diff --git a/check_ipa/README b/check_ipa/README
index 0629b53..e23e546 100644
--- a/check_ipa/README
+++ b/check_ipa/README
@@ -1,3 +1,19 @@
-check_ipa
+check_ipa_replication
+=====================
+You need some configuration for this plugin to have access to replication
+information.
+
+Allow anonymous read to replication information
+-----------------------------------------------
+You will need to do this for every IPA server, masters and replicas
+
+```
+ldapmodify -x -D "cn=directory manager" -W -f grant_anonymous_replication_view.ldif -h ipa-host.example.com
+```
+
+Configure the directory manager credentials
+-------------------------------------------
+NOT RECOMENDED, you can use -D and -w with the directory manager credentials
+and the plugin will work as expected.
+
 
-Various checks for IPA http://freeipa.org/ server
diff --git a/check_ipa/grant_anonymous_replication_view.ldif b/check_ipa/grant_anonymous_replication_view.ldif
new file mode 100644
index 0000000..0d1ce0c
--- /dev/null
+++ b/check_ipa/grant_anonymous_replication_view.ldif
@@ -0,0 +1,4 @@
+dn: cn="dc=mr,dc=lan",cn=mapping tree,cn=config
+changetype: modify
+add: aci
+aci: (targetattr=*)(targetfilter="(|(objectclass=nsds5replicationagreement)(objectclass=nsDSWindowsReplicationAgreement))")(version 3.0; aci "permission:Read Replication Agreements"; allow (read, search, compare) groupdn = "ldap:///anyone";)
diff --git a/check_ipa/nagios-okplugin-ipa.spec b/check_ipa/nagios-okplugin-ipa.spec
index 4e78aa5..17bc04a 100644
--- a/check_ipa/nagios-okplugin-ipa.spec
+++ b/check_ipa/nagios-okplugin-ipa.spec
@@ -37,6 +37,7 @@ rm -rf %{buildroot}
 %files
 %defattr(-,root,root,-)
 %doc README
+%doc grant_anonymous_replication_view.ldif
 %{_libdir}/nagios/plugins/*
 %config(noreplace) %{_sysconfdir}/nrpe.d/check_ipa.cfg