Skip Navigation Links | |
Exit Print View | |
Oracle Fusion Middleware Command-Line Usage Guide for Oracle Unified Directory 11g Release 1 (11.1.1) |
1. Server Administration Commands
Code Generated by the create-rc-script Command
Oracle Directory Server Enterprise Edition LDAP Connection Options
Oracle Unified Directory LDAP Connection Options
Replication Gateway Configuration Options
Oracle Directory Server Enterprise Edition Server Options
Replication Gateway Security Options
Oracle Unified Directory Server Options
Removing a Replication Gateway Server
Oracle Unified Directory Server Connection Options
Oracle Directory Server Enterprise Edition Server Connection Options
The gicadm command manages global indexes and global index catalogs.
This command is supported only for the proxy.
gicadm [subcommand] [options]
The gicadm command enables you to create and delete a global index catalog, as well as add, modify, and delete global indexes in a global index catalog, and manage replication of global index catalogs. It also allows you to associate a global index to a distribution.
The gicadm command accesses the server over SSL through the administration connector.
The gicadm command accepts the following options.
Adds a new global index to a global index catalog. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
--attributeName attribute-name. The identifier for the global index attribute. This identifier should be unique in the context of the global index catalog and it is used to identify the global index.
--set property:value. Assigns a value to a property, where property is the name of the property and value is the single value to be assigned. Specify the same property multiple times to assign more than one value to it.
Associates a global index catalog to a distribution workflow element. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
-d, --distributionWorkflowElement distribution-workflow-element. Name of the distribution workflow element object using this global index catalog, from which the global index catalog is to be disassociated.
Creates a new global index catalog. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
Deletes a global index catalog. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
Disables replication on the specified server for the specified global index catalog and removes any references to this server from the other servers in the replication topology. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
--adminUID adminUID. User ID of the global administrator used to bind to the server. For the enable-replication subcommand if no global administrator was defined previously the global administrator will be created using the provided data.
Disassociates a global index catalog from a distribution workflow element. Suboptions are as follows:
-d, --distributionWorkflowElement distribution-workflow-element. Name of the distribution workflow element object using this global index catalog, from which the global index catalog is to be disassociated.
Updates the server configuration to replicate the global index catalog and all its global indexes. If one of the specified servers already replicates the global index catalog for a given global index, executing this subcommand will update the configuration of all servers in the topology. Therefore, it is sufficient to execute this command once for each server added to the replication topology. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
--adminUID adminUID. User ID of the global administrator used to bind to the server. For the enable-replication subcommand, if no global administrator was defined previously, the global administrator will be created using the provided data.
--adminPassword bindPassword. The global administrator password.
--adminPasswordFile bindPasswordFile. The file containing the password of the global administrator.
--localReplicationPort port. Replication port number of the first server whose content will be replicated.
--localSecureReplication. Specifies whether or not the communication through the replication port of the first server is encrypted or not. This option will only be taken into account the first time replication is configured on the first server.
--remoteAdminPort port. Directory server administration port number of the second server whose contents will be replicated.
--remoteHost host. Fully qualified directory server host name or IP address of the second server whose contents will be replicated.
--remoteBindDN bindDN. DN to use to bind to the second server whose content will be replicated. If not specified the global administrator will be used to bind.
--remoteBindPassword bindPassword. Password to use to bind to the second server whose content will be replicated. If no bind DN was specified for the second server the password of the global administrator will be used to bind.
--remoteBindPasswordFile bindPasswordFile. File containing the password to use to bind to the second server whose content will be replicated. If no bind DN was specified for the second server the password of the global administrator will be used to bind.
--remoteReplicationPort port. Replication port number of the second server whose content will be replicated.
--remoteSecureReplication. Specifies whether or not the communication through the replication port of the second server is encrypted or not. This option will only be taken into account the first time.
Exports a global index catalog to file. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
--exportDirectory directory. Path to the directory to be used to export the global index catalog. This is a required argument.
-a, --attributeName attribute-name. The name of the global index attribute. This option can be used multiple times to specify multiple indexed attributes. If this option is provided, any indexed attribute in the import source that does not match is skipped.
Shows global index catalog properties. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
--property property. The name of a property to be displayed.
-E,--record. Modifies the display output to show one property value per line.
Shows index properties. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
-a, --attributeName attribute-name. The identifier for the global index attribute. This identifier should be unique in the context of the global index catalog and it is used to identify the global index.
--property property. The name of a property to be displayed. Valid property names are:all, global-index-deleted-entry-retention-timeout, db-cleaner-min-utilization, db-log-file-max, db-checkpointer-bytes-interval, db-checkpointer-wakeup-interval, db-num-lock-tables, db-num-cleaner-threads, db-txn-no-sync, db-txn-write-no-sync, je-property, db-directory, db-directory-permissions, global-index-catalogs-shared-cache, and global-index-attribute.
Imports content of a file into a specified global index catalog. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
--importDirectory directory. Path to the file to be used to import the global index catalog. This is a required argument.
--attributeName attribute-name. The identifier for the global index attribute. This identifier should be unique in the context of the global index catalog and it is used to identify the global index.
--append. Append to an existing global index rather than overwriting it.
Initializes the replication of a global index catalog. All the replicated global index catalogs (part of the replication topology) can be initialized at once or the local global index catalog is initialized from a given global index catalog (also part of the replication topology). Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
--adminUID adminUID. User ID of the global administrator used to bind to the server. For the initialize-replication subcommand, if no global administrator was defined previously, the global administrator will be created using the provided data.
--fromServerPort port. Directory server port number of the source server whose contents will be used to initialize the destination server.
--fromServerHost host. Directory server hostname or IP address of the source server whose contents will be used to initialize the destination server.
--all. Initializes the contents of the global index attribute on all the servers whose contents is being replicated with the contents on the specified server.
Lists the global index catalogs that have been defined. Suboptions are as follows:
--property property. The name of a property to be displayed. Valid property names are:all, replication-server, server-id, window-size, heartbeat-interval and group-id.
Lists the global indexes that have been defined in the global index catalog. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
--property property. The name of a property to be displayed. Valid property names are:all, global-index-deleted-entry-retention-timeout, db-cleaner-min-utilization, db-log-file-max, db-checkpointer-bytes-interval, db-checkpointer-wakeup-interval, db-num-lock-tables, db-num-cleaner-threads, db-txn-no-sync, db-txn-write-no-sync, je-property, db-directory, db-directory-permissions, global-index-catalogs-shared-cache, and global-index-attribute.
This subcommand must be called after initializing the contents of all the replicated global indexes using the import subcommand of this tool. It will use the generation id of the targeted instance as the valid one. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
-a, --attributeName attribute-name. The identifier for the global index attribute. This option can be used multiple times to specify multiple indexed attributes. If this option is provided, any indexed attribute in the import source that does not match is skipped.
This subcommand can be called before initializing the contents of all the replicated servers using the import subcommand of this tool. It will erase the replication change logs stored in the replication servers. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
-a, --attributeName attribute-name. The identifier for the global index attribute. This option can be used multiple times to specify multiple indexed attributes. If this option is provided, any indexed attribute in the import source that does not match is skipped.
Removes a global index from a global index catalog. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
--attributeName attribute-name. The identifier for the global index attribute. This identifier should be unique in the context of the global index catalog and it is used to identify the global index.
Modifies the properties of the global index catalog. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
--set property:value. Assigns a value to a property, where property is the name of the property and value is the single value to be assigned. Specify the same property multiple times to assign more than one value to it. Valid property names are: all, global-index-deleted-entry-retention-timeout, db-cleaner-min-utilization, db-log-file-max, db-checkpointer-bytes-interval, db-checkpointer-wakeup-interval, db-num-lock-tables, db-num-cleaner-threads, db-txn-no-sync, db-txn-write-no-sync, je-property, db-directory, db-directory-permissions, global-index-catalogs-shared-cache, and global-index-attribute.
--reset property. Resets a property back to its default values, where property is the name of the property to be reset. Valid property names are: all, global-index-deleted-entry-retention-timeout, db-cleaner-min-utilization, db-log-file-max, db-checkpointer-bytes-interval, db-checkpointer-wakeup-interval, db-num-lock-tables, db-num-cleaner-threads, db-txn-no-sync, db-txn-write-no-sync, je-property, db-directory, db-directory-permissions, global-index-catalogs-shared-cache, and global-index-attribute.
--add property:value. Adds a single value to a property, where property is the name of the property and value is the single value to be added.
--remove property:value. Removes a single value from a property, where property is the name of the property and value is the single value to be removed. Valid property names are: all, global-index-deleted-entry-retention-timeout, db-cleaner-min-utilization, db-log-file-max, db-checkpointer-bytes-interval, db-checkpointer-wakeup-interval, db-num-lock-tables, db-num-cleaner-threads, db-txn-no-sync, db-txn-write-no-sync, je-property, db-directory, db-directory-permissions, global-index-catalogs-shared-cache, and global-index-attribute.
Modifies the properties of an index. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
--attributeName attribute-name. The identifier for the global index attribute. This identifier should be unique in the context of the global index catalog and it is used to identify the global index.
--set property:value. Assigns a value to a property, where property is the name of the property and value is the single value to be assigned. Specify the same property multiple times to assign more than one value to it. Valid property names are: all, global-index-deleted-entry-retention-timeout, db-cleaner-min-utilization, db-log-file-max, db-checkpointer-bytes-interval, db-checkpointer-wakeup-interval, db-num-lock-tables, db-num-cleaner-threads, db-txn-no-sync, db-txn-write-no-sync, je-property, db-directory, db-directory-permissions, global-index-catalogs-shared-cache, and global-index-attribute.
--reset property. Resets a property back to its default values, where property is the name of the property to be reset. Valid property names are: all, global-index-deleted-entry-retention-timeout, db-cleaner-min-utilization, db-log-file-max, db-checkpointer-bytes-interval, db-checkpointer-wakeup-interval, db-num-lock-tables, db-num-cleaner-threads, db-txn-no-sync, db-txn-write-no-sync, je-property, db-directory, db-directory-permissions, global-index-catalogs-shared-cache, and global-index-attribute.
--remove property:value. Removes a single value from a property, where property is the name of the property and value is the single value to be removed. Valid property names are: all, global-index-deleted-entry-retention-timeout, db-cleaner-min-utilization, db-log-file-max, db-checkpointer-bytes-interval, db-checkpointer-wakeup-interval, db-num-lock-tables, db-num-cleaner-threads, db-txn-no-sync, db-txn-write-no-sync, je-property, db-directory, db-directory-permissions, global-index-catalogs-shared-cache, and global-index-attribute.
Displays a list with the basic replication configuration of the global index catalog. If no global index catalog is specified, the information for all replicated global index catalogs is displayed. Suboptions are as follows:
-c, --catalogName name. A unique identifier for the global index catalog. This is a required argument.
--adminUID adminUID. User ID of the global administrator used to bind to the server. For the status-replication subcommand, if no global administrator was defined previously, the global administrator will be created using the provided data.
-s, --scriptFriendly. Use the script-friendly mode.
The gicadm command contacts the directory server over SSL through the administration connector (described in Managing Administration Traffic to the Server in Oracle Fusion Middleware Administration Guide for Oracle Unified Directory). These connection options are used to contact the directory server.
Directory server hostname or IP address.
DN to use to bind to the server.
Bind password file. This option must not be used in conjunction with --bindPassword.
Use the client keystore certificate in the specified path.
Use the certificate for SSL client authentication.
SASL bind option.
Directory server administration port number.
Use the client trust store certificate in the specified path. This option is not needed if --trustAll is used, although a trust store should be used when working in a production environment.
Use the password needed to access the certificates in the client trust store. This option is only required if --trustStorePath is used and the specified trust store requires a password to access its contents (which most trust stores do not require). This option must not be used in conjunction with --trustStorePasswordFile.
Use the password in the specified file to access the certificates in the client keystore. This option is only required if --keyStorePath is used. This option must not be used in conjunction with --keyStorePassword.
Use the password in the specified file to access the certificates in the client trust store. This option is only required if --trustStorePath is used and the specified trust store requires a password to access its contents (most trust stores do not require this). This option must not be used in conjunction with --trustStorePassword.
Use the bind password when authenticating to the directory server. This password can be used for simple authentication as well as password-based SASL mechanisms. This option must not be used in conjunction with --rootUserPasswordFile. To prompt for the password, type -w -.
SASL is not supported for Oracle Unified Directory proxy.
Use the password needed to access the certificates in the client keystore. This option is only required if --keyStorePath is used. This option must not be used in conjunction with --keyStorePasswordFile.
Trust any certificate that the server presents. This option can be used for testing purposes, but for security reasons, a trust store should be used to determine whether the client should accept the server certificate.
Specifies the maximum duration of time (in milliseconds) that can be taken to establish a connection. Use Oto indicate no time out. The default value is 30000 milliseconds.
Indicate that the command will not use a properties file to get the default command-line options.
Specify the path to the properties file that contains the default command-line options.
Run in verbose mode, displaying diagnostics on standard output.
Displays command-line usage information for the command and exit without making any attempt to stop or restart the directory server.
Displays the version information for the directory server.
The following examples show how to use the Oracle Unified Directory proxy gicadm command. For more information, see System Requirements and Certification in Oracle Fusion Middleware Installation Guide for Oracle Unified Directory.
Note - The following examples for creating a global index catalog, adding a global index, and associating a global index catalog to a distribution are the three steps needed to use a global index catalog with a distribution deployment of Oracle Unified Directory proxy.
Example 1-22 Viewing the Global Help Subcommands and Global Options
The following command displays the available global Help subcommands and global options for managing the global index catalog:
$ gicadm --help
Example 1-23 Viewing Help on an Individual Subcommand
The following command displays the help information for the create-catalog subcommand:
$ gicadm create-catalog --help
Example 1-24 Using gicadm to Create a Global Index Catalog
You must have deployed a Oracle Unified Directory proxy with distribution before running this command.
$ gicadm -h hostname -p 4444 -D "cn=Directory Manager" -w password -X \ create-catalog --catalogName myCatalog
Example 1-25 Using gicadm to Add a Global Index to a Global Index Catalog
You must have deployed a Oracle Unified Directory proxy with distribution before running this command. Moreover, you must already have created the global index catalog before running this command.
$ gicadm -h hostname -p 4444 -D "cn=Directory Manager" -w password -X \ add-index --catalogName myCatalog \ --attributeName telephonenumber
Example 1-26 Using gicadm to Associate a Global Index Catalog to a Distribution
You must have deployed a Oracle Unified Directory proxy with distribution before running this command. Moreover, you must already have created the global index catalog before running this command.
$ gicadm -h hostname -p 4444 -D "cn=Directory Manager" -w password -X \ associate --catalogName myCatalog \ --distributionWorkflowElement myDistributionName
An exit code of 0 indicates that the operation completed successfully. A nonzero exit code indicates that an error occurred during processing.
UNIX and Linux: instance-dir/OUD/bin/gicadm
Windows: instance-dir\OUD\bat\gicadm.bat
dsconfig
split-ldif