Windows PowerShell command on Get-command directoryserver

Manual Pages for UNIX Operating System command usage for man directoryserver

System Administration Commands directoryserver(1M)

NAME

directoryserver - front end for the Directory Server (DS)

SYNOPSIS

/usr/sbin/directoryserver

{ setup [-f configuration_file] | uninstall}

/usr/sbin/directoryserver

{start-admin | stop-admin | restart-admin | startconsole}

/usr/sbin/directoryserver [{-s | -server} server-instance ]

{start | stop | restart}

/usr/sbin/directoryserver { -s |-server } server-instance

{ monitor | saveconfig | restoreconfig | db2index-task |

suffix2instance | account-status | account-activate |

account-inactivate }

{...}

/usr/sbin/directoryserver nativetoascii | admin_ip | ldif |

pwdhash | idsktune | mmldif | keyupg {...}

/usr/sbin/directoryserver { magt | sagt } {...}

/usr/sbin/directoryserver help [subcommand]

DESCRIPTION

The directoryserver command is a comprehensive, front end to

the utility programs provided by the Solaris Directory Server (DS).

Options for the directoryserver command itself must appear

before the subcommand. Arguments for a subcommand must

appear after the subcommand. Subcommands have specific argu-

ments. See SUBCOMMANDS. SUBCOMMANDS The following subcommands are supported:

account-inactivate args

SunOS 5.11 Last change: 21 Feb 2002 1

System Administration Commands directoryserver(1M)

Inactivates and locks an entry or group of entries.

The account-inactivate subcommand supports the following

arguments:

[-D rootdn] Directory Server userDN with root permis-

sions, such as Directory Manager.

[-h host] Host name of Directory Server. The

default value is the full hostname of the machine where Directory Server is installed.

-I DN Entry DN or role DN to activate.

-j file Password associated with the user DN.

This option allows the password to be stored in clear text in the named file for scripting. This is considered insecure. Use with extreme caution.

[-p port] Directory Server port. The default value

is the LDAP port of Directory Server specified at installation time.

-w password Password associated with the user DN.

Supplying the password on the command

line is visible using the /bin/ps com-

mand. This is considered insecure. Use with extreme caution.

The value - can be used in place the

password. The program prompts the user for a password to be entered from the terminal.

account-activate args

Activates an entry or group of entries.

The account-activate subcommand supports the following

arguments

SunOS 5.11 Last change: 21 Feb 2002 2

System Administration Commands directoryserver(1M)

-D rootdn Directory Server userDN with root permis-

sions, such as Directory Manager.

-h host Host name of Directory Server. The

default value is the full hostname of the machine where Directory Server is installed.

-I DN Entry DN or role DN to activate.

-j file Password associated with the user DN.

This option allows the password to be stored in clear text in the named file for scripting. This is considered insecure. Use with extreme caution.

-p port Directory Server port. The default value

is the LDAP port of Directory Server specified at installation time.

-w password Password associated with the user DN.

Supplying the password on the command

line is visible using the /bin/ps com-

mand. This is considered insecure. Use with extreme caution.

The value -can be used in place the pass-

word. The program prompts the user for a password to be entered from the terminal.

account-status args

Provides account status information to establish whether an entry or group of entries is inactivated or not.

The account-status subcommand supports the following

arguments:

-D rootdn

-h host Host name of Directory Server. The

default value is the full hostname of the

SunOS 5.11 Last change: 21 Feb 2002 3

System Administration Commands directoryserver(1M)

machine where Directory Server is installed.

-I DN Entry DN or role DN whose status is

required.

-j file Password associated with the user DN.

This option allows the password to be stored in clear text in the named file for scripting. This is considered insecure. Use with extreme caution.

-p port Directory Server port. The default value

is the LDAP port of Directory Server specified at installation time.

-w password Password associated with the rootDN.

Supplying the password on the command

line is visible using the /bin/ps com-

mand. This is considered insecure. Use with extreme caution.

The value -can be used in place of the

password. The program prompts the user for a password to be entered from the terminal.

admin_ip args

Change the IP address of the administrative server in the configuration.

The admin_ip subcommand supports the following argu-

ments:

dir_mgr_DN Directory Manager's DN.

dir_mgr_password Directory Manager's password.

old_ip Old IP.

SunOS 5.11 Last change: 21 Feb 2002 4

System Administration Commands directoryserver(1M)

new_ip New IP.

port_# Port number.

bak2db backup_directory

Restore the database from the most recent archived backup.

Specify backup_directory as the backup directory.

bak2db-task args

Restore the data to the database.

The bak2db-task subcommand supports the following argu-

ments:

[-a directory] Directory where the backup files

are stored. By default it is under

/var/ds5/slapd-serverID/bak

-D rootDN User DN with root permissions,

such as Directory Manager. The default is the DN of the directory manager which is read from the

nsslapd-root attribute under

cn=config.

-j file Password associated with the user

DN. This option allows the pass-

word to be stored in clear text in the named file for scripting. This is considered insecure. Use with extreme caution.

[-t database_type] Database type. The only possible

database type is ldbm.

[-v] Verbose mode.

SunOS 5.11 Last change: 21 Feb 2002 5

System Administration Commands directoryserver(1M)

-w password Password associated with the user

DN. Supplying the password on the command line is visible using the

/bin/ps command. This is con-

sidered insecure. Use with extreme caution.

The value - can be used in place

the password. The program prompts the user for a password to be entered from the terminal.

db2bak-task args

Back up the contents of the database. It creates an entry in the directory that launches this dynamic task. An entry is generated based upon the values provided for each option.

The db2bak-task subcommand supports the following argu-

ments:

[-a directory] Directory where the backup files are

stored. By default it is under

/var/ds5/slapd-serverID/bak. The

backup file is named according to

the year-month-day-hour format

(YYYY_MM_DD_hhmmss).

-D rootDN User DN with root permissions, such

as Directory Manager. The default is the DN of the directory manager

which is read from the nsslapd-root

attribute under cn=config.

-j file Password associated with the user

DN. This option allows the password to be stored in clear text in the named file for scripting. This is considered insecure. Use with extreme caution.

-t database_type Database type. The only possible

database type is ldbm.

SunOS 5.11 Last change: 21 Feb 2002 6

System Administration Commands directoryserver(1M)

[-v] Verbose mode.

-w password Password associated with the user

DN. Supplying the password on the command line is visible using the /bin/ps command. This is considered insecure. Use with extreme caution.

The value - can be used in place the

password. The program prompts the user for a password to be entered from the terminal.

db2bak [backup_directory]

Create a backup of the current database contents. The server must be stopped to run this subcommand.

The default is /var/ds5/slapd-serverID/bak. The backup

file is named according to the year-month-day-hour for-

mat (YYYY_MM_DD_hhmmss).

db2index-text args

Create and generate the new set of indexes to be main-

tained following the modification of indexing entries in the cn=config configuration file.

The db2index-text subcommand supports the following

arguments:

-D rootdn User DN with root permissions,

such as Directory Manager.

-j file Password associated with the user

DN. This option allows the pass-

word to be stored in clear text in the named file for scripting. This is considered insecure. Use with extreme caution.

-n backend_instance Instance to be indexed.

[-t attributeName] Name of the attribute to be

indexed. If omitted, all indexes

SunOS 5.11 Last change: 21 Feb 2002 7

System Administration Commands directoryserver(1M)

defined for that instance are generated.

[-v] Verbose mode.

-w password Password associated with the user

DN. Supplying the password on the command line is visible using the

/bin/ps command. This is con-

sidered insecure. Use with extreme caution.

The value - can be used in place

the password. The program prompts the user for a password to be entered from the terminal.

db2ldif-task args

Exports the contents of the database to LDIF. It creates an entry in the directory that launches this dynamic task. The entry is generated based upon the values you provide for each option. To run this subcommand the

server must be running and either -n backend_instance or

-s include suffix is required.

The db2ldif-task subcommand supports the following argu-

ments:

[-a outputfile] File name of the output LDIF

file.

-C Only the main db file is used.

-D rootDN User DN with root permissions,

such as Directory Manager.

-j file Password associated with the

user DN. This option allows the password to be stored in clear text in the named file

for scripting. This is con-

sidered insecure.Use with extreme caution.

SunOS 5.11 Last change: 21 Feb 2002 8

System Administration Commands directoryserver(1M)

[-M] Output LDIF is stored in mul-

tiple files.

[-m] Minimal base 64 encoding.

{-n backend_instance}* Instance to be exported.

[-N] Minimal base 64 encoding.

[-o] Output LDIF to be stored in

one file by default with each instance stored in

instance_file name.

[-r] Export replica.

[-s]includesuffix}* Suffix(es) to be included or

to specify the subtrees to be

included if -n has been used.

[-u] Request that the unique ID is

not exported.

[-U] Request that the output LDIF

is not folded.

-w password Password associated with the

user DN. Supplying the pass-

word on the command line is

visible using the /bin/ps com-

mand. This is considered insecure. Use with extreme caution.

The value - can be used in

place the password. The pro-

gram prompts the user for a password to be entered from the terminal.

{-x excludesuffix}* Suffixes to be excluded.

SunOS 5.11 Last change: 21 Feb 2002 9

System Administration Commands directoryserver(1M)

[-1] Delete, for reasons of back-

ward compatibility the first line of the LDIF file that gives the version of the LDIF standard. db2ldif args Export the contents of the database to LDIF. You must

specify either the -n or the -s option or both.

The db2ldif subcommand supports the following options:

[-a outputfile] File name of the output LDIF

file.

[-C] Only use the main db file.

[-m ] Minimal base64 encoding.

[-M ] Use of several files for stor-

ing the output LDIF with each instance stored in

instance_file name (where

file name is the file name

specified for -a option).

{-n baclemd_instance}* Instance to be exported.

[-N] Specify that the entry IDs are

not to be included in the LDIF output. The entry IDs are necessary only if the db2ldif output is to be used as input

to db2index-text.

[-r] Export replica.

{-s includesuffix}* Suffixes to be included or to

specify the subtrees to be

included if -n has been used.

SunOS 5.11 Last change: 21 Feb 2002 10

System Administration Commands directoryserver(1M)

[{-x excludesuffix}]* Suffixes to be excluded.

[-u] Request that the unique id is

not exported.

[-U ] Request that the output LDIF

is not folded.

[-1 ] Delete, for reasons of back-

ward compatibility, the first line of the LDIF file which gives the version of the LDIF standard. help [subcommand]

Display directoryserver usage message or subcommand

specific usage message. idsktune args Provide an easy and reliable way of checking the patch levels and kernel parameter settings for your system. You must install the Directory Server before you can run idsktune. It gathers information about the operating

system, kernel, and TCP stack to make tuning recommenda-

tions.

The idsktune subcommand supports the following argu-

ments:

[-c] Client-specific tuning: the output

only includes tuning recommendations

for running a directory client appli-

cation.

[-D] Debug mode: the output includes the

commands it runs internally, preceded by DEBUG heading.

[-i installdir] The install directory.

SunOS 5.11 Last change: 21 Feb 2002 11

System Administration Commands directoryserver(1M)

[-q] Quiet mode. Output only includes tun-

ing recommendations. OS version statements are omitted.

[-v] Version. Gives the build date identi-

fying the version of the toll. keyupg args Upgrade the key from Lite to normal (only one way). The keyupg subcommand supports the following arguments:

-kkey The key to be upgraded.

-f key_file_path The key file path.

ldif2db-task args

Import data to the directory. It create an entry in the directory that launches this dynamic task. The entry is generated based upon the values you provide for each option. The server must be running when you run this subcommand.

The ldif2sb-task subcommand supports the following argu-

ments:

[-c] Request that only the core db

is created without attribute indexes.

-D rootDN User DN with root permissions,

such as Directory Manager.

[-g string] Generation of a unique ID.

Enter none for no unique ID to be generated and deterministic for the generated unique ID to

be name-based. Generates a

time based unique ID by default. If you use the deterministic

SunOS 5.11 Last change: 21 Feb 2002 12

System Administration Commands directoryserver(1M)

generation to have a name-

based unique ID, you can also specify the namespace you want the server to use as follows:

-g deterministic namespace_id

where namespace_id is a string

of characters in the following format

00-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx

Use this option if you want to import the same LDIF file into two different directory

servers, and you want the con-

tents of both directories to have the same set of unique IDs. If unique IDs already exist in the LDIF file you are importing, then the existing IDs are imported to the server regardless of the options you have specified.

[-G namespace_id ] Generate a namespace ID as a

name-based unique ID. This is

the same as specifying -g

deterministic.

{-i filename}* File name of the input LDIF

files. When you import multi-

ple files, they are imported in the order in which you specify them on the command line.

-j file Password associated with the

user DN. This option allows the password to be stored in clear text in the named file

for scripting. This is con-

sidered insecure. Use with extreme caution.

SunOS 5.11 Last change: 21 Feb 2002 13

System Administration Commands directoryserver(1M)

-n backend_instance Instance to be imported.

[-O] Request that only the core db

is created without attribute indexes.

{-s includesuffix }* Suffixes to be included. This

argument can also be used to specify the subtrees to be

included with -n.

-w password Password associated with the

user DN. Supplying the pass-

word on the command line is

visible using the /bin/ps com-

mand. This is considered insecure. Use with extreme caution.

The value - can be used in

place the password. The pro-

gram prompts the user for a password to be entered from the terminal.

[{-x excludesuffix }*]

[-v] Verbose mode.

ldif args Format LDIF files, and create base 64 encoded attribute values. With Base 64 Encoding you can represent binary data, such as a JPEG image, in LDIF by using base 64 encoding. You identify base 64 encoded data by using the

:: symbol. The ldifsubcommand takes any input and for-

mats it with the correct line continuation and appropri-

ate attribute information. The subcommand also senses whether the input requires base 64 encoding. The ldif subcommand supports the following arguments

[-b] Interpret the entire input as a single

binary value. If -b is not present, each

line is considered to be a separate input

SunOS 5.11 Last change: 21 Feb 2002 14

System Administration Commands directoryserver(1M)

value.

[attrtype] If -b is specified, the output is

attrtype::

[-c] Merge chunk size.

[-g string] Generation of a unique ID. Type

none for no unique ID to be generated and deterministic for the generated unique ID to be

name-based. By default a time

based unique ID is generated. If you use the deterministic

generation to have a name-based

unique ID, you can also specify the namespace you want the server to use as follows:

-g deterministic namespace_id

where namespace_id is a string

of characters in the following format:

00-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx

Use this option if you want to import the same LDIF file into two different directory

servers, and you want the con-

tents of both directories to have the same set of unique IDs. If unique IDs already exist in the LDIF file you are importing, then the existing IDs are imported to the server

SunOS 5.11 Last change: 21 Feb 2002 15

System Administration Commands directoryserver(1M)

regardless of the options you have specified.

[-G naemspace_id] Generate a namespace ID as a

name-based unique ID. This is

the same as specifying the -g

deterministic option.

{- filename}* File name of the input LDIF

file(s). When you import multi-

ple files, they are imported in the order in which you specify them on the command line.

-n backend_instance Instance to be imported.

[-O] Request that only the core db

is created without attribute indexes.

{-s includesuffix}* Suffixes to be included or to

specify the subtrees to be

included if -n has been used.

[{-x excludesuffix}*] Suffixes to be excluded

ldif2ldap rootDN password filename Perform an import operation over LDAP to the Directory

Server. To run this subcommand the server must be run-

ning.

The ldif2ldap subcommand supports the following argu-

ments: rootdn User DN with root permissions, such as Directory Manager. password Password associated with the user DN. filename File name of the file to be imported. When you import multiple files, they are imported

SunOS 5.11 Last change: 21 Feb 2002 16

System Administration Commands directoryserver(1M)

in the order in which you specify them on the command line. magt CONFIG INIT Start SNMP master agent. The Config and INIT files are

in /usr/iplanet/ds5/plugins/snmp/magt. For more informa-

tion, see the . The magt subcommand supports the following options: CONFIG The CONFIG file defines the community and the manager that master agent works with. Specify the manager value as a valid system name or an IP address.

INIT The INIT file is a nonvolatile file that con-

tains information from the MIB-II system

group, including system location and contact information. If INIT doesn't already exist, starting the master agent for the first time creates it. An invalid manager name in the

CONFIG file causes the master agent start-up

to fail. monitor Retrieves performance monitoring information using the

ldapsearch command-line utility.

mmldif args Combine multiple LDIF files into a single authoritative

set of entries. Typically each LDIF file is from a mas-

ter server cooperating in a multi master replication

agreement.[e.g. masters that refuse to sync up for what-

ever reason]. Optionally, it can generate LDIF change files that could be applied to original to bring it up to date with authoritative. At least two input files must be specified. The mmldif subcommand supports the following arguments:

[-c inputfile ...] Write a change file (.delta) for

each input file. Specify inputfile as the input LDIF files.

SunOS 5.11 Last change: 21 Feb 2002 17

System Administration Commands directoryserver(1M)

[-D] Print debugging information.

[-o out.ldif] Write authoritative data to this

file. nativetoascii args Convert one language encoding to another. For example,

convert a native language to UTF-8 format.

The nativetoascii subcommand supports the following options:

-d Encodings Directory

Path to the directory which contains the conv direc-

tory

[-i input_filename -o output_filename]

The input file name and output file name.

-l

List supported encodings

-r

Replace existing files.

-s suffix

Suffix to be mapped to the backend.

-s SourceEncoding

Source Encoding of input stream.

-t TargetEncoding

Target Encoding of output stream.

SunOS 5.11 Last change: 21 Feb 2002 18

System Administration Commands directoryserver(1M)

-v

Verbose output. pwdhash args Print the encrypted form of a password using one of the server's encryption algorithms. If a user cannot log in, you can use this script to compare the user's password to the password stored in the directory. The pwdhash subcommand supports the following arguments:

-c comparepwd | -s scheme The available schemes are

SSHA, SHA, CRYPT and CLEARE. It generates the

encrypted passwords accord-

ing to scheme's algorithm.

The -c specifies the

encrypted password to be compared with. The result of comparison is either OK or doesn't match.

-D instance-dir The instance directory.

[-H] The passwords are hex-

encoded.

password ... The clear passwords to gen-

erate encrypted form from or to be compared with. restart Restarts the directory server.

When the -s option is not specified, restarts all

instances of servers. When the -s option is specified,

restarts the server specified by -s.

restart-admin

SunOS 5.11 Last change: 21 Feb 2002 19

System Administration Commands directoryserver(1M)

Restarts the administration server. restoreconfig Restores the most recently saved Administration Server configuration information to the NetscapeRoot partition

under /var/ds5/slapd-serverID/confbak.

sagt -c CONFIG

Start proxy SNMP agent. For more information, see the . The sagt subcommand supports the following options:

-c configfile The CONFIG file includes the port that

the SNMP daemon listens to. It also needs to include the MIB trees and

traps that the proxy SNMP agent for-

wards. Edit the CONFIG file located in /usr/iplanet/ds5/plugins/snmp/sagt. saveconfig

Saves the administration server configuration informa-

tion to the /var/ds5/slapd-serverID/confbak directory.

setup [-f configuration_file]

Configures an instance of the directory server or administration server. Creates a basic configuration for the directory server and the administrative server that is used to manage the directory. The setup subcommand has two modes of operation. You can

invoke it with a curses-based interaction to gather

input. Alternatively, you can provide input in a confi-

guration file using the -f option.

The setup subcommand supports the following option:

-f configuration_file

Specifies the configuration file for silent installa-

tion.

SunOS 5.11 Last change: 21 Feb 2002 20

System Administration Commands directoryserver(1M)

start

Starts the directory server. When the -s option is not

specified, starts servers of all instances. When the -s

option is specified, starts the server instance speci-

fied by -s.

start-admin

Starts the directory server.

When the -s option is not specified, restarts all

instances of servers. When the -s option is specified,

restarts the server specified by -s.

startconsole Starts the directory console.. stop Stops the directory server.

When the -s option is not specified, restarts all

instances of servers. When the -s option is specified,

restarts the server specified by -s.

stop-admin

Stop the administration server.

suffix2instance {-s suffix}

Map a suffix to a backend name.

Specify -s suffix as the suffix to be mapped to the

backend. uninstall Uninstalls the directory server and the administration server. This subcommand stops servers of all instances and removes all the changes created by setup.

SunOS 5.11 Last change: 21 Feb 2002 21

System Administration Commands directoryserver(1M)

vlvindex args Create virtual list view (VLV) indexes, known in the Directory Server Console as Browsing Indexes. The server must be stopped beforehand.

The vlvindex subcommand supports the following argu-

ments:

-d debug_level Specify the debug level to use

during index creation. Debug lev-

els are defined in nsslapd-

errorlog-level (error Log Level).

See the .

-n backend_instance Name of the database containing

the entries to index.

-s suffix Name of the suffix containing the

entries to index.

-T VLVTag Name of the database containing

the entries to index. OPTIONS

Options for the directoryserver command itself must appear

before the subcommand argument. The following options are supported:

-s server-instance The server instance name. Specify

-server server-instance the directory server instance to

process the command against. For some of the listed subcommands the server instance is optional and for other sub commands it is a required option.

EXAMPLES

Example 1 Starting All Instances of the Directory Servers

The following command starts all the instances of the direc-

tory servers:

SunOS 5.11 Last change: 21 Feb 2002 22

System Administration Commands directoryserver(1M)

example% directoryserver start

Example 2 Starting the Instances of myhost of the Directory Server The following command starts the instances myhost of the directory server.

example% directoryserver -s myhost start

Example 3 Running the Monitor Tool and Outputting the Current Status The following command runs the monitor tool and output the current status of the ephesus directory instance.

example% directoryserver -s ephesus monitor

Example 4 Running the idsktune Tool and Outputting Perfor-

mance Tuning Information The following command runs the idsktune tool and outputs performance tuning information:

example% directoryserver idsktune

EXIT STATUS The following exit values are returned: 0 Successful completion.

non-zero An error occurred.

ATTRIBUTES

See attributes(5) for descriptions of the following attri-

butes:

SunOS 5.11 Last change: 21 Feb 2002 23

System Administration Commands directoryserver(1M)

____________________________________________________________

| ATTRIBUTE TYPE | ATTRIBUTE VALUE |

|_____________________________|_____________________________|

| Availability | IPLTdsr, IPLTdsu |

|_____________________________|_____________________________|

Manual Pages for UNIX Operating System command usage for man directoryserver

System Administration Commands directoryserver(1M)

NAME

directoryserver - front end for the Directory Server (DS)

SYNOPSIS

/usr/sbin/directoryserver

/usr/sbin/directoryserver

/usr/sbin/directoryserver [{-s | -server} server-instance ]

/usr/sbin/directoryserver { -s |-server } server-instance

/usr/sbin/directoryserver nativetoascii | admin_ip | ldif |

/usr/sbin/directoryserver { magt | sagt } {...}

/usr/sbin/directoryserver help [subcommand]

DESCRIPTION

The directoryserver command is a comprehensive, front end to

Options for the directoryserver command itself must appear

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

Display directoryserver usage message or subcommand

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

System Administration Commands directoryserver(1M)

Options for the directoryserver command itself must appear

EXAMPLES

System Administration Commands directoryserver(1M)

example% directoryserver start

example% directoryserver -s myhost start

example% directoryserver -s ephesus monitor

example% directoryserver idsktune

ATTRIBUTES

System Administration Commands directoryserver(1M)

| ATTRIBUTE TYPE | ATTRIBUTE VALUE |

SEE ALSO