Skip Navigation Links | |
Exit Print View | |
Oracle Directory Server Enterprise Edition Administration Guide 11g Release 1 (11.1.1.5.0) |
Part I Directory Server Administration
2. Directory Server Instances and Suffixes
3. Directory Server Configuration
6. Directory Server Access Control
7. Directory Server Password Policy
8. Directory Server Backup and Restore
9. Directory Server Groups, Roles, and CoS
10. Directory Server Replication
13. Directory Server Attribute Value Uniqueness
15. Directory Server Monitoring
Part II Directory Proxy Server Administration
16. Directory Proxy Server Tools
Using DSCC for Directory Proxy Server
To Access DSCC for Directory Proxy Server
Command-Line Tools for Directory Proxy Server
Location of Directory Proxy Server Commands
Setting Environment Variables for dpconf
Comparison of dpadm and dpconf
17. Directory Proxy Server Instances
19. Directory Proxy Server Certificates
20. Directory Proxy Server Load Balancing and Client Affinity
21. Directory Proxy Server Distribution
22. Directory Proxy Server Virtualization
23. Virtual Data Transformations
24. Connections Between Directory Proxy Server and Back-End LDAP Servers
25. Connections Between Clients and Directory Proxy Server
26. Directory Proxy Server Client Authentication
27. Directory Proxy Server Logging
28. Directory Proxy Server Monitoring and Alerts
Part III Directory Service Control Center Administration
The commands-line tools that you use to work with Directory Proxy Server are called dpadm and dpconf. For information about how to use these commands, see the dpadm(1M) and dpconf(1M) man pages.
The dpconf is an LDAP based command so you must specify the user bind DN and password for the command to authenticate. While the dpadm command operates on the instance files.
This section describes the location of the dpadm and dpconf commands. It also provides information on environment variables, comparisons between the commands, and where to find help for using the commands.
The Directory Proxy Server command-line tools are located in the following directory by default:
install-path/bin
Your installation path depends on your operating system. Installation paths for all operating systems are listed in Default Paths and Command Locations.
The dpconf command requires some options that you can preset by using environment variables. If you do not specify an option when using the command, or do not set the environment variable, the default setting will be used. You can configure environment variables for the following options:
User bind DN. Environment variable: LDAP_ADMIN_USER. Default: cn=Proxy Manager.
Password file for the user bind DN. Environment variable: LDAP_ADMIN_PWF. Default: Prompt for password.
Host name or IP address. Environment variable: DIR_PROXY_HOST. Default: localhost.
LDAP port number. Environment variable: DIR_PROXY_PORT. Default: 389 if the server instance is running as root, and 1389 if the server instance is running as a regular user.
Specifies that dpconf should open a clear connection by default. Environment variable: DIR_PROXY_UNSECURED. If this variable is not set, dpconf opens a secure connection by default.
For more details, see the dpconf(1M) man page.
The following table shows a comparison of the dpadm and dpconf commands.
Table 16-1 Comparison of the dpadm and dpconf Commands
|
Certain Directory Proxy Server properties can take multiple values. Use the following syntax to specify the following values:
$ dpconf set-container-prop -h host -p port \ property:value [property:value]
For example, to set multiple writable attributes for an LDAP data view named my-view, type the following command:
$ dpconf set-ldap-data-view-prop -h host1 -p 1389 view-name\ writable-attr:uid writable-attr:cn writable-attr:userPassword
To add a value to a multi-valued property that already contains values, type the following command:
$ dpconf set-container-prop -h host -p port \ property+:value
To remove a value from a multi-valued property that already contains values, type the following command:
$ dpconf set-container-prop -h host -p port\ property-:value
For example, in the scenario described previously, to add sn to the list of writable attributes, type the following command:
$ dpconf set-ldap-data-view-prop -h host1 -p 1389 view-name\ writable-attr+:sn
To remove cn from the list of writable attributes, type the following command:
$ dpconf set-ldap-data-view-prop -h host1 -p 1389 view-name\ writable-attr-:cn
For information about how to use the dpadm and dpconf commands, see the dpadm(1M) and dpconf(1M) man pages.
To obtain a list of subcommands, type the appropriate command:
$ dpadm --help
$ dpconf --help
To obtain information about how to use a subcommand, type the appropriate command:
$ dpadm subcommand --help
$ dpconf subcommand --help
To obtain information about the configuration properties used in the dpconf command, type:
$ dpconf help-properties
To obtain information about the configuration properties for a subcommand, use this command:
$ dpconf help-properties subcommand-entity
For example, to find information about the access log properties, type:
$ dpconf help-properties access-log
To obtain information about a property used in a subcommand, use this command:
$ dpconf help-properties subcommand-entity property
For example, to find information about the log-search-filters property of the set-access-log-prop subcommand, type:
$ dpconf help-properties access-log log-search-filters
To list the key properties of a group of entities, such as data views or connection handlers, use the verbose option -v with the list subcommand.
For example, to view the key properties and relative priorities of all of the connection handlers, use this command:
$ dpconf list-connection-handlers -h host -p port -v Name is-enabled priority description -------------------------- ---------- -------- --------------------------- anonymous false 99 unauthenticated connections default connection handler true 100 default connection handler dscc administrators true 1 Administrators connection handler
For more information about an individual property, see the man page corresponding to that property.