[devyn@ipa ~]$ ipa help commands
automember-add Add an automember rule.
automember-add-condition Add conditions to an automember rule.
automember-default-group-remove Remove default (fallback) group for all unmatched entries.
automember-default-group-set Set default (fallback) group for all unmatched entries.
automember-default-group-show Display information about the default (fallback) automember groups.
automember-del Delete an automember rule.
automember-find Search for automember rules.
automember-mod Modify an automember rule.
automember-rebuild Rebuild auto membership.
automember-remove-condition Remove conditions from an automember rule.
automember-show Display information about an automember rule.
automountkey-add Create a new automount key.
automountkey-del Delete an automount key.
automountkey-find Search for an automount key.
automountkey-mod Modify an automount key.
automountkey-show Display an automount key.
automountlocation-add Create a new automount location.
automountlocation-del Delete an automount location.
automountlocation-find Search for an automount location.
automountlocation-import Import automount files for a specific location.
automountlocation-show Display an automount location.
automountlocation-tofiles Generate automount files for a specific location.
automountmap-add Create a new automount map.
automountmap-add-indirect Create a new indirect mount point.
automountmap-del Delete an automount map.
automountmap-find Search for an automount map.
automountmap-mod Modify an automount map.
automountmap-show Display an automount map.
caacl-add Create a new CA ACL.
caacl-add-host Add target hosts and hostgroups to a CA ACL.
caacl-add-profile Add profiles to a CA ACL.
caacl-add-service Add services to a CA ACL.
caacl-add-user Add users and groups to a CA ACL.
caacl-del Delete a CA ACL.
caacl-disable Disable a CA ACL.
caacl-enable Enable a CA ACL.
caacl-find Search for CA ACLs.
caacl-mod Modify a CA ACL.
caacl-remove-host Remove target hosts and hostgroups from a CA ACL.
caacl-remove-profile Remove profiles from a CA ACL.
caacl-remove-service Remove services from a CA ACL.
caacl-remove-user Remove users and groups from a CA ACL.
caacl-show Display the properties of a CA ACL.
cert-find Search for existing certificates.
cert-remove-hold Take a revoked certificate off hold.
cert-request Submit a certificate signing request.
cert-revoke Revoke a certificate.
cert-show Retrieve an existing certificate.
cert-status Check the status of a certificate signing request.
certprofile-del Delete a Certificate Profile.
certprofile-find Search for Certificate Profiles.
certprofile-import Import a Certificate Profile.
certprofile-mod Modify Certificate Profile configuration.
certprofile-show Display the properties of a Certificate Profile.
config-mod Modify configuration options.
config-show Show the current configuration.
console Start the IPA interactive Python console, or run a script.
delegation-add Add a new delegation.
delegation-del Delete a delegation.
delegation-find Search for delegations.
delegation-mod Modify a delegation.
delegation-show Display information about a delegation.
dns-resolve Resolve a host name in DNS.
dnsconfig-mod Modify global DNS configuration.
dnsconfig-show Show the current global DNS configuration.
dnsforwardzone-add Create new DNS forward zone.
dnsforwardzone-add-permission Add a permission for per-forward zone access delegation.
dnsforwardzone-del Delete DNS forward zone.
dnsforwardzone-disable Disable DNS Forward Zone.
dnsforwardzone-enable Enable DNS Forward Zone.
dnsforwardzone-find Search for DNS forward zones.
dnsforwardzone-mod Modify DNS forward zone.
dnsforwardzone-remove-permission Remove a permission for per-forward zone access delegation.
dnsforwardzone-show Display information about a DNS forward zone.
dnsrecord-add Add new DNS resource record.
dnsrecord-del Delete DNS resource record.
dnsrecord-find Search for DNS resources.
dnsrecord-mod Modify a DNS resource record.
dnsrecord-show Display DNS resource.
dnszone-add Create new DNS zone (SOA record).
dnszone-add-permission Add a permission for per-zone access delegation.
dnszone-del Delete DNS zone (SOA record).
dnszone-disable Disable DNS Zone.
dnszone-enable Enable DNS Zone.
dnszone-find Search for DNS zones (SOA records).
dnszone-mod Modify DNS zone (SOA record).
dnszone-remove-permission Remove a permission for per-zone access delegation.
dnszone-show Display information about a DNS zone (SOA record).
env Show environment variables.
group-add Create a new group.
group-add-member Add members to a group.
group-del Delete group.
group-detach Detach a managed group from a user.
group-find Search for groups.
group-mod Modify a group.
group-remove-member Remove members from a group.
group-show Display information about a named group.
hbacrule-add Create a new HBAC rule.
hbacrule-add-host Add target hosts and hostgroups to an HBAC rule.
hbacrule-add-service Add services to an HBAC rule.
hbacrule-add-user Add users and groups to an HBAC rule.
hbacrule-del Delete an HBAC rule.
hbacrule-disable Disable an HBAC rule.
hbacrule-enable Enable an HBAC rule.
hbacrule-find Search for HBAC rules.
hbacrule-mod Modify an HBAC rule.
hbacrule-remove-host Remove target hosts and hostgroups from an HBAC rule.
hbacrule-remove-service Remove service and service groups from an HBAC rule.
hbacrule-remove-user Remove users and groups from an HBAC rule.
hbacrule-show Display the properties of an HBAC rule.
hbacsvc-add Add a new HBAC service.
hbacsvc-del Delete an existing HBAC service.
hbacsvc-find Search for HBAC services.
hbacsvc-mod Modify an HBAC service.
hbacsvc-show Display information about an HBAC service.
hbacsvcgroup-add Add a new HBAC service group.
hbacsvcgroup-add-member Add members to an HBAC service group.
hbacsvcgroup-del Delete an HBAC service group.
hbacsvcgroup-find Search for an HBAC service group.
hbacsvcgroup-mod Modify an HBAC service group.
hbacsvcgroup-remove-member Remove members from an HBAC service group.
hbacsvcgroup-show Display information about an HBAC service group.
hbactest Simulate use of Host-based access controls
help Display help for a command or topic.
host-add Add a new host.
host-add-cert Add certificates to host entry
host-add-managedby Add hosts that can manage this host.
host-allow-create-keytab Allow users, groups, hosts or host groups to create a keytab of this host.
host-allow-retrieve-keytab Allow users, groups, hosts or host groups to retrieve a keytab of this host.
host-del Delete a host.
host-disable Disable the Kerberos key, SSL certificate and all services of a host.
host-disallow-create-keytab Disallow users, groups, hosts or host groups to create a keytab of this host.
host-disallow-retrieve-keytab Disallow users, groups, hosts or host groups to retrieve a keytab of this host.
host-find Search for hosts.
host-mod Modify information about a host.
host-remove-cert Remove certificates from host entry
host-remove-managedby Remove hosts that can manage this host.
host-show Display information about a host.
hostgroup-add Add a new hostgroup.
hostgroup-add-member Add members to a hostgroup.
hostgroup-del Delete a hostgroup.
hostgroup-find Search for hostgroups.
hostgroup-mod Modify a hostgroup.
hostgroup-remove-member Remove members from a hostgroup.
hostgroup-show Display information about a hostgroup.
idoverridegroup-add Add a new Group ID override.
idoverridegroup-del Delete an Group ID override.
idoverridegroup-find Search for an Group ID override.
idoverridegroup-mod Modify an Group ID override.
idoverridegroup-show Display information about an Group ID override.
idoverrideuser-add Add a new User ID override.
idoverrideuser-del Delete an User ID override.
idoverrideuser-find Search for an User ID override.
idoverrideuser-mod Modify an User ID override.
idoverrideuser-show Display information about an User ID override.
idrange-add Add new ID range.
idrange-del Delete an ID range.
idrange-find Search for ranges.
idrange-mod Modify ID range.
idrange-show Display information about a range.
idview-add Add a new ID View.
idview-apply Applies ID View to specified hosts or current members of specified hostgroups. If any other ID View is applied to the host, it is overriden.
idview-del Delete an ID View.
idview-find Search for an ID View.
idview-mod Modify an ID View.
idview-show Display information about an ID View.
idview-unapply Clears ID View from specified hosts or current members of specified hostgroups.
krbtpolicy-mod Modify Kerberos ticket policy.
krbtpolicy-reset Reset Kerberos ticket policy to the default values.
krbtpolicy-show Display the current Kerberos ticket policy.
migrate-ds Migrate users and groups from DS to IPA.
netgroup-add Add a new netgroup.
netgroup-add-member Add members to a netgroup.
netgroup-del Delete a netgroup.
netgroup-find Search for a netgroup.
netgroup-mod Modify a netgroup.
netgroup-remove-member Remove members from a netgroup.
netgroup-show Display information about a netgroup.
otpconfig-mod Modify OTP configuration options.
otpconfig-show Show the current OTP configuration.
otptoken-add Add a new OTP token.
otptoken-add-managedby Add users that can manage this token.
otptoken-add-yubikey Add a new YubiKey OTP token.
otptoken-del Delete an OTP token.
otptoken-find Search for OTP token.
otptoken-mod Modify a OTP token.
otptoken-remove-managedby Remove hosts that can manage this host.
otptoken-show Display information about an OTP token.
otptoken-sync Synchronize an OTP token.
passwd Set a user's password.
permission-add Add a new permission.
permission-del Delete a permission.
permission-find Search for permissions.
permission-mod Modify a permission.
permission-show Display information about a permission.
ping Ping a remote server.
plugins Show all loaded plugins.
privilege-add Add a new privilege.
privilege-add-permission Add permissions to a privilege.
privilege-del Delete a privilege.
privilege-find Search for privileges.
privilege-mod Modify a privilege.
privilege-remove-permission Remove permissions from a privilege.
privilege-show Display information about a privilege.
pwpolicy-add Add a new group password policy.
pwpolicy-del Delete a group password policy.
pwpolicy-find Search for group password policies.
pwpolicy-mod Modify a group password policy.
pwpolicy-show Display information about password policy.
radiusproxy-add Add a new RADIUS proxy server.
radiusproxy-del Delete a RADIUS proxy server.
radiusproxy-find Search for RADIUS proxy servers.
radiusproxy-mod Modify a RADIUS proxy server.
radiusproxy-show Display information about a RADIUS proxy server.
realmdomains-mod Modify realm domains.
realmdomains-show Display the list of realm domains.
role-add Add a new role.
role-add-member Add members to a role.
role-add-privilege Add privileges to a role.
role-del Delete a role.
role-find Search for roles.
role-mod Modify a role.
role-remove-member Remove members from a role.
role-remove-privilege Remove privileges from a role.
role-show Display information about a role.
selfservice-add Add a new self-service permission.
selfservice-del Delete a self-service permission.
selfservice-find Search for a self-service permission.
selfservice-mod Modify a self-service permission.
selfservice-show Display information about a self-service permission.
selinuxusermap-add Create a new SELinux User Map.
selinuxusermap-add-host Add target hosts and hostgroups to an SELinux User Map rule.
selinuxusermap-add-user Add users and groups to an SELinux User Map rule.
selinuxusermap-del Delete a SELinux User Map.
selinuxusermap-disable Disable an SELinux User Map rule.
selinuxusermap-enable Enable an SELinux User Map rule.
selinuxusermap-find Search for SELinux User Maps.
selinuxusermap-mod Modify a SELinux User Map.
selinuxusermap-remove-host Remove target hosts and hostgroups from an SELinux User Map rule.
selinuxusermap-remove-user Remove users and groups from an SELinux User Map rule.
selinuxusermap-show Display the properties of a SELinux User Map rule.
server-find Search for IPA servers.
server-show Show IPA server.
service-add Add a new IPA new service.
service-add-cert Add new certificates to a service
service-add-host Add hosts that can manage this service.
service-allow-create-keytab Allow users, groups, hosts or host groups to create a keytab of this service.
service-allow-retrieve-keytab Allow users, groups, hosts or host groups to retrieve a keytab of this service.
service-del Delete an IPA service.
service-disable Disable the Kerberos key and SSL certificate of a service.
service-disallow-create-keytab Disallow users, groups, hosts or host groups to create a keytab of this service.
service-disallow-retrieve-keytab Disallow users, groups, hosts or host groups to retrieve a keytab of this service.
service-find Search for IPA services.
service-mod Modify an existing IPA service.
service-remove-cert Remove certificates from a service
service-remove-host Remove hosts that can manage this service.
service-show Display information about an IPA service.
servicedelegationrule-add Create a new service delegation rule.
servicedelegationrule-add-member Add member to a named service delegation rule.
servicedelegationrule-add-target Add target to a named service delegation rule.
servicedelegationrule-del Delete service delegation.
servicedelegationrule-find Search for service delegations rule.
servicedelegationrule-remove-member Remove member from a named service delegation rule.
servicedelegationrule-remove-target Remove target from a named service delegation rule.
servicedelegationrule-show Display information about a named service delegation rule.
servicedelegationtarget-add Create a new service delegation target.
servicedelegationtarget-add-member Add member to a named service delegation target.
servicedelegationtarget-del Delete service delegation target.
servicedelegationtarget-find Search for service delegation target.
servicedelegationtarget-remove-member Remove member from a named service delegation target.
servicedelegationtarget-show Display information about a named service delegation target.
show-mappings Show mapping of LDAP attributes to command-line option.
stageuser-activate Activate a stage user.
stageuser-add Add a new stage user.
stageuser-del Delete a stage user.
stageuser-find Search for stage users.
stageuser-mod Modify a stage user.
stageuser-show Display information about a stage user.
sudocmd-add Create new Sudo Command.
sudocmd-del Delete Sudo Command.
sudocmd-find Search for Sudo Commands.
sudocmd-mod Modify Sudo Command.
sudocmd-show Display Sudo Command.
sudocmdgroup-add Create new Sudo Command Group.
sudocmdgroup-add-member Add members to Sudo Command Group.
sudocmdgroup-del Delete Sudo Command Group.
sudocmdgroup-find Search for Sudo Command Groups.
sudocmdgroup-mod Modify Sudo Command Group.
sudocmdgroup-remove-member Remove members from Sudo Command Group.
sudocmdgroup-show Display Sudo Command Group.
sudorule-add Create new Sudo Rule.
sudorule-add-allow-command Add commands and sudo command groups affected by Sudo Rule.
sudorule-add-deny-command Add commands and sudo command groups affected by Sudo Rule.
sudorule-add-host Add hosts and hostgroups affected by Sudo Rule.
sudorule-add-option Add an option to the Sudo Rule.
sudorule-add-runasgroup Add group for Sudo to execute as.
sudorule-add-runasuser Add users and groups for Sudo to execute as.
sudorule-add-user Add users and groups affected by Sudo Rule.
sudorule-del Delete Sudo Rule.
sudorule-disable Disable a Sudo Rule.
sudorule-enable Enable a Sudo Rule.
sudorule-find Search for Sudo Rule.
sudorule-mod Modify Sudo Rule.
sudorule-remove-allow-command Remove commands and sudo command groups affected by Sudo Rule.
sudorule-remove-deny-command Remove commands and sudo command groups affected by Sudo Rule.
sudorule-remove-host Remove hosts and hostgroups affected by Sudo Rule.
sudorule-remove-option Remove an option from Sudo Rule.
sudorule-remove-runasgroup Remove group for Sudo to execute as.
sudorule-remove-runasuser Remove users and groups for Sudo to execute as.
sudorule-remove-user Remove users and groups affected by Sudo Rule.
sudorule-show Display Sudo Rule.
trust-add Add new trust to use.
trust-del Delete a trust.
trust-fetch-domains Refresh list of the domains associated with the trust
trust-find Search for trusts.
trust-mod Modify a trust (for future use).
trust-show Display information about a trust.
trustconfig-mod Modify global trust configuration.
trustconfig-show Show global trust configuration.
trustdomain-del Remove infromation about the domain associated with the trust.
trustdomain-disable Disable use of IPA resources by the domain of the trust
trustdomain-enable Allow use of IPA resources by the domain of the trust
trustdomain-find Search domains of the trust
user-add Add a new user.
user-add-cert Add one or more certificates to the user entry
user-del Delete a user.
user-disable Disable a user account.
user-enable Enable a user account.
user-find Search for users.
user-mod Modify a user.
user-remove-cert Remove one or more certificates to the user entry
user-show Display information about a user.
user-stage Move deleted user into staged area
user-status Lockout status of a user account
user-undel Undelete a delete user account.
user-unlock Unlock a user account
vault-add Create a new vault.
vault-add-member Add members to a vault.
vault-add-owner Add owners to a vault.
vault-archive Archive data into a vault.
vault-del Delete a vault.
vault-find Search for vaults.
vault-mod Modify a vault.
vault-remove-member Remove members from a vault.
vault-remove-owner Remove owners from a vault.
vault-retrieve Retrieve a data from a vault.
vault-show Display information about a vault.
vaultconfig-show Show vault configuration.
vaultcontainer-add-owner Add owners to a vault container.
vaultcontainer-del Delete a vault container.
vaultcontainer-remove-owner Remove owners from a vault container.
vaultcontainer-show Display information about a vault container.
-
-
Save krispayne/c71bad76e7d35287621fac6e1e6a0dcb to your computer and use it in GitHub Desktop.
FreeIPA api notes
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment