From 147d7e05844c8f9b42f2f931411cac646dda8750 Mon Sep 17 00:00:00 2001
From: Mark Craig <mark.craig@forgerock.com>
Date: Wed, 05 Oct 2011 14:33:42 +0000
Subject: [PATCH] http://marginnotes2.wordpress.com/2011/10/05/javascript-to-manage-wide-lines/
---
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-tuning.xml | 62 +
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pta.xml | 121 +++-
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pwd-policy.xml | 95 ++
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-import-export.xml | 24
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-replication.xml | 331 +++++++++--
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-privileges-acis.xml | 73 ++
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-account-lockout.xml | 116 +++-
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-indexing.xml | 59 +
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-groups.xml | 78 ++
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-resource-limits.xml | 26
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-backup-restore.xml | 56 +
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-listeners.xml | 125 +++-
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-virtual-attrs-collective-attrs.xml | 37 +
opendj-sdk/opendj3/src/main/docbkx/install-guide/preface.xml | 1
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-referrals.xml | 8
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-mv-servers.xml | 108 +++
opendj-sdk/opendj3/src/main/docbkx/admin-guide/preface.xml | 1
opendj-sdk/opendj3/src/main/docbkx/dev-guide/preface.xml | 1
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-monitoring.xml | 95 ++-
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-attribute-uniqueness.xml | 43 +
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-samba.xml | 24
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-schema.xml | 28
opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-troubleshooting.xml | 11
23 files changed, 1,158 insertions(+), 365 deletions(-)
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-account-lockout.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-account-lockout.xml
index 0f1b605..0d152aa 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-account-lockout.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-account-lockout.xml
@@ -69,33 +69,65 @@
the server configuration, you must manually apply the changes to each
replica in a replication topology.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-password-policy-prop --policy-name "Default Password Policy"
- --set lockout-failure-count:3 --set lockout-duration:5m
- --set lockout-failure-expiration-interval:5m -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-password-policy-prop
+ --policy-name "Default Password Policy"
+ --set lockout-failure-count:3
+ --set lockout-duration:5m
+ --set lockout-failure-expiration-interval:5m
+ -X -n</screen>
<para>Users having the default password policy are then locked out after
three failed attempts in succession.</para>
- <screen>$ ldapsearch -p 1389 -D "uid=bjensen,ou=people,dc=example,dc=com" -w hifalutin
- -b dc=example,dc=com uid=bjensen mail
+ <screen>$ ldapsearch
+ -p 1389
+ -D "uid=bjensen,ou=people,dc=example,dc=com"
+ -w hifalutin
+ -b dc=example,dc=com
+ uid=bjensen
+ mail
dn: uid=bjensen,ou=People,dc=example,dc=com
mail: bjensen@example.com
-$ ldapsearch -p 1389 -D "uid=bjensen,ou=people,dc=example,dc=com" -w fatfngrs
- -b dc=example,dc=com uid=bjensen mail
+$ ldapsearch
+ -p 1389
+ -D "uid=bjensen,ou=people,dc=example,dc=com"
+ -w fatfngrs
+ -b dc=example,dc=com
+ uid=bjensen
+ mail
The simple bind attempt failed
Result Code: 49 (Invalid Credentials)
-$ ldapsearch -p 1389 -D "uid=bjensen,ou=people,dc=example,dc=com" -w fatfngrs
- -b dc=example,dc=com uid=bjensen mail
+$ ldapsearch
+ -p 1389
+ -D "uid=bjensen,ou=people,dc=example,dc=com"
+ -w fatfngrs
+ -b dc=example,dc=com
+ uid=bjensen
+ mail
The simple bind attempt failed
Result Code: 49 (Invalid Credentials)
-$ ldapsearch -p 1389 -D "uid=bjensen,ou=people,dc=example,dc=com" -w fatfngrs
- -b dc=example,dc=com uid=bjensen mail
+$ ldapsearch
+ -p 1389
+ -D "uid=bjensen,ou=people,dc=example,dc=com"
+ -w fatfngrs
+ -b dc=example,dc=com
+ uid=bjensen
+ mail
The simple bind attempt failed
Result Code: 49 (Invalid Credentials)
-$ ldapsearch -p 1389 -D "uid=bjensen,ou=people,dc=example,dc=com" -w hifalutin
- -b dc=example,dc=com uid=bjensen mail
+$ ldapsearch
+ -p 1389
+ -D "uid=bjensen,ou=people,dc=example,dc=com"
+ -w hifalutin
+ -b dc=example,dc=com
+ uid=bjensen
+ mail
The simple bind attempt failed
Result Code: 49 (Invalid Credentials)</screen>
</section>
@@ -121,9 +153,14 @@
<para>Set the account status to disabled with the
<command>manage-account</command> command.</para>
- <screen>$ manage-account -p 4444 -D "uid=kvaughan,ou=people,dc=example,dc=com"
- -w bribery set-account-is-disabled -O true
- -b uid=bjensen,ou=people,dc=example,dc=com -X
+ <screen>$ manage-account
+ -p 4444
+ -D "uid=kvaughan,ou=people,dc=example,dc=com"
+ -w bribery
+ set-account-is-disabled
+ -O true
+ -b uid=bjensen,ou=people,dc=example,dc=com
+ -X
Account Is Disabled: true</screen>
</step>
</procedure>
@@ -135,9 +172,13 @@
<para>Clear the disabled status using the <command>manage-account</command>
command.</para>
- <screen>$ manage-account -p 4444 -D "uid=kvaughan,ou=people,dc=example,dc=com"
- -w bribery clear-account-is-disabled
- -b uid=bjensen,ou=people,dc=example,dc=com -X
+ <screen>$ manage-account
+ -p 4444
+ -D "uid=kvaughan,ou=people,dc=example,dc=com"
+ -w bribery
+ clear-account-is-disabled
+ -b uid=bjensen,ou=people,dc=example,dc=com
+ -X
Account Is Disabled: false</screen>
</step>
</procedure>
@@ -158,16 +199,28 @@
<step>
<para>Identify the SMTP server to which OpenDJ sends messages.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-global-configuration-prop --set smtp-server:smtp.example.com -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-global-configuration-prop
+ --set smtp-server:smtp.example.com
+ -X -n</screen>
</step>
<step>
<para>Set up OpenDJ to be able to mail users about account status.</para>
- <screen>dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
set-account-status-notification-handler-prop
- --handler-name "SMTP Handler" --set enabled:true
- --set email-address-attribute-type:mail -X -n</screen>
+ --handler-name "SMTP Handler"
+ --set enabled:true
+ --set email-address-attribute-type:mail
+ -X -n</screen>
<para>You can also configure the <literal>message-subject</literal> and
<literal>message-template-file</literal> properties. Try interactive
mode if you plan to do so.</para>
@@ -179,11 +232,16 @@
<step>
<para>Adjust applicable password policies to use the account status
notification handler you configured.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-password-policy-prop --policy-name "Default Password Policy"
- --set account-status-notification-handler:"SMTP Handler" -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-password-policy-prop
+ --policy-name "Default Password Policy"
+ --set account-status-notification-handler:"SMTP Handler"
+ -X -n</screen>
</step>
</procedure>
</section>
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-attribute-uniqueness.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-attribute-uniqueness.xml
index 7317234..083ada9 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-attribute-uniqueness.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-attribute-uniqueness.xml
@@ -66,9 +66,16 @@
<step>
<para>Set the base DN where <literal>uid</literal> should have unique
values, and enable the plugin.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-plugin-prop --plugin-name "UID Unique Attribute"
- --set base-dn:ou=people,dc=example,dc=com --set enabled:true -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-plugin-prop
+ --plugin-name "UID Unique Attribute"
+ --set base-dn:ou=people,dc=example,dc=com
+ --set enabled:true
+ -X -n</screen>
</step>
<step>
<para>Check that the plugin is working correctly.</para>
@@ -78,7 +85,12 @@
add: uid
uid: bjensen
-$ ldapmodify -a -p 1389 -D "cn=Directory Manager" -w password -f bjensen.ldif
+$ ldapmodify
+ -a
+ -p 1389
+ -D "cn=Directory Manager"
+ -w password
+ -f bjensen.ldif
Processing MODIFY request for uid=ajensen,ou=People,dc=example,dc=com
MODIFY operation failed
Result Code: 19 (Constraint Violation)
@@ -100,10 +112,18 @@
</step>
<step>
<para>Set up the plugin configuration for your attribute.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- create-plugin --plugin-name "Unique mobile numbers"
- --type unique-attribute --set enabled:true
- --set base-dn:ou=people,dc=example,dc=com --set type:mobile -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ create-plugin
+ --plugin-name "Unique mobile numbers"
+ --type unique-attribute
+ --set enabled:true
+ --set base-dn:ou=people,dc=example,dc=com
+ --set type:mobile
+ -X -n</screen>
</step>
<step>
<para>Check that the plugin is working correctly.</para>
@@ -118,7 +138,12 @@
add: mobile
mobile: +1 828 555 1212
-$ ldapmodify -a -p 1389 -D "cn=Directory Manager" -w password -f mobile.ldif
+$ ldapmodify
+ -a
+ -p 1389
+ -D "cn=Directory Manager"
+ -w password
+ -f mobile.ldif
Processing MODIFY request for uid=ajensen,ou=People,dc=example,dc=com
MODIFY operation successful for DN uid=ajensen,ou=People,dc=example,dc=com
Processing MODIFY request for uid=bjensen,ou=People,dc=example,dc=com
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-backup-restore.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-backup-restore.xml
index 7bad6d7..db09add 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-backup-restore.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-backup-restore.xml
@@ -58,8 +58,12 @@
<step>
<para>Back up only the database for Example.com, where the data
is stored in the backend named <literal>userRoot</literal>.</para>
- <screen>$ backup -p 5444 -D "cn=Directory Manager" -w password
- -n userRoot -d /path/to/OpenDJ/bak -t 0
+ <screen>$ backup
+ -p 5444
+ -D "cn=Directory Manager"
+ -w password
+ -n userRoot -d /path/to/OpenDJ/bak
+ -t 0
Backup task 20110613143715983 scheduled to start Jun 13, 2011 2:37:15 PM CEST</screen>
</step>
<step>
@@ -83,8 +87,12 @@
</step>
<step>
<para>Back up all user data on the server.</para>
- <screen>$ backup -p 5444 -D "cn=Directory Manager" -w password
- -a -d /path/to/OpenDJ/bak -t 0
+ <screen>$ backup
+ -p 5444
+ -D "cn=Directory Manager"
+ -w password
+ -a -d /path/to/OpenDJ/bak
+ -t 0
Backup task 20110613143801866 scheduled to start Jun 13, 2011 2:38:01 PM CEST</screen>
</step>
</stepalternatives>
@@ -100,9 +108,14 @@
<step>
<para>Back up all user data every night at 2 AM, and notify
diradmin@example.com when finished, or on error.</para>
- <screen>$ backup -p 5444 -D "cn=Directory Manager" -w password -a
- -d /path/to/OpenDJ/bak --recurringTask "00 02 * * *"
- --completionNotify diradmin@example.com --errorNotify diradmin@example.com
+ <screen>$ backup
+ -p 5444
+ -D "cn=Directory Manager"
+ -w password -a
+ -d /path/to/OpenDJ/bak
+ --recurringTask "00 02 * * *"
+ --completionNotify diradmin@example.com
+ --errorNotify diradmin@example.com
Recurring Backup task BackupTask-988d6adf-4d65-44bf-8546-6ea74a2480b0
scheduled successfully</screen>
</step>
@@ -144,7 +157,7 @@
Has Unsigned Hash: false
Has Signed Hash: false
Dependent Upon: none
-$ restore -d /path/to/OpenDJ/bak -I 20110613080032
+$ restore-d /path/to/OpenDJ/bak -I 20110613080032
[13/Jun/2011:15:47:41 +0200] category=JEB severity=NOTICE msgID=8847445
msg=Restored: 00000000.jdb (size 341835)
$ start-ds
@@ -152,8 +165,13 @@
</step>
<step>
<para>Schedule the restore as a task to begin immediately.</para>
- <screen>$ restore -p 5444 -D "cn=Directory Manager" -w password
- -d /path/to/OpenDJ/bak -I 20110613080032 -t 0
+ <screen>$ restore
+ -p 5444
+ -D "cn=Directory Manager"
+ -w password
+ -d /path/to/OpenDJ/bak
+ -I 20110613080032
+ -t 0
Restore task 20110613155052932 scheduled to start Jun 13, 2011 3:50:52 PM CEST</screen>
</step>
</stepalternatives>
@@ -173,8 +191,13 @@
<step>
<para>Prepare the replica to be restored.</para>
- <screen>$ dsreplication pre-external-initialization -I admin -w password -X -n
- -p 5444 -b dc=example,dc=com
+ <screen>$ dsreplication
+ pre-external-initialization
+ -I admin
+ -w password
+ -X -n
+ -p 5444
+ -b dc=example,dc=com
Preparing base DN dc=example,dc=com to be initialized externally ..... Done.
@@ -213,8 +236,13 @@
</step>
<step>
<para>Reinitialize replication on the replica.</para>
- <screen>$ dsreplication post-external-initialization -I admin -w password -X -n
- -p 5444 -b dc=example,dc=com
+ <screen>$ dsreplication
+ post-external-initialization
+ -I admin
+ -w password
+ -X -n
+ -p 5444
+ -b dc=example,dc=com
Updating replication information on base DN dc=example,dc=com ..... Done.
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-groups.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-groups.xml
index 08950aa..e8a04aa 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-groups.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-groups.xml
@@ -78,7 +78,12 @@
uniqueMember: uid=bjensen,ou=People,dc=example,dc=com
uniqueMember: uid=tmorris,ou=People,dc=example,dc=com
-$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -a -f static.ldif
+$ ldapmodify
+ -p 1389
+ -D "cn=Directory Manager"
+ -w password
+ -a
+ -f static.ldif
Processing ADD request for cn=My Static Group,ou=Groups,dc=example,dc=com
ADD operation successful for DN cn=My Static Group,ou=Groups,dc=example,dc=com</screen>
@@ -91,11 +96,18 @@
add: uniqueMember
uniqueMember: uid=scarter,ou=People,dc=example,dc=com
-$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -f add2grp.ldif
+$ ldapmodify
+ -p 1389
+ -D "cn=Directory Manager"
+ -w password
+ -f add2grp.ldif
Processing MODIFY request for cn=My Static Group,ou=Groups,dc=example,dc=com
MODIFY operation successful for DN
cn=My Static Group,ou=Groups,dc=example,dc=com
-$ ldapsearch -p 1389 -b dc=example,dc=com "(cn=My Static Group)"
+$ ldapsearch
+ -p 1389
+ -b dc=example,dc=com
+ "(cn=My Static Group)"
dn: cn=My Static Group,ou=Groups,dc=example,dc=com
ou: Groups
objectClass: groupOfUniqueNames
@@ -133,22 +145,33 @@
ou: Groups
memberURL: ldap:///ou=People,dc=example,dc=com??sub?l=Cupertino
-$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -a -f dynamic.ldif
+$ ldapmodify
+ -p 1389
+ -D "cn=Directory Manager"
+ -w password
+ -a
+ -f dynamic.ldif
Processing ADD request for cn=My Dynamic Group,ou=Groups,dc=example,dc=com
ADD operation successful for DN cn=My Dynamic Group,ou=Groups,dc=example,dc=com</screen>
<para>Group membership changes dynamically as entries change to match the
<literal>memberURL</literal> values.</para>
- <screen>$ ldapsearch -p 1389 -b dc=example,dc=com "(&(uid=*jensen)
- (isMemberOf=cn=My Dynamic Group,ou=Groups,dc=example,dc=com))" mail
+ <screen>$ ldapsearch
+ -p 1389
+ -b dc=example,dc=com
+ "(&(uid=*jensen)(isMemberOf=cn=My Dynamic Group,ou=Groups,dc=example,dc=com))"
+ mail
dn: uid=bjensen,ou=People,dc=example,dc=com
mail: bjensen@example.com
dn: uid=rjensen,ou=People,dc=example,dc=com
mail: rjensen@example.com
-$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password
+$ ldapmodify
+ -p 1389
+ -D "cn=Directory Manager"
+ -w password
dn: uid=ajensen,ou=People,dc=example,dc=com
changetype: modify
replace: l
@@ -157,8 +180,11 @@
Processing MODIFY request for uid=ajensen,ou=People,dc=example,dc=com
MODIFY operation successful for DN uid=ajensen,ou=People,dc=example,dc=com
^D
-$ ldapsearch -p 1389 -b dc=example,dc=com "(&(uid=*jensen)
- (isMemberOf=cn=My Dynamic Group,ou=Groups,dc=example,dc=com))" mail
+$ ldapsearch
+ -p 1389
+ -b dc=example,dc=com
+ "(&(uid=*jensen)(isMemberOf=cn=My Dynamic Group,ou=Groups,dc=example,dc=com))"
+ mail
dn: uid=ajensen,ou=People,dc=example,dc=com
mail: ajensen@example.com
@@ -194,9 +220,15 @@
<literal>Virtual Static member</literal> or
<literal>Virtual Static uniqueMember</literal> property.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-virtual-attribute-prop --name "Virtual Static member"
- --set allow-retrieving-membership:true -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-virtual-attribute-prop
+ --name "Virtual Static member"
+ --set allow-retrieving-membership:true
+ -X -n</screen>
<para>The following example creates a virtual static group, and reads the
group entry with all members.</para>
@@ -266,7 +298,11 @@
<para>OpenDJ lets you look up which groups a user belongs to by using the
<literal>isMemberOf</literal> attribute.</para>
- <screen>$ ldapsearch -p 1389 -b dc=example,dc=com uid=bjensen isMemberOf
+ <screen>$ ldapsearch
+ -p 1389
+ -b dc=example,dc=com
+ uid=bjensen
+ isMemberOf
dn: uid=bjensen,ou=People,dc=example,dc=com
isMemberOf: cn=My Static Group,ou=Groups,dc=example,dc=com
isMemberOf: cn=Virtual Static,ou=Groups,dc=example,dc=com
@@ -291,8 +327,15 @@
referential integrity plugin is disabled by default. To enable the plugin,
use the <command>dsconfig</command> command.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-plugin-prop --plugin-name "Referential Integrity" --set enabled:true -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-plugin-prop
+ --plugin-name "Referential Integrity"
+ --set enabled:true
+ -X -n</screen>
<para>With the plugin enabled, you can see OpenDJ referential integrity
resolving group membership automatically.</para>
@@ -308,7 +351,10 @@
uniqueMember: uid=scarter,ou=People,dc=example,dc=com
cn: My Static Group
-$ ldapdelete -p 1389 -D "cn=Directory Manager" -w password
+$ ldapdelete
+ -p 1389
+ -D "cn=Directory Manager"
+ -w password
uid=scarter,ou=People,dc=example,dc=com
Processing DELETE request for uid=scarter,ou=People,dc=example,dc=com
DELETE operation successful for DN uid=scarter,ou=People,dc=example,dc=com
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-import-export.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-import-export.xml
index a264f6b..6004322 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-import-export.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-import-export.xml
@@ -201,8 +201,15 @@
</step>
<step>
<para>If not, schedule a task to import the data while online.</para>
- <screen>$ import-ldif -X -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- -b dc=example,dc=org -n userRoot -l /path/to/generated.ldif</screen>
+ <screen>$ import-ldif
+ -X
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ -b dc=example,dc=org
+ -n userRoot
+ -l /path/to/generated.ldif</screen>
<para>Notice that the task is scheduled through communication over SSL on
the administration port, by default <literal>4444</literal>. You can
schedule the import task to start at a particular time using the
@@ -236,8 +243,16 @@
</step>
<step>
<para>If not, schedule a task to export the data while online.</para>
- <screen>$ export-ldif -X -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- -b dc=example,dc=org -n userRoot -l /path/to/backup.ldif --start 20111221230000</screen>
+ <screen>$ export-ldif
+ -X
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ -b dc=example,dc=org
+ -n userRoot
+ -l /path/to/backup.ldif
+ --start 20111221230000</screen>
<para>The <option>--start 20111221230000</option> option tells OpenDJ to
start the export at 11 PM on December 21, 2012, assuming the world has
not ended yet.</para>
@@ -327,4 +342,3 @@
</section>
</section>
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-indexing.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-indexing.xml
index 3e5cff5..29f5544 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-indexing.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-indexing.xml
@@ -222,9 +222,16 @@
<para>The following example creates a new substring index for
<literal>description</literal>.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- create-local-db-index --backend-name userRoot --index-name description
- --set index-type:substring -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ create-local-db-index
+ --backend-name userRoot
+ --index-name description
+ --set index-type:substring
+ -n</screen>
</example>
<example xml:id="approx-index-example">
@@ -237,9 +244,16 @@
<para>The following example configures and approximate index for
<literal>cn</literal> (common name).</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-local-db-index-prop --backend-name userRoot --index-name cn
- --set index-type:approximate -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-local-db-index-prop
+ --backend-name userRoot
+ --index-name cn
+ --set index-type:approximate
+ -n</screen>
</example>
</section>
@@ -283,8 +297,14 @@
<para>The following example rebuilds the <literal>cn</literal> index
immediately with the server online.</para>
- <screen>$ rebuild-index -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- -b dc=example,dc=com -i cn -t 0
+ <screen>$ rebuild-index
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ -b dc=example,dc=com
+ -i cn
+ -t 0
Rebuild Index task 20110607171639867 scheduled to start Jun 7, 2011 5:16:39 PM</screen>
</example>
</section>
@@ -335,11 +355,24 @@
<literal>objectClass</literal> index, and then rebuilds the index for the
configuration change to take effect.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-local-db-index-prop --backend-name userRoot --index-name objectClass
- --set index-entry-limit:5000 -n
-$ rebuild-index -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- -b dc=example,dc=com -i objectclass -t 0
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-local-db-index-prop
+ --backend-name userRoot
+ --index-name objectClass
+ --set index-entry-limit:5000
+ -n
+$ rebuild-index
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ -b dc=example,dc=com
+ -i objectclass
+ -t 0
Rebuild Index task 20110607160349596 scheduled to start Jun 7, 2011 4:03:49 PM</screen>
</example>
</section>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-listeners.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-listeners.xml
index ac772af..ea1742f 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-listeners.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-listeners.xml
@@ -55,9 +55,15 @@
<step>
<para>Change the port number using the <command>dsconfig</command>
command.</para>
- <screen>$ dsconfig -h `hostname` -p 4444 -D "cn=Directory Manager" -w password
- set-connection-handler-prop --handler-name "LDAP Connection Handler"
- --set listen-port:11389 -n</screen>
+ <screen>$ dsconfig
+ -h `hostname`
+ -p 4444
+ -D "cn=Directory Manager"
+ -w password
+ set-connection-handler-prop
+ --handler-name "LDAP Connection Handler"
+ --set listen-port:11389
+ -n</screen>
<para>This example changes the port number to 11389 in the configuration.</para>
</step>
<step>
@@ -95,9 +101,14 @@
<step>
<para>Generate the server certificate using the Java
<command>keytool</command> command.</para>
- <screen>$ keytool -genkey -alias server-cert -keyalg rsa
+ <screen>$ keytool
+ -genkey
+ -alias server-cert
+ -keyalg rsa
-dname "CN=mark-laptop,O=Example Corp,C=FR"
- -keystore OpenDJ/config/keystore -storepass changeit -keypass changeit</screen>
+ -keystore OpenDJ/config/keystore
+ -storepass changeit
+ -keypass changeit</screen>
<para>In this example, OpenDJ is running on a system with hostname
<literal>mark-laptop</literal>. The Java Key Store (JKS) is created in
the <filename>config</filename> directory where OpenDJ is installed, which
@@ -105,25 +116,44 @@
</step>
<step>
<para>Self-sign the server certificate.</para>
- <screen>$ keytool -selfcert -alias server-cert -keystore
- OpenDJ/config/keystore -storepass changeit</screen>
+ <screen>$ keytool
+ -selfcert
+ -alias server-cert
+ -keystore OpenDJ/config/keystore
+ -storepass changeit</screen>
</step>
<step>
<para>Configure the File Based Key Manager Provider for JKS to use the
filename and key store PIN that you set up with the
<command>keytool</command> command.</para>
- <screen>$ dsconfig -h `hostname` -p 4444 -D "cn=Directory Manager" -w password -X
- set-key-manager-provider-prop --provider-name JKS
- --set enabled:true --set key-store-pin:changeit
- --remove key-store-pin-file:config/keystore.pin -n</screen>
+ <screen>$ dsconfig
+ -h `hostname`
+ -p 4444
+ -D "cn=Directory Manager"
+ -w password
+ -X
+ set-key-manager-provider-prop
+ --provider-name JKS
+ --set enabled:true
+ --set key-store-pin:changeit
+ --remove key-store-pin-file:config/keystore.pin
+ -n</screen>
</step>
<step>
<para>Configure the File Based Trust Manager Provider for JKS to use the
key store and PIN as well.</para>
- <screen>$ dsconfig -h `hostname` -p 4444 -D "cn=Directory Manager" -w password -X
- set-trust-manager-provider-prop --provider-name JKS
- --set enabled:true --set trust-store-file:config/keystore
- --set trust-store-pin:changeit -n</screen>
+ <screen>$ dsconfig
+ -h `hostname`
+ -p 4444
+ -D "cn=Directory Manager"
+ -w password
+ -X
+ set-trust-manager-provider-prop
+ --provider-name JKS
+ --set enabled:true
+ --set trust-store-file:config/keystore
+ --set trust-store-pin:changeit
+ -n</screen>
<para>At this point, OpenDJ directory server can use your new self-signed
certificate, for example for StartTLS and LDAPS connection handlers.</para>
</step>
@@ -146,10 +176,17 @@
</step>
<step>
<para>Activate StartTLS on the current LDAP port.</para>
- <screen>$ dsconfig -h `hostname` -p 4444 -D "cn=Directory Manager" -w password
- set-connection-handler-prop --handler-name "LDAP Connection Handler"
- --set allow-start-tls:true --set key-manager-provider:JKS
- --set trust-manager-provider:JKS-n</screen>
+ <screen>$ dsconfig
+ -h `hostname`
+ -p 4444
+ -D "cn=Directory Manager"
+ -w password
+ set-connection-handler-prop
+ --handler-name "LDAP Connection Handler"
+ --set allow-start-tls:true
+ --set key-manager-provider:JKS
+ --set trust-manager-provider:JKS
+ -n</screen>
<para>The change takes effect. No need to restart the server.</para>
</step>
</procedure>
@@ -176,9 +213,17 @@
</step>
<step>
<para>Configure the server to activate LDAPS access.</para>
- <screen>$ dsconfig -h `hostname` -p 4444 -D "cn=Directory Manager" -w password
- set-connection-handler-prop --handler-name "LDAPS Connection Handler"
- --set listen-port:1636 --set enabled:true --set use-ssl:true -n</screen>
+ <screen>$ dsconfig
+ -h `hostname`
+ -p 4444
+ -D "cn=Directory Manager"
+ -w password
+ set-connection-handler-prop
+ --handler-name "LDAPS Connection Handler"
+ --set listen-port:1636
+ --set enabled:true
+ --set use-ssl:true
+ -n</screen>
<para>This example changes the port number to 1636 in the configuration.</para>
</step>
</procedure>
@@ -189,9 +234,15 @@
<step>
<para>Change the port number using the <command>dsconfig</command>
command.</para>
- <screen>$ dsconfig -h `hostname` -p 4444 -D "cn=Directory Manager" -w password
- set-connection-handler-prop --handler-name "LDAPS Connection Handler"
- --set listen-port:11636 -n</screen>
+ <screen>$ dsconfig
+ -h `hostname`
+ -p 4444
+ -D "cn=Directory Manager"
+ -w password
+ set-connection-handler-prop
+ --handler-name "LDAPS Connection Handler"
+ --set listen-port:11636
+ -n</screen>
<para>This example changes the port number to 11636 in the configuration.</para>
</step>
<step>
@@ -317,9 +368,15 @@
<step>
<para>Configure the server to activate JMX access.</para>
- <screen>$ dsconfig -h `hostname` -p 4444 -D "cn=Directory Manager" -w password
- set-connection-handler-prop --handler-name "JMX Connection Handler"
- --set enabled:true -n</screen>
+ <screen>$ dsconfig
+ -h `hostname`
+ -p 4444
+ -D "cn=Directory Manager"
+ -w password
+ set-connection-handler-prop
+ --handler-name "JMX Connection Handler"
+ --set enabled:true
+ -n</screen>
<para>This example uses the default port number, 1689.</para>
</step>
<step>
@@ -348,9 +405,15 @@
<step>
<para>Activate LDIF file access.</para>
- <screen>$ dsconfig -h `hostname` -p 4444 -D "cn=Directory Manager" -w password
- set-connection-handler-prop --handler-name "LDIF Connection Handler"
- --set enabled:true -n</screen>
+ <screen>$ dsconfig
+ -h `hostname`
+ -p 4444
+ -D "cn=Directory Manager"
+ -w password
+ set-connection-handler-prop
+ --handler-name "LDIF Connection Handler"
+ --set enabled:true
+ -n</screen>
<para>The change takes effect immediately.</para>
</step>
<step>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-monitoring.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-monitoring.xml
index db9713a..e9f0b8b 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-monitoring.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-monitoring.xml
@@ -91,11 +91,19 @@
OpenDMK, provided separately due to licensing restrictions. Once you have
installed OpenDMK, you can set up a connection handler for SNMP.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- create-connection-handler --handler-name "SNMP Connection Handler"
- --type snmp --set enabled:true --set listen-port:11161
- --set trap-port:11162 -X -n
- --set opendmk-jarfile:<replaceable>OpenDMK-install-dir</replaceable>/lib/jdmkrt.jar</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ create-connection-handler
+ --handler-name "SNMP Connection Handler"
+ --type snmp
+ --set enabled:true
+ --set listen-port:11161
+ --set trap-port:11162
+ --set opendmk-jarfile:<replaceable>OpenDMK-install-dir</replaceable>/lib/jdmkrt.jar
+ -X -n</screen>
</section>
<section xml:id="jmx-monitoring">
@@ -109,24 +117,36 @@
<command>dsconfig</command> command to configure the JMX connection
handler.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-connection-handler-prop --handler-name "JMX Connection Handler"
- --set enabled:true -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-connection-handler-prop
+ --handler-name "JMX Connection Handler"
+ --set enabled:true
+ -X -n</screen>
<para>By default, no users have privileges to access the JMX connection. The
following command adds JMX privileges for Directory Manager.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-root-dn-prop --add default-root-privilege-name:jmx-notify
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-root-dn-prop
+ --add default-root-privilege-name:jmx-notify
--add default-root-privilege-name:jmx-read
- --add default-root-privilege-name:jmx-write -X -n</screen>
+ --add default-root-privilege-name:jmx-write
+ -X -n</screen>
<para>You must also configure security to login remotely. Good luck.</para>
<para>Alternatively, you can connect to a local server process by using the
server process identifier.</para>
- <screen>$ cat ../logs/server.pid
+ <screen>$ cat ../logs/server.pid
3363
$ jvisualvm --openpid 3363 &</screen>
</section>
@@ -174,13 +194,17 @@
administration port, and so can connect to both local and remote
servers.</para>
- <screen>$ manage-tasks -h opendj.example.com -p 4444 -D "cn=Directory Manager"
- -w password -X -n
+ <screen>$ manage-tasks
+ -h opendj.example.com
+ -p 4444
+ -D "cn=Directory Manager"
+ -w password
+ -X -n
- ID Type Status
- --------------------------------------------------------
- example Backup Recurring
- example-20110623030000000 Backup Waiting on start time</screen>
+ID Type Status
+--------------------------------------------------------
+example Backup Recurring
+example-20110623030000000 Backup Waiting on start time</screen>
</section>
<section xml:id="logging">
@@ -290,22 +314,41 @@
events. Yet alert notifications are not enabled by default. You can use
the <command>dsconfig</command> command to enable alert notifications.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-alert-handler-prop --handler-name "JMX Alert Handler"
- --set enabled:true -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-alert-handler-prop
+ --handler-name "JMX Alert Handler"
+ --set enabled:true
+ -X -n</screen>
<para>OpenDJ can also send mail over SMTP instead of JMX notifications.
Before you set up the SMTP-based alert handler, you must identify an SMTP
server to which OpenDJ sends messages.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-global-configuration-prop --set smtp-server:smtp.example.com -X -n
-$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- create-alert-handler --handler-name "SMTP Alert Handler" --type smtp
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-global-configuration-prop
+ --set smtp-server:smtp.example.com
+ -X -n
+$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ create-alert-handler
+ --handler-name "SMTP Alert Handler"
+ --type smtp
--set enabled:true
--set message-subject: "OpenDJ Alert, Type: %%alert-type%%, ID: %%alert-id%%"
--set message-body:"%%alert-message%%"
--set recipient-address:kvaughan@example.com
- --set sender-address:opendj@example.com -X -n</screen>
+ --set sender-address:opendj@example.com
+ -X -n</screen>
</section>
</chapter>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-mv-servers.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-mv-servers.xml
index d31db77..a3d897f 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-mv-servers.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-mv-servers.xml
@@ -100,13 +100,25 @@
<step>
<para>Prevent the server from accepting updates from client
applications.</para>
- <screen>$ dsconfig -p 5444 -h `hostname` -D "cn=Directory Manager" -w password
- set-global-configuration-prop --set writability-mode:internal-only -X -n</screen>
+ <screen>$ dsconfig
+ -p 5444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-global-configuration-prop
+ --set writability-mode:internal-only
+ -X -n</screen>
</step>
<step>
<para>Disable replication for the server.</para>
- <screen>$ dsreplication disable -a -p 5444 -h `hostname` -D "cn=Directory Manager"
- -w password -X -n
+ <screen>$ dsreplication
+ disable
+ -a
+ -p 5444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ -X -n
Establishing connections ..... Done.
Disabling replication on base DN dc=example,dc=com of server localhost:5444
..... Done.
@@ -125,7 +137,7 @@
<para>With the server no longer receiving traffic or accepting updates
from clients, and no longer replicating to other servers, you can shut it
down in preparation for the move.</para>
- <screen>$ stop-ds
+ <screen>$ stop-ds
Stopping Server...
... msg=The Directory Server is now stopped</screen>
@@ -167,11 +179,22 @@
</step>
<step>
<para>Enable and initialize replication.</para>
- <screen>$ dsreplication enable -I admin -w password -X -n -b dc=example,dc=com
- --host1 localhost --port1 4444 --bindDN1 "cn=Directory Manager"
- --bindPassword1 password --replicationPort1 8989
- --host2 remotehost --port2 4444 --bindDN2 "cn=Directory Manager"
- --bindPassword2 password --replicationPort2 8989
+ <screen>$ dsreplication
+ enable
+ -I admin
+ -w password
+ -X -n
+ -b dc=example,dc=com
+ --host1 localhost
+ --port1 4444
+ --bindDN1 "cn=Directory Manager"
+ --bindPassword1 password
+ --replicationPort1 8989
+ --host2 remotehost
+ --port2 4444
+ --bindDN2 "cn=Directory Manager"
+ --bindPassword2 password
+ --replicationPort2 8989
Establishing connections ..... Done.
Checking registration information ..... Done.
@@ -199,7 +222,12 @@
See /tmp/opends-replication-1476402020764482023.log for a detailed log of this
operation.
-$ dsreplication pre-external-initialization -I admin -w password -X -n -p 4444
+$ dsreplication
+ pre-external-initialization
+ -I admin
+ -w password
+ -X -n
+ -p 4444
-b dc=example,dc=com
Preparing base DN dc=example,dc=com to be initialized externally ..... Done.
@@ -211,8 +239,13 @@
When the initialization is completed you must use the subcommand
'post-external-initialization' for replication to work with the new base DN's
contents.
-$ dsreplication post-external-initialization -I admin -w password -X -n
- -p 4444 -b dc=example,dc=com
+$ dsreplication
+ post-external-initialization
+ -I admin
+ -w password
+ -X -n
+ -p 4444
+ -b dc=example,dc=com
Updating replication information on base DN dc=example,dc=com ..... Done.
@@ -220,8 +253,14 @@
</step>
<step>
<para>Accept updates from client applications.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-global-configuration-prop --set writability-mode:enabled -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-global-configuration-prop
+ --set writability-mode:enabled
+ -X -n</screen>
</step>
<step>
<para>Direct client applications to the server.</para>
@@ -301,35 +340,56 @@
<step>
<para>Remove the certificate to replace from the keystore and from the
truststore.</para>
- <screen>$ keytool -delete -alias admin-cert -keystore admin-keystore
+ <screen>$ keytool
+ -delete
+ -alias admin-cert
+ -keystore admin-keystore
-storepass `cat admin-keystore.pin`
-$ keytool -delete -alias admin-cert -keystore admin-truststore
+$ keytool
+ -delete
+ -alias admin-cert
+ -keystore admin-truststore
-storepass `cat admin-keystore.pin`</screen>
</step>
<step>
<para>Generate the private key, storing it in the keystore.</para>
- <screen>$ keytool -genkey -alias admin-cert -keyalg RSA
+ <screen>$ keytool
+ -genkey
+ -alias admin-cert
+ -keyalg RSA
-dname "CN=<replaceable>hostname</replaceable>, O=Administration Connector Self-Signed Certificate"
- -keystore admin-keystore -storepass `cat admin-keystore.pin`
+ -keystore admin-keystore
+ -storepass `cat admin-keystore.pin`
-keypass `cat admin-keystore.pin`</screen>
<para>You might choose to make the key valid for two years with
<option>-validity 730</option>.</para>
</step>
<step>
<para>Self-sign what you generated.</para>
- <screen>$ keytool -selfcert -alias admin-cert -keystore admin-keystore
+ <screen>$ keytool
+ -selfcert
+ -alias admin-cert
+ -keystore admin-keystore
-storepass `cat admin-keystore.pin`</screen>
</step>
<step>
<para>Export the certificate from the keystore.</para>
- <screen>$ keytool -export -alias admin-cert -keystore admin-keystore
- -storepass `cat admin-keystore.pin` -file admin-cert.crt
+ <screen>$ keytool
+ -export
+ -alias admin-cert
+ -keystore admin-keystore
+ -storepass `cat admin-keystore.pin`
+ -file admin-cert.crt
Certificate stored in file <admin-cert.crt></screen>
</step>
<step>
<para>Import the certificate into the truststore.</para>
- <screen>$ keytool -import -alias admin-cert -keystore admin-truststore
- -storepass `cat admin-keystore.pin` -file admin-cert.crt
+ <screen>$ keytool
+ -import
+ -alias admin-cert
+ -keystore admin-truststore
+ -storepass `cat admin-keystore.pin`
+ -file admin-cert.crt
Owner: CN=<replaceable>hostname</replaceable>, O=Administration Connector Self-Signed Certificate
Issuer: CN=<replaceable>hostname</replaceable>, O=Administration Connector Self-Signed Certificate
Serial number: 4e0321c6
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-privileges-acis.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-privileges-acis.xml
index 1bbd6cd..535d57a 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-privileges-acis.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-privileges-acis.xml
@@ -660,7 +660,6 @@
add: ds-privilege-name
ds-privilege-name: config-read
ds-privilege-name: password-reset
-
</screen>
<para>This example lets the user read the server configuration, and reset
user passwords. In order for the user to be able to change a user password,
@@ -670,14 +669,22 @@
<para>Prior to having the privileges, Kirsten gets messages about
insufficent access when trying to read the server configuration, or
reset a user password.</para>
- <screen>$ ldapsearch -p 1389 -D "uid=kvaughan,ou=People,dc=example,dc=com"
- -w bribery -b cn=config "(objectclass=*)"
+ <screen>$ ldapsearch
+ -p 1389
+ -D "uid=kvaughan,ou=People,dc=example,dc=com"
+ -w bribery
+ -b cn=config
+ "(objectclass=*)"
SEARCH operation failed
Result Code: 50 (Insufficient Access Rights)
Additional Information: You do not have sufficient privileges to perform
search operations in the Directory Server configuration
-$ ldappasswordmodify -p 1389 -D "uid=kvaughan,ou=People,dc=example,dc=com"
- -w bribery -a "dn:uid=scarter,ou=People,dc=example,dc=com" -n changeit
+$ ldappasswordmodify
+ -p 1389
+ -D "uid=kvaughan,ou=People,dc=example,dc=com"
+ -w bribery
+ -a "dn:uid=scarter,ou=People,dc=example,dc=com"
+ -n changeit
The LDAP password modify operation failed with result code 50
Error Message: You do not have sufficient privileges to perform password
reset operations</screen>
@@ -690,15 +697,23 @@
MODIFY operation successful for DN uid=kvaughan,ou=People,dc=example,dc=com</screen>
<para>At this point, Kirsten can perform the operations requiring
privileges.</para>
- <screen>$ ldapsearch -p 1389 -D "uid=kvaughan,ou=People,dc=example,dc=com"
- -w bribery -b cn=config "(objectclass=*)"
+ <screen>$ ldapsearch
+ -p 1389
+ -D "uid=kvaughan,ou=People,dc=example,dc=com"
+ -w bribery
+ -b cn=config
+ "(objectclass=*)"
dn: cn=config
ds-cfg-return-bind-error-messages: false
ds-cfg-default-password-policy: cn=Default Password Policy,cn=Password Policies,
cn=config
...
-$ ldappasswordmodify -p 1389 -D "uid=kvaughan,ou=People,dc=example,dc=com"
- -w bribery -a "dn:uid=scarter,ou=People,dc=example,dc=com" -n changeit
+$ ldappasswordmodify
+ -p 1389
+ -D "uid=kvaughan,ou=People,dc=example,dc=com"
+ -w bribery
+ -a "dn:uid=scarter,ou=People,dc=example,dc=com"
+ -n changeit
The LDAP password modify operation was successful</screen>
</step>
</procedure>
@@ -745,8 +760,12 @@
</step>
<step>
<para>Observe that the change takes effect immediately.</para>
- <screen>$ ldappasswordmodify -p 1389 -D "uid=kvaughan,ou=People,dc=example,dc=com"
- -w bribery -a "dn:uid=scarter,ou=People,dc=example,dc=com" -n changeit
+ <screen>$ ldappasswordmodify
+ -p 1389
+ -D "uid=kvaughan,ou=People,dc=example,dc=com"
+ -w bribery
+ -a "dn:uid=scarter,ou=People,dc=example,dc=com"
+ -n changeit
The LDAP password modify operation was successful</screen>
</step>
</procedure>
@@ -904,8 +923,12 @@
<para>In this example, Babs Jensen is the owner of a small group of people
who are willing to carpool.</para>
- <screen>$ ldapsearch -p 1389 -D "uid=bjensen,ou=people,dc=example,dc=com" -w hifalutin
- -b "ou=Self Service,ou=Groups,dc=example,dc=com" "cn=*"
+ <screen>$ ldapsearch
+ -p 1389
+ -D "uid=bjensen,ou=people,dc=example,dc=com"
+ -w hifalutin
+ -b "ou=Self Service,ou=Groups,dc=example,dc=com"
+ "cn=*"
dn: cn=Carpoolers,ou=Self Service,ou=Groups,dc=example,dc=com
objectClass: groupOfNames
objectClass: top
@@ -913,16 +936,20 @@
description: People who are willing to carpool
owner: uid=bjensen,ou=People,dc=example,dc=com
cn: Carpoolers
-
</screen>
<para>Performing the same search with the get effective rights control, and
asking for the <literal>aclRights</literal> attribute, shows what rights
Babs has on the entry.</para>
- <screen>$ ldapsearch -J effectiverights -p 1389
- -D "uid=bjensen,ou=people,dc=example,dc=com" -w hifalutin
- -b "ou=Self Service,ou=Groups,dc=example,dc=com" "cn=*" aclRights
+ <screen>$ ldapsearch
+ -J effectiverights
+ -p 1389
+ -D "uid=bjensen,ou=people,dc=example,dc=com"
+ -w hifalutin
+ -b "ou=Self Service,ou=Groups,dc=example,dc=com"
+ "cn=*"
+ aclRights
dn: cn=Carpoolers,ou=Self Service,ou=Groups,dc=example,dc=com
aclRights;entryLevel: add:0,delete:1,read:1,write:0,proxy:0
</screen>
@@ -930,9 +957,14 @@
<para>Requesting the <literal>aclRightsInfo</literal> attribute results in
information about the ACIs applied to arrive at the results.</para>
- <screen>$ ldapsearch -J effectiverights -p 1389
- -D "uid=bjensen,ou=people,dc=example,dc=com" -w hifalutin
- -b "ou=Self Service,ou=Groups,dc=example,dc=com" "cn=*" aclRights
+ <screen>$ ldapsearch
+ -J effectiverights
+ -p 1389
+ -D "uid=bjensen,ou=people,dc=example,dc=com"
+ -w hifalutin
+ -b "ou=Self Service,ou=Groups,dc=example,dc=com"
+ "cn=*"
+ aclRights
aclRightsInfo
dn: cn=Carpoolers,ou=Self Service,ou=Groups,dc=example,dc=com
aclRightsInfo;logs;entryLevel;read: acl_summary(main): access allowed(read) on e
@@ -956,7 +988,6 @@
) on entry/attr(cn=Carpoolers,ou=Self Service,ou=Groups,dc=example,dc=com, NULL
) to (uid=bjensen,ou=People,dc=example,dc=com) (not proxied) ( reason: no acis
matched the subject )
-
</screen>
</section>
</chapter>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pta.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pta.xml
index 0458704..0fad51e 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pta.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pta.xml
@@ -102,14 +102,23 @@
<para>How you perform this step depends on the authentication directory
server. With OpenDJ, you can export the certificate as shown here.</para>
<screen>$ cd /path/to/PTA-Server/config
-$ keytool -exportcert -rfc -alias server-cert -keystore keystore
- -storepass `cat keystore.pin` > /tmp/pta-srv-cert.pem</screen>
+$ keytool
+ -exportcert
+ -rfc
+ -alias server-cert
+ -keystore keystore
+ -storepass `cat keystore.pin`
+ > /tmp/pta-srv-cert.pem</screen>
</step>
<step>
<para>Make note of the host name used in the certificate.</para>
<para>You use the host name when configuring the SSL connection. With
OpenDJ, you can view the certificate details as shown here.</para>
- <screen>$ keytool -list -v -alias server-cert -keystore keystore
+ <screen>$ keytool
+ -list
+ -v
+ -alias server-cert
+ -keystore keystore
-storepass `cat keystore.pin`
Alias name: server-cert
Creation date: Sep 12, 2011
@@ -130,8 +139,12 @@
<para>Import the authentication server certificate into OpenDJ's
key store.</para>
<screen>$ cd /path/to/OpenDJ/config
-$ keytool -importcert -alias pta-cert -keystore truststore
- -storepass `cat keystore.pin` -file /tmp/pta-srv-cert.pem
+$ keytool
+ -importcert
+ -alias pta-cert
+ -keystore truststore
+ -storepass `cat keystore.pin`
+ -file /tmp/pta-srv-cert.pem
Owner: CN=pta-server.example.com, O=OpenDJ Self-Signed Certificate
Issuer: CN=pta-server.example.com, O=OpenDJ Self-Signed Certificate
Serial number: 4e6dc429
@@ -156,12 +169,21 @@
<step>
<para>Set up an authentication policy for pass through
authentication to the authentication server.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=directory manager" -w password
- create-password-policy --type ldap-pass-through --policy-name "PTA Policy"
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=directory manager"
+ -w password
+ create-password-policy
+ --type ldap-pass-through
+ --policy-name "PTA Policy"
--set primary-remote-ldap-server:pta-server.example.com:636
- --set mapped-attribute:uid --set mapped-search-base-dn:"dc=PTA Server,dc=com"
- --set mapping-policy:mapped-search --set use-ssl:true
- --set trust-manager-provider:JKS -X -n</screen>
+ --set mapped-attribute:uid
+ --set mapped-search-base-dn:"dc=PTA Server,dc=com"
+ --set mapping-policy:mapped-search
+ --set use-ssl:true
+ --set trust-manager-provider:JKS
+ -X -n</screen>
<para>The policy shown here maps identities under
<literal>dc=example,dc=com</literal> to identities under
<literal>dc=PTA Server,dc=com</literal>, where users have the same
@@ -170,8 +192,13 @@
</step>
<step>
<para>Check that your policy has been added to the list.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=directory manager" -w password
- list-password-policies --property use-ssl
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=directory manager"
+ -w password
+ list-password-policies
+ --property use-ssl
Password Policy : Type : use-ssl
------------------------:-------------------:--------
@@ -258,8 +285,12 @@
<step>
<para>Import the server certificate into OpenDJ's key store.</para>
<screen>$ cd /path/to/OpenDJ/config
-$ keytool -importcert -alias ad-cert -keystore truststore
- -storepass `cat keystore.pin` -file ~/Downloads/windows.cer
+$ keytool
+ -importcert
+ -alias ad-cert
+ -keystore truststore
+ -storepass `cat keystore.pin`
+ -file ~/Downloads/windows.cer
Owner: CN=internal-ACTIVEDIRECTORY-CA, DC=internal, DC=forgerock, DC=com
Issuer: CN=internal-ACTIVEDIRECTORY-CA, DC=internal, DC=forgerock, DC=com
Serial number: 587465257200a7b14a6976cb47916b32
@@ -302,14 +333,24 @@
<step>
<para>Set up an authentication policy for OpenDJ users to authenticate
to Active Directory.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- create-password-policy --type ldap-pass-through --policy-name "AD PTA Policy"
- --set primary-remote-ldap-server:ad.example.com:636 --set mapped-attribute:cn
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ create-password-policy
+ --type ldap-pass-through
+ --policy-name "AD PTA Policy"
+ --set primary-remote-ldap-server:ad.example.com:636
+ --set mapped-attribute:cn
--set mapped-search-base-dn:"CN=Users,DC=internal,DC=forgerock,DC=com"
--set mapped-search-bind-dn:"cn=administrator,cn=Users,DC=internal,DC=forgerock
- ,DC=com" --set mapped-search-bind-password:password
+ ,DC=com"
+ --set mapped-search-bind-password:password
--set mapping-policy:mapped-search
- --set trust-manager-provider:JKS --set use-ssl:true -X -n</screen>
+ --set trust-manager-provider:JKS
+ --set use-ssl:true
+ -X -n</screen>
</step>
<step>
<para>Assign the authentication policy to a test user.</para>
@@ -325,9 +366,14 @@
<step>
<para>Check that the user can bind using pass through authentication to
Active Directory.</para>
- <screen>$ ldapsearch -h opendj.example.com -p 1389 -b dc=example,dc=com
- -D uid=ldapptauser,ou=People,dc=example,dc=com -w password
- "(cn=LDAP PTA User)" userpassword cn
+ <screen>$ ldapsearch
+ -h opendj.example.com
+ -p 1389
+ -b dc=example,dc=com
+ -D uid=ldapptauser,ou=People,dc=example,dc=com
+ -w password
+ "(cn=LDAP PTA User)"
+ userpassword cn
dn: uid=ldapptauser,ou=People,dc=example,dc=com
cn: LDAP PTA User</screen>
<para>Notice that to complete the search, the user authenticated with a
@@ -350,7 +396,11 @@
not in fact a password policy. Therefore, the user with a pass through
authentication policy does not have a value for the operational attribute
<literal>pwdPolicySubentry</literal>.</para>
- <screen>$ ldapsearch -p 1389 -b dc=example,dc=com uid=user.0 pwdPolicySubentry
+ <screen>$ ldapsearch
+ -p 1389
+ -b dc=example,dc=com
+ uid=user.0
+ pwdPolicySubentry
dn: uid=user.0,ou=People,dc=example,dc=com
</screen>
</note>
@@ -424,8 +474,12 @@
<step>
<para>Check that the user can authenticate through to the authentication
server.</para>
- <screen>$ ldapsearch -p 1389 -b dc=example,dc=com -D
- uid=user.0,ou=People,dc=example,dc=com -w password uid=user.0 cn sn
+ <screen>$ ldapsearch
+ -p 1389
+ -b dc=example,dc=com
+ -D uid=user.0,ou=People,dc=example,dc=com -w password
+ uid=user.0
+ cn sn
dn: uid=user.0,ou=People,dc=example,dc=com
cn: Aaccf Amar
sn: Amar
@@ -468,8 +522,12 @@
<step>
<para>Make sure you can bind as the user on the authentication
server.</para>
- <screen>$ ldapsearch -p 2389 -D "uid=kvaughan,ou=People,dc=PTA Server,dc=com"
- -w password -b "dc=PTA Server,dc=com" uid=kvaughan
+ <screen>$ ldapsearch
+ -p 2389
+ -D "uid=kvaughan,ou=People,dc=PTA Server,dc=com"
+ -w password
+ -b "dc=PTA Server,dc=com"
+ uid=kvaughan
dn: uid=kvaughan,ou=People,dc=PTA Server,dc=com
objectClass: person
objectClass: organizationalPerson
@@ -487,8 +545,13 @@
<step>
<para>Check that the user can authenticate through to the authentication
server from OpenDJ.</para>
- <screen>$ ldapsearch -p 1389 -D "uid=kvaughan,ou=People,dc=example,dc=com" -w password
- -b dc=example,dc=com uid=kvaughan cn sn
+ <screen>$ ldapsearch
+ -p 1389
+ -D "uid=kvaughan,ou=People,dc=example,dc=com"
+ -w password
+ -b dc=example,dc=com
+ uid=kvaughan
+ cn sn
dn: uid=kvaughan,ou=People,dc=example,dc=com
cn: Kirsten Vaughan
sn: Vaughan</screen>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pwd-policy.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pwd-policy.xml
index 7ca8047..7ab5fc3 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pwd-policy.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-pwd-policy.xml
@@ -69,8 +69,14 @@
policy settings using the <command>dsconfig</command> command as
follows.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- get-password-policy-prop --policy-name "Default Password Policy" --advanced
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ get-password-policy-prop
+ --policy-name "Default Password Policy"
+ --advanced
Property : Value(s)
------------------------------------------:--------------------------
account-status-notification-handler : -
@@ -121,8 +127,13 @@
value. Even the directory manager cannot see the plain text value of a user's
password.</para>
- <screen>$ ldapsearch -p 1389 -D "cn=Directory Manager" -w password
- -b dc=example,dc=com uid=bjensen userpassword
+ <screen>$ ldapsearch
+ -p 1389
+ -D "cn=Directory Manager"
+ -w password
+ -b dc=example,dc=com
+ uid=bjensen
+ userpassword
dn: uid=bjensen,ou=People,dc=example,dc=com
userpassword: {SSHA}QWAtw8ch/9850HNFRRqLNMIQc1YhxCnOoGmk1g==</screen>
@@ -276,21 +287,40 @@
words, and prevent password reuse.</para>
<step>
<para>Enable the appropriate password validator.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-password-validator-prop --validator-name Dictionary --set enabled:true
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-password-validator-prop
+ --validator-name Dictionary
+ --set enabled:true
-X -n</screen>
</step>
<step>
<para>Apply the changes to the default password policy.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-password-policy-prop --policy-name "Default Password Policy"
- --set max-password-age:90d --set min-password-age:4w
- --set password-history-count:7 --set password-validator:Dictionary -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-password-policy-prop
+ --policy-name "Default Password Policy"
+ --set max-password-age:90d
+ --set min-password-age:4w
+ --set password-history-count:7
+ --set password-validator:Dictionary
+ -X -n</screen>
</step>
<step>
<para>Check your work.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- get-password-policy-prop --policy-name "Default Password Policy"
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ get-password-policy-prop
+ --policy-name "Default Password Policy"
Property : Value(s)
------------------------------------------:--------------------------
account-status-notification-handler : -
@@ -332,15 +362,27 @@
yet used their credentials to bind.</para>
<step>
<para>Create the new password policy.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- create-password-policy --policy-name "New Account Password Policy"
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ create-password-policy
+ --policy-name "New Account Password Policy"
--set default-password-storage-scheme:"Salted SHA-1"
- --set force-change-on-add:true --set password-attribute:userPassword -X -n</screen>
+ --set force-change-on-add:true
+ --set password-attribute:userPassword
+ -X -n</screen>
</step>
<step>
<para>Check your work.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- get-password-policy-prop --policy-name "New Account Password Policy"
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ get-password-policy-prop
+ --policy-name "New Account Password Policy"
Property : Value(s)
------------------------------------------:-------------
account-status-notification-handler : -
@@ -404,7 +446,11 @@
</step>
<step>
<para>Add the policy to the directory.</para>
- <screen>$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -a
+ <screen>$ ldapmodify
+ -p 1389
+ -D "cn=Directory Manager"
+ -w password
+ -a
-f /path/to/subentry-pwp.ldif
Processing ADD request for cn=Subentry Password Policy,dc=example,dc=com
ADD operation successful for DN cn=Subentry Password Policy,dc=example,dc=com</screen>
@@ -455,7 +501,7 @@
"ds-pwp-password-policy-dn")(version 3.0;acl "Cannot choose own pass
word policy";deny (write)(userdn = "ldap:///self");)
-$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -f protectpwp.ldif
+$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -f protectpwp.ldif
Processing MODIFY request for ou=People,dc=example,dc=com
MODIFY operation successful for DN ou=People,dc=example,dc=com</screen>
</step>
@@ -478,14 +524,19 @@
ds-pwp-password-policy-dn: cn=New Account Password Policy,cn=Password Policies,
cn=config
-$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -a -f newuser.ldif
+$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -a -f newuser.ldif
Processing ADD request for uid=newuser,ou=People,dc=example,dc=com
ADD operation successful for DN uid=newuser,ou=People,dc=example,dc=com</screen>
</step>
<step>
<para>Check your work.</para>
- <screen>$ ldapsearch -p 1389 -D "cn=Directory Manager" -w password
- -b dc=example,dc=com uid=newuser pwdPolicySubentry
+ <screen>$ ldapsearch
+ -p 1389
+ -D "cn=Directory Manager"
+ -w password
+ -b dc=example,dc=com
+ uid=newuser
+ pwdPolicySubentry
dn: uid=newuser,ou=People,dc=example,dc=com
pwdPolicySubentry: cn=New Account Password Policy,cn=Password Policies,cn=config</screen>
</step>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-referrals.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-referrals.xml
index 00de03a..76832ce 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-referrals.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-referrals.xml
@@ -78,7 +78,7 @@
add: ref
ref: ldap://opendj.example.com:2389/ou=People,dc=example,dc=com
-$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -f referral.ldif
+$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -f referral.ldif
Processing MODIFY request for ou=People,dc=example,dc=com
MODIFY operation successful for DN ou=People,dc=example,dc=com</screen>
@@ -115,7 +115,11 @@
A referral entry ou=People,dc=example,dc=com indicates that the operation must
be processed at a different server
[ldap://opendj.example.com:2389/ou=People,dc=example,dc=com]
-$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -J ManageDSAIT
+$ ldapmodify
+ -p 1389
+ -D "cn=Directory Manager"
+ -w password
+ -J ManageDSAIT
-f people.ldif
Processing MODIFY request for ou=People,dc=example,dc=com
MODIFY operation successful for DN ou=People,dc=example,dc=com
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-replication.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-replication.xml
index b223c20..f65c504 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-replication.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-replication.xml
@@ -174,11 +174,22 @@
<para>You can start the replication process by using the
<command>dsreplication enable</command> command.</para>
- <screen>$ dsreplication enable -I admin -w password -X -n -b dc=example,dc=com
- --host1 `hostname` --port1 4444 --bindDN1 "cn=Directory Manager"
- --bindPassword1 password --replicationPort1 8989
- --host2 `hostname` --port2 5444 --bindDN2 "cn=Directory Manager"
- --bindPassword2 password --replicationPort2 9989
+ <screen>$ dsreplication
+ enable
+ -I admin
+ -w password
+ -X -n
+ -b dc=example,dc=com
+ --host1 `hostname`
+ --port1 4444
+ --bindDN1 "cn=Directory Manager"
+ --bindPassword1 password
+ --replicationPort1 8989
+ --host2 `hostname`
+ --port2 5444
+ --bindDN2 "cn=Directory Manager"
+ --bindPassword2 password
+ --replicationPort2 9989
Establishing connections ..... Done.
Checking registration information ..... Done.
@@ -239,8 +250,14 @@
<para>Start replication with the <command>dsreplication
initialize-all</command> command.</para>
- <screen>$ dsreplication initialize-all -I admin -w password -X -n -b dc=example,dc=com
- -h `hostname` -p 4444
+ <screen>$ dsreplication
+ initialize-all
+ -I admin
+ -w password
+ -X -n
+ -b dc=example,dc=com
+ -h `hostname`
+ -p 4444
Initializing base DN dc=example,dc=com with the contents from localhost:4444:
160 entries processed (100 % complete).
@@ -269,8 +286,14 @@
<step>
<para>Start replication with the <command>dsreplication
initialize-all</command> command.</para>
- <screen>$ dsreplication initialize-all -I admin -w password -X -n -b dc=example,dc=com
- ;-h `hostname` -p 4444
+ <screen>$ dsreplication
+ initialize-all
+ -I admin
+ -w password
+ -X -n
+ -b dc=example,dc=com
+ -h `hostname`
+ -p 4444
Initializing base DN dc=example,dc=com with the contents from localhost:4444:
161 entries processed (100 % complete).
Base DN initialized successfully.
@@ -299,12 +322,22 @@
</step>
<step>
<para>Enable replication on the new replica.</para>
- <screen>
-$ dsreplication enable -I admin -w password -X -n -b dc=example,dc=com
- --host1 `hostname` --port1 4444 --bindDN1 "cn=Directory Manager"
- --bindPassword1 password --replicationPort1 8989
- --host2 `hostname` --port2 6444 --bindDN2 "cn=Directory Manager"
- --bindPassword2 password --replicationPort2 10989
+ <screen>$ dsreplication
+ enable
+ -I admin
+ -w password
+ -X -n
+ -b dc=example,dc=com
+ --host1 `hostname`
+ --port1 4444
+ --bindDN1 "cn=Directory Manager"
+ --bindPassword1 password
+ --replicationPort1 8989
+ --host2 `hostname`
+ --port2 6444
+ --bindDN2 "cn=Directory Manager"
+ --bindPassword2 password
+ --replicationPort2 10989
Establishing connections ..... Done.
Checking registration information ..... Done.
@@ -339,7 +372,12 @@
</step>
<step>
<para>Prepare the new replica for initialization.</para>
- <screen>$ dsreplication pre-external-initialization -I admin -w password -X -n -p 6444
+ <screen>$ dsreplication
+ pre-external-initialization
+ -I admin
+ -w password
+ -X -n
+ -p 6444
-b dc=example,dc=com
Preparing base DN dc=example,dc=com to be initialized externally ..... Done.
@@ -358,8 +396,13 @@
</step>
<step>
<para>Initialize replication on the new replica.</para>
- <screen>$ dsreplication post-external-initialization -I admin -w password -X -n
- -p 6444 -b dc=example,dc=com
+ <screen>$ dsreplication
+ post-external-initialization
+ -I admin
+ -w password
+ -X -n
+ -p 6444
+ -b dc=example,dc=com
Updating replication information on base DN dc=example,dc=com ..... Done.
@@ -387,9 +430,15 @@
<step>
<para>Disable the multimaster synchronization provider.</para>
- <screen>$ dsconfig -p 5444 -h `hostname` -D "cn=Directory Manager" -w password
- set-synchronization-provider-prop -X -n
- --provider-name "Multimaster Synchronization" --set enabled:false</screen>
+ <screen>$ dsconfig
+ -p 5444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-synchronization-provider-prop
+ -X -n
+ --provider-name "Multimaster Synchronization"
+ --set enabled:false</screen>
<para>Do NOT allow modifications on the replica for which replication is
paused, as no record of such changes is kept, and the changes cause
replication to diverge.</para>
@@ -397,9 +446,15 @@
<step performance="optional">
<para>When you are ready to resume replication, enable the multimaster
synchronization provider.</para>
- <screen>$ dsconfig -p 5444 -h `hostname` -D "cn=Directory Manager" -w password
- set-synchronization-provider-prop -X -n
- --provider-name "Multimaster Synchronization" --set enabled:true</screen>
+ <screen>$ dsconfig
+ -p 5444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-synchronization-provider-prop
+ -X -n
+ --provider-name "Multimaster Synchronization"
+ --set enabled:true</screen>
</step>
</procedure>
@@ -413,8 +468,14 @@
<step>
<para>Stop replication using the <command>dsreplication disable</command>
command.</para>
- <screen>$ dsreplication disable -a -p 5444 -h `hostname` -D "cn=Directory Manager"
- -w password -X -n
+ <screen>$ dsreplication
+ disable
+ -a
+ -p 5444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ -X -n
Establishing connections ..... Done.
Disabling replication on base DN cn=admin data of server localhost:5444
..... Done.
@@ -486,11 +547,23 @@
<para>Enable replication with the appropriate
<option>--noReplicationServer</option> and
<option>--onlyReplicationServer</option> options.</para>
- <screen>$ dsreplication enable -I admin -w password -X -n -b dc=example,dc=com
- --host1 `hostname` --port1 4444 --bindDN1 "cn=Directory Manager"
- --bindPassword1 password --noReplicationServer1
- --host2 `hostname` --port2 6444 --bindDN2 "cn=Directory Manager"
- --bindPassword2 password --replicationPort2 8989 --onlyReplicationServer2
+ <screen>$ dsreplication
+ enable
+ -I admin
+ -w password
+ -X -n
+ -b dc=example,dc=com
+ --host1 `hostname`
+ --port1 4444
+ --bindDN1 "cn=Directory Manager"
+ --bindPassword1 password
+ --noReplicationServer1
+ --host2 `hostname`
+ --port2 6444
+ --bindDN2 "cn=Directory Manager"
+ --bindPassword2 password
+ --replicationPort2 8989
+ --onlyReplicationServer2
Establishing connections ..... Done.
Only one replication server will be defined for the following base DN's:
dc=example,dc=com
@@ -516,11 +589,23 @@
/var/.../opends-replication-1720959352638609971.log
for a detailed log of this operation.
-$ dsreplication enable -I admin -w password -X -n -b dc=example,dc=com
- --host1 `hostname` --port1 5444 --bindDN1 "cn=Directory Manager"
- --bindPassword1 password --noReplicationServer1
- --host2 `hostname` --port2 6444 --bindDN2 "cn=Directory Manager"
- --bindPassword2 password --replicationPort2 8989 --onlyReplicationServer2
+$ dsreplication
+ enable
+ -I admin
+ -w password
+ -X -n
+ -b dc=example,dc=com
+ --host1 `hostname`
+ --port1 5444
+ --bindDN1 "cn=Directory Manager"
+ --bindPassword1 password
+ --noReplicationServer1
+ --host2 `hostname`
+ --port2 6444
+ --bindDN2 "cn=Directory Manager"
+ --bindPassword2 password
+ --replicationPort2 8989
+ --onlyReplicationServer2
Establishing connections ..... Done.
Only one replication server will be defined for the following base DN's:
@@ -554,8 +639,14 @@
</step>
<step>
<para>Initialize replication from one of the directory servers.</para>
- <screen>$ dsreplication initialize-all -I admin -w password -X -n -b dc=example,dc=com
- -h `hostname` -p 4444
+ <screen>$ dsreplication
+ initialize-all
+ -I admin
+ -w password
+ -X -n
+ -b dc=example,dc=com
+ -h `hostname`
+ -p 4444
Initializing base DN dc=example,dc=com with the contents from localhost:4444:
160 entries processed (100 % complete).
@@ -600,22 +691,48 @@
<step>
<para>Set the group ID for each group by replication domain on the
directory servers.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-replication-domain-prop --provider-name "MultimasterSynchronization"
- --domain-name "dc=example,dc=com" --set group-id:1 -X -n
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-replication-domain-prop
+ --provider-name "MultimasterSynchronization"
+ --domain-name "dc=example,dc=com"
+ --set group-id:1
+ -X -n
-$ dsconfig -p 5444 -h `hostname` -D "cn=Directory Manager" -w password
- set-replication-domain-prop --provider-name "Multimaster Synchronization"
- --domain-name "dc=example,dc=com" --set group-id:2 -X -n</screen>
+$ dsconfig
+ -p 5444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-replication-domain-prop
+ --provider-name "Multimaster Synchronization"
+ --domain-name "dc=example,dc=com"
+ --set group-id:2
+ -X -n</screen>
</step>
<step>
<para>Set the group ID for each group on the replication servers.</para>
- <screen>$ dsconfig -p 6444 -h `hostname` -D "cn=Directory Manager" -w password
- set-replication-server-prop --provider-name "Multimaster Synchronization"
- --set group-id:1 -X -n
-$ dsconfig -p 7444 -h `hostname` -D "cn=Directory Manager" -w password
- set-replication-server-prop --provider-name "Multimaster Synchronization"
- --set group-id:2 -X -n</screen>
+ <screen>$ dsconfig
+ -p 6444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-replication-server-prop
+ --provider-name "Multimaster Synchronization"
+ --set group-id:1
+ -X -n
+$ dsconfig
+ -p 7444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-replication-server-prop
+ --provider-name "Multimaster Synchronization"
+ --set group-id:2
+ -X -n</screen>
</step>
</procedure>
@@ -642,8 +759,14 @@
from the replication protocol, and refuse updates from client
applications.</para>
- <screen>$ dsconfig -p 5444 -h `hostname` -D "cn=Directory Manager" -w password
- set-global-configuration-prop --set writability-mode:internal-only -X -n</screen>
+ <screen>$ dsconfig
+ -p 5444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-global-configuration-prop
+ --set writability-mode:internal-only
+ -X -n</screen>
</section>
<section xml:id="repl-assured">
@@ -682,15 +805,29 @@
<para>For each directory server, set safe data mode for the replication
domain, and also set the safe data level.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-replication-domain-prop --provider-name "Multimaster Synchronization"
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-replication-domain-prop
+ --provider-name "Multimaster Synchronization"
--domain-name "dc=example,dc=com"
- --set assured-type:safe-data --set assured-sd-level:1 -X -n
+ --set assured-type:safe-data
+ --set assured-sd-level:1
+ -X -n
-$ dsconfig -p 5444 -h `hostname` -D "cn=Directory Manager" -w password
- set-replication-domain-prop --provider-name "Multimaster Synchronization"
+$ dsconfig
+ -p 5444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-replication-domain-prop
+ --provider-name "Multimaster Synchronization"
--domain-name "dc=example,dc=com"
- --set assured-type:safe-data --set assured-sd-level:1 -X -n</screen>
+ --set assured-type:safe-data
+ --set assured-sd-level:1
+ -X -n</screen>
</step>
</procedure>
@@ -704,13 +841,27 @@
<para>For each directory server, set safe read mode for the replication
domain.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-replication-domain-prop --provider-name "Multimaster Synchronization"
- --domain-name "dc=example,dc=com" --set assured-type:safe-read -X -n
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-replication-domain-prop
+ --provider-name "Multimaster Synchronization"
+ --domain-name "dc=example,dc=com"
+ --set assured-type:safe-read
+ -X -n
-$ dsconfig -p 5444 -h `hostname` -D "cn=Directory Manager" -w password
- set-replication-domain-prop --provider-name "Multimaster Synchronization"
- --domain-name "dc=example,dc=com" --set assured-type:safe-read -X -n</screen>
+$ dsconfig
+ -p 5444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-replication-domain-prop
+ --provider-name "Multimaster Synchronization"
+ --domain-name "dc=example,dc=com"
+ --set assured-type:safe-read
+ -X -n</screen>
</step>
</procedure>
@@ -765,20 +916,35 @@
fractional replica to include only some <literal>inetOrgPerson</literal>
attributes.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-replication-domain-prop --provider-name "Multimaster Synchronization"
- --domain-name "dc=example,dc=com" -X -n --set
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-replication-domain-prop
+ --provider-name "Multimaster Synchronization"
+ --domain-name "dc=example,dc=com"
+ -X -n
+ --set
fractional-include:inetorgperson:cn,givenname,mail,mobile,sn,telephonenumber</screen>
<para>As another example, you might exclude a custom attribute called
<literal>sessionToken</literal> from being replicated.</para>
- <screen>dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-replication-domain-prop --provider-name "Multimaster Synchronization" \
---domain-name "dc=example,dc=com" --set fractional-exclude:*:sessionToken -X -n</screen>
+ <screen>dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-replication-domain-prop
+ --provider-name "Multimaster Synchronization"
+ --domain-name "dc=example,dc=com"
+ --set fractional-exclude:*:sessionToken
+ -X -n</screen>
- <para>This last example only works if you first define a sessionToken
- attribute in the directory server schema.</para>
+ <para>This last example only works if you first define a
+ <literal>sessionToken</literal> attribute in the directory server
+ schema.</para>
</section>
</section>
@@ -856,8 +1022,14 @@
<para>Notice the value of the <literal>changeLogCookie</literal> attribute
for the last of the two changes.</para>
- <screen>$ ldapsearch -b cn=changelog -p 1389 -D "cn=Directory Manager" -w password
- -J "1.3.6.1.4.1.26027.1.5.4:false" "(objectclass=*)" \* +
+ <screen>$ ldapsearch
+ -b cn=changelog
+ -p 1389
+ -D "cn=Directory Manager"
+ -w password
+ -J "1.3.6.1.4.1.26027.1.5.4:false"
+ "(objectclass=*)"
+ \* +
dn: cn=changelog
cn: changelog
objectClass: top
@@ -941,9 +1113,15 @@
<para>In this example, a description was added to Babs Jensen's entry.</para>
- <screen>$ ldapsearch -b cn=changelog -p 1389 -D "cn=Directory Manager" -w password
+ <screen>$ ldapsearch
+ -b cn=changelog
+ -p 1389
+ -D "cn=Directory Manager"
+ -w password
-J "1.3.6.1.4.1.26027.1.5.4:false:
- dc=example,dc=com:0000013087cbc34a12d100000002;" "(objectclass=*)" \* +
+ dc=example,dc=com:0000013087cbc34a12d100000002;"
+ "(objectclass=*)"
+ \* +
dn: cn=changelog
cn: changelog
objectClass: top
@@ -1011,4 +1189,3 @@
</indexterm>
</section>
</chapter>
-
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-resource-limits.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-resource-limits.xml
index 3dd922b..2319b7a 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-resource-limits.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-resource-limits.xml
@@ -87,7 +87,7 @@
add: ds-rlim-size-limit
ds-rlim-size-limit: 10
-$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -f limit.ldif
+$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -f limit.ldif
Processing MODIFY request for uid=bjensen,ou=People,dc=example,dc=com
MODIFY operation successful for DN uid=bjensen,ou=People,dc=example,dc=com</screen>
@@ -118,7 +118,7 @@
subtreeSpecification: {base "ou=people", specificationFilter "
(isMemberOf=cn=Directory Administrators,ou=Groups,dc=example,dc=com)" }
-$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -a -f grouplim.ldif
+$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -a -f grouplim.ldif
Processing ADD request for
cn=Remove Administrator Search Limits,dc=example,dc=com
ADD operation successful for DN
@@ -144,8 +144,14 @@
global configuration property, <literal>idle-time-limit</literal>. By
default, no idle time limit is set.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-global-configuration-prop --set idle-time-limit:24h -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-global-configuration-prop
+ --set idle-time-limit:24h
+ -X -n</screen>
<para>The example shown sets the idle time limit to 24 hours.</para>
</section>
@@ -160,9 +166,15 @@
add groups with large numbers of members, those add requests can go beyond
the 5 MB limit.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-connection-handler-prop --handler-name "LDAP Connection Handler"
- --set max-request-size:20mb -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-connection-handler-prop
+ --handler-name "LDAP Connection Handler"
+ --set max-request-size:20mb
+ -X -n</screen>
<para>The example shown sets the maximum request size on the LDAP connection
handler to 20 MB.</para>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-samba.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-samba.xml
index 1537cfd..b643fea 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-samba.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-samba.xml
@@ -119,7 +119,11 @@
</step>
<step>
<para>Enable the plugin.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
create-plugin
--plugin-name "Samba Password Synchronisation"
--type samba-password
@@ -133,15 +137,25 @@
<step performance="optional">
<para>When troubleshooting Samba Password plugin issues, you can turn on
debug logging as follows.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
create-debug-target
--publisher-name "File-Based Debug Logger"
--target-name org.opends.server.plugins.SambaPasswordPlugin
- --set debug-level:all -X -n
-$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
+ --set debug-level:all
+ -X -n
+$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
set-log-publisher-prop
--publisher-name "File-Based Debug Logger"
- --set enabled:true -X -n</screen>
+ --set enabled:true
+ -X -n</screen>
</step>
</procedure>
</chapter>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-schema.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-schema.xml
index 4e3445a..9bc9eac 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-schema.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-schema.xml
@@ -218,16 +218,26 @@
classes defined per entry, you can relax schema checking to warn rather
than reject entries having this issue.</para>
- <screen>$ dsconfig -h `hostname` -p 4444 -D "cn=Directory Manager" -w password
+ <screen>$ dsconfig
+ -h `hostname`
+ -p 4444
+ -D "cn=Directory Manager"
+ -w password
set-global-configuration-prop
---set single-structural-objectclass-behavior:warn -X -n</screen>
+ --set single-structural-objectclass-behavior:warn
+ -X -n</screen>
<para>You can allow attribute values that do not respect the defined syntax
with the <command>dsconfig</command> command as well.</para>
- <screen>$ dsconfig -h `hostname` -p 4444 -D "cn=Directory Manager" -w password
+ <screen>$ dsconfig
+ -h `hostname`
+ -p 4444
+ -D "cn=Directory Manager"
+ -w password
set-global-configuration-prop
---set invalid-attribute-syntax-behavior:warn -X -n</screen>
+ --set invalid-attribute-syntax-behavior:warn
+ -X -n</screen>
<para>You can even turn off schema checking altogether, although turning
off schema checking only really makes sense when you are absolutely sure
@@ -235,8 +245,14 @@
you simply want to turn off schema checking temporarily to speed up import
processing.</para>
- <screen>$ dsconfig -h `hostname` -p 4444 -D "cn=Directory Manager" -w password
- set-global-configuration-prop --set check-schema:false -X -n</screen>
+ <screen>$ dsconfig
+ -h `hostname`
+ -p 4444
+ -D "cn=Directory Manager"
+ -w password
+ set-global-configuration-prop
+ --set check-schema:false
+ -X -n</screen>
</section>
<section xml:id="standard-schema">
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-troubleshooting.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-troubleshooting.xml
index 3b7dbca..adf5b24 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-troubleshooting.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-troubleshooting.xml
@@ -100,9 +100,14 @@
warn when entries have more than one structural object class instead of
reject such entries being added, set the property as follows.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-global-configuration-prop
-> --set single-structural-objectclass-behavior:warn -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-global-configuration-prop
+ --set single-structural-objectclass-behavior:warn
+ -X -n</screen>
<para>By default, OpenDJ also checks syntax for a number of attribute types.
You can relax this behavior as well by using the <command>dsconfig
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-tuning.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-tuning.xml
index 352388a..26697ee 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-tuning.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-tuning.xml
@@ -321,10 +321,24 @@
settings, so to force OpenDJ to compress the entries, import the data
from LDIF.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-backend-prop --backend-name userRoot --set entries-compressed:true -X -n
-$ import-ldif -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- -l /path/to/Example.ldif -n userRoot -b dc=example,dc=com -t 0
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-backend-prop
+ --backend-name userRoot
+ --set entries-compressed:true
+ -X -n
+$ import-ldif
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ -l /path/to/Example.ldif
+ -n userRoot
+ -b dc=example,dc=com
+ -t 0
Import task 20110627101758486 scheduled to start Jun 27, 2011 10:17:58 AM CEST</screen>
</section>
@@ -379,8 +393,15 @@
JVM. Test database pre-load on startup by setting the
<literal>preload-time-limit</literal> for the backend.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-backend-prop --backend-name userRoot --set preload-time-limit:30m -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-backend-prop
+ --backend-name userRoot
+ --set preload-time-limit:30m
+ -X -n</screen>
<para>Database pre-load is single-threaded, and loads each database one
at a time.</para>
@@ -401,10 +422,19 @@
you have a few large static groups and applications that regularly check
group membership, you could cache your group entries.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- create-entry-cache --cache-name "Large Group Entry Cache" --type fifo
- --set cache-level:1 --set include-filter:"(ou=Large Static Groups)"
- --set max-entries:10 --set enabled:true -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ create-entry-cache
+ --cache-name "Large Group Entry Cache"
+ --type fifo
+ --set cache-level:1
+ --set include-filter:"(ou=Large Static Groups)"
+ --set max-entries:10
+ --set enabled:true
+ -X -n</screen>
</section>
<section xml:id="perf-logging">
@@ -422,9 +452,15 @@
bottleneck, as each client request results in multiple access log
messages. Consider disabling the access log in such cases.</para>
- <screen>$ dsconfig -p 4444 -h `hostname` -D "cn=Directory Manager" -w password
- set-log-publisher-prop --publisher-name "File-Based Access Logger"
- --set enabled:false -X -n</screen>
+ <screen>$ dsconfig
+ -p 4444
+ -h `hostname`
+ -D "cn=Directory Manager"
+ -w password
+ set-log-publisher-prop
+ --publisher-name "File-Based Access Logger"
+ --set enabled:false
+ -X -n</screen>
</section>
</section>
</chapter>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-virtual-attrs-collective-attrs.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-virtual-attrs-collective-attrs.xml
index 665bee2..4ac0844 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-virtual-attrs-collective-attrs.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/chap-virtual-attrs-collective-attrs.xml
@@ -126,11 +126,19 @@
attribute is defined by the server configuration, which is not
replicated.</para>
- <screen>$ dsconfig -h `hostname` -p 4444 -D "cn=Directory Manager" -w password
- create-virtual-attribute --name "Served By Description"
- --type user-defined --set enabled:true
- --set attribute-type:description --set base-dn:dc=example,dc=com
- --set value:"Served by OpenDJ.Example.com" -X -n
+ <screen>$ dsconfig
+ -h `hostname`
+ -p 4444 -D
+ "cn=Directory Manager"
+ -w password
+ create-virtual-attribute
+ --name "Served By Description"
+ --type user-defined
+ --set enabled:true
+ --set attribute-type:description
+ --set base-dn:dc=example,dc=com
+ --set value:"Served by OpenDJ.Example.com"
+ -X -n
$ ldapsearch -p 1389 -b dc=example,dc=com uid=bjensen description
dn: uid=bjensen,ou=People,dc=example,dc=com
description: Served by OpenDJ.Example.com
@@ -225,7 +233,7 @@
ILIARY MAY ( classOfService $ diskQuota $ mailQuota ) X-ORIGIN 'OpenDJ Doc
umentation Examples' )
-$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -f quotas.ldif
+$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -f quotas.ldif
Processing MODIFY request for cn=schema
MODIFY operation successful for DN cn=schema</screen>
@@ -270,7 +278,7 @@
<para>You can add the collective attribute subentries by using the
<command>ldapmodify</command> command.</para>
- <screen>$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -a -f cos.ldif
+ <screen>$ ldapmodify -p 1389 -D "cn=Directory Manager" -w password -a -f cos.ldif
Processing ADD request for cn=Bronze Class of Service,dc=example,dc=com
ADD operation successful for DN cn=Bronze Class of Service,dc=example,dc=com
Processing ADD request for cn=Silver Class of Service,dc=example,dc=com
@@ -281,21 +289,30 @@
<para>With the collective attributes defined, you can see the results on
user entries.</para>
- <screen>$ ldapsearch -p 1389 -b dc=example,dc=com uid=bjensen
+ <screen>$ ldapsearch
+ -p 1389
+ -b dc=example,dc=com
+ uid=bjensen
classOfService mailQuota diskQuota
dn: uid=bjensen,ou=People,dc=example,dc=com
mailQuota: 1 GB
classOfService: bronze
diskQuota: 10 GB
-$ ldapsearch -p 1389 -b dc=example,dc=com uid=kvaughan
+$ ldapsearch
+ -p 1389
+ -b dc=example,dc=com
+ uid=kvaughan
classOfService mailQuota diskQuota
dn: uid=kvaughan,ou=People,dc=example,dc=com
mailQuota: 5 GB
classOfService: silver
diskQuota: 50 GB
-$ ldapsearch -p 1389 -b dc=example,dc=com uid=scarter
+$ ldapsearch
+ -p 1389
+ -b dc=example,dc=com
+ uid=scarter
classOfService mailQuota diskQuota
dn: uid=scarter,ou=People,dc=example,dc=com
mailQuota: 10 GB
diff --git a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/preface.xml b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/preface.xml
index 6e55dac..1486ce9 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/admin-guide/preface.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/admin-guide/preface.xml
@@ -89,7 +89,6 @@
public static void main(String [] args)
{
System.out.println("This is a program listing.");
-
}
}</programlisting>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/dev-guide/preface.xml b/opendj-sdk/opendj3/src/main/docbkx/dev-guide/preface.xml
index 6e4e655..c8868fa 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/dev-guide/preface.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/dev-guide/preface.xml
@@ -80,7 +80,6 @@
public static void main(String [] args)
{
System.out.println("This is a program listing.");
-
}
}</programlisting>
diff --git a/opendj-sdk/opendj3/src/main/docbkx/install-guide/preface.xml b/opendj-sdk/opendj3/src/main/docbkx/install-guide/preface.xml
index 680f503..2838242 100644
--- a/opendj-sdk/opendj3/src/main/docbkx/install-guide/preface.xml
+++ b/opendj-sdk/opendj3/src/main/docbkx/install-guide/preface.xml
@@ -96,7 +96,6 @@
public static void main(String [] args)
{
System.out.println("This is a program listing.");
-
}
}</programlisting>
--
Gitblit v1.10.0