dpadm

Manage the administration of Directory Proxy Server

Synopsis

install-path/bin/dpadm 
 [subcommand] [global-options] [subcommand-options]
 [subcommand-operands]

Description

The dpadm command is the administration command for the Directory Proxy Server. Use the dpadm command with one of the subcommands described in this man page.

Subcommands

The following subcommands are supported:

dpadm add-cert [-i] [-W CERT_PW_FILE] INSTANCE_PATH CERT_ALIAS CERT_FILE

Adds a certificate to the certificate database.

dpadm add-selfsign-cert [-i] [-W CERT_PW_FILE] [ -S DN | _newline--name NAME [--org ORG] [--org-unit ORG-UNIT] [--city CITY] [--state STATE] [--country COUNTRY]] [--keyalg KEYALG] [--sigalg SIGALG] [--validity DURATION] [--keysize SIZE] INSTANCE_PATH CERT_ALIAS

Creates a self-signed certificate and adds it to the certificate database.

dpadm autostart [--off [--v6]] [-i] INSTANCE_PATH

Enables or disables Directory Proxy Server instance startup at system boot. This command is only available if you installed native packages.

dpadm backup INSTANCE_PATH ARCHIVE_DIR

Creates a backup archive of the Directory Proxy Server instance.

dpadm create [-i] [-p PORT] [-P SECURE_PORT] [-u USER_NAME -g GROUP_NAME] [-D DN] [-w PWD_FILE] INSTANCE_PATH

Creates a Directory Proxy Server Instance.

dpadm delete INSTANCE_PATH

Deletes an instance of Directory Proxy Server.

dpadm disable-service [-T TYPE] [--v6] INSTANCE_PATH

Disables a Directory Proxy Server from being managed as a service. This command is on Windows distributions and Solaris native package distributions only.

dpadm enable-service [-T TYPE] INSTANCE_PATH

Enables a Directory Proxy Server instance to be managed as a service. This command is on Windows distributions and Solaris native package distributions only.

dpadm get-flags INSTANCE_PATH [FLAG...]

Displays the flag values for the Directory Proxy Server instance.

dpadm import-cert [-i] [-W CERT_PW_FILE] [-I INPUT_PW_FILE] INSTANCE_PATH CERT_FILE

Imports the public and private keys of a certificate in the certificate database.

dpadm info INSTANCE_PATH

Displays information about the status and configuration of the Directory Proxy Server instance.

dpadm list-certs [-i] [-C] [-W CERT_PW_FILE] INSTANCE_PATH

Lists all certificates in the certificate database.

dpadm list-running-instances [--all]

Displays running instances on a host. By default, the only instances that are launched by the same installation as dpadm are listed.

dpadm remove-cert [-i] [-W CERT_PW_FILE] INSTANCE_PATH CERT_ALIAS

Removes a certificate from the certificate database.

dpadm renew-cert [-i] [-W CERT_PW_FILE] INSTANCE_PATH CERT_ALIAS CERT_FILE

Renews a certificate in the certificate database.

dpadm request-cert [-i] [-W CERT_PW_FILE] [ -s DN | --name NAME [--org ORG] [--org-unit ORG-UNIT] [--city CITY] [--state STATE] [--country COUNTRY]] [--sigalg SIGALG] [--keyalg KEYALG] [--keysize KEYSIZE ] [--validity DURATION] [-o OUTPUT_FILE] INSTANCE_PATH CERT_ALIAS

Generates a certificate request.

dpadm restart [-i] [-W CERT_PW_FILE] [INSTANCE_PATH]

Restarts a Directory Proxy Server instance.

dpadm restore INSTANCE_PATH ARCHIVE_DIR

Restores a Directory Proxy Server instance from a backup archive.

dpadm set-flags [-i] [-W CERT_PW_FILE] INSTANCE_PATH FLAG=VAL [FLAG=VAL...]

Sets flags values for a Directory Proxy Server instance.

dpadm show-cert [-i] [-W CERT_PW_FILE] [-o OUTPUT_FILE] [-F FORMAT] INSTANCE_PATH [CERT_ALIAS]

Displays a certificate.

If no CERT_ALIAS is specified, the default server certificate is displayed.

dpadm split-ldif INSTANCE_PATH LDIF_FILEOUTPUT_FILE_DIR

Splits the LDIF file given by LDIF_FILE into multiple LDIF files according to the data distribution configured in Directory Proxy Server. One LDIF file is created for each data view defined in the LDIF_FILE file.

The LDIF files are stored in the OUTPUT_FILE_DIR directory and are automatically named after the data view, with the following format: OUTPUT_FILE_DIR.DATA_VIEW_NAME.ldif

The dpadm split-ldif command can be launched even if the Directory Proxy Server is running.

dpadm start [-Ei] [-W CERT_PW_FILE] INSTANCE_PATH

Starts a Directory Proxy Server instance.

dpadm stop INSTANCE_PATH

Stops a Directory Proxy Server instance.

dpadm stop-running-instances [-i] [--force]

Stops Directory Proxy Server instances. The instances launched by the same installation as dpadm will be stopped.

dpadm upgrade [-i] INSTANCE_PATH

Upgrades Directory Proxy Server instance from versions 6.x, 7.0, and 11g R1 to version 11.1.1.7.0.

Global Options

The following options are global, and are applicable to all commands and subcommands. The global options must follow their respective commands or subcommands to execute successfully.

--?
--help: Displays instructions for accessing help.
-V
--version: Displays the current version of dpadm. The version is provided in the format year.monthday.time DISTRIB. So version number 2009.1004.0035 was built on October 4th, 2009 at 00h35. DISTRIB indicates the distribution type. NAT refers to the native packages version. ZIP refers to the ZIP version. If the components used by dpadm are not aligned, the version of each individual component is displayed.
-v
--verbose: Displays instructions for accessing verbose help.

Subcommands Options

The following options are applicable to the subcommands where they are specified.

--all: Displays running instances from any installation path.
-C
--ca: Lists Certificate Authority certificates only. The default is to list server certificates only.
--city CITY: Adds L=CITY to the subject DN. Default is none.
--country COUNTRY: Adds C=COUNTRY to the subject DN. The default is none.
-D DN
--rootDN DN: Defines the Proxy Manager DN. The default is cn=Proxy Manager.
-E
--safe: Starts Directory Proxy Server with the configuration used at the last successful startup.
--force: When used with stop-running-instances, the command forcibly shuts down all the running server instances that are created using the same dpadm installation. When used with stop, the command forcibly shuts down the instance even if the instance is not initiated by the current installation.
-F FORMAT
--format FORMAT: Specifies the output format. The options are readable and ascii. The default is readable.
-g GROUP_NAME
--group GROUP_NAME: Specifies the group name for the owner of the server instance. The default is the name of the current group.
-i
--no-inter: Does not prompt for confirmation before performing the operation.
-I INPUT_PW_FILE
--input-pwd-fileINPUT_PW_FILE: Specifies the certificate password. The default is to prompt for a password.
--keyalg KEYALG: Specifies the key-pair generation algorithm (DSA or RSA).
--sigalg SIGALG: Specifies the signature algorithm used to sign the certificate. The signature algorithm depends on the underlying key-pair generation algorithm. The default signature algorithm is SHA1withDSA when the key algorithm is DSA, and SHA1withRSA when the key algorithm is RSA.
--name NAME: Adds CN=NAME to the subject DN. The default is the hostname.
--keysize SIZE: Specifies the length of private key.
-O OUTPUT_PW_FILE
--output-pwd-file OUTPUT_PW_FILE: Reads the output password from the OUTPUT_FILE file. The default is a prompt for a password.
--o OUTPUT_FILE
--output OUTPUT_FILE: Stores the command results in the OUTPUT_FILE file. The default is stdout.
--off: Disables the autostart of an instance of Directory Proxy Server at system boot
--org ORG: Adds O=ORG to the subject DN. The default is none.
--org-unit ORG-UNIT: Adds OU=ORG-UNIT to the subject DN. The default is none.
--p PORT
--port PORT: Specifies the port for LDAP traffic. The default is 389 or 1389.
--P SECURE_PORT
--secure-port SECURE_PORT: Specifies the secure SSL port for LDAP traffic. The default is 636 or 1636.
--S DN
--subjectDN DN: Specifies the subject DN. The default is cn=CERT_ALIAS cn=hostname.
--state STATE: Adds ST=STATE to the subject DN. Default is the hostname.
--T TYPE
--type TYPE: Service type. Can be SMF when using Solaris 10, or WIN_SERVICE when using Windows.
-u USER_NAME
--username USER_NAME: Specifies the user name for the owner of the server instance. The default is the name of the current user.
--v6: Specifies that the version of the Directory Proxy Server instance is 6.x.
--validity DURATION: Sets validity of the certificate to DURATION months.
--W CERT_PW_FILE
--cert-pwd-file CERT_PW_FILE: Reads the certificate database password from the CERT_PW_FILE file. The default is a prompt for password.
--w PW_FILE
--pwd-file PW_FILE: Reads the password from the PW_FILE file. The default is a prompt for password.

Subcommand Operands

The following operands are supported:

ARCHIVE_DIR

Specifies the path to the backup of the Directory Proxy Server instance.

CERT_ALIAS

Specifies the certificate alias.

CERT_FILE

Specifies the file that contains the certificate.

FLAG

Specifies a flag that represents a property operand when using the command dpadm get-flags. Possible flags: cert-pwd-prompt, jvm-args, jvm-path, server-umask.

FLAG=VALUE

Specifies a flag and its value. The FLAG=VALUE operand can have the following values:

cert-pwd-prompt=off

Sets the certificate database password storage mode to on. The certificate database password is stored on the file system. This is the default value.

cert-pwd-prompt=on

Sets the certificate database password storage mode to off. The certificate database password is not stored on the file system. You are prompted to supply the certificate database password when needed.

jvm-args="arg1 arg2 ..."

These values are arguments passed to the Java Virtual Machine (JVM).

The default value is jvm-args=-Xmx250M -Xms250M.

-Xmxmemory is the maximum memory size for the JVM. The default value is -Xmx250M (250 MB).

-Xmsmemory is the startup memory size for the JVM. The default value is -Xms250M (250 MB). The startup memory size -Xmsmemory should be the same as the maximum memory size -Xmxmemory.

-XX:NewRatio=ratio is applicable to the Sun Hotspot JVM only, and is the ratio between old and young generation memory. The recommended value is -XX:NewRatio=1, which is equal old and young generation memory.

The -d flag specifies which JVM is used (32-bits or 64-bits). By default, Directory Proxy Server is launched with a 64-bit JVM, if available, and with a 32-bit JVM otherwise. If you want to override this behavior and specify the JVM, set the jvm-args flag to either d-32 or d-64, for example jvm-args=-Xmx250M -Xms250M -d32

You can use the jvm-args flag to pass a list of arguments to the JVM. For information about JVM arguments not described in this man page, see the java(1) man page.

jvm-path=java path

Sets JAVA_HOME that take precedence over JAVA_HOME defined in the environment.

server-umask

Sets the permissions of configuration and log files.

INSTANCE_PATH

Specifies the path to the Directory Proxy Server instance.

LDIF_FILE

Specifies the LDIF file that is to be split by using the split_ldif subcommand.

OUTPUT_FILE_DIR

Specifies the directory where LDIF files are placed after being split by the split_ldif subcommand.

Exit Status

The following exit status values are returned:

0: Successful completion.
non-zero: An error occurred.

Examples

The following examples show how the dpadm command is used.

Example 1 Creating a Directory Proxy Server Instance

The following example shows how to create a Directory Proxy Server instance.

$ dpadm create /local/dps

Example 2 Starting a Directory Proxy Server Instance

The following example shows how to start a Directory Proxy Server instance.

$ dpadm start /local/dps

Example 3 Getting Information about a Directory Proxy Server Instance

The following example shows how to get information about a Directory Proxy Server instance.

$ dpadm info /local/dps

Attributes

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE	ATTRIBUTE VALUE
Availability	SUNWdsee7
Stability Level	Evolving