode class NSECRecord)
=item ptrrecord: Raw PTR records (arrayref of type unicode class PTRRecord)
=item rrsigrecord: Raw RRSIG records (arrayref of type unicode class RRSIGRecord)
=item rprecord: Raw RP records (arrayref of type unicode class RPRecord)
=item sigrecord: Raw SIG records (arrayref of type unicode class SIGRecord)
=item spfrecord: Raw SPF records (arrayref of type unicode class SPFRecord)
=item srvrecord: Raw SRV records (arrayref of type unicode class SRVRecord)
=item sshfprecord: Raw SSHFP records (arrayref of type unicode class SSHFPRecord)
=item tlsarecord: Raw TLSA records (arrayref of type unicode class TLSARecord)
=item txtrecord: Raw TXT records (arrayref of type unicode class TXTRecord)
=item urirecord: Raw URI records (arrayref of type unicode class URIRecord)
=item del_all: Delete all associated records (type bool class Flag)
=item structured: Parse all raw DNS records and return them in a structured way (type bool class Flag)
=item raw: <raw> (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsrecord_delentry
JSON data for API method dnsrecord_delentry
Delete DNS record entry.
=over
=item Required arguments
=over
=item dnszoneidnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=item idnsname: Record name (arrayref of type DNSName class DNSNameParam)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsrecord_find
JSON data for API method dnsrecord_find
Search for DNS resources.
=over
=item Required arguments
=over
=item dnszoneidnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item idnsname: Record name (type DNSName class DNSNameParam)
=item dnsttl: Time to live (type int class Int)
=item dnsclass: <dnsclass> (type unicode class StrEnum)
=item arecord: Raw A records (arrayref of type unicode class ARecord)
=item aaaarecord: Raw AAAA records (arrayref of type unicode class AAAARecord)
=item a6record: Raw A6 records (arrayref of type unicode class A6Record)
=item afsdbrecord: Raw AFSDB records (arrayref of type unicode class AFSDBRecord)
=item aplrecord: Raw APL records (arrayref of type unicode class APLRecord)
=item certrecord: Raw CERT records (arrayref of type unicode class CERTRecord)
=item cnamerecord: Raw CNAME records (arrayref of type unicode class CNAMERecord)
=item dhcidrecord: Raw DHCID records (arrayref of type unicode class DHCIDRecord)
=item dlvrecord: Raw DLV records (arrayref of type unicode class DLVRecord)
=item dnamerecord: Raw DNAME records (arrayref of type unicode class DNAMERecord)
=item dsrecord: Raw DS records (arrayref of type unicode class DSRecord)
=item hiprecord: Raw HIP records (arrayref of type unicode class HIPRecord)
=item ipseckeyrecord: Raw IPSECKEY records (arrayref of type unicode class IPSECKEYRecord)
=item keyrecord: Raw KEY records (arrayref of type unicode class KEYRecord)
=item kxrecord: Raw KX records (arrayref of type unicode class KXRecord)
=item locrecord: Raw LOC records (arrayref of type unicode class LOCRecord)
=item mxrecord: Raw MX records (arrayref of type unicode class MXRecord)
=item naptrrecord: Raw NAPTR records (arrayref of type unicode class NAPTRRecord)
=item nsrecord: Raw NS records (arrayref of type unicode class NSRecord)
=item nsecrecord: Raw NSEC records (arrayref of type unicode class NSECRecord)
=item ptrrecord: Raw PTR records (arrayref of type unicode class PTRRecord)
=item rrsigrecord: Raw RRSIG records (arrayref of type unicode class RRSIGRecord)
=item rprecord: Raw RP records (arrayref of type unicode class RPRecord)
=item sigrecord: Raw SIG records (arrayref of type unicode class SIGRecord)
=item spfrecord: Raw SPF records (arrayref of type unicode class SPFRecord)
=item srvrecord: Raw SRV records (arrayref of type unicode class SRVRecord)
=item sshfprecord: Raw SSHFP records (arrayref of type unicode class SSHFPRecord)
=item tlsarecord: Raw TLSA records (arrayref of type unicode class TLSARecord)
=item txtrecord: Raw TXT records (arrayref of type unicode class TXTRecord)
=item urirecord: Raw URI records (arrayref of type unicode class URIRecord)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item structured: Parse all raw DNS records and return them in a structured way (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsrecord_mod
JSON data for API method dnsrecord_mod
Modify a DNS resource record.
=over
=item Required arguments
=over
=item dnszoneidnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=item idnsname: Record name (type DNSName class DNSNameParam)
=back
=item Options
=over
=item dnsttl: Time to live (type int class Int)
=item dnsclass: <dnsclass> (type unicode class StrEnum)
=item arecord: Raw A records (arrayref of type unicode class ARecord)
=item a_part_ip_address: A IP Address (type unicode class Str)
=item aaaarecord: Raw AAAA records (arrayref of type unicode class AAAARecord)
=item aaaa_part_ip_address: AAAA IP Address (type unicode class Str)
=item a6record: Raw A6 records (arrayref of type unicode class A6Record)
=item a6_part_data: A6 Record data (type unicode class Str)
=item afsdbrecord: Raw AFSDB records (arrayref of type unicode class AFSDBRecord)
=item afsdb_part_subtype: AFSDB Subtype (type int class Int)
=item afsdb_part_hostname: AFSDB Hostname (type DNSName class DNSNameParam)
=item aplrecord: Raw APL records (arrayref of type unicode class APLRecord)
=item certrecord: Raw CERT records (arrayref of type unicode class CERTRecord)
=item cert_part_type: CERT Certificate Type (type int class Int)
=item cert_part_key_tag: CERT Key Tag (type int class Int)
=item cert_part_algorithm: CERT Algorithm (type int class Int)
=item cert_part_certificate_or_crl: CERT Certificate/CRL (type unicode class Str)
=item cnamerecord: Raw CNAME records (arrayref of type unicode class CNAMERecord)
=item cname_part_hostname: A hostname which this alias hostname points to (type DNSName class DNSNameParam)
=item dhcidrecord: Raw DHCID records (arrayref of type unicode class DHCIDRecord)
=item dlvrecord: Raw DLV records (arrayref of type unicode class DLVRecord)
=item dlv_part_key_tag: DLV Key Tag (type int class Int)
=item dlv_part_algorithm: DLV Algorithm (type int class Int)
=item dlv_part_digest_type: DLV Digest Type (type int class Int)
=item dlv_part_digest: DLV Digest (type unicode class Str)
=item dnamerecord: Raw DNAME records (arrayref of type unicode class DNAMERecord)
=item dname_part_target: DNAME Target (type DNSName class DNSNameParam)
=item dsrecord: Raw DS records (arrayref of type unicode class DSRecord)
=item ds_part_key_tag: DS Key Tag (type int class Int)
=item ds_part_algorithm: DS Algorithm (type int class Int)
=item ds_part_digest_type: DS Digest Type (type int class Int)
=item ds_part_digest: DS Digest (type unicode class Str)
=item hiprecord: Raw HIP records (arrayref of type unicode class HIPRecord)
=item ipseckeyrecord: Raw IPSECKEY records (arrayref of type unicode class IPSECKEYRecord)
=item keyrecord: Raw KEY records (arrayref of type unicode class KEYRecord)
=item kxrecord: Raw KX records (arrayref of type unicode class KXRecord)
=item kx_part_preference: Preference given to this exchanger. Lower values are more preferred (type int class Int)
=item kx_part_exchanger: A host willing to act as a key exchanger (type DNSName class DNSNameParam)
=item locrecord: Raw LOC records (arrayref of type unicode class LOCRecord)
=item loc_part_lat_deg: LOC Degrees Latitude (type int class Int)
=item loc_part_lat_min: LOC Minutes Latitude (type int class Int)
=item loc_part_lat_sec: LOC Seconds Latitude (type Decimal class Decimal)
=item loc_part_lat_dir: LOC Direction Latitude (type unicode class StrEnum)
=item loc_part_lon_deg: LOC Degrees Longitude (type int class Int)
=item loc_part_lon_min: LOC Minutes Longitude (type int class Int)
=item loc_part_lon_sec: LOC Seconds Longitude (type Decimal class Decimal)
=item loc_part_lon_dir: LOC Direction Longitude (type unicode class StrEnum)
=item loc_part_altitude: LOC Altitude (type Decimal class Decimal)
=item loc_part_size: LOC Size (type Decimal class Decimal)
=item loc_part_h_precision: LOC Horizontal Precision (type Decimal class Decimal)
=item loc_part_v_precision: LOC Vertical Precision (type Decimal class Decimal)
=item mxrecord: Raw MX records (arrayref of type unicode class MXRecord)
=item mx_part_preference: Preference given to this exchanger. Lower values are more preferred (type int class Int)
=item mx_part_exchanger: A host willing to act as a mail exchanger (type DNSName class DNSNameParam)
=item naptrrecord: Raw NAPTR records (arrayref of type unicode class NAPTRRecord)
=item naptr_part_order: NAPTR Order (type int class Int)
=item naptr_part_preference: NAPTR Preference (type int class Int)
=item naptr_part_flags: NAPTR Flags (type unicode class Str)
=item naptr_part_service: NAPTR Service (type unicode class Str)
=item naptr_part_regexp: NAPTR Regular Expression (type unicode class Str)
=item naptr_part_replacement: NAPTR Replacement (type unicode class Str)
=item nsrecord: Raw NS records (arrayref of type unicode class NSRecord)
=item ns_part_hostname: NS Hostname (type DNSName class DNSNameParam)
=item nsecrecord: Raw NSEC records (arrayref of type unicode class NSECRecord)
=item ptrrecord: Raw PTR records (arrayref of type unicode class PTRRecord)
=item ptr_part_hostname: The hostname this reverse record points to (type DNSName class DNSNameParam)
=item rrsigrecord: Raw RRSIG records (arrayref of type unicode class RRSIGRecord)
=item rprecord: Raw RP records (arrayref of type unicode class RPRecord)
=item sigrecord: Raw SIG records (arrayref of type unicode class SIGRecord)
=item spfrecord: Raw SPF records (arrayref of type unicode class SPFRecord)
=item srvrecord: Raw SRV records (arrayref of type unicode class SRVRecord)
=item srv_part_priority: Lower number means higher priority. Clients will attempt to contact the server with the lowest-numbered priority they can reach. (type int class Int)
=item srv_part_weight: Relative weight for entries with the same priority. (type int class Int)
=item srv_part_port: SRV Port (type int class Int)
=item srv_part_target: The domain name of the target host or '.' if the service is decidedly not available at this domain (type DNSName class DNSNameParam)
=item sshfprecord: Raw SSHFP records (arrayref of type unicode class SSHFPRecord)
=item sshfp_part_algorithm: SSHFP Algorithm (type int class Int)
=item sshfp_part_fp_type: SSHFP Fingerprint Type (type int class Int)
=item sshfp_part_fingerprint: SSHFP Fingerprint (type unicode class Str)
=item tlsarecord: Raw TLSA records (arrayref of type unicode class TLSARecord)
=item tlsa_part_cert_usage: TLSA Certificate Usage (type int class Int)
=item tlsa_part_selector: TLSA Selector (type int class Int)
=item tlsa_part_matching_type: TLSA Matching Type (type int class Int)
=item tlsa_part_cert_association_data: TLSA Certificate Association Data (type unicode class Str)
=item txtrecord: Raw TXT records (arrayref of type unicode class TXTRecord)
=item txt_part_data: TXT Text Data (type unicode class Str)
=item urirecord: Raw URI records (arrayref of type unicode class URIRecord)
=item uri_part_priority: Lower number means higher priority. Clients will attempt to contact the URI with the lowest-numbered priority they can reach. (type int class Int)
=item uri_part_weight: Relative weight for entries with the same priority. (type int class Int)
=item uri_part_target: Target Uniform Resource Identifier according to RFC 3986 (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item structured: Parse all raw DNS records and return them in a structured way (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item rename: Rename the DNS resource record object (type DNSName class DNSNameParam)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsrecord_show
JSON data for API method dnsrecord_show
Display DNS resource.
=over
=item Required arguments
=over
=item dnszoneidnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=item idnsname: Record name (type DNSName class DNSNameParam)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item structured: Parse all raw DNS records and return them in a structured way (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsrecord_split_parts
JSON data for API method dnsrecord_split_parts
=over
=item Required arguments
=over
=item name: <name> (type unicode class Str)
=item value: <value> (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsserver_find
JSON data for API method dnsserver_find
Search for DNS servers.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item idnsserverid: DNS Server name (type unicode class Str)
=item idnssoamname: SOA mname (authoritative server) override (type DNSName class DNSNameParam)
=item idnsforwarders: Per-server forwarders. A custom port can be specified for each forwarder using a standard format "IP_ADDRESS port PORT" (arrayref of type unicode class Str)
=item idnsforwardpolicy: Per-server conditional forwarding policy. Set to "none" to disable forwarding to global forwarder for this zone. In that case, conditional zone forwarders are disregarded. (type unicode class StrEnum)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("hostname") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsserver_mod
JSON data for API method dnsserver_mod
Modify DNS server configuration
=over
=item Required arguments
=over
=item idnsserverid: DNS Server name (type unicode class Str)
=back
=item Options
=over
=item idnssoamname: SOA mname (authoritative server) override (type DNSName class DNSNameParam)
=item idnsforwarders: Per-server forwarders. A custom port can be specified for each forwarder using a standard format "IP_ADDRESS port PORT" (arrayref of type unicode class Str)
=item idnsforwardpolicy: Per-server conditional forwarding policy. Set to "none" to disable forwarding to global forwarder for this zone. In that case, conditional zone forwarders are disregarded. (type unicode class StrEnum)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnsserver_show
JSON data for API method dnsserver_show
Display configuration of a DNS server.
=over
=item Required arguments
=over
=item idnsserverid: DNS Server name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnszone_add
JSON data for API method dnszone_add
Create new DNS zone (SOA record).
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item name_from_ip: IP network to create reverse zone name from (type unicode class Str)
=item idnsforwarders: Per-zone forwarders. A custom port can be specified for each forwarder using a standard format "IP_ADDRESS port PORT" (arrayref of type unicode class Str)
=item idnsforwardpolicy: Per-zone conditional forwarding policy. Set to "none" to disable forwarding to global forwarder for this zone. In that case, conditional zone forwarders are disregarded. (type unicode class StrEnum)
=item idnssoamname: Authoritative nameserver domain name (type DNSName class DNSNameParam)
=item idnssoarname: Administrator e-mail address (type DNSName class DNSNameParam)
=item idnssoaserial: SOA record serial number (type int class Int)
=item idnssoarefresh: SOA record refresh time (type int class Int)
=item idnssoaretry: SOA record retry time (type int class Int)
=item idnssoaexpire: SOA record expire time (type int class Int)
=item idnssoaminimum: How long should negative responses be cached (type int class Int)
=item dnsttl: Time to live for records at zone apex (type int class Int)
=item dnsdefaultttl: Time to live for records without explicit TTL definition (type int class Int)
=item dnsclass: <dnsclass> (type unicode class StrEnum)
=item idnsupdatepolicy: BIND update policy (type unicode class Str)
=item idnsallowdynupdate: Allow dynamic updates. (type bool class Bool)
=item idnsallowquery: Semicolon separated list of IP addresses or networks which are allowed to issue queries (type unicode class Str)
=item idnsallowtransfer: Semicolon separated list of IP addresses or networks which are allowed to transfer the zone (type unicode class Str)
=item idnsallowsyncptr: Allow synchronization of forward (A, AAAA) and reverse (PTR) records in the zone (type bool class Bool)
=item idnssecinlinesigning: Allow inline DNSSEC signing of records in the zone (type bool class Bool)
=item nsec3paramrecord: NSEC3PARAM record for zone in format: hash_algorithm flags iterations salt (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item skip_overlap_check: Force DNS zone creation even if it will overlap with an existing zone. (type bool class Flag)
=item force: Force DNS zone creation even if nameserver is not resolvable. (Deprecated) (type bool class Flag)
=item skip_nameserver_check: Force DNS zone creation even if nameserver is not resolvable. (type bool class Flag)
=item ip_address: <ip_address> (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnszone_add_permission
JSON data for API method dnszone_add_permission
Add a permission for per-zone access delegation.
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnszone_del
JSON data for API method dnszone_del
Delete DNS zone (SOA record).
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (arrayref of type DNSName class DNSNameParam)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnszone_disable
JSON data for API method dnszone_disable
Disable DNS Zone.
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnszone_enable
JSON data for API method dnszone_enable
Enable DNS Zone.
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnszone_find
JSON data for API method dnszone_find
Search for DNS zones (SOA records).
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=item name_from_ip: IP network to create reverse zone name from (type unicode class Str)
=item idnszoneactive: Is zone active? (type bool class Bool)
=item idnsforwarders: Per-zone forwarders. A custom port can be specified for each forwarder using a standard format "IP_ADDRESS port PORT" (arrayref of type unicode class Str)
=item idnsforwardpolicy: Per-zone conditional forwarding policy. Set to "none" to disable forwarding to global forwarder for this zone. In that case, conditional zone forwarders are disregarded. (type unicode class StrEnum)
=item idnssoamname: Authoritative nameserver domain name (type DNSName class DNSNameParam)
=item idnssoarname: Administrator e-mail address (type DNSName class DNSNameParam)
=item idnssoaserial: SOA record serial number (type int class Int)
=item idnssoarefresh: SOA record refresh time (type int class Int)
=item idnssoaretry: SOA record retry time (type int class Int)
=item idnssoaexpire: SOA record expire time (type int class Int)
=item idnssoaminimum: How long should negative responses be cached (type int class Int)
=item dnsttl: Time to live for records at zone apex (type int class Int)
=item dnsdefaultttl: Time to live for records without explicit TTL definition (type int class Int)
=item dnsclass: <dnsclass> (type unicode class StrEnum)
=item idnsupdatepolicy: BIND update policy (type unicode class Str)
=item idnsallowdynupdate: Allow dynamic updates. (type bool class Bool)
=item idnsallowquery: Semicolon separated list of IP addresses or networks which are allowed to issue queries (type unicode class Str)
=item idnsallowtransfer: Semicolon separated list of IP addresses or networks which are allowed to transfer the zone (type unicode class Str)
=item idnsallowsyncptr: Allow synchronization of forward (A, AAAA) and reverse (PTR) records in the zone (type bool class Bool)
=item idnssecinlinesigning: Allow inline DNSSEC signing of records in the zone (type bool class Bool)
=item nsec3paramrecord: NSEC3PARAM record for zone in format: hash_algorithm flags iterations salt (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item forward_only: Search for forward zones only (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnszone_mod
JSON data for API method dnszone_mod
Modify DNS zone (SOA record).
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item name_from_ip: IP network to create reverse zone name from (type unicode class Str)
=item idnsforwarders: Per-zone forwarders. A custom port can be specified for each forwarder using a standard format "IP_ADDRESS port PORT" (arrayref of type unicode class Str)
=item idnsforwardpolicy: Per-zone conditional forwarding policy. Set to "none" to disable forwarding to global forwarder for this zone. In that case, conditional zone forwarders are disregarded. (type unicode class StrEnum)
=item idnssoamname: Authoritative nameserver domain name (type DNSName class DNSNameParam)
=item idnssoarname: Administrator e-mail address (type DNSName class DNSNameParam)
=item idnssoaserial: SOA record serial number (type int class Int)
=item idnssoarefresh: SOA record refresh time (type int class Int)
=item idnssoaretry: SOA record retry time (type int class Int)
=item idnssoaexpire: SOA record expire time (type int class Int)
=item idnssoaminimum: How long should negative responses be cached (type int class Int)
=item dnsttl: Time to live for records at zone apex (type int class Int)
=item dnsdefaultttl: Time to live for records without explicit TTL definition (type int class Int)
=item dnsclass: <dnsclass> (type unicode class StrEnum)
=item idnsupdatepolicy: BIND update policy (type unicode class Str)
=item idnsallowdynupdate: Allow dynamic updates. (type bool class Bool)
=item idnsallowquery: Semicolon separated list of IP addresses or networks which are allowed to issue queries (type unicode class Str)
=item idnsallowtransfer: Semicolon separated list of IP addresses or networks which are allowed to transfer the zone (type unicode class Str)
=item idnsallowsyncptr: Allow synchronization of forward (A, AAAA) and reverse (PTR) records in the zone (type bool class Bool)
=item idnssecinlinesigning: Allow inline DNSSEC signing of records in the zone (type bool class Bool)
=item nsec3paramrecord: NSEC3PARAM record for zone in format: hash_algorithm flags iterations salt (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item force: Force nameserver change even if nameserver not in DNS (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnszone_remove_permission
JSON data for API method dnszone_remove_permission
Remove a permission for per-zone access delegation.
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item dnszone_show
JSON data for API method dnszone_show
Display information about a DNS zone (SOA record).
=over
=item Required arguments
=over
=item idnsname: Zone name (FQDN) (type DNSName class DNSNameParam)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item domainlevel_get
JSON data for API method domainlevel_get
Query current Domain Level.
=over
=item No required arguments
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item domainlevel_set
JSON data for API method domainlevel_set
Change current Domain Level.
=over
=item Required arguments
=over
=item ipadomainlevel: Domain Level (type int class Int)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item env
JSON data for API method env
Show environment variables.
=over
=item Required arguments
=over
=item variables: unknown (type unknown_type class unknown_class)
=back
=item Options
=over
=item server: Forward to server instead of running locally (type bool class Flag)
=item all: retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item group_add
JSON data for API method group_add
Create a new group.
=over
=item Required arguments
=over
=item cn: Group name (type unicode class Str)
=back
=item Options
=over
=item description: Group description (type unicode class Str)
=item gidnumber: GID (use this option to set it manually) (type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item nonposix: Create as a non-POSIX group (type bool class Flag)
=item external: Allow adding external non-IPA members from trusted domains (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item group_add_member
JSON data for API method group_add_member
Add members to a group.
=over
=item Required arguments
=over
=item cn: Group name (type unicode class Str)
=back
=item Options
=over
=item ipaexternalmember: Members of a trusted domain in DOM\name or name@domain form (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item group_del
JSON data for API method group_del
Delete group.
=over
=item Required arguments
=over
=item cn: Group name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item group_detach
JSON data for API method group_detach
Detach a managed group from a user.
=over
=item Required arguments
=over
=item cn: Group name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item group_find
JSON data for API method group_find
Search for groups.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Group name (type unicode class Str)
=item description: Group description (type unicode class Str)
=item gidnumber: GID (use this option to set it manually) (type int class Int)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item private: search for private groups (type bool class Flag)
=item posix: search for POSIX groups (type bool class Flag)
=item external: search for groups with support of external non-IPA members from trusted domains (type bool class Flag)
=item nonposix: search for non-POSIX groups (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("group-name") (type bool class Flag)
=item user: Search for groups with these member users. (arrayref of type unicode class Str)
=item no_user: Search for groups without these member users. (arrayref of type unicode class Str)
=item group: Search for groups with these member groups. (arrayref of type unicode class Str)
=item no_group: Search for groups without these member groups. (arrayref of type unicode class Str)
=item in_group: Search for groups with these member of groups. (arrayref of type unicode class Str)
=item not_in_group: Search for groups without these member of groups. (arrayref of type unicode class Str)
=item in_netgroup: Search for groups with these member of netgroups. (arrayref of type unicode class Str)
=item not_in_netgroup: Search for groups without these member of netgroups. (arrayref of type unicode class Str)
=item in_role: Search for groups with these member of roles. (arrayref of type unicode class Str)
=item not_in_role: Search for groups without these member of roles. (arrayref of type unicode class Str)
=item in_hbacrule: Search for groups with these member of HBAC rules. (arrayref of type unicode class Str)
=item not_in_hbacrule: Search for groups without these member of HBAC rules. (arrayref of type unicode class Str)
=item in_sudorule: Search for groups with these member of sudo rules. (arrayref of type unicode class Str)
=item not_in_sudorule: Search for groups without these member of sudo rules. (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item group_mod
JSON data for API method group_mod
Modify a group.
=over
=item Required arguments
=over
=item cn: Group name (type unicode class Str)
=back
=item Options
=over
=item description: Group description (type unicode class Str)
=item gidnumber: GID (use this option to set it manually) (type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item posix: change to a POSIX group (type bool class Flag)
=item external: change to support external non-IPA members from trusted domains (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item rename: Rename the group object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item group_remove_member
JSON data for API method group_remove_member
Remove members from a group.
=over
=item Required arguments
=over
=item cn: Group name (type unicode class Str)
=back
=item Options
=over
=item ipaexternalmember: Members of a trusted domain in DOM\name or name@domain form (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item group_show
JSON data for API method group_show
Display information about a named group.
=over
=item Required arguments
=over
=item cn: Group name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_add
JSON data for API method hbacrule_add
Create a new HBAC rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item accessruletype: Rule type (allow) (type unicode class StrEnum)
=item usercategory: User category the rule applies to (type unicode class StrEnum)
=item hostcategory: Host category the rule applies to (type unicode class StrEnum)
=item sourcehostcategory: Source host category the rule applies to (type unicode class StrEnum)
=item servicecategory: Service category the rule applies to (type unicode class StrEnum)
=item description: Description (type unicode class Str)
=item ipaenabledflag: Enabled (type bool class Bool)
=item externalhost: External host (arrayref of type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_add_host
JSON data for API method hbacrule_add_host
Add target hosts and hostgroups to an HBAC rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to add (arrayref of type unicode class Str)
=item hostgroup: host groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_add_service
JSON data for API method hbacrule_add_service
Add services to an HBAC rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item hbacsvc: HBAC services to add (arrayref of type unicode class Str)
=item hbacsvcgroup: HBAC service groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_add_sourcehost
JSON data for API method hbacrule_add_sourcehost
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to add (arrayref of type unicode class Str)
=item hostgroup: host groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_add_user
JSON data for API method hbacrule_add_user
Add users and groups to an HBAC rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_del
JSON data for API method hbacrule_del
Delete an HBAC rule.
=over
=item Required arguments
=over
=item cn: Rule name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_disable
JSON data for API method hbacrule_disable
Disable an HBAC rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_enable
JSON data for API method hbacrule_enable
Enable an HBAC rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_find
JSON data for API method hbacrule_find
Search for HBAC rules.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Rule name (type unicode class Str)
=item accessruletype: Rule type (allow) (type unicode class StrEnum)
=item usercategory: User category the rule applies to (type unicode class StrEnum)
=item hostcategory: Host category the rule applies to (type unicode class StrEnum)
=item sourcehostcategory: Source host category the rule applies to (type unicode class StrEnum)
=item servicecategory: Service category the rule applies to (type unicode class StrEnum)
=item description: Description (type unicode class Str)
=item ipaenabledflag: Enabled (type bool class Bool)
=item externalhost: External host (arrayref of type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_mod
JSON data for API method hbacrule_mod
Modify an HBAC rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item accessruletype: Rule type (allow) (type unicode class StrEnum)
=item usercategory: User category the rule applies to (type unicode class StrEnum)
=item hostcategory: Host category the rule applies to (type unicode class StrEnum)
=item sourcehostcategory: Source host category the rule applies to (type unicode class StrEnum)
=item servicecategory: Service category the rule applies to (type unicode class StrEnum)
=item description: Description (type unicode class Str)
=item ipaenabledflag: Enabled (type bool class Bool)
=item externalhost: External host (arrayref of type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item rename: Rename the HBAC rule object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_remove_host
JSON data for API method hbacrule_remove_host
Remove target hosts and hostgroups from an HBAC rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to remove (arrayref of type unicode class Str)
=item hostgroup: host groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_remove_service
JSON data for API method hbacrule_remove_service
Remove service and service groups from an HBAC rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item hbacsvc: HBAC services to remove (arrayref of type unicode class Str)
=item hbacsvcgroup: HBAC service groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_remove_sourcehost
JSON data for API method hbacrule_remove_sourcehost
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to remove (arrayref of type unicode class Str)
=item hostgroup: host groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_remove_user
JSON data for API method hbacrule_remove_user
Remove users and groups from an HBAC rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacrule_show
JSON data for API method hbacrule_show
Display the properties of an HBAC rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacsvc_add
JSON data for API method hbacsvc_add
Add a new HBAC service.
=over
=item Required arguments
=over
=item cn: HBAC service (type unicode class Str)
=back
=item Options
=over
=item description: HBAC service description (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacsvc_del
JSON data for API method hbacsvc_del
Delete an existing HBAC service.
=over
=item Required arguments
=over
=item cn: HBAC service (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacsvc_find
JSON data for API method hbacsvc_find
Search for HBAC services.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: HBAC service (type unicode class Str)
=item description: HBAC service description (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("service") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacsvc_mod
JSON data for API method hbacsvc_mod
Modify an HBAC service.
=over
=item Required arguments
=over
=item cn: HBAC service (type unicode class Str)
=back
=item Options
=over
=item description: HBAC service description (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacsvc_show
JSON data for API method hbacsvc_show
Display information about an HBAC service.
=over
=item Required arguments
=over
=item cn: HBAC service (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacsvcgroup_add
JSON data for API method hbacsvcgroup_add
Add a new HBAC service group.
=over
=item Required arguments
=over
=item cn: Service group name (type unicode class Str)
=back
=item Options
=over
=item description: HBAC service group description (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacsvcgroup_add_member
JSON data for API method hbacsvcgroup_add_member
Add members to an HBAC service group.
=over
=item Required arguments
=over
=item cn: Service group name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item hbacsvc: HBAC services to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacsvcgroup_del
JSON data for API method hbacsvcgroup_del
Delete an HBAC service group.
=over
=item Required arguments
=over
=item cn: Service group name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacsvcgroup_find
JSON data for API method hbacsvcgroup_find
Search for an HBAC service group.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Service group name (type unicode class Str)
=item description: HBAC service group description (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacsvcgroup_mod
JSON data for API method hbacsvcgroup_mod
Modify an HBAC service group.
=over
=item Required arguments
=over
=item cn: Service group name (type unicode class Str)
=back
=item Options
=over
=item description: HBAC service group description (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacsvcgroup_remove_member
JSON data for API method hbacsvcgroup_remove_member
Remove members from an HBAC service group.
=over
=item Required arguments
=over
=item cn: Service group name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item hbacsvc: HBAC services to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbacsvcgroup_show
JSON data for API method hbacsvcgroup_show
Display information about an HBAC service group.
=over
=item Required arguments
=over
=item cn: Service group name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hbactest
JSON data for API method hbactest
Simulate use of Host-based access controls
=over
=item No required arguments
=item Options
=over
=item user: User name (mandatory type unicode class Str)
=item sourcehost: Source host (type unicode class Str)
=item targethost: Target host (mandatory type unicode class Str)
=item service: Service (mandatory type unicode class Str)
=item rules: Rules to test. If not specified, --enabled is assumed (arrayref of type unicode class Str)
=item nodetail: Hide details which rules are matched, not matched, or invalid (type bool class Flag)
=item enabled: Include all enabled IPA rules into test [default] (type bool class Flag)
=item disabled: Include all disabled IPA rules into test (type bool class Flag)
=item sizelimit: Maximum number of rules to process when no --rules is specified (type int class Int)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_add
JSON data for API method host_add
Add a new host.
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=back
=item Options
=over
=item description: A description of this host (type unicode class Str)
=item l: Host locality (e.g. "Baltimore, MD") (type unicode class Str)
=item nshostlocation: Host location (e.g. "Lab 2") (type unicode class Str)
=item nshardwareplatform: Host hardware platform (e.g. "Lenovo T61") (type unicode class Str)
=item nsosversion: Host operating system and version (e.g. "Fedora 9") (type unicode class Str)
=item userpassword: Password used in bulk enrollment (type unicode class Str)
=item random: Generate a random password to be used in bulk enrollment (type bool class Flag)
=item usercertificate: Base-64 encoded host certificate (arrayref of type Certificate class Certificate)
=item macaddress: Hardware MAC address(es) on this host (arrayref of type unicode class Str)
=item ipasshpubkey: SSH public key (arrayref of type unicode class Str)
=item userclass: Host category (semantics placed on this attribute are for local interpretation) (arrayref of type unicode class Str)
=item ipaassignedidview: Assigned ID View (type unicode class Str)
=item krbprincipalauthind: Defines a whitelist for Authentication Indicators. Use 'otp' to allow OTP-based 2FA authentications. Use 'radius' to allow RADIUS-based 2FA authentications. Other values may be used for custom configurations. (arrayref of type unicode class Str)
=item ipakrbrequirespreauth: Pre-authentication is required for the service (type bool class Bool)
=item ipakrbokasdelegate: Client credentials may be delegated to the service (type bool class Bool)
=item ipakrboktoauthasdelegate: The service is allowed to authenticate on behalf of a client (type bool class Bool)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item force: force host name even if not in DNS (type bool class Flag)
=item no_reverse: skip reverse DNS detection (type bool class Flag)
=item ip_address: Add the host to DNS with this IP address (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_add_cert
JSON data for API method host_add_cert
Add certificates to host entry
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item usercertificate: Base-64 encoded host certificate (mandatory arrayref of type Certificate class Certificate)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_add_managedby
JSON data for API method host_add_managedby
Add hosts that can manage this host.
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_add_principal
JSON data for API method host_add_principal
Add new principal alias to host entry
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=item krbprincipalname: Principal alias (arrayref of type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_allow_create_keytab
JSON data for API method host_allow_create_keytab
Allow users, groups, hosts or host groups to create a keytab of this host.
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item host: hosts to add (arrayref of type unicode class Str)
=item hostgroup: host groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_allow_retrieve_keytab
JSON data for API method host_allow_retrieve_keytab
Allow users, groups, hosts or host groups to retrieve a keytab of this host.
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item host: hosts to add (arrayref of type unicode class Str)
=item hostgroup: host groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_del
JSON data for API method host_del
Delete a host.
=over
=item Required arguments
=over
=item fqdn: Host name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item updatedns: Remove A, AAAA, SSHFP and PTR records of the host(s) managed by IPA DNS (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_disable
JSON data for API method host_disable
Disable the Kerberos key, SSL certificate and all services of a host.
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_disallow_create_keytab
JSON data for API method host_disallow_create_keytab
Disallow users, groups, hosts or host groups to create a keytab of this host.
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item host: hosts to remove (arrayref of type unicode class Str)
=item hostgroup: host groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_disallow_retrieve_keytab
JSON data for API method host_disallow_retrieve_keytab
Disallow users, groups, hosts or host groups to retrieve a keytab of this host.
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item host: hosts to remove (arrayref of type unicode class Str)
=item hostgroup: host groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_find
JSON data for API method host_find
Search for hosts.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item fqdn: Host name (type unicode class Str)
=item description: A description of this host (type unicode class Str)
=item l: Host locality (e.g. "Baltimore, MD") (type unicode class Str)
=item nshostlocation: Host location (e.g. "Lab 2") (type unicode class Str)
=item nshardwareplatform: Host hardware platform (e.g. "Lenovo T61") (type unicode class Str)
=item nsosversion: Host operating system and version (e.g. "Fedora 9") (type unicode class Str)
=item userpassword: Password used in bulk enrollment (type unicode class Str)
=item usercertificate: Base-64 encoded host certificate (arrayref of type Certificate class Certificate)
=item macaddress: Hardware MAC address(es) on this host (arrayref of type unicode class Str)
=item userclass: Host category (semantics placed on this attribute are for local interpretation) (arrayref of type unicode class Str)
=item ipaassignedidview: Assigned ID View (type unicode class Str)
=item krbprincipalauthind: Defines a whitelist for Authentication Indicators. Use 'otp' to allow OTP-based 2FA authentications. Use 'radius' to allow RADIUS-based 2FA authentications. Other values may be used for custom configurations. (arrayref of type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("hostname") (type bool class Flag)
=item in_hostgroup: Search for hosts with these member of host groups. (arrayref of type unicode class Str)
=item not_in_hostgroup: Search for hosts without these member of host groups. (arrayref of type unicode class Str)
=item in_netgroup: Search for hosts with these member of netgroups. (arrayref of type unicode class Str)
=item not_in_netgroup: Search for hosts without these member of netgroups. (arrayref of type unicode class Str)
=item in_role: Search for hosts with these member of roles. (arrayref of type unicode class Str)
=item not_in_role: Search for hosts without these member of roles. (arrayref of type unicode class Str)
=item in_hbacrule: Search for hosts with these member of HBAC rules. (arrayref of type unicode class Str)
=item not_in_hbacrule: Search for hosts without these member of HBAC rules. (arrayref of type unicode class Str)
=item in_sudorule: Search for hosts with these member of sudo rules. (arrayref of type unicode class Str)
=item not_in_sudorule: Search for hosts without these member of sudo rules. (arrayref of type unicode class Str)
=item enroll_by_user: Search for hosts with these enrolled by users. (arrayref of type unicode class Str)
=item not_enroll_by_user: Search for hosts without these enrolled by users. (arrayref of type unicode class Str)
=item man_by_host: Search for hosts with these managed by hosts. (arrayref of type unicode class Str)
=item not_man_by_host: Search for hosts without these managed by hosts. (arrayref of type unicode class Str)
=item man_host: Search for hosts with these managing hosts. (arrayref of type unicode class Str)
=item not_man_host: Search for hosts without these managing hosts. (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_mod
JSON data for API method host_mod
Modify information about a host.
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=back
=item Options
=over
=item description: A description of this host (type unicode class Str)
=item l: Host locality (e.g. "Baltimore, MD") (type unicode class Str)
=item nshostlocation: Host location (e.g. "Lab 2") (type unicode class Str)
=item nshardwareplatform: Host hardware platform (e.g. "Lenovo T61") (type unicode class Str)
=item nsosversion: Host operating system and version (e.g. "Fedora 9") (type unicode class Str)
=item userpassword: Password used in bulk enrollment (type unicode class Str)
=item random: Generate a random password to be used in bulk enrollment (type bool class Flag)
=item usercertificate: Base-64 encoded host certificate (arrayref of type Certificate class Certificate)
=item krbprincipalname: Principal alias (arrayref of type Principal class Principal)
=item macaddress: Hardware MAC address(es) on this host (arrayref of type unicode class Str)
=item ipasshpubkey: SSH public key (arrayref of type unicode class Str)
=item userclass: Host category (semantics placed on this attribute are for local interpretation) (arrayref of type unicode class Str)
=item ipaassignedidview: Assigned ID View (type unicode class Str)
=item krbprincipalauthind: Defines a whitelist for Authentication Indicators. Use 'otp' to allow OTP-based 2FA authentications. Use 'radius' to allow RADIUS-based 2FA authentications. Other values may be used for custom configurations. (arrayref of type unicode class Str)
=item ipakrbrequirespreauth: Pre-authentication is required for the service (type bool class Bool)
=item ipakrbokasdelegate: Client credentials may be delegated to the service (type bool class Bool)
=item ipakrboktoauthasdelegate: The service is allowed to authenticate on behalf of a client (type bool class Bool)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item updatedns: Update DNS entries (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_remove_cert
JSON data for API method host_remove_cert
Remove certificates from host entry
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item usercertificate: Base-64 encoded host certificate (mandatory arrayref of type Certificate class Certificate)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_remove_managedby
JSON data for API method host_remove_managedby
Remove hosts that can manage this host.
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_remove_principal
JSON data for API method host_remove_principal
Remove principal alias from a host entry
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=item krbprincipalname: Principal alias (arrayref of type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item host_show
JSON data for API method host_show
Display information about a host.
=over
=item Required arguments
=over
=item fqdn: Host name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item out: file to store certificate in (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hostgroup_add
JSON data for API method hostgroup_add
Add a new hostgroup.
=over
=item Required arguments
=over
=item cn: Name of host-group (type unicode class Str)
=back
=item Options
=over
=item description: A description of this host-group (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hostgroup_add_member
JSON data for API method hostgroup_add_member
Add members to a hostgroup.
=over
=item Required arguments
=over
=item cn: Name of host-group (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to add (arrayref of type unicode class Str)
=item hostgroup: host groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hostgroup_del
JSON data for API method hostgroup_del
Delete a hostgroup.
=over
=item Required arguments
=over
=item cn: Name of host-group (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hostgroup_find
JSON data for API method hostgroup_find
Search for hostgroups.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Name of host-group (type unicode class Str)
=item description: A description of this host-group (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("hostgroup-name") (type bool class Flag)
=item host: Search for host groups with these member hosts. (arrayref of type unicode class Str)
=item no_host: Search for host groups without these member hosts. (arrayref of type unicode class Str)
=item hostgroup: Search for host groups with these member host groups. (arrayref of type unicode class Str)
=item no_hostgroup: Search for host groups without these member host groups. (arrayref of type unicode class Str)
=item in_hostgroup: Search for host groups with these member of host groups. (arrayref of type unicode class Str)
=item not_in_hostgroup: Search for host groups without these member of host groups. (arrayref of type unicode class Str)
=item in_netgroup: Search for host groups with these member of netgroups. (arrayref of type unicode class Str)
=item not_in_netgroup: Search for host groups without these member of netgroups. (arrayref of type unicode class Str)
=item in_hbacrule: Search for host groups with these member of HBAC rules. (arrayref of type unicode class Str)
=item not_in_hbacrule: Search for host groups without these member of HBAC rules. (arrayref of type unicode class Str)
=item in_sudorule: Search for host groups with these member of sudo rules. (arrayref of type unicode class Str)
=item not_in_sudorule: Search for host groups without these member of sudo rules. (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hostgroup_mod
JSON data for API method hostgroup_mod
Modify a hostgroup.
=over
=item Required arguments
=over
=item cn: Name of host-group (type unicode class Str)
=back
=item Options
=over
=item description: A description of this host-group (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hostgroup_remove_member
JSON data for API method hostgroup_remove_member
Remove members from a hostgroup.
=over
=item Required arguments
=over
=item cn: Name of host-group (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to remove (arrayref of type unicode class Str)
=item hostgroup: host groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item hostgroup_show
JSON data for API method hostgroup_show
Display information about a hostgroup.
=over
=item Required arguments
=over
=item cn: Name of host-group (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item i18n_messages
JSON data for API method i18n_messages
=over
=item No required arguments
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idoverridegroup_add
JSON data for API method idoverridegroup_add
Add a new Group ID override.
=over
=item Required arguments
=over
=item idviewcn: ID View Name (type unicode class Str)
=item ipaanchoruuid: Anchor to override (type unicode class Str)
=back
=item Options
=over
=item description: Description (type unicode class Str)
=item cn: Group name (type unicode class Str)
=item gidnumber: Group ID Number (type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item fallback_to_ldap: Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idoverridegroup_del
JSON data for API method idoverridegroup_del
Delete an Group ID override.
=over
=item Required arguments
=over
=item idviewcn: ID View Name (type unicode class Str)
=item ipaanchoruuid: Anchor to override (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item fallback_to_ldap: Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idoverridegroup_find
JSON data for API method idoverridegroup_find
Search for an Group ID override.
=over
=item Required arguments
=over
=item idviewcn: ID View Name (type unicode class Str)
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item ipaanchoruuid: Anchor to override (type unicode class Str)
=item description: Description (type unicode class Str)
=item cn: Group name (type unicode class Str)
=item gidnumber: Group ID Number (type int class Int)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item fallback_to_ldap: Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("anchor") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idoverridegroup_mod
JSON data for API method idoverridegroup_mod
Modify an Group ID override.
=over
=item Required arguments
=over
=item idviewcn: ID View Name (type unicode class Str)
=item ipaanchoruuid: Anchor to override (type unicode class Str)
=back
=item Options
=over
=item description: Description (type unicode class Str)
=item cn: Group name (type unicode class Str)
=item gidnumber: Group ID Number (type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item fallback_to_ldap: Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item rename: Rename the Group ID override object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idoverridegroup_show
JSON data for API method idoverridegroup_show
Display information about an Group ID override.
=over
=item Required arguments
=over
=item idviewcn: ID View Name (type unicode class Str)
=item ipaanchoruuid: Anchor to override (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item fallback_to_ldap: Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idoverrideuser_add
JSON data for API method idoverrideuser_add
Add a new User ID override.
=over
=item Required arguments
=over
=item idviewcn: ID View Name (type unicode class Str)
=item ipaanchoruuid: Anchor to override (type unicode class Str)
=back
=item Options
=over
=item description: Description (type unicode class Str)
=item uid: User login (type unicode class Str)
=item uidnumber: User ID Number (type int class Int)
=item gecos: GECOS (type unicode class Str)
=item gidnumber: Group ID Number (type int class Int)
=item homedirectory: Home directory (type unicode class Str)
=item loginshell: Login shell (type unicode class Str)
=item ipaoriginaluid: <ipaoriginaluid> (type unicode class Str)
=item ipasshpubkey: SSH public key (arrayref of type unicode class Str)
=item usercertificate: Base-64 encoded user certificate (arrayref of type Certificate class Certificate)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item fallback_to_ldap: Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idoverrideuser_add_cert
JSON data for API method idoverrideuser_add_cert
Add one or more certificates to the idoverrideuser entry
=over
=item Required arguments
=over
=item idviewcn: ID View Name (type unicode class Str)
=item ipaanchoruuid: Anchor to override (type unicode class Str)
=back
=item Options
=over
=item fallback_to_ldap: Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item usercertificate: Base-64 encoded user certificate (mandatory arrayref of type Certificate class Certificate)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idoverrideuser_del
JSON data for API method idoverrideuser_del
Delete an User ID override.
=over
=item Required arguments
=over
=item idviewcn: ID View Name (type unicode class Str)
=item ipaanchoruuid: Anchor to override (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item fallback_to_ldap: Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idoverrideuser_find
JSON data for API method idoverrideuser_find
Search for an User ID override.
=over
=item Required arguments
=over
=item idviewcn: ID View Name (type unicode class Str)
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item ipaanchoruuid: Anchor to override (type unicode class Str)
=item description: Description (type unicode class Str)
=item uid: User login (type unicode class Str)
=item uidnumber: User ID Number (type int class Int)
=item gecos: GECOS (type unicode class Str)
=item gidnumber: Group ID Number (type int class Int)
=item homedirectory: Home directory (type unicode class Str)
=item loginshell: Login shell (type unicode class Str)
=item ipaoriginaluid: <ipaoriginaluid> (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item fallback_to_ldap: Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("anchor") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idoverrideuser_mod
JSON data for API method idoverrideuser_mod
Modify an User ID override.
=over
=item Required arguments
=over
=item idviewcn: ID View Name (type unicode class Str)
=item ipaanchoruuid: Anchor to override (type unicode class Str)
=back
=item Options
=over
=item description: Description (type unicode class Str)
=item uid: User login (type unicode class Str)
=item uidnumber: User ID Number (type int class Int)
=item gecos: GECOS (type unicode class Str)
=item gidnumber: Group ID Number (type int class Int)
=item homedirectory: Home directory (type unicode class Str)
=item loginshell: Login shell (type unicode class Str)
=item ipaoriginaluid: <ipaoriginaluid> (type unicode class Str)
=item ipasshpubkey: SSH public key (arrayref of type unicode class Str)
=item usercertificate: Base-64 encoded user certificate (arrayref of type Certificate class Certificate)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item fallback_to_ldap: Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item rename: Rename the User ID override object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idoverrideuser_remove_cert
JSON data for API method idoverrideuser_remove_cert
Remove one or more certificates to the idoverrideuser entry
=over
=item Required arguments
=over
=item idviewcn: ID View Name (type unicode class Str)
=item ipaanchoruuid: Anchor to override (type unicode class Str)
=back
=item Options
=over
=item fallback_to_ldap: Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item usercertificate: Base-64 encoded user certificate (mandatory arrayref of type Certificate class Certificate)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idoverrideuser_show
JSON data for API method idoverrideuser_show
Display information about an User ID override.
=over
=item Required arguments
=over
=item idviewcn: ID View Name (type unicode class Str)
=item ipaanchoruuid: Anchor to override (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item fallback_to_ldap: Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idrange_add
JSON data for API method idrange_add
Add new ID range.
To add a new ID range you always have to specify
--base-id
--range-size
Additionally
--rid-base
--secondary-rid-base
may be given for a new ID range for the local domain while
--rid-base
--dom-sid
must be given to add a new range for a trusted AD domain.
=======
WARNING:
DNA plugin in 389-ds will allocate IDs based on the ranges configured for the
local domain. Currently the DNA plugin *cannot* be reconfigured itself based
on the local ranges set via this family of commands.
Manual configuration change has to be done in the DNA plugin configuration for
the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix
IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to be
modified to match the new range.
=======
=over
=item Required arguments
=over
=item cn: Range name (type unicode class Str)
=back
=item Options
=over
=item ipabaseid: First Posix ID of the range (mandatory type int class Int)
=item ipaidrangesize: Number of IDs in the range (mandatory type int class Int)
=item ipabaserid: First RID of the corresponding RID range (type int class Int)
=item ipasecondarybaserid: First RID of the secondary RID range (type int class Int)
=item ipanttrusteddomainsid: Domain SID of the trusted domain (type unicode class Str)
=item ipanttrusteddomainname: Name of the trusted domain (type unicode class Str)
=item iparangetype: ID range type, one of ipa-ad-trust, ipa-ad-trust-posix, ipa-local (type unicode class StrEnum)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idrange_del
JSON data for API method idrange_del
Delete an ID range.
=over
=item Required arguments
=over
=item cn: Range name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idrange_find
JSON data for API method idrange_find
Search for ranges.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Range name (type unicode class Str)
=item ipabaseid: First Posix ID of the range (type int class Int)
=item ipaidrangesize: Number of IDs in the range (type int class Int)
=item ipabaserid: First RID of the corresponding RID range (type int class Int)
=item ipasecondarybaserid: First RID of the secondary RID range (type int class Int)
=item ipanttrusteddomainsid: Domain SID of the trusted domain (type unicode class Str)
=item iparangetype: ID range type, one of ipa-ad-trust, ipa-ad-trust-posix, ipa-local (type unicode class StrEnum)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idrange_mod
JSON data for API method idrange_mod
Modify ID range.
=======
WARNING:
DNA plugin in 389-ds will allocate IDs based on the ranges configured for the
local domain. Currently the DNA plugin *cannot* be reconfigured itself based
on the local ranges set via this family of commands.
Manual configuration change has to be done in the DNA plugin configuration for
the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix
IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to be
modified to match the new range.
=======
=over
=item Required arguments
=over
=item cn: Range name (type unicode class Str)
=back
=item Options
=over
=item ipabaseid: First Posix ID of the range (type int class Int)
=item ipaidrangesize: Number of IDs in the range (type int class Int)
=item ipabaserid: First RID of the corresponding RID range (type int class Int)
=item ipasecondarybaserid: First RID of the secondary RID range (type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item ipanttrusteddomainsid: Domain SID of the trusted domain (type unicode class Str)
=item ipanttrusteddomainname: Name of the trusted domain (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idrange_show
JSON data for API method idrange_show
Display information about a range.
=over
=item Required arguments
=over
=item cn: Range name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idview_add
JSON data for API method idview_add
Add a new ID View.
=over
=item Required arguments
=over
=item cn: ID View Name (type unicode class Str)
=back
=item Options
=over
=item description: Description (type unicode class Str)
=item ipadomainresolutionorder: colon-separated list of domains used for short name qualification (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idview_apply
JSON data for API method idview_apply
Applies ID View to specified hosts or current members of specified hostgroups. If any other ID View is applied to the host, it is overridden.
=over
=item Required arguments
=over
=item cn: ID View Name (type unicode class Str)
=back
=item Options
=over
=item host: Hosts to apply the ID View to (arrayref of type unicode class Str)
=item hostgroup: Hostgroups to whose hosts apply the ID View to. Please note that view is not applied automatically to any hosts added to the hostgroup after running the idview-apply command. (arrayref of type unicode class Str)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idview_del
JSON data for API method idview_del
Delete an ID View.
=over
=item Required arguments
=over
=item cn: ID View Name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idview_find
JSON data for API method idview_find
Search for an ID View.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: ID View Name (type unicode class Str)
=item description: Description (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idview_mod
JSON data for API method idview_mod
Modify an ID View.
=over
=item Required arguments
=over
=item cn: ID View Name (type unicode class Str)
=back
=item Options
=over
=item description: Description (type unicode class Str)
=item ipadomainresolutionorder: colon-separated list of domains used for short name qualification (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item rename: Rename the ID View object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idview_show
JSON data for API method idview_show
Display information about an ID View.
=over
=item Required arguments
=over
=item cn: ID View Name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item show_hosts: Enumerate all the hosts the view applies to. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item idview_unapply
JSON data for API method idview_unapply
Clears ID View from specified hosts or current members of specified hostgroups.
=over
=item No required arguments
=item Options
=over
=item host: Hosts to clear (any) ID View from. (arrayref of type unicode class Str)
=item hostgroup: Hostgroups whose hosts should have ID Views cleared. Note that view is not cleared automatically from any host added to the hostgroup after running idview-unapply command. (arrayref of type unicode class Str)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item join
JSON data for API method join
Join an IPA domain
=over
=item Required arguments
=over
=item cn: The hostname to register as (type unicode class Str)
=back
=item Options
=over
=item realm: The IPA realm (type unicode class Str)
=item nshardwareplatform: Hardware platform of the host (e.g. Lenovo T61) (type unicode class Str)
=item nsosversion: Operating System and version of the host (e.g. Fedora 9) (type unicode class Str)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item json_metadata
JSON data for API method json_metadata
Export plugin meta-data for the webUI.
=over
=item Required arguments
=over
=item objname: Name of object to export (type unicode class Str)
=item methodname: Name of method to export (type unicode class Str)
=back
=item Options
=over
=item object: Name of object to export (type unicode class Str)
=item method: Name of method to export (type unicode class Str)
=item command: Name of command to export (type unicode class Str)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item kra_is_enabled
JSON data for API method kra_is_enabled
=over
=item No required arguments
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item krbtpolicy_mod
JSON data for API method krbtpolicy_mod
Modify Kerberos ticket policy.
=over
=item Required arguments
=over
=item uid: Manage ticket policy for specific user (type unicode class Str)
=back
=item Options
=over
=item krbmaxticketlife: Maximum ticket life (seconds) (type int class Int)
=item krbmaxrenewableage: Maximum renewable age (seconds) (type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item krbtpolicy_reset
JSON data for API method krbtpolicy_reset
Reset Kerberos ticket policy to the default values.
=over
=item Required arguments
=over
=item uid: Manage ticket policy for specific user (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item krbtpolicy_show
JSON data for API method krbtpolicy_show
Display the current Kerberos ticket policy.
=over
=item Required arguments
=over
=item uid: Manage ticket policy for specific user (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item location_add
JSON data for API method location_add
Add a new IPA location.
=over
=item Required arguments
=over
=item idnsname: IPA location name (type DNSName class DNSNameParam)
=back
=item Options
=over
=item description: IPA Location description (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item location_del
JSON data for API method location_del
Delete an IPA location.
=over
=item Required arguments
=over
=item idnsname: IPA location name (arrayref of type DNSName class DNSNameParam)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item location_find
JSON data for API method location_find
Search for IPA locations.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item idnsname: IPA location name (type DNSName class DNSNameParam)
=item description: IPA Location description (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item location_mod
JSON data for API method location_mod
Modify information about an IPA location.
=over
=item Required arguments
=over
=item idnsname: IPA location name (type DNSName class DNSNameParam)
=back
=item Options
=over
=item description: IPA Location description (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item location_show
JSON data for API method location_show
Display information about an IPA location.
=over
=item Required arguments
=over
=item idnsname: IPA location name (type DNSName class DNSNameParam)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item migrate_ds
JSON data for API method migrate_ds
Migrate users and groups from DS to IPA.
=over
=item Required arguments
=over
=item ldapuri: LDAP URI of DS server to migrate from (type unicode class Str)
=item bindpw: bind password (type unicode class Password)
=back
=item Options
=over
=item binddn: Bind DN (type DN class DNParam)
=item usercontainer: DN of container for users in DS relative to base DN (type DN class DNParam)
=item groupcontainer: DN of container for groups in DS relative to base DN (type DN class DNParam)
=item userobjectclass: Objectclasses used to search for user entries in DS (arrayref of type unicode class Str)
=item groupobjectclass: Objectclasses used to search for group entries in DS (arrayref of type unicode class Str)
=item userignoreobjectclass: Objectclasses to be ignored for user entries in DS (arrayref of type unicode class Str)
=item userignoreattribute: Attributes to be ignored for user entries in DS (arrayref of type unicode class Str)
=item groupignoreobjectclass: Objectclasses to be ignored for group entries in DS (arrayref of type unicode class Str)
=item groupignoreattribute: Attributes to be ignored for group entries in DS (arrayref of type unicode class Str)
=item groupoverwritegid: When migrating a group already existing in IPA domain overwrite the group GID and report as success (type bool class Flag)
=item schema: The schema used on the LDAP server. Supported values are RFC2307 and RFC2307bis. The default is RFC2307bis (type unicode class StrEnum)
=item continue: Continuous operation mode. Errors are reported but the process continues (type bool class Flag)
=item basedn: Base DN on remote LDAP server (type DN class DNParam)
=item compat: Allows migration despite the usage of compat plugin (type bool class Flag)
=item cacertfile: Load CA certificate of LDAP server from FILE (type unicode class Str)
=item use_def_group: Add migrated users without a group to a default group (default: true) (type bool class Bool)
=item scope: LDAP search scope for users and groups: base, onelevel, or subtree. Defaults to onelevel (type unicode class StrEnum)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item exclude_groups: groups to exclude from migration (arrayref of type unicode class Str)
=item exclude_users: users to exclude from migration (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item netgroup_add
JSON data for API method netgroup_add
Add a new netgroup.
=over
=item Required arguments
=over
=item cn: Netgroup name (type unicode class Str)
=back
=item Options
=over
=item description: Netgroup description (type unicode class Str)
=item nisdomainname: NIS domain name (type unicode class Str)
=item usercategory: User category the rule applies to (type unicode class StrEnum)
=item hostcategory: Host category the rule applies to (type unicode class StrEnum)
=item externalhost: External host (arrayref of type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item netgroup_add_member
JSON data for API method netgroup_add_member
Add members to a netgroup.
=over
=item Required arguments
=over
=item cn: Netgroup name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item host: hosts to add (arrayref of type unicode class Str)
=item hostgroup: host groups to add (arrayref of type unicode class Str)
=item netgroup: netgroups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item netgroup_del
JSON data for API method netgroup_del
Delete a netgroup.
=over
=item Required arguments
=over
=item cn: Netgroup name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item netgroup_find
JSON data for API method netgroup_find
Search for a netgroup.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Netgroup name (type unicode class Str)
=item description: Netgroup description (type unicode class Str)
=item nisdomainname: NIS domain name (type unicode class Str)
=item ipauniqueid: IPA unique ID (type unicode class Str)
=item usercategory: User category the rule applies to (type unicode class StrEnum)
=item hostcategory: Host category the rule applies to (type unicode class StrEnum)
=item externalhost: External host (arrayref of type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item private: <private> (type bool class Flag)
=item managed: search for managed groups (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item netgroup: Search for netgroups with these member netgroups. (arrayref of type unicode class Str)
=item no_netgroup: Search for netgroups without these member netgroups. (arrayref of type unicode class Str)
=item user: Search for netgroups with these member users. (arrayref of type unicode class Str)
=item no_user: Search for netgroups without these member users. (arrayref of type unicode class Str)
=item group: Search for netgroups with these member groups. (arrayref of type unicode class Str)
=item no_group: Search for netgroups without these member groups. (arrayref of type unicode class Str)
=item host: Search for netgroups with these member hosts. (arrayref of type unicode class Str)
=item no_host: Search for netgroups without these member hosts. (arrayref of type unicode class Str)
=item hostgroup: Search for netgroups with these member host groups. (arrayref of type unicode class Str)
=item no_hostgroup: Search for netgroups without these member host groups. (arrayref of type unicode class Str)
=item in_netgroup: Search for netgroups with these member of netgroups. (arrayref of type unicode class Str)
=item not_in_netgroup: Search for netgroups without these member of netgroups. (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item netgroup_mod
JSON data for API method netgroup_mod
Modify a netgroup.
=over
=item Required arguments
=over
=item cn: Netgroup name (type unicode class Str)
=back
=item Options
=over
=item description: Netgroup description (type unicode class Str)
=item nisdomainname: NIS domain name (type unicode class Str)
=item usercategory: User category the rule applies to (type unicode class StrEnum)
=item hostcategory: Host category the rule applies to (type unicode class StrEnum)
=item externalhost: External host (arrayref of type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item netgroup_remove_member
JSON data for API method netgroup_remove_member
Remove members from a netgroup.
=over
=item Required arguments
=over
=item cn: Netgroup name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item host: hosts to remove (arrayref of type unicode class Str)
=item hostgroup: host groups to remove (arrayref of type unicode class Str)
=item netgroup: netgroups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item netgroup_show
JSON data for API method netgroup_show
Display information about a netgroup.
=over
=item Required arguments
=over
=item cn: Netgroup name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item otpconfig_mod
JSON data for API method otpconfig_mod
Modify OTP configuration options.
=over
=item No required arguments
=item Options
=over
=item ipatokentotpauthwindow: TOTP authentication time variance (seconds) (type int class Int)
=item ipatokentotpsyncwindow: TOTP synchronization time variance (seconds) (type int class Int)
=item ipatokenhotpauthwindow: HOTP authentication skip-ahead (type int class Int)
=item ipatokenhotpsyncwindow: HOTP synchronization skip-ahead (type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item otpconfig_show
JSON data for API method otpconfig_show
Show the current OTP configuration.
=over
=item No required arguments
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item otptoken_add
JSON data for API method otptoken_add
Add a new OTP token.
=over
=item Required arguments
=over
=item ipatokenuniqueid: Unique ID (type unicode class Str)
=back
=item Options
=over
=item type: Type of the token (type unicode class StrEnum)
=item description: Token description (informational only) (type unicode class Str)
=item ipatokenowner: Assigned user of the token (default: self) (type unicode class Str)
=item ipatokendisabled: Mark the token as disabled (default: false) (type bool class Bool)
=item ipatokennotbefore: First date/time the token can be used (type datetime class DateTime)
=item ipatokennotafter: Last date/time the token can be used (type datetime class DateTime)
=item ipatokenvendor: Token vendor name (informational only) (type unicode class Str)
=item ipatokenmodel: Token model (informational only) (type unicode class Str)
=item ipatokenserial: Token serial (informational only) (type unicode class Str)
=item ipatokenotpkey: Token secret (Base32; default: random) (type str class OTPTokenKey)
=item ipatokenotpalgorithm: Token hash algorithm (type unicode class StrEnum)
=item ipatokenotpdigits: Number of digits each token code will have (type int class IntEnum)
=item ipatokentotpclockoffset: TOTP token / FreeIPA server time difference (type int class Int)
=item ipatokentotptimestep: Length of TOTP token code validity (type int class Int)
=item ipatokenhotpcounter: Initial counter for the HOTP token (type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item qrcode: (deprecated) (type bool class Flag)
=item no_qrcode: Do not display QR code (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item otptoken_add_managedby
JSON data for API method otptoken_add_managedby
Add users that can manage this token.
=over
=item Required arguments
=over
=item ipatokenuniqueid: Unique ID (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item otptoken_del
JSON data for API method otptoken_del
Delete an OTP token.
=over
=item Required arguments
=over
=item ipatokenuniqueid: Unique ID (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item otptoken_find
JSON data for API method otptoken_find
Search for OTP token.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item ipatokenuniqueid: Unique ID (type unicode class Str)
=item type: Type of the token (type unicode class StrEnum)
=item description: Token description (informational only) (type unicode class Str)
=item ipatokenowner: Assigned user of the token (default: self) (type unicode class Str)
=item ipatokendisabled: Mark the token as disabled (default: false) (type bool class Bool)
=item ipatokennotbefore: First date/time the token can be used (type datetime class DateTime)
=item ipatokennotafter: Last date/time the token can be used (type datetime class DateTime)
=item ipatokenvendor: Token vendor name (informational only) (type unicode class Str)
=item ipatokenmodel: Token model (informational only) (type unicode class Str)
=item ipatokenserial: Token serial (informational only) (type unicode class Str)
=item ipatokenotpalgorithm: Token hash algorithm (type unicode class StrEnum)
=item ipatokenotpdigits: Number of digits each token code will have (type int class IntEnum)
=item ipatokentotpclockoffset: TOTP token / FreeIPA server time difference (type int class Int)
=item ipatokentotptimestep: Length of TOTP token code validity (type int class Int)
=item ipatokenhotpcounter: Initial counter for the HOTP token (type int class Int)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("id") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item otptoken_mod
JSON data for API method otptoken_mod
Modify a OTP token.
=over
=item Required arguments
=over
=item ipatokenuniqueid: Unique ID (type unicode class Str)
=back
=item Options
=over
=item description: Token description (informational only) (type unicode class Str)
=item ipatokenowner: Assigned user of the token (default: self) (type unicode class Str)
=item ipatokendisabled: Mark the token as disabled (default: false) (type bool class Bool)
=item ipatokennotbefore: First date/time the token can be used (type datetime class DateTime)
=item ipatokennotafter: Last date/time the token can be used (type datetime class DateTime)
=item ipatokenvendor: Token vendor name (informational only) (type unicode class Str)
=item ipatokenmodel: Token model (informational only) (type unicode class Str)
=item ipatokenserial: Token serial (informational only) (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item rename: Rename the OTP token object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item otptoken_remove_managedby
JSON data for API method otptoken_remove_managedby
Remove users that can manage this token.
=over
=item Required arguments
=over
=item ipatokenuniqueid: Unique ID (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item otptoken_show
JSON data for API method otptoken_show
Display information about an OTP token.
=over
=item Required arguments
=over
=item ipatokenuniqueid: Unique ID (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item output_find
JSON data for API method output_find
Search for command outputs.
=over
=item Required arguments
=over
=item commandfull_name: Full name (type unicode class Str)
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item output_show
JSON data for API method output_show
Display information about a command output.
=over
=item Required arguments
=over
=item commandfull_name: Full name (type unicode class Str)
=item name: Name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item param_find
JSON data for API method param_find
Search command parameters.
=over
=item Required arguments
=over
=item metaobjectfull_name: Full name (type unicode class Str)
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item param_show
JSON data for API method param_show
Display information about a command parameter.
=over
=item Required arguments
=over
=item metaobjectfull_name: Full name (type unicode class Str)
=item name: Name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item passwd
JSON data for API method passwd
Set a user's password.
=over
=item Required arguments
=over
=item principal: User name (type Principal class Principal)
=item password: New Password (type unicode class Password)
=item current_password: Current Password (type unicode class Password)
=back
=item Options
=over
=item otp: One Time Password (type unicode class Password)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item permission_add
JSON data for API method permission_add
Add a new permission.
=over
=item Required arguments
=over
=item cn: Permission name (type unicode class Str)
=back
=item Options
=over
=item ipapermright: Rights to grant (read, search, compare, write, add, delete, all) (arrayref of type unicode class StrEnum)
=item attrs: All attributes to which the permission applies (arrayref of type unicode class Str)
=item ipapermbindruletype: Bind rule type (type unicode class StrEnum)
=item ipapermlocation: Subtree to apply permissions to (type DN class DNOrURL)
=item extratargetfilter: Extra target filter (arrayref of type unicode class Str)
=item ipapermtargetfilter: All target filters, including those implied by type and memberof (arrayref of type unicode class Str)
=item ipapermtarget: Optional DN to apply the permission to (must be in the subtree, but may not yet exist) (type DN class DNParam)
=item ipapermtargetto: Optional DN subtree where an entry can be moved to (must be in the subtree, but may not yet exist) (type DN class DNParam)
=item ipapermtargetfrom: Optional DN subtree from where an entry can be moved (must be in the subtree, but may not yet exist) (type DN class DNParam)
=item memberof: Target members of a group (sets memberOf targetfilter) (arrayref of type unicode class Str)
=item targetgroup: User group to apply permissions to (sets target) (type unicode class Str)
=item type: Type of IPA object (sets subtree and objectClass targetfilter) (type unicode class Str)
=item filter: Deprecated; use extratargetfilter (arrayref of type unicode class Str)
=item subtree: Deprecated; use ipapermlocation (arrayref of type unicode class Str)
=item permissions: Deprecated; use ipapermright (arrayref of type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item permission_add_member
JSON data for API method permission_add_member
Add members to a permission.
=over
=item Required arguments
=over
=item cn: Permission name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item privilege: privileges to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item permission_add_noaci
JSON data for API method permission_add_noaci
Add a system permission without an ACI (internal command)
=over
=item Required arguments
=over
=item cn: Permission name (type unicode class Str)
=back
=item Options
=over
=item ipapermissiontype: Permission flags (mandatory arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item permission_del
JSON data for API method permission_del
Delete a permission.
=over
=item Required arguments
=over
=item cn: Permission name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item force: force delete of SYSTEM permissions (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item permission_find
JSON data for API method permission_find
Search for permissions.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Permission name (type unicode class Str)
=item ipapermright: Rights to grant (read, search, compare, write, add, delete, all) (arrayref of type unicode class StrEnum)
=item attrs: All attributes to which the permission applies (arrayref of type unicode class Str)
=item ipapermincludedattr: User-specified attributes to which the permission applies (arrayref of type unicode class Str)
=item ipapermexcludedattr: User-specified attributes to which the permission explicitly does not apply (arrayref of type unicode class Str)
=item ipapermdefaultattr: Attributes to which the permission applies by default (arrayref of type unicode class Str)
=item ipapermbindruletype: Bind rule type (type unicode class StrEnum)
=item ipapermlocation: Subtree to apply permissions to (type DN class DNOrURL)
=item extratargetfilter: Extra target filter (arrayref of type unicode class Str)
=item ipapermtargetfilter: All target filters, including those implied by type and memberof (arrayref of type unicode class Str)
=item ipapermtarget: Optional DN to apply the permission to (must be in the subtree, but may not yet exist) (type DN class DNParam)
=item ipapermtargetto: Optional DN subtree where an entry can be moved to (must be in the subtree, but may not yet exist) (type DN class DNParam)
=item ipapermtargetfrom: Optional DN subtree from where an entry can be moved (must be in the subtree, but may not yet exist) (type DN class DNParam)
=item memberof: Target members of a group (sets memberOf targetfilter) (arrayref of type unicode class Str)
=item targetgroup: User group to apply permissions to (sets target) (type unicode class Str)
=item type: Type of IPA object (sets subtree and objectClass targetfilter) (type unicode class Str)
=item filter: Deprecated; use extratargetfilter (arrayref of type unicode class Str)
=item subtree: Deprecated; use ipapermlocation (arrayref of type unicode class Str)
=item permissions: Deprecated; use ipapermright (arrayref of type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item permission_mod
JSON data for API method permission_mod
Modify a permission.
=over
=item Required arguments
=over
=item cn: Permission name (type unicode class Str)
=back
=item Options
=over
=item ipapermright: Rights to grant (read, search, compare, write, add, delete, all) (arrayref of type unicode class StrEnum)
=item attrs: All attributes to which the permission applies (arrayref of type unicode class Str)
=item ipapermincludedattr: User-specified attributes to which the permission applies (arrayref of type unicode class Str)
=item ipapermexcludedattr: User-specified attributes to which the permission explicitly does not apply (arrayref of type unicode class Str)
=item ipapermbindruletype: Bind rule type (type unicode class StrEnum)
=item ipapermlocation: Subtree to apply permissions to (type DN class DNOrURL)
=item extratargetfilter: Extra target filter (arrayref of type unicode class Str)
=item ipapermtargetfilter: All target filters, including those implied by type and memberof (arrayref of type unicode class Str)
=item ipapermtarget: Optional DN to apply the permission to (must be in the subtree, but may not yet exist) (type DN class DNParam)
=item ipapermtargetto: Optional DN subtree where an entry can be moved to (must be in the subtree, but may not yet exist) (type DN class DNParam)
=item ipapermtargetfrom: Optional DN subtree from where an entry can be moved (must be in the subtree, but may not yet exist) (type DN class DNParam)
=item memberof: Target members of a group (sets memberOf targetfilter) (arrayref of type unicode class Str)
=item targetgroup: User group to apply permissions to (sets target) (type unicode class Str)
=item type: Type of IPA object (sets subtree and objectClass targetfilter) (type unicode class Str)
=item filter: Deprecated; use extratargetfilter (arrayref of type unicode class Str)
=item subtree: Deprecated; use ipapermlocation (arrayref of type unicode class Str)
=item permissions: Deprecated; use ipapermright (arrayref of type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item rename: Rename the permission object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item permission_remove_member
JSON data for API method permission_remove_member
Remove members from a permission.
=over
=item Required arguments
=over
=item cn: Permission name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item privilege: privileges to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item permission_show
JSON data for API method permission_show
Display information about a permission.
=over
=item Required arguments
=over
=item cn: Permission name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item ping
JSON data for API method ping
Ping a remote server.
=over
=item No required arguments
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item pkinit_status
JSON data for API method pkinit_status
Report PKINIT status on the IPA masters
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item server_server: IPA server hostname (type unicode class Str)
=item status: Whether PKINIT is enabled or disabled (type unicode class StrEnum)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item plugins
JSON data for API method plugins
Show all loaded plugins.
=over
=item No required arguments
=item Options
=over
=item server: Forward to server instead of running locally (type bool class Flag)
=item all: retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item privilege_add
JSON data for API method privilege_add
Add a new privilege.
=over
=item Required arguments
=over
=item cn: Privilege name (type unicode class Str)
=back
=item Options
=over
=item description: Privilege description (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item privilege_add_member
JSON data for API method privilege_add_member
Add members to a privilege.
=over
=item Required arguments
=over
=item cn: Privilege name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item role: roles to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item privilege_add_permission
JSON data for API method privilege_add_permission
Add permissions to a privilege.
=over
=item Required arguments
=over
=item cn: Privilege name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item permission: permissions (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item privilege_del
JSON data for API method privilege_del
Delete a privilege.
=over
=item Required arguments
=over
=item cn: Privilege name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item privilege_find
JSON data for API method privilege_find
Search for privileges.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Privilege name (type unicode class Str)
=item description: Privilege description (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item privilege_mod
JSON data for API method privilege_mod
Modify a privilege.
=over
=item Required arguments
=over
=item cn: Privilege name (type unicode class Str)
=back
=item Options
=over
=item description: Privilege description (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item rename: Rename the privilege object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item privilege_remove_member
JSON data for API method privilege_remove_member
Remove members from a privilege
=over
=item Required arguments
=over
=item cn: Privilege name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item role: roles to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item privilege_remove_permission
JSON data for API method privilege_remove_permission
Remove permissions from a privilege.
=over
=item Required arguments
=over
=item cn: Privilege name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item permission: permissions (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item privilege_show
JSON data for API method privilege_show
Display information about a privilege.
=over
=item Required arguments
=over
=item cn: Privilege name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item pwpolicy_add
JSON data for API method pwpolicy_add
Add a new group password policy.
=over
=item Required arguments
=over
=item cn: Manage password policy for specific group (type unicode class Str)
=back
=item Options
=over
=item krbmaxpwdlife: Maximum password lifetime (in days) (type int class Int)
=item krbminpwdlife: Minimum password lifetime (in hours) (type int class Int)
=item krbpwdhistorylength: Password history size (type int class Int)
=item krbpwdmindiffchars: Minimum number of character classes (type int class Int)
=item krbpwdminlength: Minimum length of password (type int class Int)
=item cospriority: Priority of the policy (higher number means lower priority (mandatory type int class Int)
=item krbpwdmaxfailure: Consecutive failures before lockout (type int class Int)
=item krbpwdfailurecountinterval: Period after which failure count will be reset (seconds) (type int class Int)
=item krbpwdlockoutduration: Period for which lockout is enforced (seconds) (type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item pwpolicy_del
JSON data for API method pwpolicy_del
Delete a group password policy.
=over
=item Required arguments
=over
=item cn: Manage password policy for specific group (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item pwpolicy_find
JSON data for API method pwpolicy_find
Search for group password policies.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Manage password policy for specific group (type unicode class Str)
=item krbmaxpwdlife: Maximum password lifetime (in days) (type int class Int)
=item krbminpwdlife: Minimum password lifetime (in hours) (type int class Int)
=item krbpwdhistorylength: Password history size (type int class Int)
=item krbpwdmindiffchars: Minimum number of character classes (type int class Int)
=item krbpwdminlength: Minimum length of password (type int class Int)
=item cospriority: Priority of the policy (higher number means lower priority (type int class Int)
=item krbpwdmaxfailure: Consecutive failures before lockout (type int class Int)
=item krbpwdfailurecountinterval: Period after which failure count will be reset (seconds) (type int class Int)
=item krbpwdlockoutduration: Period for which lockout is enforced (seconds) (type int class Int)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("group") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item pwpolicy_mod
JSON data for API method pwpolicy_mod
Modify a group password policy.
=over
=item Required arguments
=over
=item cn: Manage password policy for specific group (type unicode class Str)
=back
=item Options
=over
=item krbmaxpwdlife: Maximum password lifetime (in days) (type int class Int)
=item krbminpwdlife: Minimum password lifetime (in hours) (type int class Int)
=item krbpwdhistorylength: Password history size (type int class Int)
=item krbpwdmindiffchars: Minimum number of character classes (type int class Int)
=item krbpwdminlength: Minimum length of password (type int class Int)
=item cospriority: Priority of the policy (higher number means lower priority (type int class Int)
=item krbpwdmaxfailure: Consecutive failures before lockout (type int class Int)
=item krbpwdfailurecountinterval: Period after which failure count will be reset (seconds) (type int class Int)
=item krbpwdlockoutduration: Period for which lockout is enforced (seconds) (type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item pwpolicy_show
JSON data for API method pwpolicy_show
Display information about password policy.
=over
=item Required arguments
=over
=item cn: Manage password policy for specific group (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item user: Display effective policy for a specific user (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item radiusproxy_add
JSON data for API method radiusproxy_add
Add a new RADIUS proxy server.
=over
=item Required arguments
=over
=item cn: RADIUS proxy server name (type unicode class Str)
=back
=item Options
=over
=item description: A description of this RADIUS proxy server (type unicode class Str)
=item ipatokenradiusserver: The hostname or IP (with or without port) (mandatory type unicode class Str)
=item ipatokenradiussecret: The secret used to encrypt data (mandatory type unicode class Password)
=item ipatokenradiustimeout: The total timeout across all retries (in seconds) (type int class Int)
=item ipatokenradiusretries: The number of times to retry authentication (type int class Int)
=item ipatokenusermapattribute: The username attribute on the user object (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item radiusproxy_del
JSON data for API method radiusproxy_del
Delete a RADIUS proxy server.
=over
=item Required arguments
=over
=item cn: RADIUS proxy server name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item radiusproxy_find
JSON data for API method radiusproxy_find
Search for RADIUS proxy servers.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: RADIUS proxy server name (type unicode class Str)
=item description: A description of this RADIUS proxy server (type unicode class Str)
=item ipatokenradiusserver: The hostname or IP (with or without port) (type unicode class Str)
=item ipatokenradiussecret: The secret used to encrypt data (type unicode class Password)
=item ipatokenradiustimeout: The total timeout across all retries (in seconds) (type int class Int)
=item ipatokenradiusretries: The number of times to retry authentication (type int class Int)
=item ipatokenusermapattribute: The username attribute on the user object (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item radiusproxy_mod
JSON data for API method radiusproxy_mod
Modify a RADIUS proxy server.
=over
=item Required arguments
=over
=item cn: RADIUS proxy server name (type unicode class Str)
=back
=item Options
=over
=item description: A description of this RADIUS proxy server (type unicode class Str)
=item ipatokenradiusserver: The hostname or IP (with or without port) (type unicode class Str)
=item ipatokenradiussecret: The secret used to encrypt data (type unicode class Password)
=item ipatokenradiustimeout: The total timeout across all retries (in seconds) (type int class Int)
=item ipatokenradiusretries: The number of times to retry authentication (type int class Int)
=item ipatokenusermapattribute: The username attribute on the user object (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item rename: Rename the RADIUS proxy server object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item radiusproxy_show
JSON data for API method radiusproxy_show
Display information about a RADIUS proxy server.
=over
=item Required arguments
=over
=item cn: RADIUS proxy server name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item realmdomains_mod
JSON data for API method realmdomains_mod
Modify realm domains.
=over
=item No required arguments
=item Options
=over
=item associateddomain: Domain (arrayref of type unicode class Str)
=item add_domain: Add domain (type unicode class Str)
=item del_domain: Delete domain (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item force: Force adding domain even if not in DNS (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item realmdomains_show
JSON data for API method realmdomains_show
Display the list of realm domains.
=over
=item No required arguments
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item role_add
JSON data for API method role_add
Add a new role.
=over
=item Required arguments
=over
=item cn: Role name (type unicode class Str)
=back
=item Options
=over
=item description: A description of this role-group (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item role_add_member
JSON data for API method role_add_member
Add members to a role.
=over
=item Required arguments
=over
=item cn: Role name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item host: hosts to add (arrayref of type unicode class Str)
=item hostgroup: host groups to add (arrayref of type unicode class Str)
=item service: services to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item role_add_privilege
JSON data for API method role_add_privilege
Add privileges to a role.
=over
=item Required arguments
=over
=item cn: Role name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item privilege: privileges (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item role_del
JSON data for API method role_del
Delete a role.
=over
=item Required arguments
=over
=item cn: Role name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item role_find
JSON data for API method role_find
Search for roles.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Role name (type unicode class Str)
=item description: A description of this role-group (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item role_mod
JSON data for API method role_mod
Modify a role.
=over
=item Required arguments
=over
=item cn: Role name (type unicode class Str)
=back
=item Options
=over
=item description: A description of this role-group (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item rename: Rename the role object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item role_remove_member
JSON data for API method role_remove_member
Remove members from a role.
=over
=item Required arguments
=over
=item cn: Role name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item host: hosts to remove (arrayref of type unicode class Str)
=item hostgroup: host groups to remove (arrayref of type unicode class Str)
=item service: services to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item role_remove_privilege
JSON data for API method role_remove_privilege
Remove privileges from a role.
=over
=item Required arguments
=over
=item cn: Role name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item privilege: privileges (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item role_show
JSON data for API method role_show
Display information about a role.
=over
=item Required arguments
=over
=item cn: Role name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item schema
JSON data for API method schema
=over
=item No required arguments
=item Options
=over
=item known_fingerprints: Fingerprint of schema cached by client (arrayref of type unicode class Str)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selfservice_add
JSON data for API method selfservice_add
Add a new self-service permission.
=over
=item Required arguments
=over
=item aciname: Self-service name (type unicode class Str)
=back
=item Options
=over
=item permissions: Permissions to grant (read, write). Default is write. (arrayref of type unicode class Str)
=item attrs: Attributes to which the permission applies. (mandatory arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selfservice_del
JSON data for API method selfservice_del
Delete a self-service permission.
=over
=item Required arguments
=over
=item aciname: Self-service name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selfservice_find
JSON data for API method selfservice_find
Search for a self-service permission.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item aciname: Self-service name (type unicode class Str)
=item permissions: Permissions to grant (read, write). Default is write. (arrayref of type unicode class Str)
=item attrs: Attributes to which the permission applies. (arrayref of type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selfservice_mod
JSON data for API method selfservice_mod
Modify a self-service permission.
=over
=item Required arguments
=over
=item aciname: Self-service name (type unicode class Str)
=back
=item Options
=over
=item permissions: Permissions to grant (read, write). Default is write. (arrayref of type unicode class Str)
=item attrs: Attributes to which the permission applies. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selfservice_show
JSON data for API method selfservice_show
Display information about a self-service permission.
=over
=item Required arguments
=over
=item aciname: Self-service name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selinuxusermap_add
JSON data for API method selinuxusermap_add
Create a new SELinux User Map.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item ipaselinuxuser: SELinux User (mandatory type unicode class Str)
=item seealso: HBAC Rule that defines the users, groups and hostgroups (type unicode class Str)
=item usercategory: User category the rule applies to (type unicode class StrEnum)
=item hostcategory: Host category the rule applies to (type unicode class StrEnum)
=item description: Description (type unicode class Str)
=item ipaenabledflag: Enabled (type bool class Bool)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selinuxusermap_add_host
JSON data for API method selinuxusermap_add_host
Add target hosts and hostgroups to an SELinux User Map rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to add (arrayref of type unicode class Str)
=item hostgroup: host groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selinuxusermap_add_user
JSON data for API method selinuxusermap_add_user
Add users and groups to an SELinux User Map rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selinuxusermap_del
JSON data for API method selinuxusermap_del
Delete a SELinux User Map.
=over
=item Required arguments
=over
=item cn: Rule name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selinuxusermap_disable
JSON data for API method selinuxusermap_disable
Disable an SELinux User Map rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selinuxusermap_enable
JSON data for API method selinuxusermap_enable
Enable an SELinux User Map rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selinuxusermap_find
JSON data for API method selinuxusermap_find
Search for SELinux User Maps.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Rule name (type unicode class Str)
=item ipaselinuxuser: SELinux User (type unicode class Str)
=item seealso: HBAC Rule that defines the users, groups and hostgroups (type unicode class Str)
=item usercategory: User category the rule applies to (type unicode class StrEnum)
=item hostcategory: Host category the rule applies to (type unicode class StrEnum)
=item description: Description (type unicode class Str)
=item ipaenabledflag: Enabled (type bool class Bool)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selinuxusermap_mod
JSON data for API method selinuxusermap_mod
Modify a SELinux User Map.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item ipaselinuxuser: SELinux User (type unicode class Str)
=item seealso: HBAC Rule that defines the users, groups and hostgroups (type unicode class Str)
=item usercategory: User category the rule applies to (type unicode class StrEnum)
=item hostcategory: Host category the rule applies to (type unicode class StrEnum)
=item description: Description (type unicode class Str)
=item ipaenabledflag: Enabled (type bool class Bool)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selinuxusermap_remove_host
JSON data for API method selinuxusermap_remove_host
Remove target hosts and hostgroups from an SELinux User Map rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to remove (arrayref of type unicode class Str)
=item hostgroup: host groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selinuxusermap_remove_user
JSON data for API method selinuxusermap_remove_user
Remove users and groups from an SELinux User Map rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item selinuxusermap_show
JSON data for API method selinuxusermap_show
Display the properties of a SELinux User Map rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item server_conncheck
JSON data for API method server_conncheck
Check connection to remote IPA server.
=over
=item Required arguments
=over
=item cn: IPA server hostname (type unicode class Str)
=item remote_cn: Remote IPA server hostname (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item server_del
JSON data for API method server_del
Delete IPA server.
=over
=item Required arguments
=over
=item cn: IPA server hostname (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item ignore_topology_disconnect: Ignore topology connectivity problems after removal (type bool class Flag)
=item ignore_last_of_role: Skip a check whether the last CA master or DNS server is removed (type bool class Flag)
=item force: Force server removal even if it does not exist (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item server_find
JSON data for API method server_find
Search for IPA servers.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: IPA server hostname (type unicode class Str)
=item ipamindomainlevel: Minimum domain level (type int class Int)
=item ipamaxdomainlevel: Maximum domain level (type int class Int)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item topologysuffix: Search for servers with these managed suffixes. (arrayref of type unicode class Str)
=item no_topologysuffix: Search for servers without these managed suffixes. (arrayref of type unicode class Str)
=item in_location: Search for servers with these ipa locations. (arrayref of type DNSName class DNSNameParam)
=item not_in_location: Search for servers without these ipa locations. (arrayref of type DNSName class DNSNameParam)
=item servrole: Search for servers with these enabled roles. (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item server_mod
JSON data for API method server_mod
Modify information about an IPA server.
=over
=item Required arguments
=over
=item cn: IPA server hostname (type unicode class Str)
=back
=item Options
=over
=item ipalocation_location: Server location (type DNSName class DNSNameParam)
=item ipaserviceweight: Weight for server services (type int class Int)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item server_role_find
JSON data for API method server_role_find
Find a server role on a server(s)
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item server_server: IPA server hostname (type unicode class Str)
=item role_servrole: IPA server role name (type unicode class Str)
=item status: Status of the role (type unicode class StrEnum)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item include_master: Include IPA master entries (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item server_role_show
JSON data for API method server_role_show
Show role status on a server
=over
=item Required arguments
=over
=item server_server: IPA server hostname (type unicode class Str)
=item role_servrole: IPA server role name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item server_show
JSON data for API method server_show
Show IPA server.
=over
=item Required arguments
=over
=item cn: IPA server hostname (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_add
JSON data for API method service_add
Add a new IPA service.
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=back
=item Options
=over
=item usercertificate: Base-64 encoded service certificate (arrayref of type Certificate class Certificate)
=item ipakrbauthzdata: Override default list of supported PAC types. Use 'NONE' to disable PAC support for this service, e.g. this might be necessary for NFS services. (arrayref of type unicode class StrEnum)
=item krbprincipalauthind: Defines a whitelist for Authentication Indicators. Use 'otp' to allow OTP-based 2FA authentications. Use 'radius' to allow RADIUS-based 2FA authentications. Other values may be used for custom configurations. (arrayref of type unicode class Str)
=item ipakrbrequirespreauth: Pre-authentication is required for the service (type bool class Bool)
=item ipakrbokasdelegate: Client credentials may be delegated to the service (type bool class Bool)
=item ipakrboktoauthasdelegate: The service is allowed to authenticate on behalf of a client (type bool class Bool)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item force: force principal name even if not in DNS (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_add_cert
JSON data for API method service_add_cert
Add new certificates to a service
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item usercertificate: Base-64 encoded service certificate (mandatory arrayref of type Certificate class Certificate)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_add_host
JSON data for API method service_add_host
Add hosts that can manage this service.
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_add_principal
JSON data for API method service_add_principal
Add new principal alias to a service
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=item krbprincipalname: Service principal alias (arrayref of type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_allow_create_keytab
JSON data for API method service_allow_create_keytab
Allow users, groups, hosts or host groups to create a keytab of this service.
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item host: hosts to add (arrayref of type unicode class Str)
=item hostgroup: host groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_allow_retrieve_keytab
JSON data for API method service_allow_retrieve_keytab
Allow users, groups, hosts or host groups to retrieve a keytab of this service.
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item host: hosts to add (arrayref of type unicode class Str)
=item hostgroup: host groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_del
JSON data for API method service_del
Delete an IPA service.
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (arrayref of type Principal class Principal)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_disable
JSON data for API method service_disable
Disable the Kerberos key and SSL certificate of a service.
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_disallow_create_keytab
JSON data for API method service_disallow_create_keytab
Disallow users, groups, hosts or host groups to create a keytab of this service.
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item host: hosts to remove (arrayref of type unicode class Str)
=item hostgroup: host groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_disallow_retrieve_keytab
JSON data for API method service_disallow_retrieve_keytab
Disallow users, groups, hosts or host groups to retrieve a keytab of this service.
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item host: hosts to remove (arrayref of type unicode class Str)
=item hostgroup: host groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_find
JSON data for API method service_find
Search for IPA services.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=item krbprincipalname: Service principal alias (arrayref of type Principal class Principal)
=item ipakrbauthzdata: Override default list of supported PAC types. Use 'NONE' to disable PAC support for this service, e.g. this might be necessary for NFS services. (arrayref of type unicode class StrEnum)
=item krbprincipalauthind: Defines a whitelist for Authentication Indicators. Use 'otp' to allow OTP-based 2FA authentications. Use 'radius' to allow RADIUS-based 2FA authentications. Other values may be used for custom configurations. (arrayref of type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("canonical-principal") (type bool class Flag)
=item man_by_host: Search for services with these managed by hosts. (arrayref of type unicode class Str)
=item not_man_by_host: Search for services without these managed by hosts. (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_mod
JSON data for API method service_mod
Modify an existing IPA service.
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=back
=item Options
=over
=item krbprincipalname: Service principal alias (arrayref of type Principal class Principal)
=item usercertificate: Base-64 encoded service certificate (arrayref of type Certificate class Certificate)
=item ipakrbauthzdata: Override default list of supported PAC types. Use 'NONE' to disable PAC support for this service, e.g. this might be necessary for NFS services. (arrayref of type unicode class StrEnum)
=item krbprincipalauthind: Defines a whitelist for Authentication Indicators. Use 'otp' to allow OTP-based 2FA authentications. Use 'radius' to allow RADIUS-based 2FA authentications. Other values may be used for custom configurations. (arrayref of type unicode class Str)
=item ipakrbrequirespreauth: Pre-authentication is required for the service (type bool class Bool)
=item ipakrbokasdelegate: Client credentials may be delegated to the service (type bool class Bool)
=item ipakrboktoauthasdelegate: The service is allowed to authenticate on behalf of a client (type bool class Bool)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_remove_cert
JSON data for API method service_remove_cert
Remove certificates from a service
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item usercertificate: Base-64 encoded service certificate (mandatory arrayref of type Certificate class Certificate)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_remove_host
JSON data for API method service_remove_host
Remove hosts that can manage this service.
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_remove_principal
JSON data for API method service_remove_principal
Remove principal alias from a service
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=item krbprincipalname: Service principal alias (arrayref of type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item service_show
JSON data for API method service_show
Display information about an IPA service.
=over
=item Required arguments
=over
=item krbcanonicalname: Service principal (type Principal class Principal)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item out: file to store certificate in (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationrule_add
JSON data for API method servicedelegationrule_add
Create a new service delegation rule.
=over
=item Required arguments
=over
=item cn: Delegation name (type unicode class Str)
=back
=item Options
=over
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationrule_add_member
JSON data for API method servicedelegationrule_add_member
Add member to a named service delegation rule.
=over
=item Required arguments
=over
=item cn: Delegation name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item principal: principal to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationrule_add_target
JSON data for API method servicedelegationrule_add_target
Add target to a named service delegation rule.
=over
=item Required arguments
=over
=item cn: Delegation name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item servicedelegationtarget: service delegation targets to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationrule_del
JSON data for API method servicedelegationrule_del
Delete service delegation.
=over
=item Required arguments
=over
=item cn: Delegation name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationrule_find
JSON data for API method servicedelegationrule_find
Search for service delegations rule.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Delegation name (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("delegation-name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationrule_remove_member
JSON data for API method servicedelegationrule_remove_member
Remove member from a named service delegation rule.
=over
=item Required arguments
=over
=item cn: Delegation name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item principal: principal to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationrule_remove_target
JSON data for API method servicedelegationrule_remove_target
Remove target from a named service delegation rule.
=over
=item Required arguments
=over
=item cn: Delegation name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item servicedelegationtarget: service delegation targets to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationrule_show
JSON data for API method servicedelegationrule_show
Display information about a named service delegation rule.
=over
=item Required arguments
=over
=item cn: Delegation name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationtarget_add
JSON data for API method servicedelegationtarget_add
Create a new service delegation target.
=over
=item Required arguments
=over
=item cn: Delegation name (type unicode class Str)
=back
=item Options
=over
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationtarget_add_member
JSON data for API method servicedelegationtarget_add_member
Add member to a named service delegation target.
=over
=item Required arguments
=over
=item cn: Delegation name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item principal: principal to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationtarget_del
JSON data for API method servicedelegationtarget_del
Delete service delegation target.
=over
=item Required arguments
=over
=item cn: Delegation name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationtarget_find
JSON data for API method servicedelegationtarget_find
Search for service delegation target.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Delegation name (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("delegation-name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationtarget_remove_member
JSON data for API method servicedelegationtarget_remove_member
Remove member from a named service delegation target.
=over
=item Required arguments
=over
=item cn: Delegation name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item principal: principal to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item servicedelegationtarget_show
JSON data for API method servicedelegationtarget_show
Display information about a named service delegation target.
=over
=item Required arguments
=over
=item cn: Delegation name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item session_logout
JSON data for API method session_logout
RPC command used to log the current user out of their session.
=over
=item No required arguments
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sidgen_was_run
JSON data for API method sidgen_was_run
Determine whether ipa-adtrust-install has been run with sidgen task
=over
=item No required arguments
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_activate
JSON data for API method stageuser_activate
Activate a stage user.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_add
JSON data for API method stageuser_add
Add a new stage user.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item givenname: First name (mandatory type unicode class Str)
=item sn: Last name (mandatory type unicode class Str)
=item cn: Full name (type unicode class Str)
=item displayname: Display name (type unicode class Str)
=item initials: Initials (type unicode class Str)
=item homedirectory: Home directory (type unicode class Str)
=item gecos: GECOS (type unicode class Str)
=item loginshell: Login shell (type unicode class Str)
=item krbprincipalname: Principal alias (arrayref of type Principal class Principal)
=item krbprincipalexpiration: Kerberos principal expiration (type datetime class DateTime)
=item krbpasswordexpiration: User password expiration (type datetime class DateTime)
=item mail: Email address (arrayref of type unicode class Str)
=item userpassword: Prompt to set the user password (type unicode class Password)
=item random: Generate a random user password (type bool class Flag)
=item uidnumber: User ID Number (system will assign one if not provided) (type int class Int)
=item gidnumber: Group ID Number (type int class Int)
=item street: Street address (type unicode class Str)
=item l: City (type unicode class Str)
=item st: State/Province (type unicode class Str)
=item postalcode: ZIP (type unicode class Str)
=item telephonenumber: Telephone Number (arrayref of type unicode class Str)
=item mobile: Mobile Telephone Number (arrayref of type unicode class Str)
=item pager: Pager Number (arrayref of type unicode class Str)
=item facsimiletelephonenumber: Fax Number (arrayref of type unicode class Str)
=item ou: Org. Unit (type unicode class Str)
=item title: Job Title (type unicode class Str)
=item manager: Manager (type unicode class Str)
=item carlicense: Car License (arrayref of type unicode class Str)
=item ipasshpubkey: SSH public key (arrayref of type unicode class Str)
=item ipauserauthtype: Types of supported user authentication (arrayref of type unicode class StrEnum)
=item userclass: User category (semantics placed on this attribute are for local interpretation) (arrayref of type unicode class Str)
=item ipatokenradiusconfiglink: RADIUS proxy configuration (type unicode class Str)
=item ipatokenradiususername: RADIUS proxy username (type unicode class Str)
=item departmentnumber: Department Number (arrayref of type unicode class Str)
=item employeenumber: Employee Number (type unicode class Str)
=item employeetype: Employee Type (type unicode class Str)
=item preferredlanguage: Preferred Language (type unicode class Str)
=item usercertificate: Base-64 encoded user certificate (arrayref of type Certificate class Certificate)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item from_delete: Create Stage user in from a delete user (type bool class Bool)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_add_cert
JSON data for API method stageuser_add_cert
Add one or more certificates to the stageuser entry
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item usercertificate: Base-64 encoded user certificate (mandatory arrayref of type Certificate class Certificate)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_add_certmapdata
JSON data for API method stageuser_add_certmapdata
Add one or more certificate mappings to the stage user entry.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=item ipacertmapdata: Certificate mapping data (arrayref of type unicode class Str)
=back
=item Options
=over
=item issuer: Issuer of the certificate (type DN class DNParam)
=item subject: Subject of the certificate (type DN class DNParam)
=item certificate: Base-64 encoded user certificate (arrayref of type Certificate class Certificate)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_add_manager
JSON data for API method stageuser_add_manager
Add a manager to the stage user entry
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_add_principal
JSON data for API method stageuser_add_principal
Add new principal alias to the stageuser entry
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=item krbprincipalname: Principal alias (arrayref of type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_del
JSON data for API method stageuser_del
Delete a stage user.
=over
=item Required arguments
=over
=item uid: User login (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_find
JSON data for API method stageuser_find
Search for stage users.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item uid: User login (type unicode class Str)
=item givenname: First name (type unicode class Str)
=item sn: Last name (type unicode class Str)
=item cn: Full name (type unicode class Str)
=item displayname: Display name (type unicode class Str)
=item initials: Initials (type unicode class Str)
=item homedirectory: Home directory (type unicode class Str)
=item gecos: GECOS (type unicode class Str)
=item loginshell: Login shell (type unicode class Str)
=item krbprincipalname: Principal alias (arrayref of type Principal class Principal)
=item krbprincipalexpiration: Kerberos principal expiration (type datetime class DateTime)
=item krbpasswordexpiration: User password expiration (type datetime class DateTime)
=item mail: Email address (arrayref of type unicode class Str)
=item userpassword: Prompt to set the user password (type unicode class Password)
=item uidnumber: User ID Number (system will assign one if not provided) (type int class Int)
=item gidnumber: Group ID Number (type int class Int)
=item street: Street address (type unicode class Str)
=item l: City (type unicode class Str)
=item st: State/Province (type unicode class Str)
=item postalcode: ZIP (type unicode class Str)
=item telephonenumber: Telephone Number (arrayref of type unicode class Str)
=item mobile: Mobile Telephone Number (arrayref of type unicode class Str)
=item pager: Pager Number (arrayref of type unicode class Str)
=item facsimiletelephonenumber: Fax Number (arrayref of type unicode class Str)
=item ou: Org. Unit (type unicode class Str)
=item title: Job Title (type unicode class Str)
=item manager: Manager (type unicode class Str)
=item carlicense: Car License (arrayref of type unicode class Str)
=item ipauserauthtype: Types of supported user authentication (arrayref of type unicode class StrEnum)
=item userclass: User category (semantics placed on this attribute are for local interpretation) (arrayref of type unicode class Str)
=item ipatokenradiusconfiglink: RADIUS proxy configuration (type unicode class Str)
=item ipatokenradiususername: RADIUS proxy username (type unicode class Str)
=item departmentnumber: Department Number (arrayref of type unicode class Str)
=item employeenumber: Employee Number (type unicode class Str)
=item employeetype: Employee Type (type unicode class Str)
=item preferredlanguage: Preferred Language (type unicode class Str)
=item usercertificate: Base-64 encoded user certificate (arrayref of type Certificate class Certificate)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("login") (type bool class Flag)
=item in_group: Search for stage users with these member of groups. (arrayref of type unicode class Str)
=item not_in_group: Search for stage users without these member of groups. (arrayref of type unicode class Str)
=item in_netgroup: Search for stage users with these member of netgroups. (arrayref of type unicode class Str)
=item not_in_netgroup: Search for stage users without these member of netgroups. (arrayref of type unicode class Str)
=item in_role: Search for stage users with these member of roles. (arrayref of type unicode class Str)
=item not_in_role: Search for stage users without these member of roles. (arrayref of type unicode class Str)
=item in_hbacrule: Search for stage users with these member of HBAC rules. (arrayref of type unicode class Str)
=item not_in_hbacrule: Search for stage users without these member of HBAC rules. (arrayref of type unicode class Str)
=item in_sudorule: Search for stage users with these member of sudo rules. (arrayref of type unicode class Str)
=item not_in_sudorule: Search for stage users without these member of sudo rules. (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_mod
JSON data for API method stageuser_mod
Modify a stage user.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item givenname: First name (type unicode class Str)
=item sn: Last name (type unicode class Str)
=item cn: Full name (type unicode class Str)
=item displayname: Display name (type unicode class Str)
=item initials: Initials (type unicode class Str)
=item homedirectory: Home directory (type unicode class Str)
=item gecos: GECOS (type unicode class Str)
=item loginshell: Login shell (type unicode class Str)
=item krbprincipalname: Principal alias (arrayref of type Principal class Principal)
=item krbprincipalexpiration: Kerberos principal expiration (type datetime class DateTime)
=item krbpasswordexpiration: User password expiration (type datetime class DateTime)
=item mail: Email address (arrayref of type unicode class Str)
=item userpassword: Prompt to set the user password (type unicode class Password)
=item random: Generate a random user password (type bool class Flag)
=item uidnumber: User ID Number (system will assign one if not provided) (type int class Int)
=item gidnumber: Group ID Number (type int class Int)
=item street: Street address (type unicode class Str)
=item l: City (type unicode class Str)
=item st: State/Province (type unicode class Str)
=item postalcode: ZIP (type unicode class Str)
=item telephonenumber: Telephone Number (arrayref of type unicode class Str)
=item mobile: Mobile Telephone Number (arrayref of type unicode class Str)
=item pager: Pager Number (arrayref of type unicode class Str)
=item facsimiletelephonenumber: Fax Number (arrayref of type unicode class Str)
=item ou: Org. Unit (type unicode class Str)
=item title: Job Title (type unicode class Str)
=item manager: Manager (type unicode class Str)
=item carlicense: Car License (arrayref of type unicode class Str)
=item ipasshpubkey: SSH public key (arrayref of type unicode class Str)
=item ipauserauthtype: Types of supported user authentication (arrayref of type unicode class StrEnum)
=item userclass: User category (semantics placed on this attribute are for local interpretation) (arrayref of type unicode class Str)
=item ipatokenradiusconfiglink: RADIUS proxy configuration (type unicode class Str)
=item ipatokenradiususername: RADIUS proxy username (type unicode class Str)
=item departmentnumber: Department Number (arrayref of type unicode class Str)
=item employeenumber: Employee Number (type unicode class Str)
=item employeetype: Employee Type (type unicode class Str)
=item preferredlanguage: Preferred Language (type unicode class Str)
=item usercertificate: Base-64 encoded user certificate (arrayref of type Certificate class Certificate)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item rename: Rename the stage user object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_remove_cert
JSON data for API method stageuser_remove_cert
Remove one or more certificates to the stageuser entry
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item usercertificate: Base-64 encoded user certificate (mandatory arrayref of type Certificate class Certificate)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_remove_certmapdata
JSON data for API method stageuser_remove_certmapdata
Remove one or more certificate mappings from the stage user entry.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=item ipacertmapdata: Certificate mapping data (arrayref of type unicode class Str)
=back
=item Options
=over
=item issuer: Issuer of the certificate (type DN class DNParam)
=item subject: Subject of the certificate (type DN class DNParam)
=item certificate: Base-64 encoded user certificate (arrayref of type Certificate class Certificate)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_remove_manager
JSON data for API method stageuser_remove_manager
Remove a manager to the stage user entry
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_remove_principal
JSON data for API method stageuser_remove_principal
Remove principal alias from the stageuser entry
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=item krbprincipalname: Principal alias (arrayref of type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item stageuser_show
JSON data for API method stageuser_show
Display information about a stage user.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudocmd_add
JSON data for API method sudocmd_add
Create new Sudo Command.
=over
=item Required arguments
=over
=item sudocmd: Sudo Command (type unicode class Str)
=back
=item Options
=over
=item description: A description of this command (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudocmd_del
JSON data for API method sudocmd_del
Delete Sudo Command.
=over
=item Required arguments
=over
=item sudocmd: Sudo Command (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudocmd_find
JSON data for API method sudocmd_find
Search for Sudo Commands.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item sudocmd: Sudo Command (type unicode class Str)
=item description: A description of this command (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("command") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudocmd_mod
JSON data for API method sudocmd_mod
Modify Sudo Command.
=over
=item Required arguments
=over
=item sudocmd: Sudo Command (type unicode class Str)
=back
=item Options
=over
=item description: A description of this command (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudocmd_show
JSON data for API method sudocmd_show
Display Sudo Command.
=over
=item Required arguments
=over
=item sudocmd: Sudo Command (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudocmdgroup_add
JSON data for API method sudocmdgroup_add
Create new Sudo Command Group.
=over
=item Required arguments
=over
=item cn: Sudo Command Group (type unicode class Str)
=back
=item Options
=over
=item description: Group description (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudocmdgroup_add_member
JSON data for API method sudocmdgroup_add_member
Add members to Sudo Command Group.
=over
=item Required arguments
=over
=item cn: Sudo Command Group (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item sudocmd: sudo commands to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudocmdgroup_del
JSON data for API method sudocmdgroup_del
Delete Sudo Command Group.
=over
=item Required arguments
=over
=item cn: Sudo Command Group (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudocmdgroup_find
JSON data for API method sudocmdgroup_find
Search for Sudo Command Groups.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Sudo Command Group (type unicode class Str)
=item description: Group description (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("sudocmdgroup-name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudocmdgroup_mod
JSON data for API method sudocmdgroup_mod
Modify Sudo Command Group.
=over
=item Required arguments
=over
=item cn: Sudo Command Group (type unicode class Str)
=back
=item Options
=over
=item description: Group description (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudocmdgroup_remove_member
JSON data for API method sudocmdgroup_remove_member
Remove members from Sudo Command Group.
=over
=item Required arguments
=over
=item cn: Sudo Command Group (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item sudocmd: sudo commands to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudocmdgroup_show
JSON data for API method sudocmdgroup_show
Display Sudo Command Group.
=over
=item Required arguments
=over
=item cn: Sudo Command Group (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_add
JSON data for API method sudorule_add
Create new Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item description: Description (type unicode class Str)
=item ipaenabledflag: Enabled (type bool class Bool)
=item usercategory: User category the rule applies to (type unicode class StrEnum)
=item hostcategory: Host category the rule applies to (type unicode class StrEnum)
=item cmdcategory: Command category the rule applies to (type unicode class StrEnum)
=item ipasudorunasusercategory: RunAs User category the rule applies to (type unicode class StrEnum)
=item ipasudorunasgroupcategory: RunAs Group category the rule applies to (type unicode class StrEnum)
=item sudoorder: integer to order the Sudo rules (type int class Int)
=item externaluser: External User the rule applies to (sudorule-find only) (type unicode class Str)
=item externalhost: External host (arrayref of type unicode class Str)
=item ipasudorunasextuser: External User the commands can run as (sudorule-find only) (type unicode class Str)
=item ipasudorunasextgroup: External Group the commands can run as (sudorule-find only) (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_add_allow_command
JSON data for API method sudorule_add_allow_command
Add commands and sudo command groups affected by Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item sudocmd: sudo commands to add (arrayref of type unicode class Str)
=item sudocmdgroup: sudo command groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_add_deny_command
JSON data for API method sudorule_add_deny_command
Add commands and sudo command groups affected by Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item sudocmd: sudo commands to add (arrayref of type unicode class Str)
=item sudocmdgroup: sudo command groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_add_host
JSON data for API method sudorule_add_host
Add hosts and hostgroups affected by Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to add (arrayref of type unicode class Str)
=item hostgroup: host groups to add (arrayref of type unicode class Str)
=item hostmask: host masks of allowed hosts (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_add_option
JSON data for API method sudorule_add_option
Add an option to the Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item ipasudoopt: Sudo Option (mandatory type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_add_runasgroup
JSON data for API method sudorule_add_runasgroup
Add group for Sudo to execute as.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item group: groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_add_runasuser
JSON data for API method sudorule_add_runasuser
Add users and groups for Sudo to execute as.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_add_user
JSON data for API method sudorule_add_user
Add users and groups affected by Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_del
JSON data for API method sudorule_del
Delete Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_disable
JSON data for API method sudorule_disable
Disable a Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_enable
JSON data for API method sudorule_enable
Enable a Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_find
JSON data for API method sudorule_find
Search for Sudo Rule.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Rule name (type unicode class Str)
=item description: Description (type unicode class Str)
=item ipaenabledflag: Enabled (type bool class Bool)
=item usercategory: User category the rule applies to (type unicode class StrEnum)
=item hostcategory: Host category the rule applies to (type unicode class StrEnum)
=item cmdcategory: Command category the rule applies to (type unicode class StrEnum)
=item ipasudorunasusercategory: RunAs User category the rule applies to (type unicode class StrEnum)
=item ipasudorunasgroupcategory: RunAs Group category the rule applies to (type unicode class StrEnum)
=item sudoorder: integer to order the Sudo rules (type int class Int)
=item externaluser: External User the rule applies to (sudorule-find only) (type unicode class Str)
=item externalhost: External host (arrayref of type unicode class Str)
=item ipasudorunasextuser: External User the commands can run as (sudorule-find only) (type unicode class Str)
=item ipasudorunasextgroup: External Group the commands can run as (sudorule-find only) (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("sudorule-name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_mod
JSON data for API method sudorule_mod
Modify Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item description: Description (type unicode class Str)
=item ipaenabledflag: Enabled (type bool class Bool)
=item usercategory: User category the rule applies to (type unicode class StrEnum)
=item hostcategory: Host category the rule applies to (type unicode class StrEnum)
=item cmdcategory: Command category the rule applies to (type unicode class StrEnum)
=item ipasudorunasusercategory: RunAs User category the rule applies to (type unicode class StrEnum)
=item ipasudorunasgroupcategory: RunAs Group category the rule applies to (type unicode class StrEnum)
=item sudoorder: integer to order the Sudo rules (type int class Int)
=item externaluser: External User the rule applies to (sudorule-find only) (type unicode class Str)
=item externalhost: External host (arrayref of type unicode class Str)
=item ipasudorunasextuser: External User the commands can run as (sudorule-find only) (type unicode class Str)
=item ipasudorunasextgroup: External Group the commands can run as (sudorule-find only) (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item rename: Rename the sudo rule object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_remove_allow_command
JSON data for API method sudorule_remove_allow_command
Remove commands and sudo command groups affected by Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item sudocmd: sudo commands to remove (arrayref of type unicode class Str)
=item sudocmdgroup: sudo command groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_remove_deny_command
JSON data for API method sudorule_remove_deny_command
Remove commands and sudo command groups affected by Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item sudocmd: sudo commands to remove (arrayref of type unicode class Str)
=item sudocmdgroup: sudo command groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_remove_host
JSON data for API method sudorule_remove_host
Remove hosts and hostgroups affected by Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item host: hosts to remove (arrayref of type unicode class Str)
=item hostgroup: host groups to remove (arrayref of type unicode class Str)
=item hostmask: host masks of allowed hosts (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_remove_option
JSON data for API method sudorule_remove_option
Remove an option from Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item ipasudoopt: Sudo Option (mandatory type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_remove_runasgroup
JSON data for API method sudorule_remove_runasgroup
Remove group for Sudo to execute as.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item group: groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_remove_runasuser
JSON data for API method sudorule_remove_runasuser
Remove users and groups for Sudo to execute as.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_remove_user
JSON data for API method sudorule_remove_user
Remove users and groups affected by Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item sudorule_show
JSON data for API method sudorule_show
Display Sudo Rule.
=over
=item Required arguments
=over
=item cn: Rule name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topic_find
JSON data for API method topic_find
Search for help topics.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topic_show
JSON data for API method topic_show
Display information about a help topic.
=over
=item Required arguments
=over
=item full_name: Full name (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topologysegment_add
JSON data for API method topologysegment_add
Add a new segment.
=over
=item Required arguments
=over
=item topologysuffixcn: Suffix name (type unicode class Str)
=item cn: Arbitrary string identifying the segment (type unicode class Str)
=back
=item Options
=over
=item iparepltoposegmentleftnode: Left replication node - an IPA server (mandatory type unicode class Str)
=item iparepltoposegmentrightnode: Right replication node - an IPA server (mandatory type unicode class Str)
=item iparepltoposegmentdirection: Direction of replication between left and right replication node (type unicode class StrEnum)
=item nsds5replicastripattrs: A space separated list of attributes which are removed from replication updates. (type unicode class Str)
=item nsds5replicatedattributelist: Attributes that are not replicated to a consumer server during a fractional update. E.g., `(objectclass=*) $ EXCLUDE accountlockout memberof (type unicode class Str)
=item nsds5replicatedattributelisttotal: Attributes that are not replicated to a consumer server during a total update. E.g. (objectclass=*) $ EXCLUDE accountlockout (type unicode class Str)
=item nsds5replicatimeout: Number of seconds outbound LDAP operations waits for a response from the remote replica before timing out and failing (type int class Int)
=item nsds5replicaenabled: Whether a replication agreement is active, meaning whether replication is occurring per that agreement (type unicode class StrEnum)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topologysegment_del
JSON data for API method topologysegment_del
Delete a segment.
=over
=item Required arguments
=over
=item topologysuffixcn: Suffix name (type unicode class Str)
=item cn: Arbitrary string identifying the segment (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topologysegment_find
JSON data for API method topologysegment_find
Search for topology segments.
=over
=item Required arguments
=over
=item topologysuffixcn: Suffix name (type unicode class Str)
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Arbitrary string identifying the segment (type unicode class Str)
=item iparepltoposegmentleftnode: Left replication node - an IPA server (type unicode class Str)
=item iparepltoposegmentrightnode: Right replication node - an IPA server (type unicode class Str)
=item iparepltoposegmentdirection: Direction of replication between left and right replication node (type unicode class StrEnum)
=item nsds5replicastripattrs: A space separated list of attributes which are removed from replication updates. (type unicode class Str)
=item nsds5replicatedattributelist: Attributes that are not replicated to a consumer server during a fractional update. E.g., `(objectclass=*) $ EXCLUDE accountlockout memberof (type unicode class Str)
=item nsds5replicatedattributelisttotal: Attributes that are not replicated to a consumer server during a total update. E.g. (objectclass=*) $ EXCLUDE accountlockout (type unicode class Str)
=item nsds5replicatimeout: Number of seconds outbound LDAP operations waits for a response from the remote replica before timing out and failing (type int class Int)
=item nsds5replicaenabled: Whether a replication agreement is active, meaning whether replication is occurring per that agreement (type unicode class StrEnum)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topologysegment_mod
JSON data for API method topologysegment_mod
Modify a segment.
=over
=item Required arguments
=over
=item topologysuffixcn: Suffix name (type unicode class Str)
=item cn: Arbitrary string identifying the segment (type unicode class Str)
=back
=item Options
=over
=item nsds5replicastripattrs: A space separated list of attributes which are removed from replication updates. (type unicode class Str)
=item nsds5replicatedattributelist: Attributes that are not replicated to a consumer server during a fractional update. E.g., `(objectclass=*) $ EXCLUDE accountlockout memberof (type unicode class Str)
=item nsds5replicatedattributelisttotal: Attributes that are not replicated to a consumer server during a total update. E.g. (objectclass=*) $ EXCLUDE accountlockout (type unicode class Str)
=item nsds5replicatimeout: Number of seconds outbound LDAP operations waits for a response from the remote replica before timing out and failing (type int class Int)
=item nsds5replicaenabled: Whether a replication agreement is active, meaning whether replication is occurring per that agreement (type unicode class StrEnum)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topologysegment_reinitialize
JSON data for API method topologysegment_reinitialize
Request a full re-initialization of the node retrieving data from the other node.
=over
=item Required arguments
=over
=item topologysuffixcn: Suffix name (type unicode class Str)
=item cn: Arbitrary string identifying the segment (type unicode class Str)
=back
=item Options
=over
=item left: Initialize left node (type bool class Flag)
=item right: Initialize right node (type bool class Flag)
=item stop: Stop already started refresh of chosen node(s) (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topologysegment_show
JSON data for API method topologysegment_show
Display a segment.
=over
=item Required arguments
=over
=item topologysuffixcn: Suffix name (type unicode class Str)
=item cn: Arbitrary string identifying the segment (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topologysuffix_add
JSON data for API method topologysuffix_add
Add a new topology suffix to be managed.
=over
=item Required arguments
=over
=item cn: Suffix name (type unicode class Str)
=back
=item Options
=over
=item iparepltopoconfroot: Managed LDAP suffix DN (mandatory type DN class DNParam)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topologysuffix_del
JSON data for API method topologysuffix_del
Delete a topology suffix.
=over
=item Required arguments
=over
=item cn: Suffix name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topologysuffix_find
JSON data for API method topologysuffix_find
Search for topology suffixes.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Suffix name (type unicode class Str)
=item iparepltopoconfroot: Managed LDAP suffix DN (type DN class DNParam)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topologysuffix_mod
JSON data for API method topologysuffix_mod
Modify a topology suffix.
=over
=item Required arguments
=over
=item cn: Suffix name (type unicode class Str)
=back
=item Options
=over
=item iparepltopoconfroot: Managed LDAP suffix DN (type DN class DNParam)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topologysuffix_show
JSON data for API method topologysuffix_show
Show managed suffix.
=over
=item Required arguments
=over
=item cn: Suffix name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item topologysuffix_verify
JSON data for API method topologysuffix_verify
Verify replication topology for suffix.
Checks done:
1. check if a topology is not disconnected. In other words if there are
replication paths between all servers.
2. check if servers don't have more than the recommended number of
replication agreements
=over
=item Required arguments
=over
=item cn: Suffix name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trust_add
JSON data for API method trust_add
Add new trust to use.
This command establishes trust relationship to another domain
which becomes 'trusted'. As result, users of the trusted domain
may access resources of this domain.
Only trusts to Active Directory domains are supported right now.
The command can be safely run multiple times against the same domain,
this will cause change to trust relationship credentials on both
sides.
Note that if the command was previously run with a specific range type,
or with automatic detection of the range type, and you want to configure a
different range type, you may need to delete first the ID range using
ipa idrange-del before retrying the command with the desired range type.
=over
=item Required arguments
=over
=item cn: Realm name (type unicode class Str)
=back
=item Options
=over
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item trust_type: Trust type (ad for Active Directory, default) (type unicode class StrEnum)
=item realm_admin: Active Directory domain administrator (type unicode class Str)
=item realm_passwd: Active Directory domain administrator's password (type unicode class Password)
=item realm_server: Domain controller for the Active Directory domain (optional) (type unicode class Str)
=item trust_secret: Shared secret for the trust (type unicode class Password)
=item base_id: First Posix ID of the range reserved for the trusted domain (type int class Int)
=item range_size: Size of the ID range reserved for the trusted domain (type int class Int)
=item range_type: Type of trusted domain ID range, one of ipa-ad-trust, ipa-ad-trust-posix (type unicode class StrEnum)
=item bidirectional: Establish bi-directional trust. By default trust is inbound one-way only. (type bool class Bool)
=item external: Establish external trust to a domain in another forest. The trust is not transitive beyond the domain. (type bool class Bool)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trust_del
JSON data for API method trust_del
Delete a trust.
=over
=item Required arguments
=over
=item cn: Realm name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trust_fetch_domains
JSON data for API method trust_fetch_domains
Refresh list of the domains associated with the trust
=over
=item Required arguments
=over
=item cn: Realm name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item realm_server: Domain controller for the Active Directory domain (optional) (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trust_find
JSON data for API method trust_find
Search for trusts.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Realm name (type unicode class Str)
=item ipantflatname: Domain NetBIOS name (type unicode class Str)
=item ipanttrusteddomainsid: Domain Security Identifier (type unicode class Str)
=item ipantsidblacklistincoming: SID blacklist incoming (arrayref of type unicode class Str)
=item ipantsidblacklistoutgoing: SID blacklist outgoing (arrayref of type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("realm") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trust_mod
JSON data for API method trust_mod
Modify a trust (for future use).
Currently only the default option to modify the LDAP attributes is
available. More specific options will be added in coming releases.
=over
=item Required arguments
=over
=item cn: Realm name (type unicode class Str)
=back
=item Options
=over
=item ipantsidblacklistincoming: SID blacklist incoming (arrayref of type unicode class Str)
=item ipantsidblacklistoutgoing: SID blacklist outgoing (arrayref of type unicode class Str)
=item ipantadditionalsuffixes: UPN suffixes (arrayref of type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trust_resolve
JSON data for API method trust_resolve
Resolve security identifiers of users and groups in trusted domains
=over
=item No required arguments
=item Options
=over
=item sids: Security Identifiers (SIDs) (mandatory arrayref of type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trust_show
JSON data for API method trust_show
Display information about a trust.
=over
=item Required arguments
=over
=item cn: Realm name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trustconfig_mod
JSON data for API method trustconfig_mod
Modify global trust configuration.
=over
=item No required arguments
=item Options
=over
=item ipantfallbackprimarygroup: Fallback primary group (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item trust_type: Trust type (ad for Active Directory, default) (type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trustconfig_show
JSON data for API method trustconfig_show
Show global trust configuration.
=over
=item No required arguments
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item trust_type: Trust type (ad for Active Directory, default) (type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trustdomain_add
JSON data for API method trustdomain_add
Allow access from the trusted domain
=over
=item Required arguments
=over
=item trustcn: Realm name (type unicode class Str)
=item cn: Domain name (type unicode class Str)
=back
=item Options
=over
=item ipantflatname: Domain NetBIOS name (type unicode class Str)
=item ipanttrusteddomainsid: Domain Security Identifier (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item trust_type: Trust type (ad for Active Directory, default) (type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trustdomain_del
JSON data for API method trustdomain_del
Remove information about the domain associated with the trust.
=over
=item Required arguments
=over
=item trustcn: Realm name (type unicode class Str)
=item cn: Domain name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trustdomain_disable
JSON data for API method trustdomain_disable
Disable use of IPA resources by the domain of the trust
=over
=item Required arguments
=over
=item trustcn: Realm name (type unicode class Str)
=item cn: Domain name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trustdomain_enable
JSON data for API method trustdomain_enable
Allow use of IPA resources by the domain of the trust
=over
=item Required arguments
=over
=item trustcn: Realm name (type unicode class Str)
=item cn: Domain name (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trustdomain_find
JSON data for API method trustdomain_find
Search domains of the trust
=over
=item Required arguments
=over
=item trustcn: Realm name (type unicode class Str)
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Domain name (type unicode class Str)
=item ipantflatname: Domain NetBIOS name (type unicode class Str)
=item ipanttrusteddomainsid: Domain Security Identifier (type unicode class Str)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item pkey_only: Results should contain primary key attribute only ("domain") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item trustdomain_mod
JSON data for API method trustdomain_mod
Modify trustdomain of the trust
=over
=item Required arguments
=over
=item trustcn: Realm name (type unicode class Str)
=item cn: Domain name (type unicode class Str)
=back
=item Options
=over
=item ipantflatname: Domain NetBIOS name (type unicode class Str)
=item ipanttrusteddomainsid: Domain Security Identifier (type unicode class Str)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item trust_type: Trust type (ad for Active Directory, default) (type unicode class StrEnum)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_add
JSON data for API method user_add
Add a new user.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item givenname: First name (mandatory type unicode class Str)
=item sn: Last name (mandatory type unicode class Str)
=item cn: Full name (type unicode class Str)
=item displayname: Display name (type unicode class Str)
=item initials: Initials (type unicode class Str)
=item homedirectory: Home directory (type unicode class Str)
=item gecos: GECOS (type unicode class Str)
=item loginshell: Login shell (type unicode class Str)
=item krbprincipalname: Principal alias (arrayref of type Principal class Principal)
=item krbprincipalexpiration: Kerberos principal expiration (type datetime class DateTime)
=item krbpasswordexpiration: User password expiration (type datetime class DateTime)
=item mail: Email address (arrayref of type unicode class Str)
=item userpassword: Prompt to set the user password (type unicode class Password)
=item random: Generate a random user password (type bool class Flag)
=item uidnumber: User ID Number (system will assign one if not provided) (type int class Int)
=item gidnumber: Group ID Number (type int class Int)
=item street: Street address (type unicode class Str)
=item l: City (type unicode class Str)
=item st: State/Province (type unicode class Str)
=item postalcode: ZIP (type unicode class Str)
=item telephonenumber: Telephone Number (arrayref of type unicode class Str)
=item mobile: Mobile Telephone Number (arrayref of type unicode class Str)
=item pager: Pager Number (arrayref of type unicode class Str)
=item facsimiletelephonenumber: Fax Number (arrayref of type unicode class Str)
=item ou: Org. Unit (type unicode class Str)
=item title: Job Title (type unicode class Str)
=item manager: Manager (type unicode class Str)
=item carlicense: Car License (arrayref of type unicode class Str)
=item ipasshpubkey: SSH public key (arrayref of type unicode class Str)
=item ipauserauthtype: Types of supported user authentication (arrayref of type unicode class StrEnum)
=item userclass: User category (semantics placed on this attribute are for local interpretation) (arrayref of type unicode class Str)
=item ipatokenradiusconfiglink: RADIUS proxy configuration (type unicode class Str)
=item ipatokenradiususername: RADIUS proxy username (type unicode class Str)
=item departmentnumber: Department Number (arrayref of type unicode class Str)
=item employeenumber: Employee Number (type unicode class Str)
=item employeetype: Employee Type (type unicode class Str)
=item preferredlanguage: Preferred Language (type unicode class Str)
=item usercertificate: Base-64 encoded user certificate (arrayref of type Certificate class Certificate)
=item nsaccountlock: Account disabled (type bool class Bool)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item noprivate: Don't create user private group (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_add_cert
JSON data for API method user_add_cert
Add one or more certificates to the user entry
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item usercertificate: Base-64 encoded user certificate (mandatory arrayref of type Certificate class Certificate)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_add_certmapdata
JSON data for API method user_add_certmapdata
Add one or more certificate mappings to the user entry.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=item ipacertmapdata: Certificate mapping data (arrayref of type unicode class Str)
=back
=item Options
=over
=item issuer: Issuer of the certificate (type DN class DNParam)
=item subject: Subject of the certificate (type DN class DNParam)
=item certificate: Base-64 encoded user certificate (arrayref of type Certificate class Certificate)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_add_manager
JSON data for API method user_add_manager
Add a manager to the user entry
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_add_principal
JSON data for API method user_add_principal
Add new principal alias to the user entry
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=item krbprincipalname: Principal alias (arrayref of type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_del
JSON data for API method user_del
Delete a user.
=over
=item Required arguments
=over
=item uid: User login (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item preserve: <preserve> (type bool class Bool)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_disable
JSON data for API method user_disable
Disable a user account.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_enable
JSON data for API method user_enable
Enable a user account.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_find
JSON data for API method user_find
Search for users.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item uid: User login (type unicode class Str)
=item givenname: First name (type unicode class Str)
=item sn: Last name (type unicode class Str)
=item cn: Full name (type unicode class Str)
=item displayname: Display name (type unicode class Str)
=item initials: Initials (type unicode class Str)
=item homedirectory: Home directory (type unicode class Str)
=item gecos: GECOS (type unicode class Str)
=item loginshell: Login shell (type unicode class Str)
=item krbprincipalname: Principal alias (arrayref of type Principal class Principal)
=item krbprincipalexpiration: Kerberos principal expiration (type datetime class DateTime)
=item krbpasswordexpiration: User password expiration (type datetime class DateTime)
=item mail: Email address (arrayref of type unicode class Str)
=item userpassword: Prompt to set the user password (type unicode class Password)
=item uidnumber: User ID Number (system will assign one if not provided) (type int class Int)
=item gidnumber: Group ID Number (type int class Int)
=item street: Street address (type unicode class Str)
=item l: City (type unicode class Str)
=item st: State/Province (type unicode class Str)
=item postalcode: ZIP (type unicode class Str)
=item telephonenumber: Telephone Number (arrayref of type unicode class Str)
=item mobile: Mobile Telephone Number (arrayref of type unicode class Str)
=item pager: Pager Number (arrayref of type unicode class Str)
=item facsimiletelephonenumber: Fax Number (arrayref of type unicode class Str)
=item ou: Org. Unit (type unicode class Str)
=item title: Job Title (type unicode class Str)
=item manager: Manager (type unicode class Str)
=item carlicense: Car License (arrayref of type unicode class Str)
=item ipauserauthtype: Types of supported user authentication (arrayref of type unicode class StrEnum)
=item userclass: User category (semantics placed on this attribute are for local interpretation) (arrayref of type unicode class Str)
=item ipatokenradiusconfiglink: RADIUS proxy configuration (type unicode class Str)
=item ipatokenradiususername: RADIUS proxy username (type unicode class Str)
=item departmentnumber: Department Number (arrayref of type unicode class Str)
=item employeenumber: Employee Number (type unicode class Str)
=item employeetype: Employee Type (type unicode class Str)
=item preferredlanguage: Preferred Language (type unicode class Str)
=item usercertificate: Base-64 encoded user certificate (arrayref of type Certificate class Certificate)
=item nsaccountlock: Account disabled (type bool class Bool)
=item preserved: Preserved user (type bool class Bool)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item whoami: Display user record for current Kerberos principal (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("login") (type bool class Flag)
=item in_group: Search for users with these member of groups. (arrayref of type unicode class Str)
=item not_in_group: Search for users without these member of groups. (arrayref of type unicode class Str)
=item in_netgroup: Search for users with these member of netgroups. (arrayref of type unicode class Str)
=item not_in_netgroup: Search for users without these member of netgroups. (arrayref of type unicode class Str)
=item in_role: Search for users with these member of roles. (arrayref of type unicode class Str)
=item not_in_role: Search for users without these member of roles. (arrayref of type unicode class Str)
=item in_hbacrule: Search for users with these member of HBAC rules. (arrayref of type unicode class Str)
=item not_in_hbacrule: Search for users without these member of HBAC rules. (arrayref of type unicode class Str)
=item in_sudorule: Search for users with these member of sudo rules. (arrayref of type unicode class Str)
=item not_in_sudorule: Search for users without these member of sudo rules. (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_mod
JSON data for API method user_mod
Modify a user.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item givenname: First name (type unicode class Str)
=item sn: Last name (type unicode class Str)
=item cn: Full name (type unicode class Str)
=item displayname: Display name (type unicode class Str)
=item initials: Initials (type unicode class Str)
=item homedirectory: Home directory (type unicode class Str)
=item gecos: GECOS (type unicode class Str)
=item loginshell: Login shell (type unicode class Str)
=item krbprincipalname: Principal alias (arrayref of type Principal class Principal)
=item krbprincipalexpiration: Kerberos principal expiration (type datetime class DateTime)
=item krbpasswordexpiration: User password expiration (type datetime class DateTime)
=item mail: Email address (arrayref of type unicode class Str)
=item userpassword: Prompt to set the user password (type unicode class Password)
=item random: Generate a random user password (type bool class Flag)
=item uidnumber: User ID Number (system will assign one if not provided) (type int class Int)
=item gidnumber: Group ID Number (type int class Int)
=item street: Street address (type unicode class Str)
=item l: City (type unicode class Str)
=item st: State/Province (type unicode class Str)
=item postalcode: ZIP (type unicode class Str)
=item telephonenumber: Telephone Number (arrayref of type unicode class Str)
=item mobile: Mobile Telephone Number (arrayref of type unicode class Str)
=item pager: Pager Number (arrayref of type unicode class Str)
=item facsimiletelephonenumber: Fax Number (arrayref of type unicode class Str)
=item ou: Org. Unit (type unicode class Str)
=item title: Job Title (type unicode class Str)
=item manager: Manager (type unicode class Str)
=item carlicense: Car License (arrayref of type unicode class Str)
=item ipasshpubkey: SSH public key (arrayref of type unicode class Str)
=item ipauserauthtype: Types of supported user authentication (arrayref of type unicode class StrEnum)
=item userclass: User category (semantics placed on this attribute are for local interpretation) (arrayref of type unicode class Str)
=item ipatokenradiusconfiglink: RADIUS proxy configuration (type unicode class Str)
=item ipatokenradiususername: RADIUS proxy username (type unicode class Str)
=item departmentnumber: Department Number (arrayref of type unicode class Str)
=item employeenumber: Employee Number (type unicode class Str)
=item employeetype: Employee Type (type unicode class Str)
=item preferredlanguage: Preferred Language (type unicode class Str)
=item usercertificate: Base-64 encoded user certificate (arrayref of type Certificate class Certificate)
=item nsaccountlock: Account disabled (type bool class Bool)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item rename: Rename the user object (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_remove_cert
JSON data for API method user_remove_cert
Remove one or more certificates to the user entry
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item usercertificate: Base-64 encoded user certificate (mandatory arrayref of type Certificate class Certificate)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_remove_certmapdata
JSON data for API method user_remove_certmapdata
Remove one or more certificate mappings from the user entry.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=item ipacertmapdata: Certificate mapping data (arrayref of type unicode class Str)
=back
=item Options
=over
=item issuer: Issuer of the certificate (type DN class DNParam)
=item subject: Subject of the certificate (type DN class DNParam)
=item certificate: Base-64 encoded user certificate (arrayref of type Certificate class Certificate)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_remove_manager
JSON data for API method user_remove_manager
Remove a manager to the user entry
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_remove_principal
JSON data for API method user_remove_principal
Remove principal alias from the user entry
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=item krbprincipalname: Principal alias (arrayref of type Principal class Principal)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_show
JSON data for API method user_show
Display information about a user.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item out: file to store certificate in (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_stage
JSON data for API method user_stage
Move deleted user into staged area
=over
=item Required arguments
=over
=item uid: User login (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_status
JSON data for API method user_status
Lockout status of a user account
An account may become locked if the password is entered incorrectly too
many times within a specific time period as controlled by password
policy. A locked account is a temporary condition and may be unlocked by
an administrator.
This connects to each IPA master and displays the lockout status on
each one.
To determine whether an account is locked on a given server you need
to compare the number of failed logins and the time of the last failure.
For an account to be locked it must exceed the maxfail failures within
the failinterval duration as specified in the password policy associated
with the user.
The failed login counter is modified only when a user attempts a log in
so it is possible that an account may appear locked but the last failed
login attempt is older than the lockouttime of the password policy. This
means that the user may attempt a login again.
=over
=item Required arguments
=over
=item useruid: User login (type unicode class Str)
=back
=item Options
=over
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_undel
JSON data for API method user_undel
Undelete a delete user account.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item user_unlock
JSON data for API method user_unlock
Unlock a user account
An account may become locked if the password is entered incorrectly too
many times within a specific time period as controlled by password
policy. A locked account is a temporary condition and may be unlocked by
an administrator.
=over
=item Required arguments
=over
=item uid: User login (type unicode class Str)
=back
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vault_add_internal
JSON data for API method vault_add_internal
=over
=item Required arguments
=over
=item cn: Vault name (type unicode class Str)
=back
=item Options
=over
=item description: Vault description (type unicode class Str)
=item ipavaulttype: Vault type (type unicode class StrEnum)
=item ipavaultsalt: Vault salt (type str class Bytes)
=item ipavaultpublickey: Vault public key (type str class Bytes)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vault_add_member
JSON data for API method vault_add_member
Add members to a vault.
=over
=item Required arguments
=over
=item cn: Vault name (type unicode class Str)
=back
=item Options
=over
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item services: services to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vault_add_owner
JSON data for API method vault_add_owner
Add owners to a vault.
=over
=item Required arguments
=over
=item cn: Vault name (type unicode class Str)
=back
=item Options
=over
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item services: services to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vault_archive_internal
JSON data for API method vault_archive_internal
=over
=item Required arguments
=over
=item cn: Vault name (type unicode class Str)
=back
=item Options
=over
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item session_key: Session key wrapped with transport certificate (mandatory type str class Bytes)
=item vault_data: Vault data encrypted with session key (mandatory type str class Bytes)
=item nonce: Nonce (mandatory type str class Bytes)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vault_del
JSON data for API method vault_del
Delete a vault.
=over
=item Required arguments
=over
=item cn: Vault name (arrayref of type unicode class Str)
=back
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vault_find
JSON data for API method vault_find
Search for vaults.
=over
=item Required arguments
=over
=item criteria: A string searched in all relevant object attributes (type unicode class Str)
=back
=item Options
=over
=item cn: Vault name (type unicode class Str)
=item description: Vault description (type unicode class Str)
=item ipavaulttype: Vault type (type unicode class StrEnum)
=item timelimit: Time limit of search in seconds (0 is unlimited) (type int class Int)
=item sizelimit: Maximum number of entries returned (0 is unlimited) (type int class Int)
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item services: List all service vaults (type bool class Flag)
=item users: List all user vaults (type bool class Flag)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item pkey_only: Results should contain primary key attribute only ("name") (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vault_mod_internal
JSON data for API method vault_mod_internal
=over
=item Required arguments
=over
=item cn: Vault name (type unicode class Str)
=back
=item Options
=over
=item description: Vault description (type unicode class Str)
=item ipavaulttype: Vault type (type unicode class StrEnum)
=item ipavaultsalt: Vault salt (type str class Bytes)
=item ipavaultpublickey: Vault public key (type str class Bytes)
=item setattr: Set an attribute to a name/value pair. Format is attr=value.
For multi-valued attributes, the command replaces the values already present. (arrayref of type unicode class Str)
=item addattr: Add an attribute/value pair. Format is attr=value. The attribute
must be part of the schema. (arrayref of type unicode class Str)
=item delattr: Delete an attribute/value pair. The option will be evaluated
last, after all sets and adds. (arrayref of type unicode class Str)
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vault_remove_member
JSON data for API method vault_remove_member
Remove members from a vault.
=over
=item Required arguments
=over
=item cn: Vault name (type unicode class Str)
=back
=item Options
=over
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item services: services to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vault_remove_owner
JSON data for API method vault_remove_owner
Remove owners from a vault.
=over
=item Required arguments
=over
=item cn: Vault name (type unicode class Str)
=back
=item Options
=over
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item services: services to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vault_retrieve_internal
JSON data for API method vault_retrieve_internal
=over
=item Required arguments
=over
=item cn: Vault name (type unicode class Str)
=back
=item Options
=over
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item session_key: Session key wrapped with transport certificate (mandatory type str class Bytes)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vault_show
JSON data for API method vault_show
Display information about a vault.
=over
=item Required arguments
=over
=item cn: Vault name (type unicode class Str)
=back
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vaultconfig_show
JSON data for API method vaultconfig_show
Show vault configuration.
=over
=item No required arguments
=item Options
=over
=item transport_out: Output file to store the transport certificate (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vaultcontainer_add_owner
JSON data for API method vaultcontainer_add_owner
Add owners to a vault container.
=over
=item No required arguments
=item Options
=over
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to add (arrayref of type unicode class Str)
=item group: groups to add (arrayref of type unicode class Str)
=item services: services to add (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vaultcontainer_del
JSON data for API method vaultcontainer_del
Delete a vault container.
=over
=item No required arguments
=item Options
=over
=item continue: Continuous mode: Don't stop on errors. (type bool class Flag)
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vaultcontainer_remove_owner
JSON data for API method vaultcontainer_remove_owner
Remove owners from a vault container.
=over
=item No required arguments
=item Options
=over
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item user: users to remove (arrayref of type unicode class Str)
=item group: groups to remove (arrayref of type unicode class Str)
=item services: services to remove (arrayref of type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item vaultcontainer_show
JSON data for API method vaultcontainer_show
Display information about a vault container.
=over
=item No required arguments
=item Options
=over
=item rights: Display the access rights of this entry (requires --all). See ipa man page for details. (type bool class Flag)
=item service: Service name of the service vault (type Principal class Principal)
=item shared: Shared vault (type bool class Flag)
=item username: Username of the user vault (type unicode class Str)
=item all: Retrieve and print all attributes from the server. Affects command output. (type bool class Flag)
=item raw: Print entries as stored on the server. Only affects output format. (type bool class Flag)
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item no_members: Suppress processing of membership attributes. (type bool class Flag)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=item whoami
JSON data for API method whoami
Describe currently authenticated identity.
=over
=item No required arguments
=item Options
=over
=item version: Client version. Used to determine if server will accept request. (type unicode class Str)
=item All options starting with C<__> are passed as options to C<Net::FreeIPA::RPC::rpc>.
=back
=back
=cut
=pod
=back
=cut