trust_add#

Add new trust to use.

This command establishes trust relationship to another domain which becomes ‘trusted’. As result, users of the trusted domain may access resources of this domain.

Only trusts to Active Directory domains are supported right now.

The command can be safely run multiple times against the same domain, this will cause change to trust relationship credentials on both sides.

Note that if the command was previously run with a specific range type, or with automatic detection of the range type, and you want to configure a different range type, you may need to delete first the ID range using ipa idrange-del before retrying the command with the desired range type.

Arguments#

Name

Type

Required

cn

Str

True

Options#

  • trust_type : StrEnum (Required)

    • Default: ad

    • Values: (‘ad’,)

  • all : Flag (Required)

    • Default: False

  • raw : Flag (Required)

    • Default: False

  • setattr : Str

  • addattr : Str

  • realm_admin : Str

  • realm_passwd : Password

  • realm_server : Str

  • trust_secret : Password

  • base_id : Int

  • range_size : Int

  • range_type : StrEnum

    • Values: (‘ipa-ad-trust’, ‘ipa-ad-trust-posix’)

  • bidirectional : Bool

    • Default: False

  • external : Bool

    • Default: False

  • version : Str

Output#

Name

Type

result

Entry

summary

Output

value

PrimaryKey

Semantics#

Notes#

Version differences#