CR-6574 OPENDJ-1923 Move doc out of properties files
This patch moves long document strings out of properties files,
replacing them with XIncluded files.
Tested with a manual doc build and visual check.
12 files added
4 files modified
| | |
|---|
| | | REF_SHORT_DESC_UNINSTALL=remove OpenDJ directory server software |
|---|
| | | |
|---|
| | | # Supplements to descriptions for generated reference documentation. |
|---|
| | | SUPPLEMENT_DESCRIPTION_CONTROLS=<para> \ |
|---|
| | | For some <replaceable>controloid</replaceable> values, \ |
|---|
| | | you can replace object identifiers with user-friendly strings. \ |
|---|
| | | \ |
|---|
| | | The strings are listed here in lower case, but the case is not important. \ |
|---|
| | | You can use camelCase if you prefer, for example. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <variablelist> \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>accountusable</literal></term> \ |
|---|
| | | <term><literal>accountusability</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Account Usability Control, Object Identifier: 1.3.6.1.4.1.42.2.27.9.5.8</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>authzid</literal></term> \ |
|---|
| | | <term><literal>authorizationidentity</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Authorization Identity Request Control, Object Identifier: 2.16.840.1.113730.3.4.16</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>effectiverights</literal></term> \ |
|---|
| | | <term><literal>geteffectiverights</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Get Effective Rights Request Control, Object Identifier: 1.3.6.1.4.1.42.2.27.9.5.2</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>managedsait</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Manage DSAIT Request Control, Object Identifier: 2.16.840.1.113730.3.4.2</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>noop</literal></term> \ |
|---|
| | | <term><literal>no-op</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>No-Op Control, Object Identifier: 1.3.6.1.4.1.4203.1.10.2</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>pwpolicy</literal></term> \ |
|---|
| | | <term><literal>passwordpolicy</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Password Policy Control, Object Identifier: 1.3.6.1.4.1.42.2.27.8.5.1</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>realattrsonly</literal></term> \ |
|---|
| | | <term><literal>realattributesonly</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Real Attributes Only Request Control, Object Identifier: 2.16.840.1.113730.3.4.17</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>subtreedelete</literal></term> \ |
|---|
| | | <term><literal>treedelete</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Subtree Delete Request Control, Object Identifier: 1.2.840.113556.1.4.805</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>virtualattrsonly</literal></term> \ |
|---|
| | | <term><literal>virtualattributesonly</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Virtual Attributes Only Request Control, Object Identifier: 2.16.840.1.113730.3.4.19</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | </variablelist> |
|---|
| | | SUPPLEMENT_DESCRIPTION_CONTROLS=<xinclude:include href="variablelist-ldap-controls.xml" /> |
|---|
| | |
|---|
| | | xlink:href="admin-guide#about-acis" \ |
|---|
| | | xlink:role="http://docbook.org/xlink/role/olink" \ |
|---|
| | | ><citetitle>About Access Control Instructions</citetitle></link> |
|---|
| | | REF_DSCFG_DURATION_SYNTAX_REL_URL_1002=<itemizedlist> \ |
|---|
| | | <para> \ |
|---|
| | | Some property values take a time duration. \ |
|---|
| | | Durations are expressed as numbers followed by units. \ |
|---|
| | | For example <literal>1 s</literal> means one second, \ |
|---|
| | | and <literal>2 w</literal> means two weeks. \ |
|---|
| | | Some durations have minimum granularity or maximum units, \ |
|---|
| | | so you cannot necessary specify every duration \ |
|---|
| | | in milliseconds or weeks for example. \ |
|---|
| | | Some durations allow you to use a special value to mean unlimited. \ |
|---|
| | | Units are specified as follows. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <listitem><para><literal>ms</literal>: milliseconds</para></listitem> \ |
|---|
| | | <listitem><para><literal>s</literal>: seconds</para></listitem> \ |
|---|
| | | <listitem><para><literal>m</literal>: minutes</para></listitem> \ |
|---|
| | | <listitem><para><literal>h</literal>: hours</para></listitem> \ |
|---|
| | | <listitem><para><literal>d</literal>: days</para></listitem> \ |
|---|
| | | <listitem><para><literal>w</literal>: weeks</para></listitem> \ |
|---|
| | | </itemizedlist> |
|---|
| | | REF_DSCFG_DURATION_SYNTAX_REL_URL_1002=<xinclude:include href="itemizedlist-duration.xml" /> |
|---|
| | | REF_DSCFG_ARG_ADDITIONAL_INFO_1003=%s properties depend on the %s type, \ |
|---|
| | | which depends on the %s option. |
|---|
| | | REF_DSCFG_SUBTYPE_DEPENDENCIES_1004=%s properties depend on the %s type, \ |
|---|
| | |
|---|
| | | REF_DSCFG_STRING_1038=A String |
|---|
| | | REF_DSCFG_UNKNOWN_1039=Unknown |
|---|
| | | REF_SHORT_DESC_DSCONFIG_1040=manage OpenDJ directory server configuration |
|---|
| | | REF_DSCFG_DOC_TOOL_DESCRIPTION_1041=<para> \ |
|---|
| | | The <command>dsconfig</command> command is the primary command-line tool \ |
|---|
| | | for viewing and editing OpenDJ configuration. \ |
|---|
| | | When started without arguments, \ |
|---|
| | | <command>dsconfig</command> prompts you for administration connection information, \ |
|---|
| | | including the host name, administration port number, \ |
|---|
| | | administrator bind DN and administrator password. \ |
|---|
| | | The <command>dsconfig</command> command then connects securely \ |
|---|
| | | to the directory server over the administration port. \ |
|---|
| | | Once connected it presents you with a menu-driven interface to the server configuration. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | When you pass connection information, subcommands, and additional options \ |
|---|
| | | to <command>dsconfig</command>, \ |
|---|
| | | the command runs in script mode and so is not interactive, \ |
|---|
| | | though it can prompt you to ask whether to apply changes \ |
|---|
| | | and whether to trust certificates \ |
|---|
| | | (unless you use the <option>--no-prompt</option> \ |
|---|
| | | and <option>--trustAll</option> options, respectively). \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | You can prepare <command>dsconfig</command> batch scripts \ |
|---|
| | | by running the tool with the <option>--commandFilePath</option> option \ |
|---|
| | | in interactive mode, \ |
|---|
| | | then reading from the batch file with the <option>--batchFilePath</option> option \ |
|---|
| | | in script mode. \ |
|---|
| | | Batch files can be useful when you have many <command>dsconfig</command> commands to run \ |
|---|
| | | and want to avoid starting the JVM and setting up a new connection for each command. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | The <command>dsconfig</command> command categorizes \ |
|---|
| | | directory server configuration into <firstterm>components</firstterm>, \ |
|---|
| | | also called <firstterm>managed objects</firstterm>. \ |
|---|
| | | Actual components often inherit from a parent component type. \ |
|---|
| | | For example, one component is a Connection Handler. \ |
|---|
| | | An LDAP Connection Handler is a type of Connection Handler. \ |
|---|
| | | You configure the LDAP Connection Handler component \ |
|---|
| | | to specify how OpenDJ directory server handles LDAP connections \ |
|---|
| | | coming from client applications. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | Configuration components have <firstterm>properties</firstterm>. \ |
|---|
| | | For example, the LDAP Connection Handler component has properties \ |
|---|
| | | such as <literal>listen-port</literal> and <literal>allow-start-tls</literal>. \ |
|---|
| | | You can set the component's <literal>listen-port</literal> property \ |
|---|
| | | to <literal>389</literal> to use the default LDAP port number. \ |
|---|
| | | You can set the component's <literal>allow-start-tls</literal> property \ |
|---|
| | | to <literal>true</literal> to permit LDAP client applications to use StartTLS. \ |
|---|
| | | Much of the configuration you do with <command>dsconfig</command> \ |
|---|
| | | involves setting component properties. \ |
|---|
| | | </para> |
|---|
| | | REF_DSCFG_DOC_SUBCOMMANDS_DESCRIPTION_1042=<para> \ |
|---|
| | | The <command>dsconfig</command> command provides many subcommands. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | Subcommands let you create, list, and delete entire configuration components, \ |
|---|
| | | and also let you get and set component properties. \ |
|---|
| | | Subcommands therefore have names that reflect these five actions. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <itemizedlist> \ |
|---|
| | | <listitem><para>create-<replaceable>component</replaceable></para></listitem> \ |
|---|
| | | <listitem><para>list-<replaceable>component</replaceable>s</para></listitem> \ |
|---|
| | | <listitem><para>delete-<replaceable>component</replaceable></para></listitem> \ |
|---|
| | | <listitem><para>get-<replaceable>component</replaceable>-prop</para></listitem> \ |
|---|
| | | <listitem><para>set-<replaceable>component</replaceable>-prop</para></listitem> \ |
|---|
| | | </itemizedlist> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | Here, <replaceable>component</replaceable> names are names of managed object types. \ |
|---|
| | | Subcommand <replaceable>component</replaceable> names \ |
|---|
| | | are lower-case, hyphenated versions of the friendly names. \ |
|---|
| | | When you act on an actual configuration component, \ |
|---|
| | | you provide the name of the component as an option argument. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <itemizedlist> \ |
|---|
| | | <para> \ |
|---|
| | | For example, the Log Publisher component has these corresponding subcommands. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <listitem><para><command>create-log-publisher</command></para></listitem> \ |
|---|
| | | <listitem><para><command>list-log-publishers</command></para></listitem> \ |
|---|
| | | <listitem><para><command>delete-log-publisher</command></para></listitem> \ |
|---|
| | | <listitem><para><command>get-log-publisher-prop</command></para></listitem> \ |
|---|
| | | <listitem><para><command>set-log-publisher-prop</command></para></listitem> \ |
|---|
| | | </itemizedlist> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | When you create or delete Log Publisher components \ |
|---|
| | | and when you get and set their configuration properties, \ |
|---|
| | | you provide the name of the actual log publisher, \ |
|---|
| | | which you can find by using the <command>list-log-publishers</command> subcommand. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <screen> \n \ |
|---|
| | | $ <userinput>dsconfig \\ \n \ |
|---|
| | | list-log-publishers \\ \n \ |
|---|
| | | --hostname opendj.example.com \\ \n \ |
|---|
| | | --port 4444 \\ \n \ |
|---|
| | | --bindDN "cn=Directory Manager" \\ \n \ |
|---|
| | | --bindPassword password \\ \n \ |
|---|
| | | --trustAll</userinput> \n \ |
|---|
| | | <computeroutput> \n \ |
|---|
| | | Log Publisher : Type : enabled \n \ |
|---|
| | | ------------------------------:------------------------:-------- \n \ |
|---|
| | | File-Based Access Logger : file-based-access : true \n \ |
|---|
| | | File-Based Audit Logger : file-based-audit : false \n \ |
|---|
| | | File-Based Debug Logger : file-based-debug : false \n \ |
|---|
| | | File-Based Error Logger : file-based-error : true \n \ |
|---|
| | | File-Based HTTP Access Logger : file-based-http-access : false \n \ |
|---|
| | | Replication Repair Logger : file-based-error : true</computeroutput> \n \ |
|---|
| | | \n \ |
|---|
| | | $ <userinput>dsconfig \\ \n \ |
|---|
| | | get-log-publisher-prop \\ \n \ |
|---|
| | | --publisher-name "File-Based Access Logger" \\ \n \ |
|---|
| | | --property rotation-policy \\ \n \ |
|---|
| | | --hostname opendj.example.com \\ \n \ |
|---|
| | | --port 4444 \\ \n \ |
|---|
| | | --bindDN "cn=Directory Manager" \\ \n \ |
|---|
| | | --bindPassword password \\ \n \ |
|---|
| | | --trustAll</userinput> \n \ |
|---|
| | | <computeroutput>Property : Value(s) \n \ |
|---|
| | | ----------------:-------------------------------------------------------------- \n \ |
|---|
| | | rotation-policy : 24 Hours Time Limit Rotation Policy, Size Limit Rotation \n \ |
|---|
| | | : Policy</computeroutput> \n \ |
|---|
| | | </screen> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | Many subcommands let you set property values. \ |
|---|
| | | Notice in the reference for the subcommands below \ |
|---|
| | | that specific options are available for handling multi-valued properties. \ |
|---|
| | | Whereas you can assign a single property value \ |
|---|
| | | by using the <option>--set</option> option, \ |
|---|
| | | you assign multiple values to a multi-valued property \ |
|---|
| | | by using the <option>--add</option> option. \ |
|---|
| | | You can reset the values of the multi-valued property \ |
|---|
| | | by using the <option>--reset</option> option. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <itemizedlist> \ |
|---|
| | | <para> \ |
|---|
| | | Some property values take a time duration. \ |
|---|
| | | Durations are expressed as numbers followed by units. \ |
|---|
| | | For example <literal>1 s</literal> means one second, \ |
|---|
| | | and <literal>2 w</literal> means two weeks. \ |
|---|
| | | Some durations have minimum granularity or maximum units, \ |
|---|
| | | so you cannot necessary specify every duration in milliseconds or weeks for example. \ |
|---|
| | | Some durations allow you to use a special value to mean unlimited. \ |
|---|
| | | Units are specified as follows: \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <listitem><para><literal>ms</literal>: milliseconds</para></listitem> \ |
|---|
| | | <listitem><para><literal>s</literal>: seconds</para></listitem> \ |
|---|
| | | <listitem><para><literal>m</literal>: minutes</para></listitem> \ |
|---|
| | | <listitem><para><literal>h</literal>: hours</para></listitem> \ |
|---|
| | | <listitem><para><literal>d</literal>: days</para></listitem> \ |
|---|
| | | <listitem><para><literal>w</literal>: weeks</para></listitem> \ |
|---|
| | | </itemizedlist> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | Use the following options to view help for subcommands. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <variablelist> \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><command>dsconfig --help-all</command></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Display all subcommands \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><command>dsconfig --help-core-server</command></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Display subcommands relating to core server \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><command>dsconfig --help-database</command></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Display subcommands relating to caching and back-ends \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><command>dsconfig --help-logging</command></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Display subcommands relating to logging \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><command>dsconfig --help-replication</command></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Display subcommands relating to replication \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><command>dsconfig --help-security</command></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Display subcommands relating to authentication and authorization \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><command>dsconfig --help-user-management</command></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Display subcommands relating to user management \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | </variablelist> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | For help with individual subcommands, \ |
|---|
| | | either use <command>dsconfig <replaceable>subcommand</replaceable> --help</command>, \ |
|---|
| | | or start <command>dsconfig</command> in interactive mode, \ |
|---|
| | | without specifying a subcommand. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | To view all component properties, \ |
|---|
| | | use the <command>dsconfig list-properties</command> command. \ |
|---|
| | | </para> |
|---|
| | | REF_DSCFG_DOC_TOOL_DESCRIPTION_1041=<xinclude:include href="description-dsconfig.xml" /> |
|---|
| | | REF_DSCFG_DOC_SUBCOMMANDS_DESCRIPTION_1042=<xinclude:include href="description-dsconfig-subcommands.xml" /> |
|---|
| | | |
|---|
| | |
|---|
| | | REF_SHORT_DESC_SEARCHRATE=measure search throughput and response time |
|---|
| | | |
|---|
| | | # Supplements to descriptions for generated reference documentation. |
|---|
| | | SUPPLEMENT_DESCRIPTION_RATE_TOOLS=<para> \ |
|---|
| | | When you do not use the <option>-f</option> option \ |
|---|
| | | to keep connections open and rebind on the connections, \ |
|---|
| | | the tool can exhaust the available ports and crash. \ |
|---|
| | | You can work around this problem on test systems \ |
|---|
| | | by changing TCP settings on the system. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | For example on Linux systems, set the following parameters \ |
|---|
| | | in the <filename>/etc/sysctl.conf</filename> file. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <programlisting language="ini">\n \ |
|---|
| | | net.ipv4.tcp_fin_timeout = 30\n \ |
|---|
| | | net.ipv4.tcp_tw_recycle = 1\n \ |
|---|
| | | net.ipv4.tcp_tw_reuse = 1 \ |
|---|
| | | </programlisting> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | The parameter <literal>net.ipv4.tcp_fin_timeout</literal> \ |
|---|
| | | sets how long to wait in seconds for a final FIN packet \ |
|---|
| | | before forcing a close of the socket. \ |
|---|
| | | The default is 60 (seconds). \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | The parameter <literal>net.ipv4.tcp_tw_recycle</literal> \ |
|---|
| | | enables fast recycling of TIME_WAIT sockets. \ |
|---|
| | | The default is 0 (false). \ |
|---|
| | | Enabling this can cause Network Address Translation (NAT) issues. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | The parameter <literal>net.ipv4.tcp_tw_reuse</literal> \ |
|---|
| | | enables reuse of TIME_WAIT sockets for new connections. \ |
|---|
| | | The default is 0 (false). \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | These settings are recommended only for testing, \ |
|---|
| | | and <emphasis>not for production systems</emphasis>. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | After making the changes to <filename>/etc/sysctl.conf</filename>, \ |
|---|
| | | reload the configuration with the <command>sysctl</command> command. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <screen># sysctl -p</screen> |
|---|
| | | SUPPLEMENT_DESCRIPTION_MAKELDIF=<para> \ |
|---|
| | | The <replaceable>template-file-path</replaceable> can be \ |
|---|
| | | one of the following: \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <itemizedlist> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | A full path to the template file such as \ |
|---|
| | | <filename>/path/to/opendj/config/MakeLDIF/example.template</filename>. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | A relative path to the template file such as \ |
|---|
| | | <filename>../../my-test-data.template</filename>. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | A file name that specifies one of the template files \ |
|---|
| | | that are built into the OpenDJ LDAP Toolkit, \ |
|---|
| | | such as <filename>example.template</filename>, \ |
|---|
| | | or <filename>people_and_groups.template</filename>. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </itemizedlist> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | The OpenDJ LDAP Toolkit includes these built-in template and data files: \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <variablelist> \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><filename>cities</filename></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | List of more than 200 cities. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><filename>example.template</filename></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Template to generate a base entry and users \ |
|---|
| | | in a branch <literal>ou=people,[suffix]</literal>, \ |
|---|
| | | where the default setting for suffix is \ |
|---|
| | | <literal>suffix=dc=example,dc=com</literal>. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><filename>first.names</filename></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | List of more than 8000 first names. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><filename>last.names</filename></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | List of more than 13000 last names. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><filename>people_and_groups.template</filename></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Template to generate a base entry, users, and groups. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><filename>states</filename></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | List of US states by their two-character codes. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><filename>streets</filename></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | List of more than 70 street names. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | </variablelist> |
|---|
| | | SUPPLEMENT_DESCRIPTION_RESOURCE_PATH=<para> \ |
|---|
| | | The utility looks for resources in the following locations in this order:\ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <orderedlist> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | The current directory where the command is run. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | The resource path directory. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | The built-in files. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </orderedlist> |
|---|
| | | SUPPLEMENT_DESCRIPTION_PSEARCH_INFO=<para> \ |
|---|
| | | A persistent search allows the client to continue receiving new results \ |
|---|
| | | whenever changes are made to data that is in the scope of the search, \ |
|---|
| | | thus using the search as a form of change notification. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <variablelist> \ |
|---|
| | | <para> \ |
|---|
| | | The optional <literal>changetype</literal> setting defines \ |
|---|
| | | the kinds of updates that result in notification. \ |
|---|
| | | If you do not set the <literal>changetype</literal>, \ |
|---|
| | | the default behavior is to send notifications for all updates. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>add</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Send notifications for LDAP add operations. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>del</literal></term> \ |
|---|
| | | <term><literal>delete</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Send notifications for LDAP delete operations. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>mod</literal></term> \ |
|---|
| | | <term><literal>modify</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Send notifications for LDAP modify operations. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>moddn</literal></term> \ |
|---|
| | | <term><literal>modrdn</literal></term> \ |
|---|
| | | <term><literal>modifydn</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Send notifications for LDAP modify DN (rename and move) operations. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>all</literal></term> \ |
|---|
| | | <term><literal>any</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Send notifications for all LDAP update operations. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | </variablelist> \ |
|---|
| | | \ |
|---|
| | | <variablelist> \ |
|---|
| | | <para> \ |
|---|
| | | The optional <literal>changesonly</literal> setting defines \ |
|---|
| | | whether the server returns existing entries as well as changes. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>true</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Do not return existing entries, \ |
|---|
| | | but instead only notifications about changes. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | This is the default setting. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>false</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Also return existing entries. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | </variablelist> \ |
|---|
| | | \ |
|---|
| | | <variablelist> \ |
|---|
| | | <para> \ |
|---|
| | | The optional <literal>entrychgcontrols</literal> setting defines \ |
|---|
| | | whether the server returns an Entry Change Notification control \ |
|---|
| | | with each entry notification. \ |
|---|
| | | The Entry Change Notification control provides additional information \ |
|---|
| | | about the change that caused the entry to be returned by the search. \ |
|---|
| | | In particular, it indicates the change type, \ |
|---|
| | | the change number if available, \ |
|---|
| | | and the previous DN if the change type was a modify DN operation. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>true</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Do request the Entry Change Notification control. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | This is the default setting. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>false</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Do not request the Entry Change Notification control. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | </variablelist> |
|---|
| | | SUPPLEMENT_DESCRIPTION_CONTROLS=<para> \ |
|---|
| | | For some <replaceable>controloid</replaceable> values, \ |
|---|
| | | you can replace object identifiers with user-friendly strings. \ |
|---|
| | | \ |
|---|
| | | The strings are listed here in lower case, but the case is not important. \ |
|---|
| | | You can use camelCase if you prefer, for example. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <variablelist> \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>accountusable</literal></term> \ |
|---|
| | | <term><literal>accountusability</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Account Usability Control, Object Identifier: 1.3.6.1.4.1.42.2.27.9.5.8</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>authzid</literal></term> \ |
|---|
| | | <term><literal>authorizationidentity</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Authorization Identity Request Control, Object Identifier: 2.16.840.1.113730.3.4.16</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>effectiverights</literal></term> \ |
|---|
| | | <term><literal>geteffectiverights</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Get Effective Rights Request Control, Object Identifier: 1.3.6.1.4.1.42.2.27.9.5.2</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>managedsait</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Manage DSAIT Request Control, Object Identifier: 2.16.840.1.113730.3.4.2</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>noop</literal></term> \ |
|---|
| | | <term><literal>no-op</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>No-Op Control, Object Identifier: 1.3.6.1.4.1.4203.1.10.2</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>pwpolicy</literal></term> \ |
|---|
| | | <term><literal>passwordpolicy</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Password Policy Control, Object Identifier: 1.3.6.1.4.1.42.2.27.8.5.1</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>realattrsonly</literal></term> \ |
|---|
| | | <term><literal>realattributesonly</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Real Attributes Only Request Control, Object Identifier: 2.16.840.1.113730.3.4.17</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>subtreedelete</literal></term> \ |
|---|
| | | <term><literal>treedelete</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Subtree Delete Request Control, Object Identifier: 1.2.840.113556.1.4.805</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>virtualattrsonly</literal></term> \ |
|---|
| | | <term><literal>virtualattributesonly</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Virtual Attributes Only Request Control, Object Identifier: 2.16.840.1.113730.3.4.19</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | </variablelist> |
|---|
| | | SUPPLEMENT_DESCRIPTION_RATE_TOOLS=<xinclude:include href="description-rate-tools.xml" /> |
|---|
| | | SUPPLEMENT_DESCRIPTION_MAKELDIF=<xinclude:include href="description-makeldif.xml" /> |
|---|
| | | SUPPLEMENT_DESCRIPTION_RESOURCE_PATH=<xinclude:include href="description-resource-path.xml" /> |
|---|
| | | SUPPLEMENT_DESCRIPTION_PSEARCH_INFO=<xinclude:include href="description-psearch-info.xml" /> |
|---|
| | | SUPPLEMENT_DESCRIPTION_CONTROLS=<xinclude:include href="variablelist-ldap-controls.xml" /> |
|---|
| New file |
| | |
|---|
| | | <?xml version="1.0" encoding="UTF-8"?> |
|---|
| | | <!-- |
|---|
| | | ! CCPL HEADER START |
|---|
| | | ! |
|---|
| | | ! This work is licensed under the Creative Commons |
|---|
| | | ! Attribution-NonCommercial-NoDerivs 3.0 Unported License. |
|---|
| | | ! To view a copy of this license, visit |
|---|
| | | ! http://creativecommons.org/licenses/by-nc-nd/3.0/ |
|---|
| | | ! or send a letter to Creative Commons, 444 Castro Street, |
|---|
| | | ! Suite 900, Mountain View, California, 94041, USA. |
|---|
| | | ! |
|---|
| | | ! You can also obtain a copy of the license at legal-notices/CC-BY-NC-ND.txt. |
|---|
| | | ! See the License for the specific language governing permissions |
|---|
| | | ! and limitations under the License. |
|---|
| | | ! |
|---|
| | | ! If applicable, add the following below this CCPL HEADER, with the fields |
|---|
| | | ! enclosed by brackets "[]" replaced with your own identifying information: |
|---|
| | | ! Portions Copyright [yyyy] [name of copyright owner] |
|---|
| | | ! |
|---|
| | | ! CCPL HEADER END |
|---|
| | | ! |
|---|
| | | ! Copyright 2015 ForgeRock AS. |
|---|
| | | ! |
|---|
| | | --> |
|---|
| | | <!-- |
|---|
| | | This use of <informalexample> is mild tag abuse. |
|---|
| | | It serves as a single container element for all the elements here. |
|---|
| | | --> |
|---|
| | | <informalexample |
|---|
| | | xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en' |
|---|
| | | xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' |
|---|
| | | xsi:schemaLocation='http://docbook.org/ns/docbook |
|---|
| | | http://docbook.org/xml/5.0/xsd/docbook.xsd' |
|---|
| | | xmlns:xinclude='http://www.w3.org/2001/XInclude'> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | The <command>dsconfig</command> command provides many subcommands. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | Subcommands let you create, list, and delete entire configuration components, |
|---|
| | | and also let you get and set component properties. |
|---|
| | | Subcommands therefore have names that reflect these five actions. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <itemizedlist> |
|---|
| | | <listitem><para>create-<replaceable>component</replaceable></para></listitem> |
|---|
| | | <listitem><para>list-<replaceable>component</replaceable>s</para></listitem> |
|---|
| | | <listitem><para>delete-<replaceable>component</replaceable></para></listitem> |
|---|
| | | <listitem><para>get-<replaceable>component</replaceable>-prop</para></listitem> |
|---|
| | | <listitem><para>set-<replaceable>component</replaceable>-prop</para></listitem> |
|---|
| | | </itemizedlist> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | Here, <replaceable>component</replaceable> names are names of managed object types. |
|---|
| | | Subcommand <replaceable>component</replaceable> names |
|---|
| | | are lower-case, hyphenated versions of the friendly names. |
|---|
| | | When you act on an actual configuration component, |
|---|
| | | you provide the name of the component as an option argument. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <itemizedlist> |
|---|
| | | <para> |
|---|
| | | For example, the Log Publisher component has these corresponding subcommands. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <listitem><para><command>create-log-publisher</command></para></listitem> |
|---|
| | | <listitem><para><command>list-log-publishers</command></para></listitem> |
|---|
| | | <listitem><para><command>delete-log-publisher</command></para></listitem> |
|---|
| | | <listitem><para><command>get-log-publisher-prop</command></para></listitem> |
|---|
| | | <listitem><para><command>set-log-publisher-prop</command></para></listitem> |
|---|
| | | </itemizedlist> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | When you create or delete Log Publisher components |
|---|
| | | and when you get and set their configuration properties, |
|---|
| | | you provide the name of the actual log publisher, |
|---|
| | | which you can find by using the <command>list-log-publishers</command> subcommand. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <screen> |
|---|
| | | $ <userinput>dsconfig \ |
|---|
| | | list-log-publishers \ |
|---|
| | | --hostname opendj.example.com \ |
|---|
| | | --port 4444 \ |
|---|
| | | --bindDN "cn=Directory Manager" \ |
|---|
| | | --bindPassword password \ |
|---|
| | | --trustAll</userinput> |
|---|
| | | <computeroutput> |
|---|
| | | Log Publisher : Type : enabled |
|---|
| | | ------------------------------:------------------------:-------- |
|---|
| | | File-Based Access Logger : file-based-access : true |
|---|
| | | File-Based Audit Logger : file-based-audit : false |
|---|
| | | File-Based Debug Logger : file-based-debug : false |
|---|
| | | File-Based Error Logger : file-based-error : true |
|---|
| | | File-Based HTTP Access Logger : file-based-http-access : false |
|---|
| | | Replication Repair Logger : file-based-error : true</computeroutput> |
|---|
| | | |
|---|
| | | $ <userinput>dsconfig \ |
|---|
| | | get-log-publisher-prop \ |
|---|
| | | --publisher-name "File-Based Access Logger" \ |
|---|
| | | --property rotation-policy \ |
|---|
| | | --hostname opendj.example.com \ |
|---|
| | | --port 4444 \ |
|---|
| | | --bindDN "cn=Directory Manager" \ |
|---|
| | | --bindPassword password \ |
|---|
| | | --trustAll</userinput> |
|---|
| | | <computeroutput>Property : Value(s) |
|---|
| | | ----------------:-------------------------------------------------------------- |
|---|
| | | rotation-policy : 24 Hours Time Limit Rotation Policy, Size Limit Rotation |
|---|
| | | : Policy</computeroutput> |
|---|
| | | </screen> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | Many subcommands let you set property values. |
|---|
| | | Notice in the reference for the subcommands below |
|---|
| | | that specific options are available for handling multi-valued properties. |
|---|
| | | Whereas you can assign a single property value |
|---|
| | | by using the <option>--set</option> option, |
|---|
| | | you assign multiple values to a multi-valued property |
|---|
| | | by using the <option>--add</option> option. |
|---|
| | | You can reset the values of the multi-valued property |
|---|
| | | by using the <option>--reset</option> option. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <xinclude:include href="itemizedlist-duration.xml" /> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | Use the following options to view help for subcommands. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <variablelist> |
|---|
| | | <varlistentry> |
|---|
| | | <term><command>dsconfig --help-all</command></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Display all subcommands |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | <varlistentry> |
|---|
| | | <term><command>dsconfig --help-core-server</command></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Display subcommands relating to core server |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | <varlistentry> |
|---|
| | | <term><command>dsconfig --help-database</command></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Display subcommands relating to caching and back-ends |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | <varlistentry> |
|---|
| | | <term><command>dsconfig --help-logging</command></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Display subcommands relating to logging |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | <varlistentry> |
|---|
| | | <term><command>dsconfig --help-replication</command></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Display subcommands relating to replication |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | <varlistentry> |
|---|
| | | <term><command>dsconfig --help-security</command></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Display subcommands relating to authentication and authorization |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | <varlistentry> |
|---|
| | | <term><command>dsconfig --help-user-management</command></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Display subcommands relating to user management |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | </variablelist> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | For help with individual subcommands, |
|---|
| | | either use <command>dsconfig <replaceable>subcommand</replaceable> --help</command>, |
|---|
| | | or start <command>dsconfig</command> in interactive mode, |
|---|
| | | without specifying a subcommand. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | To view all component properties, |
|---|
| | | use the <command>dsconfig list-properties</command> command. |
|---|
| | | </para> |
|---|
| | | </informalexample> |
|---|
| New file |
| | |
|---|
| | | <?xml version="1.0" encoding="UTF-8"?> |
|---|
| | | <!-- |
|---|
| | | ! CCPL HEADER START |
|---|
| | | ! |
|---|
| | | ! This work is licensed under the Creative Commons |
|---|
| | | ! Attribution-NonCommercial-NoDerivs 3.0 Unported License. |
|---|
| | | ! To view a copy of this license, visit |
|---|
| | | ! http://creativecommons.org/licenses/by-nc-nd/3.0/ |
|---|
| | | ! or send a letter to Creative Commons, 444 Castro Street, |
|---|
| | | ! Suite 900, Mountain View, California, 94041, USA. |
|---|
| | | ! |
|---|
| | | ! You can also obtain a copy of the license at legal-notices/CC-BY-NC-ND.txt. |
|---|
| | | ! See the License for the specific language governing permissions |
|---|
| | | ! and limitations under the License. |
|---|
| | | ! |
|---|
| | | ! If applicable, add the following below this CCPL HEADER, with the fields |
|---|
| | | ! enclosed by brackets "[]" replaced with your own identifying information: |
|---|
| | | ! Portions Copyright [yyyy] [name of copyright owner] |
|---|
| | | ! |
|---|
| | | ! CCPL HEADER END |
|---|
| | | ! |
|---|
| | | ! Copyright 2015 ForgeRock AS. |
|---|
| | | ! |
|---|
| | | --> |
|---|
| | | <!-- |
|---|
| | | This use of <informalexample> is mild tag abuse. |
|---|
| | | It serves as a single container element for all the elements here. |
|---|
| | | --> |
|---|
| | | <informalexample |
|---|
| | | xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en' |
|---|
| | | xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' |
|---|
| | | xsi:schemaLocation='http://docbook.org/ns/docbook |
|---|
| | | http://docbook.org/xml/5.0/xsd/docbook.xsd'> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | The <command>dsconfig</command> command is the primary command-line tool |
|---|
| | | for viewing and editing OpenDJ configuration. |
|---|
| | | When started without arguments, |
|---|
| | | <command>dsconfig</command> prompts you for administration connection information, |
|---|
| | | including the host name, administration port number, |
|---|
| | | administrator bind DN and administrator password. |
|---|
| | | The <command>dsconfig</command> command then connects securely |
|---|
| | | to the directory server over the administration port. |
|---|
| | | Once connected it presents you with a menu-driven interface to the server configuration. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | When you pass connection information, subcommands, and additional options |
|---|
| | | to <command>dsconfig</command>, |
|---|
| | | the command runs in script mode and so is not interactive, |
|---|
| | | though it can prompt you to ask whether to apply changes |
|---|
| | | and whether to trust certificates |
|---|
| | | (unless you use the <option>--no-prompt</option> |
|---|
| | | and <option>--trustAll</option> options, respectively). |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | You can prepare <command>dsconfig</command> batch scripts |
|---|
| | | by running the tool with the <option>--commandFilePath</option> option |
|---|
| | | in interactive mode, |
|---|
| | | then reading from the batch file with the <option>--batchFilePath</option> option |
|---|
| | | in script mode. |
|---|
| | | Batch files can be useful when you have many <command>dsconfig</command> commands to run |
|---|
| | | and want to avoid starting the JVM and setting up a new connection for each command. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | The <command>dsconfig</command> command categorizes |
|---|
| | | directory server configuration into <firstterm>components</firstterm>, |
|---|
| | | also called <firstterm>managed objects</firstterm>. |
|---|
| | | Actual components often inherit from a parent component type. |
|---|
| | | For example, one component is a Connection Handler. |
|---|
| | | An LDAP Connection Handler is a type of Connection Handler. |
|---|
| | | You configure the LDAP Connection Handler component |
|---|
| | | to specify how OpenDJ directory server handles LDAP connections |
|---|
| | | coming from client applications. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | Configuration components have <firstterm>properties</firstterm>. |
|---|
| | | For example, the LDAP Connection Handler component has properties |
|---|
| | | such as <literal>listen-port</literal> and <literal>allow-start-tls</literal>. |
|---|
| | | You can set the component's <literal>listen-port</literal> property |
|---|
| | | to <literal>389</literal> to use the default LDAP port number. |
|---|
| | | You can set the component's <literal>allow-start-tls</literal> property |
|---|
| | | to <literal>true</literal> to permit LDAP client applications to use StartTLS. |
|---|
| | | Much of the configuration you do with <command>dsconfig</command> |
|---|
| | | involves setting component properties. |
|---|
| | | </para> |
|---|
| | | </informalexample> |
|---|
| New file |
| | |
|---|
| | | <?xml version="1.0" encoding="UTF-8"?> |
|---|
| | | <!-- |
|---|
| | | ! CCPL HEADER START |
|---|
| | | ! |
|---|
| | | ! This work is licensed under the Creative Commons |
|---|
| | | ! Attribution-NonCommercial-NoDerivs 3.0 Unported License. |
|---|
| | | ! To view a copy of this license, visit |
|---|
| | | ! http://creativecommons.org/licenses/by-nc-nd/3.0/ |
|---|
| | | ! or send a letter to Creative Commons, 444 Castro Street, |
|---|
| | | ! Suite 900, Mountain View, California, 94041, USA. |
|---|
| | | ! |
|---|
| | | ! You can also obtain a copy of the license at legal-notices/CC-BY-NC-ND.txt. |
|---|
| | | ! See the License for the specific language governing permissions |
|---|
| | | ! and limitations under the License. |
|---|
| | | ! |
|---|
| | | ! If applicable, add the following below this CCPL HEADER, with the fields |
|---|
| | | ! enclosed by brackets "[]" replaced with your own identifying information: |
|---|
| | | ! Portions Copyright [yyyy] [name of copyright owner] |
|---|
| | | ! |
|---|
| | | ! CCPL HEADER END |
|---|
| | | ! |
|---|
| | | ! Copyright 2015 ForgeRock AS. |
|---|
| | | ! |
|---|
| | | --> |
|---|
| | | <!-- |
|---|
| | | This use of <informalexample> is mild tag abuse. |
|---|
| | | It serves as a single container element for all the elements here. |
|---|
| | | --> |
|---|
| | | <informalexample |
|---|
| | | xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en' |
|---|
| | | xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' |
|---|
| | | xsi:schemaLocation='http://docbook.org/ns/docbook |
|---|
| | | http://docbook.org/xml/5.0/xsd/docbook.xsd'> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | A persistent search allows the client to continue receiving new results |
|---|
| | | whenever changes are made to data that is in the scope of the search, |
|---|
| | | thus using the search as a form of change notification. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <variablelist> |
|---|
| | | <para> |
|---|
| | | The optional <literal>changetype</literal> setting defines |
|---|
| | | the kinds of updates that result in notification. |
|---|
| | | If you do not set the <literal>changetype</literal>, |
|---|
| | | the default behavior is to send notifications for all updates. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>add</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Send notifications for LDAP add operations. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>del</literal></term> |
|---|
| | | <term><literal>delete</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Send notifications for LDAP delete operations. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>mod</literal></term> |
|---|
| | | <term><literal>modify</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Send notifications for LDAP modify operations. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>moddn</literal></term> |
|---|
| | | <term><literal>modrdn</literal></term> |
|---|
| | | <term><literal>modifydn</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Send notifications for LDAP modify DN (rename and move) operations. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>all</literal></term> |
|---|
| | | <term><literal>any</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Send notifications for all LDAP update operations. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | </variablelist> |
|---|
| | | |
|---|
| | | <variablelist> |
|---|
| | | <para> |
|---|
| | | The optional <literal>changesonly</literal> setting defines |
|---|
| | | whether the server returns existing entries as well as changes. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>true</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Do not return existing entries, |
|---|
| | | but instead only notifications about changes. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | This is the default setting. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>false</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Also return existing entries. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | </variablelist> |
|---|
| | | |
|---|
| | | <variablelist> |
|---|
| | | <para> |
|---|
| | | The optional <literal>entrychgcontrols</literal> setting defines |
|---|
| | | whether the server returns an Entry Change Notification control |
|---|
| | | with each entry notification. |
|---|
| | | The Entry Change Notification control provides additional information |
|---|
| | | about the change that caused the entry to be returned by the search. |
|---|
| | | In particular, it indicates the change type, |
|---|
| | | the change number if available, |
|---|
| | | and the previous DN if the change type was a modify DN operation. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>true</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Do request the Entry Change Notification control. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | This is the default setting. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>false</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Do not request the Entry Change Notification control. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | </variablelist> |
|---|
| | | </informalexample> |
|---|
| New file |
| | |
|---|
| | | <?xml version="1.0" encoding="UTF-8"?> |
|---|
| | | <!-- |
|---|
| | | ! CCPL HEADER START |
|---|
| | | ! |
|---|
| | | ! This work is licensed under the Creative Commons |
|---|
| | | ! Attribution-NonCommercial-NoDerivs 3.0 Unported License. |
|---|
| | | ! To view a copy of this license, visit |
|---|
| | | ! http://creativecommons.org/licenses/by-nc-nd/3.0/ |
|---|
| | | ! or send a letter to Creative Commons, 444 Castro Street, |
|---|
| | | ! Suite 900, Mountain View, California, 94041, USA. |
|---|
| | | ! |
|---|
| | | ! You can also obtain a copy of the license at legal-notices/CC-BY-NC-ND.txt. |
|---|
| | | ! See the License for the specific language governing permissions |
|---|
| | | ! and limitations under the License. |
|---|
| | | ! |
|---|
| | | ! If applicable, add the following below this CCPL HEADER, with the fields |
|---|
| | | ! enclosed by brackets "[]" replaced with your own identifying information: |
|---|
| | | ! Portions Copyright [yyyy] [name of copyright owner] |
|---|
| | | ! |
|---|
| | | ! CCPL HEADER END |
|---|
| | | ! |
|---|
| | | ! Copyright 2015 ForgeRock AS. |
|---|
| | | ! |
|---|
| | | --> |
|---|
| | | <!-- |
|---|
| | | This use of <informalexample> is mild tag abuse. |
|---|
| | | It serves as a single container element for all the elements here. |
|---|
| | | --> |
|---|
| | | <informalexample |
|---|
| | | xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en' |
|---|
| | | xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' |
|---|
| | | xsi:schemaLocation='http://docbook.org/ns/docbook |
|---|
| | | http://docbook.org/xml/5.0/xsd/docbook.xsd'> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | This utility thus performs only part of the upgrade process, |
|---|
| | | which includes the following phases for a single server. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <orderedlist> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Get and unpack a newer version of OpenDJ directory server software. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Stop the current OpenDJ directory server. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Overwrite existing binary and script files with those of the newer version, |
|---|
| | | and then run this utility before restarting OpenDJ. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Start the upgraded OpenDJ directory server. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </orderedlist> |
|---|
| | | |
|---|
| | | <important> |
|---|
| | | <para> |
|---|
| | | This utility <emphasis>does not back up OpenDJ before you upgrade, |
|---|
| | | nor does it restore OpenDJ if the utility fails</emphasis>. |
|---|
| | | In order to revert a failed upgrade, |
|---|
| | | make sure you back up OpenDJ directory server |
|---|
| | | before you overwrite existing binary and script files. |
|---|
| | | </para> |
|---|
| | | </important> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | By default this utility requests confirmation |
|---|
| | | before making important configuration changes. |
|---|
| | | You can use the <option>--no-prompt</option> option |
|---|
| | | to run the command non-interactively. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | When using the <option>--no-prompt</option> option, |
|---|
| | | if this utility cannot complete |
|---|
| | | because it requires confirmation for a potentially very long or critical task, |
|---|
| | | then it exits with an error and |
|---|
| | | a message about how to finish making the changes. |
|---|
| | | You can add the <option>--force</option> option |
|---|
| | | to force a non-interactive upgrade to continue in this case, |
|---|
| | | also performing long running and critical tasks. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | After upgrading, see the resulting <filename>upgrade.log</filename> file |
|---|
| | | for a full list of operations performed. |
|---|
| | | </para> |
|---|
| | | </informalexample> |
|---|
| New file |
| | |
|---|
| | | <?xml version="1.0" encoding="UTF-8"?> |
|---|
| | | <!-- |
|---|
| | | ! CCPL HEADER START |
|---|
| | | ! |
|---|
| | | ! This work is licensed under the Creative Commons |
|---|
| | | ! Attribution-NonCommercial-NoDerivs 3.0 Unported License. |
|---|
| | | ! To view a copy of this license, visit |
|---|
| | | ! http://creativecommons.org/licenses/by-nc-nd/3.0/ |
|---|
| | | ! or send a letter to Creative Commons, 444 Castro Street, |
|---|
| | | ! Suite 900, Mountain View, California, 94041, USA. |
|---|
| | | ! |
|---|
| | | ! You can also obtain a copy of the license at legal-notices/CC-BY-NC-ND.txt. |
|---|
| | | ! See the License for the specific language governing permissions |
|---|
| | | ! and limitations under the License. |
|---|
| | | ! |
|---|
| | | ! If applicable, add the following below this CCPL HEADER, with the fields |
|---|
| | | ! enclosed by brackets "[]" replaced with your own identifying information: |
|---|
| | | ! Portions Copyright [yyyy] [name of copyright owner] |
|---|
| | | ! |
|---|
| | | ! CCPL HEADER END |
|---|
| | | ! |
|---|
| | | ! Copyright 2015 ForgeRock AS. |
|---|
| | | ! |
|---|
| | | --> |
|---|
| | | <itemizedlist |
|---|
| | | xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en' |
|---|
| | | xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' |
|---|
| | | xsi:schemaLocation='http://docbook.org/ns/docbook |
|---|
| | | http://docbook.org/xml/5.0/xsd/docbook.xsd'> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | Some property values take a time duration. |
|---|
| | | Durations are expressed as numbers followed by units. |
|---|
| | | For example <literal>1 s</literal> means one second, |
|---|
| | | and <literal>2 w</literal> means two weeks. |
|---|
| | | Some durations have minimum granularity or maximum units, |
|---|
| | | so you cannot necessary specify every duration |
|---|
| | | in milliseconds or weeks for example. |
|---|
| | | Some durations allow you to use a special value to mean unlimited. |
|---|
| | | Units are specified as follows. |
|---|
| | | </para> |
|---|
| | | <listitem><para><literal>ms</literal>: milliseconds</para></listitem> |
|---|
| | | <listitem><para><literal>s</literal>: seconds</para></listitem> |
|---|
| | | <listitem><para><literal>m</literal>: minutes</para></listitem> |
|---|
| | | <listitem><para><literal>h</literal>: hours</para></listitem> |
|---|
| | | <listitem><para><literal>d</literal>: days</para></listitem> |
|---|
| | | <listitem><para><literal>w</literal>: weeks</para></listitem> |
|---|
| | | </itemizedlist> |
|---|
| New file |
| | |
|---|
| | | <?xml version="1.0" encoding="UTF-8"?> |
|---|
| | | <!-- |
|---|
| | | ! CCPL HEADER START |
|---|
| | | ! |
|---|
| | | ! This work is licensed under the Creative Commons |
|---|
| | | ! Attribution-NonCommercial-NoDerivs 3.0 Unported License. |
|---|
| | | ! To view a copy of this license, visit |
|---|
| | | ! http://creativecommons.org/licenses/by-nc-nd/3.0/ |
|---|
| | | ! or send a letter to Creative Commons, 444 Castro Street, |
|---|
| | | ! Suite 900, Mountain View, California, 94041, USA. |
|---|
| | | ! |
|---|
| | | ! You can also obtain a copy of the license at legal-notices/CC-BY-NC-ND.txt. |
|---|
| | | ! See the License for the specific language governing permissions |
|---|
| | | ! and limitations under the License. |
|---|
| | | ! |
|---|
| | | ! If applicable, add the following below this CCPL HEADER, with the fields |
|---|
| | | ! enclosed by brackets "[]" replaced with your own identifying information: |
|---|
| | | ! Portions Copyright [yyyy] [name of copyright owner] |
|---|
| | | ! |
|---|
| | | ! CCPL HEADER END |
|---|
| | | ! |
|---|
| | | ! Copyright 2015 ForgeRock AS. |
|---|
| | | ! |
|---|
| | | --> |
|---|
| | | <variablelist |
|---|
| | | xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en' |
|---|
| | | xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' |
|---|
| | | xsi:schemaLocation='http://docbook.org/ns/docbook |
|---|
| | | http://docbook.org/xml/5.0/xsd/docbook.xsd'> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | When you list index status, the result is a table, |
|---|
| | | followed by a "Total", which is the total number of indexes, |
|---|
| | | followed by a list of indexes with "Undefined keys" to show |
|---|
| | | the values for which the number of entries exceeded the index entry limit. |
|---|
| | | The table has the following columns. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term>Index Name</term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Name of the index, |
|---|
| | | which takes the form <replaceable>attr.type</replaceable> |
|---|
| | | for attribute indexes, |
|---|
| | | and vlv.<replaceable>name</replaceable> for VLV indexes. |
|---|
| | | Some indexes are for OpenDJ directory server's internal use. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | Example: <literal>givenName.substring</literal> |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term>Index Type</term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Type of the index, |
|---|
| | | which is <literal>Index</literal> for attribute indexes, |
|---|
| | | and <literal>VLVIndex</literal> for VLV indexes. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term>JE Database Name</term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Name of the <literal>local-db</literal> backend database, |
|---|
| | | which reflects how OpenDJ directory server |
|---|
| | | organizes the data in the database. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | Example: <literal>dc_example_dc_com_givenName.substring</literal> |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term>Index Valid</term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | This is <literal>true</literal> for valid indexes. |
|---|
| | | If this is <literal>false</literal>, |
|---|
| | | the index might be degraded. |
|---|
| | | Verify the index, and rebuild the index if necessary. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term>Record Count</term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Number of indexed keys. |
|---|
| | | Use the <command>dbtest dump-database-container</command> command |
|---|
| | | to see how many entry IDs correspond to each key. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term>Undefined</term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Number of keys for which there are too many values |
|---|
| | | to maintain an index, based on the index entry limit. |
|---|
| | | This is recorded as <literal>-</literal> for VLV indexes. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | In other words, with the default index entry limit of 4000, |
|---|
| | | if every user in your large directory has an email address |
|---|
| | | ending in <literal>@example.com</literal>, |
|---|
| | | and a substring index is maintained for <literal>mail</literal>, |
|---|
| | | then OpenDJ directory server does not maintain indexes for |
|---|
| | | keys corresponding to substrings in <literal>@example.com</literal>. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | As a result, an LDAP search with the filter |
|---|
| | | <literal>"(mail=*@example.com)"</literal> becomes an unindexed search |
|---|
| | | even though a substring index exists for the mail attribute. |
|---|
| | | By default OpenDJ directory server does not allow unindexed searches |
|---|
| | | except by privileged users. |
|---|
| | | This is usually exactly the behavior you want |
|---|
| | | in order to prevent client applications for example |
|---|
| | | from sending searches that return every user in the directory. |
|---|
| | | Clients should refine their search filters instead. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term>95%, 90%, 85%</term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Number of keys for which the number of values is approaching |
|---|
| | | the index entry limit, having reached the specified percentage. |
|---|
| | | This is a measure of how full the entry ID lists are. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | </variablelist> |
|---|
| New file |
| | |
|---|
| | | <?xml version="1.0" encoding="UTF-8"?> |
|---|
| | | <!-- |
|---|
| | | ! CCPL HEADER START |
|---|
| | | ! |
|---|
| | | ! This work is licensed under the Creative Commons |
|---|
| | | ! Attribution-NonCommercial-NoDerivs 3.0 Unported License. |
|---|
| | | ! To view a copy of this license, visit |
|---|
| | | ! http://creativecommons.org/licenses/by-nc-nd/3.0/ |
|---|
| | | ! or send a letter to Creative Commons, 444 Castro Street, |
|---|
| | | ! Suite 900, Mountain View, California, 94041, USA. |
|---|
| | | ! |
|---|
| | | ! You can also obtain a copy of the license at legal-notices/CC-BY-NC-ND.txt. |
|---|
| | | ! See the License for the specific language governing permissions |
|---|
| | | ! and limitations under the License. |
|---|
| | | ! |
|---|
| | | ! If applicable, add the following below this CCPL HEADER, with the fields |
|---|
| | | ! enclosed by brackets "[]" replaced with your own identifying information: |
|---|
| | | ! Portions Copyright [yyyy] [name of copyright owner] |
|---|
| | | ! |
|---|
| | | ! CCPL HEADER END |
|---|
| | | ! |
|---|
| | | ! Copyright 2015 ForgeRock AS. |
|---|
| | | ! |
|---|
| | | --> |
|---|
| | | <variablelist |
|---|
| | | xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en' |
|---|
| | | xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' |
|---|
| | | xsi:schemaLocation='http://docbook.org/ns/docbook |
|---|
| | | http://docbook.org/xml/5.0/xsd/docbook.xsd'> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | For some <replaceable>controloid</replaceable> values, |
|---|
| | | you can replace object identifiers with user-friendly strings. |
|---|
| | | The strings are listed here in lower case, but the case is not important. |
|---|
| | | You can use camelCase if you prefer, for example. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>accountusable</literal></term> |
|---|
| | | <term><literal>accountusability</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Account Usability Control, Object Identifier: 1.3.6.1.4.1.42.2.27.9.5.8 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>authzid</literal></term> |
|---|
| | | <term><literal>authorizationidentity</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Authorization Identity Request Control, Object Identifier: 2.16.840.1.113730.3.4.16 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>effectiverights</literal></term> |
|---|
| | | <term><literal>geteffectiverights</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Get Effective Rights Request Control, Object Identifier: 1.3.6.1.4.1.42.2.27.9.5.2 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>managedsait</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Manage DSAIT Request Control, Object Identifier: 2.16.840.1.113730.3.4.2 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>noop</literal></term> |
|---|
| | | <term><literal>no-op</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | No-Op Control, Object Identifier: 1.3.6.1.4.1.4203.1.10.2 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>pwpolicy</literal></term> |
|---|
| | | <term><literal>passwordpolicy</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Password Policy Control, Object Identifier: 1.3.6.1.4.1.42.2.27.8.5.1 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>realattrsonly</literal></term> |
|---|
| | | <term><literal>realattributesonly</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Real Attributes Only Request Control, Object Identifier: 2.16.840.1.113730.3.4.17 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>subtreedelete</literal></term> |
|---|
| | | <term><literal>treedelete</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Subtree Delete Request Control, Object Identifier: 1.2.840.113556.1.4.805 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>virtualattrsonly</literal></term> |
|---|
| | | <term><literal>virtualattributesonly</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Virtual Attributes Only Request Control, Object Identifier: 2.16.840.1.113730.3.4.19 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | </variablelist> |
|---|
| | |
|---|
| | | REF_SHORT_DESC_WINDOWS_SERVICE_15030=register OpenDJ as a Windows Service |
|---|
| | | |
|---|
| | | # Supplements to descriptions for generated reference documentation. |
|---|
| | | SUPPLEMENT_DESCRIPTION_DBTEST_SUBCMD_LIST_INDEX_STATUS_20001=<para> \ |
|---|
| | | When you list index status, the result is a table, \ |
|---|
| | | followed by a "Total", which is the total number of indexes, \ |
|---|
| | | followed by a list of indexes with "Undefined keys" to show \ |
|---|
| | | the values for which the number of entries exceeded the index entry limit. \ |
|---|
| | | The table has the following columns. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <variablelist> \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term>Index Name</term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Name of the index, \ |
|---|
| | | which takes the form <replaceable>attr.type</replaceable> \ |
|---|
| | | for attribute indexes, \ |
|---|
| | | and vlv.<replaceable>name</replaceable> for VLV indexes. \ |
|---|
| | | Some indexes are for OpenDJ directory server's internal use. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | Example: <literal>givenName.substring</literal> \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term>Index Type</term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Type of the index, \ |
|---|
| | | which is <literal>Index</literal> for attribute indexes, \ |
|---|
| | | and <literal>VLVIndex</literal> for VLV indexes. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term>JE Database Name</term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Name of the <literal>local-db</literal> backend database, \ |
|---|
| | | which reflects how OpenDJ directory server \ |
|---|
| | | organizes the data in the database. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | Example: <literal>dc_example_dc_com_givenName.substring</literal> \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term>Index Valid</term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | This is <literal>true</literal> for valid indexes. \ |
|---|
| | | If this is <literal>false</literal>, \ |
|---|
| | | the index might be degraded. \ |
|---|
| | | Verify the index, and rebuild the index if necessary. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term>Record Count</term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Number of indexed keys. \ |
|---|
| | | Use the <command>dbtest dump-database-container</command> command \ |
|---|
| | | to see how many entry IDs correspond to each key. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term>Undefined</term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Number of keys for which there are too many values \ |
|---|
| | | to maintain an index, based on the index entry limit. \ |
|---|
| | | This is recorded as <literal>-</literal> for VLV indexes. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | In other words, with the default index entry limit of 4000, \ |
|---|
| | | if every user in your large directory has an email address \ |
|---|
| | | ending in <literal>@example.com</literal>, \ |
|---|
| | | and a substring index is maintained for <literal>mail</literal>, \ |
|---|
| | | then OpenDJ directory server does not maintain indexes for \ |
|---|
| | | keys corresponding to substrings in <literal>@example.com</literal>. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | As a result, an LDAP search with the filter \ |
|---|
| | | <literal>"(mail=*@example.com)"</literal> becomes an unindexed search \ |
|---|
| | | even though a substring index exists for the mail attribute. \ |
|---|
| | | By default OpenDJ directory server does not allow unindexed searches \ |
|---|
| | | except by privileged users. \ |
|---|
| | | This is usually exactly the behavior you want \ |
|---|
| | | in order to prevent client applications for example \ |
|---|
| | | from sending searches that return every user in the directory. \ |
|---|
| | | Clients should refine their search filters instead. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term>95%, 90%, 85%</term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Number of keys for which the number of values is approaching \ |
|---|
| | | the index entry limit, having reached the specified percentage. \ |
|---|
| | | This is a measure of how full the entry ID lists are. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | </variablelist> |
|---|
| | | SUPPLEMENT_DESCRIPTION_PSEARCH_INFO_20002=<para> \ |
|---|
| | | A persistent search allows the client to continue receiving new results \ |
|---|
| | | whenever changes are made to data that is in the scope of the search, \ |
|---|
| | | thus using the search as a form of change notification. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <variablelist> \ |
|---|
| | | <para> \ |
|---|
| | | The optional <literal>changetype</literal> setting defines \ |
|---|
| | | the kinds of updates that result in notification. \ |
|---|
| | | If you do not set the <literal>changetype</literal>, \ |
|---|
| | | the default behavior is to send notifications for all updates. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>add</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Send notifications for LDAP add operations. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>del</literal></term> \ |
|---|
| | | <term><literal>delete</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Send notifications for LDAP delete operations. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>mod</literal></term> \ |
|---|
| | | <term><literal>modify</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Send notifications for LDAP modify operations. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>moddn</literal></term> \ |
|---|
| | | <term><literal>modrdn</literal></term> \ |
|---|
| | | <term><literal>modifydn</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Send notifications for LDAP modify DN (rename and move) operations. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>all</literal></term> \ |
|---|
| | | <term><literal>any</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Send notifications for all LDAP update operations. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | </variablelist> \ |
|---|
| | | \ |
|---|
| | | <variablelist> \ |
|---|
| | | <para> \ |
|---|
| | | The optional <literal>changesonly</literal> setting defines \ |
|---|
| | | whether the server returns existing entries as well as changes. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>true</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Do not return existing entries, \ |
|---|
| | | but instead only notifications about changes. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | This is the default setting. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>false</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Also return existing entries. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | </variablelist> \ |
|---|
| | | \ |
|---|
| | | <variablelist> \ |
|---|
| | | <para> \ |
|---|
| | | The optional <literal>entrychgcontrols</literal> setting defines \ |
|---|
| | | whether the server returns an Entry Change Notification control \ |
|---|
| | | with each entry notification. \ |
|---|
| | | The Entry Change Notification control provides additional information \ |
|---|
| | | about the change that caused the entry to be returned by the search. \ |
|---|
| | | In particular, it indicates the change type, \ |
|---|
| | | the change number if available, \ |
|---|
| | | and the previous DN if the change type was a modify DN operation. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>true</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Do request the Entry Change Notification control. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | This is the default setting. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>false</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Do not request the Entry Change Notification control. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | </variablelist> |
|---|
| | | SUPPLEMENT_DESCRIPTION_CONTROLS_20003=<para> \ |
|---|
| | | For some <replaceable>controloid</replaceable> values, \ |
|---|
| | | you can replace object identifiers with user-friendly strings. \ |
|---|
| | | \ |
|---|
| | | The strings are listed here in lower case, but the case is not important. \ |
|---|
| | | You can use camelCase if you prefer, for example. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <variablelist> \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>accountusable</literal></term> \ |
|---|
| | | <term><literal>accountusability</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Account Usability Control, Object Identifier: 1.3.6.1.4.1.42.2.27.9.5.8</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>authzid</literal></term> \ |
|---|
| | | <term><literal>authorizationidentity</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Authorization Identity Request Control, Object Identifier: 2.16.840.1.113730.3.4.16</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>effectiverights</literal></term> \ |
|---|
| | | <term><literal>geteffectiverights</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Get Effective Rights Request Control, Object Identifier: 1.3.6.1.4.1.42.2.27.9.5.2</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>managedsait</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Manage DSAIT Request Control, Object Identifier: 2.16.840.1.113730.3.4.2</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>noop</literal></term> \ |
|---|
| | | <term><literal>no-op</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>No-Op Control, Object Identifier: 1.3.6.1.4.1.4203.1.10.2</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>pwpolicy</literal></term> \ |
|---|
| | | <term><literal>passwordpolicy</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Password Policy Control, Object Identifier: 1.3.6.1.4.1.42.2.27.8.5.1</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>realattrsonly</literal></term> \ |
|---|
| | | <term><literal>realattributesonly</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Real Attributes Only Request Control, Object Identifier: 2.16.840.1.113730.3.4.17</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>subtreedelete</literal></term> \ |
|---|
| | | <term><literal>treedelete</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Subtree Delete Request Control, Object Identifier: 1.2.840.113556.1.4.805</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | \ |
|---|
| | | <varlistentry> \ |
|---|
| | | <term><literal>virtualattrsonly</literal></term> \ |
|---|
| | | <term><literal>virtualattributesonly</literal></term> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para>Virtual Attributes Only Request Control, Object Identifier: 2.16.840.1.113730.3.4.19</para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </varlistentry> \ |
|---|
| | | </variablelist> |
|---|
| | | SUPPLEMENT_DESCRIPTION_UPGRADE_CLI_20004=<para> \ |
|---|
| | | This utility thus performs only part of the upgrade process, \ |
|---|
| | | which includes the following phases for a single server. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <orderedlist> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Get and unpack a newer version of OpenDJ directory server software. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Stop the current OpenDJ directory server. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Overwrite existing binary and script files with those of the newer version, \ |
|---|
| | | and then run this utility before restarting OpenDJ. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | <listitem> \ |
|---|
| | | <para> \ |
|---|
| | | Start the upgraded OpenDJ directory server. \ |
|---|
| | | </para> \ |
|---|
| | | </listitem> \ |
|---|
| | | </orderedlist> \ |
|---|
| | | \ |
|---|
| | | <important> \ |
|---|
| | | <para> \ |
|---|
| | | This utility <emphasis>does not back up OpenDJ before you upgrade, \ |
|---|
| | | nor does it restore OpenDJ if the utility fails</emphasis>. \ |
|---|
| | | In order to revert a failed upgrade, \ |
|---|
| | | make sure you back up OpenDJ directory server \ |
|---|
| | | before you overwrite existing binary and script files. \ |
|---|
| | | </para> \ |
|---|
| | | </important> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | By default this utility requests confirmation \ |
|---|
| | | before making important configuration changes. \ |
|---|
| | | You can use the <option>--no-prompt</option> option \ |
|---|
| | | to run the command non-interactively. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | When using the <option>--no-prompt</option> option, \ |
|---|
| | | if this utility cannot complete \ |
|---|
| | | because it requires confirmation for a potentially very long or critical task, \ |
|---|
| | | then it exits with an error and \ |
|---|
| | | a message about how to finish making the changes. \ |
|---|
| | | You can add the <option>--force</option> option \ |
|---|
| | | to force a non-interactive upgrade to continue in this case, \ |
|---|
| | | also performing long running and critical tasks. \ |
|---|
| | | </para> \ |
|---|
| | | \ |
|---|
| | | <para> \ |
|---|
| | | After upgrading, see the resulting <filename>upgrade.log</filename> file \ |
|---|
| | | for a full list of operations performed. \ |
|---|
| | | </para> |
|---|
| | | SUPPLEMENT_DESCRIPTION_DBTEST_SUBCMD_LIST_INDEX_STATUS_20001=\ |
|---|
| | | <xinclude:include href="variablelist-dbtest-index-status.xml" /> |
|---|
| | | SUPPLEMENT_DESCRIPTION_PSEARCH_INFO_20002=<xinclude:include href="description-psearch-info.xml" /> |
|---|
| | | SUPPLEMENT_DESCRIPTION_CONTROLS_20003=<xinclude:include href="variablelist-ldap-controls.xml" /> |
|---|
| | | SUPPLEMENT_DESCRIPTION_UPGRADE_CLI_20004=<xinclude:include href="description-upgrade.xml" /> |
|---|
| | | INFO_ARGUMENT_DESCRIPTION_TESTONLY_20005=Just verify that the JVM can be \ |
|---|
| | | started properly |
|---|
| | | INFO_INSTALLDS_BACKEND_TYPE_PLACEHOLDER_20006={backendType} |
|---|
| New file |
| | |
|---|
| | | <?xml version="1.0" encoding="UTF-8"?> |
|---|
| | | <!-- |
|---|
| | | ! CCPL HEADER START |
|---|
| | | ! |
|---|
| | | ! This work is licensed under the Creative Commons |
|---|
| | | ! Attribution-NonCommercial-NoDerivs 3.0 Unported License. |
|---|
| | | ! To view a copy of this license, visit |
|---|
| | | ! http://creativecommons.org/licenses/by-nc-nd/3.0/ |
|---|
| | | ! or send a letter to Creative Commons, 444 Castro Street, |
|---|
| | | ! Suite 900, Mountain View, California, 94041, USA. |
|---|
| | | ! |
|---|
| | | ! You can also obtain a copy of the license at legal-notices/CC-BY-NC-ND.txt. |
|---|
| | | ! See the License for the specific language governing permissions |
|---|
| | | ! and limitations under the License. |
|---|
| | | ! |
|---|
| | | ! If applicable, add the following below this CCPL HEADER, with the fields |
|---|
| | | ! enclosed by brackets "[]" replaced with your own identifying information: |
|---|
| | | ! Portions Copyright [yyyy] [name of copyright owner] |
|---|
| | | ! |
|---|
| | | ! CCPL HEADER END |
|---|
| | | ! |
|---|
| | | ! Copyright 2015 ForgeRock AS. |
|---|
| | | ! |
|---|
| | | --> |
|---|
| | | <!-- |
|---|
| | | This use of <informalexample> is mild tag abuse. |
|---|
| | | It serves as a single container element for all the elements here. |
|---|
| | | --> |
|---|
| | | <informalexample |
|---|
| | | xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en' |
|---|
| | | xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' |
|---|
| | | xsi:schemaLocation='http://docbook.org/ns/docbook |
|---|
| | | http://docbook.org/xml/5.0/xsd/docbook.xsd'> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | The <replaceable>template-file-path</replaceable> can be one of the following: |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <itemizedlist> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | A full path to the template file such as |
|---|
| | | <filename>/path/to/opendj/config/MakeLDIF/example.template</filename>. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | A relative path to the template file such as |
|---|
| | | <filename>../../my-test-data.template</filename>. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | A file name that specifies one of the template files |
|---|
| | | that are built into the OpenDJ LDAP Toolkit, |
|---|
| | | such as <filename>example.template</filename>, |
|---|
| | | or <filename>people_and_groups.template</filename>. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </itemizedlist> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | The OpenDJ LDAP Toolkit includes these built-in template and data files: |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <variablelist> |
|---|
| | | <varlistentry> |
|---|
| | | <term><filename>cities</filename></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | List of more than 200 cities. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><filename>example.template</filename></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Template to generate a base entry and users |
|---|
| | | in a branch <literal>ou=people,[suffix]</literal>, |
|---|
| | | where the default setting for suffix is |
|---|
| | | <literal>suffix=dc=example,dc=com</literal>. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><filename>first.names</filename></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | List of more than 8000 first names. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><filename>last.names</filename></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | List of more than 13000 last names. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><filename>people_and_groups.template</filename></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Template to generate a base entry, users, and groups. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><filename>states</filename></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | List of US states by their two-character codes. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><filename>streets</filename></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | List of more than 70 street names. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | </variablelist> |
|---|
| | | </informalexample> |
|---|
| New file |
| | |
|---|
| | | <?xml version="1.0" encoding="UTF-8"?> |
|---|
| | | <!-- |
|---|
| | | ! CCPL HEADER START |
|---|
| | | ! |
|---|
| | | ! This work is licensed under the Creative Commons |
|---|
| | | ! Attribution-NonCommercial-NoDerivs 3.0 Unported License. |
|---|
| | | ! To view a copy of this license, visit |
|---|
| | | ! http://creativecommons.org/licenses/by-nc-nd/3.0/ |
|---|
| | | ! or send a letter to Creative Commons, 444 Castro Street, |
|---|
| | | ! Suite 900, Mountain View, California, 94041, USA. |
|---|
| | | ! |
|---|
| | | ! You can also obtain a copy of the license at legal-notices/CC-BY-NC-ND.txt. |
|---|
| | | ! See the License for the specific language governing permissions |
|---|
| | | ! and limitations under the License. |
|---|
| | | ! |
|---|
| | | ! If applicable, add the following below this CCPL HEADER, with the fields |
|---|
| | | ! enclosed by brackets "[]" replaced with your own identifying information: |
|---|
| | | ! Portions Copyright [yyyy] [name of copyright owner] |
|---|
| | | ! |
|---|
| | | ! CCPL HEADER END |
|---|
| | | ! |
|---|
| | | ! Copyright 2015 ForgeRock AS. |
|---|
| | | ! |
|---|
| | | --> |
|---|
| | | <!-- |
|---|
| | | This use of <informalexample> is mild tag abuse. |
|---|
| | | It serves as a single container element for all the elements here. |
|---|
| | | --> |
|---|
| | | <informalexample |
|---|
| | | xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en' |
|---|
| | | xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' |
|---|
| | | xsi:schemaLocation='http://docbook.org/ns/docbook |
|---|
| | | http://docbook.org/xml/5.0/xsd/docbook.xsd'> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | A persistent search allows the client to continue receiving new results |
|---|
| | | whenever changes are made to data that is in the scope of the search, |
|---|
| | | thus using the search as a form of change notification. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <variablelist> |
|---|
| | | <para> |
|---|
| | | The optional <literal>changetype</literal> setting defines |
|---|
| | | the kinds of updates that result in notification. |
|---|
| | | If you do not set the <literal>changetype</literal>, |
|---|
| | | the default behavior is to send notifications for all updates. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>add</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Send notifications for LDAP add operations. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>del</literal></term> |
|---|
| | | <term><literal>delete</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Send notifications for LDAP delete operations. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>mod</literal></term> |
|---|
| | | <term><literal>modify</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Send notifications for LDAP modify operations. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>moddn</literal></term> |
|---|
| | | <term><literal>modrdn</literal></term> |
|---|
| | | <term><literal>modifydn</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Send notifications for LDAP modify DN (rename and move) operations. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>all</literal></term> |
|---|
| | | <term><literal>any</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Send notifications for all LDAP update operations. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | </variablelist> |
|---|
| | | |
|---|
| | | <variablelist> |
|---|
| | | <para> |
|---|
| | | The optional <literal>changesonly</literal> setting defines |
|---|
| | | whether the server returns existing entries as well as changes. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>true</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Do not return existing entries, |
|---|
| | | but instead only notifications about changes. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | This is the default setting. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>false</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Also return existing entries. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | </variablelist> |
|---|
| | | |
|---|
| | | <variablelist> |
|---|
| | | <para> |
|---|
| | | The optional <literal>entrychgcontrols</literal> setting defines |
|---|
| | | whether the server returns an Entry Change Notification control |
|---|
| | | with each entry notification. |
|---|
| | | The Entry Change Notification control provides additional information |
|---|
| | | about the change that caused the entry to be returned by the search. |
|---|
| | | In particular, it indicates the change type, |
|---|
| | | the change number if available, |
|---|
| | | and the previous DN if the change type was a modify DN operation. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>true</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Do request the Entry Change Notification control. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | This is the default setting. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>false</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Do not request the Entry Change Notification control. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | </variablelist> |
|---|
| | | </informalexample> |
|---|
| New file |
| | |
|---|
| | | <?xml version="1.0" encoding="UTF-8"?> |
|---|
| | | <!-- |
|---|
| | | ! CCPL HEADER START |
|---|
| | | ! |
|---|
| | | ! This work is licensed under the Creative Commons |
|---|
| | | ! Attribution-NonCommercial-NoDerivs 3.0 Unported License. |
|---|
| | | ! To view a copy of this license, visit |
|---|
| | | ! http://creativecommons.org/licenses/by-nc-nd/3.0/ |
|---|
| | | ! or send a letter to Creative Commons, 444 Castro Street, |
|---|
| | | ! Suite 900, Mountain View, California, 94041, USA. |
|---|
| | | ! |
|---|
| | | ! You can also obtain a copy of the license at legal-notices/CC-BY-NC-ND.txt. |
|---|
| | | ! See the License for the specific language governing permissions |
|---|
| | | ! and limitations under the License. |
|---|
| | | ! |
|---|
| | | ! If applicable, add the following below this CCPL HEADER, with the fields |
|---|
| | | ! enclosed by brackets "[]" replaced with your own identifying information: |
|---|
| | | ! Portions Copyright [yyyy] [name of copyright owner] |
|---|
| | | ! |
|---|
| | | ! CCPL HEADER END |
|---|
| | | ! |
|---|
| | | ! Copyright 2015 ForgeRock AS. |
|---|
| | | ! |
|---|
| | | --> |
|---|
| | | <!-- |
|---|
| | | This use of <informalexample> is mild tag abuse. |
|---|
| | | It serves as a single container element for all the elements here. |
|---|
| | | --> |
|---|
| | | <informalexample |
|---|
| | | xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en' |
|---|
| | | xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' |
|---|
| | | xsi:schemaLocation='http://docbook.org/ns/docbook |
|---|
| | | http://docbook.org/xml/5.0/xsd/docbook.xsd'> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | When you do not use the <option>-f</option> option |
|---|
| | | to keep connections open and rebind on the connections, |
|---|
| | | the tool can exhaust its available ports, causing the tool to crash. |
|---|
| | | You can work around this problem on test systems |
|---|
| | | by changing TCP settings on the system. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | For example on Linux systems, set the following parameters |
|---|
| | | in the <filename>/etc/sysctl.conf</filename> file. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <programlisting language="ini"> |
|---|
| | | net.ipv4.tcp_fin_timeout = 30 |
|---|
| | | net.ipv4.tcp_tw_recycle = 1 |
|---|
| | | net.ipv4.tcp_tw_reuse = 1 |
|---|
| | | </programlisting> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | The parameter <literal>net.ipv4.tcp_fin_timeout</literal> |
|---|
| | | sets how long to wait in seconds for a final FIN packet |
|---|
| | | before forcing a close of the socket. |
|---|
| | | The default is 60 (seconds). |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | The parameter <literal>net.ipv4.tcp_tw_recycle</literal> |
|---|
| | | enables fast recycling of TIME_WAIT sockets. |
|---|
| | | The default is 0 (false). |
|---|
| | | Enabling this can cause Network Address Translation (NAT) issues. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | The parameter <literal>net.ipv4.tcp_tw_reuse</literal> |
|---|
| | | enables reuse of TIME_WAIT sockets for new connections. |
|---|
| | | The default is 0 (false). |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | These settings are recommended only for testing, |
|---|
| | | and <emphasis>not for production systems</emphasis>. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | After making the changes to <filename>/etc/sysctl.conf</filename>, |
|---|
| | | reload the configuration with the <command>sysctl</command> command. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <screen> |
|---|
| | | # sysctl -p |
|---|
| | | </screen> |
|---|
| | | </informalexample> |
|---|
| New file |
| | |
|---|
| | | <?xml version="1.0" encoding="UTF-8"?> |
|---|
| | | <!-- |
|---|
| | | ! CCPL HEADER START |
|---|
| | | ! |
|---|
| | | ! This work is licensed under the Creative Commons |
|---|
| | | ! Attribution-NonCommercial-NoDerivs 3.0 Unported License. |
|---|
| | | ! To view a copy of this license, visit |
|---|
| | | ! http://creativecommons.org/licenses/by-nc-nd/3.0/ |
|---|
| | | ! or send a letter to Creative Commons, 444 Castro Street, |
|---|
| | | ! Suite 900, Mountain View, California, 94041, USA. |
|---|
| | | ! |
|---|
| | | ! You can also obtain a copy of the license at legal-notices/CC-BY-NC-ND.txt. |
|---|
| | | ! See the License for the specific language governing permissions |
|---|
| | | ! and limitations under the License. |
|---|
| | | ! |
|---|
| | | ! If applicable, add the following below this CCPL HEADER, with the fields |
|---|
| | | ! enclosed by brackets "[]" replaced with your own identifying information: |
|---|
| | | ! Portions Copyright [yyyy] [name of copyright owner] |
|---|
| | | ! |
|---|
| | | ! CCPL HEADER END |
|---|
| | | ! |
|---|
| | | ! Copyright 2015 ForgeRock AS. |
|---|
| | | ! |
|---|
| | | --> |
|---|
| | | <!-- |
|---|
| | | This use of <informalexample> is mild tag abuse. |
|---|
| | | It serves as a single container element for all the elements here. |
|---|
| | | --> |
|---|
| | | <orderedlist |
|---|
| | | xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en' |
|---|
| | | xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' |
|---|
| | | xsi:schemaLocation='http://docbook.org/ns/docbook |
|---|
| | | http://docbook.org/xml/5.0/xsd/docbook.xsd'> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | The utility looks for resources in the following locations in this order: |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | The current directory where the command is run. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | The resource path directory. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | The built-in files. |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </orderedlist> |
|---|
| New file |
| | |
|---|
| | | <?xml version="1.0" encoding="UTF-8"?> |
|---|
| | | <!-- |
|---|
| | | ! CCPL HEADER START |
|---|
| | | ! |
|---|
| | | ! This work is licensed under the Creative Commons |
|---|
| | | ! Attribution-NonCommercial-NoDerivs 3.0 Unported License. |
|---|
| | | ! To view a copy of this license, visit |
|---|
| | | ! http://creativecommons.org/licenses/by-nc-nd/3.0/ |
|---|
| | | ! or send a letter to Creative Commons, 444 Castro Street, |
|---|
| | | ! Suite 900, Mountain View, California, 94041, USA. |
|---|
| | | ! |
|---|
| | | ! You can also obtain a copy of the license at legal-notices/CC-BY-NC-ND.txt. |
|---|
| | | ! See the License for the specific language governing permissions |
|---|
| | | ! and limitations under the License. |
|---|
| | | ! |
|---|
| | | ! If applicable, add the following below this CCPL HEADER, with the fields |
|---|
| | | ! enclosed by brackets "[]" replaced with your own identifying information: |
|---|
| | | ! Portions Copyright [yyyy] [name of copyright owner] |
|---|
| | | ! |
|---|
| | | ! CCPL HEADER END |
|---|
| | | ! |
|---|
| | | ! Copyright 2015 ForgeRock AS. |
|---|
| | | ! |
|---|
| | | --> |
|---|
| | | <variablelist |
|---|
| | | xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en' |
|---|
| | | xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' |
|---|
| | | xsi:schemaLocation='http://docbook.org/ns/docbook |
|---|
| | | http://docbook.org/xml/5.0/xsd/docbook.xsd'> |
|---|
| | | |
|---|
| | | <para> |
|---|
| | | For some <replaceable>controloid</replaceable> values, |
|---|
| | | you can replace object identifiers with user-friendly strings. |
|---|
| | | The strings are listed here in lower case, but the case is not important. |
|---|
| | | You can use camelCase if you prefer, for example. |
|---|
| | | </para> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>accountusable</literal></term> |
|---|
| | | <term><literal>accountusability</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Account Usability Control, Object Identifier: 1.3.6.1.4.1.42.2.27.9.5.8 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>authzid</literal></term> |
|---|
| | | <term><literal>authorizationidentity</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Authorization Identity Request Control, Object Identifier: 2.16.840.1.113730.3.4.16 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>effectiverights</literal></term> |
|---|
| | | <term><literal>geteffectiverights</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Get Effective Rights Request Control, Object Identifier: 1.3.6.1.4.1.42.2.27.9.5.2 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>managedsait</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Manage DSAIT Request Control, Object Identifier: 2.16.840.1.113730.3.4.2 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>noop</literal></term> |
|---|
| | | <term><literal>no-op</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | No-Op Control, Object Identifier: 1.3.6.1.4.1.4203.1.10.2 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>pwpolicy</literal></term> |
|---|
| | | <term><literal>passwordpolicy</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Password Policy Control, Object Identifier: 1.3.6.1.4.1.42.2.27.8.5.1 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>realattrsonly</literal></term> |
|---|
| | | <term><literal>realattributesonly</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Real Attributes Only Request Control, Object Identifier: 2.16.840.1.113730.3.4.17 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>subtreedelete</literal></term> |
|---|
| | | <term><literal>treedelete</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Subtree Delete Request Control, Object Identifier: 1.2.840.113556.1.4.805 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | |
|---|
| | | <varlistentry> |
|---|
| | | <term><literal>virtualattrsonly</literal></term> |
|---|
| | | <term><literal>virtualattributesonly</literal></term> |
|---|
| | | <listitem> |
|---|
| | | <para> |
|---|
| | | Virtual Attributes Only Request Control, Object Identifier: 2.16.840.1.113730.3.4.19 |
|---|
| | | </para> |
|---|
| | | </listitem> |
|---|
| | | </varlistentry> |
|---|
| | | </variablelist> |
|---|
