The stop-ds command stops a directory server instance.
The stop-ds command is used to stop or restart the directory server. It can operate on either a local or remote directory server instance.
The ability to perform a local stop of the directory server is currently only available on UNIX based systems. When run locally, stop-ds sends a kill signal to the directory server process. This method of stopping the server is used if stop-ds is run without any options and if a PID file (install-dir/logs/server.pid) exists.
The remote shutdown mechanism issues an LDAP request to create a task entry in the directory server. The command can be run from any system that can communicate with the directory server (local or remote). It can also be used to restart the server. In this case, the server does an “in-core” restart, which reinitializes itself without shutting down the JVM.
When it is run remotely, stop-ds communicates with the directory server over SSL, via the administration connector. For more information, see Managing Administration Traffic to the Server in Sun OpenDS Standard Edition 2.0 Administration Guide.
The stop-ds command accepts an option in either its short form (for example, -D bindDN) or its long form equivalent (for example, --bindDN bindDN).
Provide a human-readable reason for the shutdown. If a reason is provided, it appears in the server's error log, and is provided to shut down plug-ins and shut down listeners.
Restart the directory server rather than shutting it down. If the --restart option is used along with authentication options, the directory server will reinitialize itself without shutting down the JVM. Because the JVM is not stopped, any configuration changes that require a JVM restart will not take effect. If the --restart option is used without authenticating, the server will first stop, then start. A new process will replace the original server.
Indicates the date and time at which the shutdown operation begins as a directory server task, expressed in the format YYYYMMDDhhmmss. A value of 0 causes the shutdown to be scheduled for immediate execution. When this option is used, the operation is scheduled to start at the specified time, after which this command exits immediately.
Use authorization control during the shutdown request. The value provided for this option should be an authorization ID, which can be in the form dn: followed by a user DN or u: followed by a user name. Clients will use the proxied authorization v2 control as described in RFC 4370 (http://www.ietf.org/rfc/rfc4370.txt).
The stop-ds command contacts the directory server over SSL via the administration connector. These connection options are used to contact the directory server.
Use the bind DN to authenticate to the directory server. This option is used when performing simple authentication and is not required if SASL authentication is to be used. The default value for this option is cn=Directory Manager.
Contact the directory server on the specified hostname or IP address. If this option is not provided, a default of localhost is used.
Use the bind password in the specified file when authenticating to the directory server. This option must not be used in conjunction with --bindPassword.
Use the client keystore certificate in the specified path.
Use the specified certificate for client authentication.
Use the specified options for SASL authentication.
Contact the directory server at the specified administration port. If this option is not provided, a default administration port of 4444 is used.
Use the client trust store certificate in the specified path. This option is not needed if --trustAll is used, although a trust store should be used when working in a production environment.
Use the password needed to access the certificates in the client trust store. This option is only required if --trustStorePath is used and the specified trust store requires a password in order to access its contents (which most trust stores do not require). This option must not be used in conjunction with --trustStorePasswordFile.
Use the password in the specified file to access the certificates in the client keystore. This option is only required if --keyStorePath is used. This option must not be used in conjunction with --keyStorePassword.
Use the password in the specified file to access the certificates in the client trust store. This option is only required if --trustStorePath is used and the specified trust store requires a password in order to access its contents (most trust stores do not require this). This option must not be used in conjunction with --trustStorePassword.
Use the bind password when authenticating to the directory server. This option can be used for simple authentication as well as password-based SASL mechanisms. This option must not be used in conjunction with --bindPasswordFile. To prompt for the password, type -w -.
Use the password needed to access the certificates in the client keystore. This option is only required if --keyStorePath is used. This option must not be used in conjunction with --keyStorePasswordFile.
Trust all server SSL certificates that the directory server presents. This option can be used for convenience and testing purposes, but for security reasons a trust store should be used to determine whether the client should accept the server certificate.
Indicate that a properties file will not be used to get the default command-line options.
Specify the path to the properties file that contains the default command-line options.
Run in quiet mode. No output will be generated unless a significant error occurs during the process.
Display command-line usage information for the command and exit without making any attempt to stop or restart the server.
Display the version information for the directory server and exit rather than attempting to run this command.
The following examples show how to use the directory server commands. You can use the commands on any UNIX, Linux, or Windows system that has at least the Java SE 5 (at least Sun version 1.5.0_08, preferably the latest version of Java SE 6) runtime environment installed on its target system.
For more information, see Directory Server System Requirements in Sun OpenDS Standard Edition 2.0 Installation Guide.
The following command stops the directory server:
The following command stops a remote server instance.
$ stop-ds -h remotehost -p 4444 -D "cn=directory manager" -w password -X
The following command restarts a remote directory server instance.
$ stop-ds -R -h remotehost -p 4444 -D "cn=directory manager" -w password -X
The directory server supports the use of a properties file that passes in any default option values used with the stop-ds command. The properties file is convenient when working in different configuration environments, especially in scripted or embedded applications.
For more information, see Using a Properties File With Directory Server Commands.
The following options can be stored in a properties file:
Entries in the properties file have the following format:
The stop-ds command is located at these paths:
UNIX and Linux: instsall-dir/bin/stop-ds