Exit Print View

Sun OpenDS Standard Edition 2.0 Command-Line Usage Guide

Get PDF Book Print View
 

Document Information

Directory Server Administration Tools

create-rc-script

dsconfig

dsreplication

manage-tasks

setup

status

start-ds

stop-ds

uninstall

upgrade

windows-service

Data Administration Tools

LDAP Client Utilities

Other Tools

General Tool Usage Information

stop-ds

The stop-ds command stops a directory server instance.

Synopsis

stop-ds [options]

Description

The stop-ds command is used to stop or restart the directory server. It can operate on either a local or remote directory server instance.

The ability to perform a local stop of the directory server is currently only available on UNIX based systems. When run locally, stop-ds sends a kill signal to the directory server process. This method of stopping the server is used if stop-ds is run without any options and if a PID file (install-dir/logs/server.pid) exists.

The remote shutdown mechanism issues an LDAP request to create a task entry in the directory server. The command can be run from any system that can communicate with the directory server (local or remote). It can also be used to restart the server. In this case, the server does an “in-core” restart, which reinitializes itself without shutting down the JVM.

When it is run remotely, stop-ds communicates with the directory server over SSL, via the administration connector. For more information, see Managing Administration Traffic to the Server in Sun OpenDS Standard Edition 2.0 Administration Guide.

Options

The stop-ds command accepts an option in either its short form (for example, -D bindDN) or its long form equivalent (for example, --bindDN bindDN).

-r,--stopReason reason

Provide a human-readable reason for the shutdown. If a reason is provided, it appears in the server's error log, and is provided to shut down plug-ins and shut down listeners.

-R,--restart

Restart the directory server rather than shutting it down. If the --restart option is used along with authentication options, the directory server will reinitialize itself without shutting down the JVM. Because the JVM is not stopped, any configuration changes that require a JVM restart will not take effect. If the --restart option is used without authenticating, the server will first stop, then start. A new process will replace the original server.

-t,--stopTime time

Indicates the date and time at which the shutdown operation begins as a directory server task, expressed in the format YYYYMMDDhhmmss. A value of 0 causes the shutdown to be scheduled for immediate execution. When this option is used, the operation is scheduled to start at the specified time, after which this command exits immediately.

-Y,--proxyAs authzID

Use authorization control during the shutdown request. The value provided for this option should be an authorization ID, which can be in the form dn: followed by a user DN or u: followed by a user name. Clients will use the proxied authorization v2 control as described in RFC 4370 (http://www.ietf.org/rfc/rfc4370.txt).

LDAP Connection Options

The stop-ds command contacts the directory server over SSL via the administration connector. These connection options are used to contact the directory server.

-D, --bindDN bindDN

Use the bind DN to authenticate to the directory server. This option is used when performing simple authentication and is not required if SASL authentication is to be used. The default value for this option is cn=Directory Manager.

-h, --hostname hostname

Contact the directory server on the specified hostname or IP address. If this option is not provided, a default of localhost is used.

-j, --bindPasswordFile filename

Use the bind password in the specified file when authenticating to the directory server. This option must not be used in conjunction with --bindPassword.

-K, --keyStorePath path

Use the client keystore certificate in the specified path.

-N, --certNickname nickname

Use the specified certificate for client authentication.

-o, --saslOption name=value

Use the specified options for SASL authentication.

-p, --port port

Contact the directory server at the specified administration port. If this option is not provided, a default administration port of 4444 is used.

-P, --trustStorePath path

Use the client trust store certificate in the specified path. This option is not needed if --trustAll is used, although a trust store should be used when working in a production environment.

-T, --trustStorePassword password

Use the password needed to access the certificates in the client trust store. This option is only required if --trustStorePath is used and the specified trust store requires a password in order to access its contents (which most trust stores do not require). This option must not be used in conjunction with --trustStorePasswordFile.

-u, --keyStorePasswordFile filename

Use the password in the specified file to access the certificates in the client keystore. This option is only required if --keyStorePath is used. This option must not be used in conjunction with --keyStorePassword.

-U, --trustStorePasswordFile filename

Use the password in the specified file to access the certificates in the client trust store. This option is only required if --trustStorePath is used and the specified trust store requires a password in order to access its contents (most trust stores do not require this). This option must not be used in conjunction with --trustStorePassword.

-w, --bindPassword password

Use the bind password when authenticating to the directory server. This option can be used for simple authentication as well as password-based SASL mechanisms. This option must not be used in conjunction with --bindPasswordFile. To prompt for the password, type -w -.

-W, --keyStorePassword password

Use the password needed to access the certificates in the client keystore. This option is only required if --keyStorePath is used. This option must not be used in conjunction with --keyStorePasswordFile.

-X, --trustAll

Trust all server SSL certificates that the directory server presents. This option can be used for convenience and testing purposes, but for security reasons a trust store should be used to determine whether the client should accept the server certificate.

Command Input/Output Options
--noPropertiesFile

Indicate that a properties file will not be used to get the default command-line options.

--propertiesFilePath path

Specify the path to the properties file that contains the default command-line options.

-Q, --quiet

Run in quiet mode. No output will be generated unless a significant error occurs during the process.

General Options
-?, -H, --help

Display command-line usage information for the command and exit without making any attempt to stop or restart the server.

--version

Display the version information for the directory server and exit rather than attempting to run this command.

Examples

The following examples show how to use the directory server commands. You can use the commands on any UNIX, Linux, or Windows system that has at least the Java SE 5 (at least Sun version 1.5.0_08, preferably the latest version of Java SE 6) runtime environment installed on its target system.

For more information, see Directory Server System Requirements in Sun OpenDS Standard Edition 2.0 Installation Guide.

Example 25
Stopping a Directory Server Locally

The following command stops the directory server:

$ stop-ds
Example 26
Stopping a Directory Server Remotely

The following command stops a remote server instance.

$ stop-ds -h remotehost -p 4444 -D "cn=directory manager" -w password -X
Example 27
Restarting a Directory Server Remotely

The following command restarts a remote directory server instance.

$ stop-ds -R -h remotehost -p 4444 -D "cn=directory manager" -w password -X
Exit Codes
Exit Code
Description
0
Server stopped successfully.
98
Server already stopped.
99
Server must be started.
100
Server must be stopped using a system call.
101
Server must be restarted using a system call.
102
Server must be stopped using a protocol.
103
Server must be stopped as a Windows service.
104
Server must be restarted as a Windows service.
Using a Properties File

The directory server supports the use of a properties file that passes in any default option values used with the stop-ds command. The properties file is convenient when working in different configuration environments, especially in scripted or embedded applications.

For more information, see Using a Properties File With Directory Server Commands.

The following options can be stored in a properties file:

Entries in the properties file have the following format:

toolname.propertyname=propertyvalue

For example:

stop-ds.trustAll=yes
Location

The stop-ds command is located at these paths:

Related Commands

start-ds