Command-Line Tools for Directory Proxy Server

The commands-line tools that you use to work with Directory Proxy Server are called dpadm and dpconf. For information about how to use these commands, see the dpadm(1M) and dpconf(1M) man pages.

The dpconf is an LDAP based command so you must specify the user bind DN and password for the command to authenticate. While the dpadm command operates on the instance files.

This section describes the location of the dpadm and dpconf commands. It also provides information on environment variables, comparisons between the commands, and where to find help for using the commands.

Location of Directory Proxy Server Commands

The Directory Proxy Server command-line tools are located in the following directory by default:

install-path/bin

Your installation path depends on your operating system. Installation paths for all operating systems are listed in Default Paths and Command Locations.

Setting Environment Variables for `dpconf`

The dpconf command requires some options that you can preset by using environment variables. If you do not specify an option when using the command, or do not set the environment variable, the default setting will be used. You can configure environment variables for the following options:

-D userDN: User bind DN. Environment variable: LDAP_ADMIN_USER. Default: cn=Proxy Manager.
-w password-file: Password file for the user bind DN. Environment variable: LDAP_ADMIN_PWF. Default: Prompt for password.
-h host: Host name or IP address. Environment variable: DIR_PROXY_HOST. Default: localhost.
-p LDAP-port: LDAP port number. Environment variable: DIR_PROXY_PORT. Default: 389 if the server instance is running as root, and 1389 if the server instance is running as a regular user.
-e, --unsecured: Specifies that dpconf should open a clear connection by default. Environment variable: DIR_PROXY_UNSECURED. If this variable is not set, dpconf opens a secure connection by default.

For more details, see the dpconf(1M) man page.

Comparison of `dpadm` and `dpconf`

The following table shows a comparison of the dpadm and dpconf commands.

Table 16-1 Comparison of the dpadm and dpconf Commands

	`dpadm` Command	`dpconf` Command
Purpose	To manage the process or the files on a local instance of Directory Proxy Server	To configure a local or remote instance of Directory Proxy Server
User	Operating system user	LDAP user
Local or remote	The command must be local to the instance, that is, the command must be run on the host on which the server is running.	The command can be local to the instance but can also be run from anywhere on the network.
Example uses of the command	Create an instance of Directory Proxy Server. Start and stop an instance of Directory Proxy Server. Manage the certificate database.	Modify the configuration of an instance of Directory Proxy Server. Create a data view. Configure load balancing in a data source pool.
Server state	The server can be running or stopped.	The server must be running.
How the command identifies the server instance	By specifying the instance path. The instance path can be relative or absolute.	By specifying the host name or IP address and the port number. The command uses the LDAP port (`-p`) or the LDAPS secure port (`-P`). If a port number is not specified on the command line, the environment variable PROXY_PORT is used. If the environment variable is not set, the default ports are used.

Setting Multi-Valued Properties With `dpconf`

Certain Directory Proxy Server properties can take multiple values. Use the following syntax to specify the following values:

$ dpconf set-container-prop -h host -p port \
 property:value [property:value]

For example, to set multiple writable attributes for an LDAP data view named my-view, type the following command:

$ dpconf set-ldap-data-view-prop -h host1 -p 1389 view-name\
 writable-attr:uid writable-attr:cn writable-attr:userPassword

To add a value to a multi-valued property that already contains values, type the following command:

$ dpconf set-container-prop -h host -p port \
 property+:value

To remove a value from a multi-valued property that already contains values, type the following command:

$ dpconf set-container-prop -h host -p port\
 property-:value

For example, in the scenario described previously, to add sn to the list of writable attributes, type the following command:

$ dpconf set-ldap-data-view-prop -h host1 -p 1389 view-name\
writable-attr+:sn

To remove cn from the list of writable attributes, type the following command:

$ dpconf set-ldap-data-view-prop -h host1 -p 1389 view-name\
writable-attr-:cn

Obtaining Help for Using `dpadm` and `dpconf`

For information about how to use the dpadm and dpconf commands, see the dpadm(1M) and dpconf(1M) man pages.

To obtain a list of subcommands, type the appropriate command:
```
$ dpadm --help
```
```
$ dpconf --help
```
To obtain information about how to use a subcommand, type the appropriate command:
```
$ dpadm subcommand --help
```
```
$ dpconf subcommand --help
```
To obtain information about the configuration properties used in the dpconf command, type:
```
$ dpconf help-properties
```
To obtain information about the configuration properties for a subcommand, use this command:
```
$ dpconf help-properties subcommand-entity
```
For example, to find information about the access log properties, type:
```
$ dpconf help-properties access-log
```
To obtain information about a property used in a subcommand, use this command:
```
$ dpconf help-properties subcommand-entity property
```
For example, to find information about the log-search-filters property of the set-access-log-prop subcommand, type:
```
$ dpconf help-properties access-log log-search-filters
```

To list the key properties of a group of entities, such as data views or connection handlers, use the verbose option -v with the list subcommand.

For example, to view the key properties and relative priorities of all of the connection handlers, use this command:

$ dpconf list-connection-handlers -h host -p port -v
Name                        is-enabled  priority  description
--------------------------  ----------  --------  ---------------------------
anonymous                   false       99        unauthenticated connections
default connection handler  true        100       default connection handler
dscc administrators        true          1         Administrators connection 
                                                   handler

For more information about an individual property, see the man page corresponding to that property.

Skip Navigation Links
Exit Print View
	Oracle Directory Server Enterprise Edition Administration Guide 11g Release 1 (11.1.1.5.0)