Common Arguments to the Idsync Subcommands (Sun Java System Directory Server Enterprise Edition 6.2 Installation Guide)

Sun Java System Directory Server Enterprise Edition 6.2 Installation Guide

Common Arguments to the Idsync Subcommands

This section describes the arguments (options) that are common to most of the command line utilities. The information is organized into the following tables:

Common Arguments to the Idsync Subcommands: Describes the following arguments, which are common to all of the idsync subcommands (except prepds) and migration tools.
-D bind-DN -w bind-password | - [-h Configuration Directory-hostname] [-p Configuration Directory-port-no] [-s rootsuffix] [-Z] [-P cert-db-path] [-m secmod-db-path]
Note –
Brackets [ ] indicate optional arguments.

The Identity Synchronization for Windows installation program automatically writes default values to the -h, -p, -D, and -s arguments based on the information you provide during installation. However, you can specify a different value on the command line to override a defaulted value.

To support multibyte characters, Identity Synchronization for Windows base64-encodes the default values for -s rootsuffixand -D bind-DN in the command line interface (CLI) environment file. The rootsuffix default should not be changed. The bind DN default can be overridden on the command line or updated with the appropriate base64-encoded value in the CLI environment file.
Common Arguments for Accessing the Configuration Directory Server using SSL: Describes optional arguments that provide information about securely accessing the Configuration Directory Server using Secure Socket Layer (SSL). These arguments are also common to all of the idsync subcommands and the migration tools.
Common Arguments Related to Configuration Directory: Describes arguments related to the configuration directory. These arguments are common to two or more idsync subcommands and migration tools.

Table A–1 Arguments Common to All Subcommands


Argument	Description
`-h` `Configuration Directory-hostname`	Specifies the configuration directory hostname. This argument defaults to the values specified during Core installation.
`-p` `Configuration Directory-port`	Specifies the configuration directory LDAP port number.
`-D` `bind-DN`	Specifies the configuration directory bind distinguished name (DN). This argument defaults to the values specified during Core installation.
`-w` `bind-password` `\| -`	Specifies the configuration directory bind password. The - value reads the password from standard input (`STDIN`).
`-s` `rootsuffix`	Specifies the configuration directory rootsuffix. Where rootsuffix is a distinguished name such as `dc=example,dc=com`. This argument defaults to the values specified during Core installation.
`-q` `configuration_password` `\| -`	Specifies the configuration password. The - value means the password will be read from standard input (`STDIN`). This argument is mandatory for all subcommands except `prepds`.

Table A–2 SSL-Related Arguments Common to All Subcommands


Argument	Description
`-Z`	Specifies that SSL be used to provide secure communication. Provides certificate-based client authentication when connecting to the configuration directory accessing the command line interface or the preferred/secondary Directory Servers.
`-P` `cert-db-path`	Specifies the path and file name of the client’s certificate database. This certificate database must contain the CA certificate used to sign the Directory Server’s certificate database. If you specify `-Z` but do not use `-P`, the `cert-db-path` defaults to `current-working-directory` `/cert8.db`. Note: If Identity Synchronization for Windows does not find the certificate database file in the specified directory, the program creates an empty database in that directory, which consists of three files: `cert8.db`, `key3.db`, and `secmod.db`.
`-m` `secmod-db-path`	Specifies the path to the security module database. For example: `/var/Sun/MPS/slapd-serverID` `/secmod.db` Specify this argument only if the security module database is in a different directory than the certificate database itself.

Table A–3 Configuration Directory Arguments


Argument	Description
`-a` `ldap_filter` Use with `forcepwchg` and `resync` subcommands	Specifies the LDAP filter to use when retrieving users from the source SULs, and allows the operation to retrieve a focused subset of users from the directory source, prior to determining whether the users fall within the specified SULs.
`-f` `filename` Use with `export10cnf`, `importcnf`, and `resync` subcommands	Specifies the name of a Configuration XML Document file.
-n Use with `forcepwchg`, `importcnf`, and `resetconn` subcommands	Runs in safe mode so you can preview the effects of an operation with no actual changes.