- FedFS connection management utility
nsdbparams [-r port] [-e nce] [-t sectype] [-f certfile] [-D bind_DN] [-w bind_PW | -] nsdb
nsdbparams delete [-r port] nsdb
nsdbparams show [-r port] nsdb
nsdbparams set [-r port] nsdb
The nsdbparams command manages defaults and connection information for working with FedFS NSDBs (LDAP servers that store FedFS information).
The first form of the command, nsdbparams update, creates or updates a connection entry for the named NSDB. If the port number is not provided, the default LDAP port of 389 is used. If the NCE is not provided, the server will be queried to enumerate NCEs, and if only one is present it will be used. The LDAP bind DN must be provided if the entry is new. The LDAP bind password may be stored or not; if not stored, the password will be prompted for when needed. The -w - form may be used to force prompting for a password to be stored instead of placing it on the command line.
The second form of the command, nsdbparams delete, removes a connection entry for nsdb:port or nsdb:389 if the port number is not provided.
The fourth form of the command, nsdbparams list, enumerates all connection entries.
The fifth form of the command, nsdbparams get, shows a system-wide default NSDB and port number.
The sixth form of the command, nsdbparams set, sets the system-wide default NSDB and port number, using the default LDAP port of 389 if one is not provided.
The following options are supported:
Specify the port on which the LDAP server implementing the NSDB is listening.
Specify the distinguished name of the container of FedFS information on the LDAP server implementing the NSDB; this will often be a single unambiguous location and need not be specified.
Specify the distinguished name of a user permitted to change the NSDB information.
Specify the password for the bind DN user; use of hyphen (-) will force prompting.
Specify the security level used to contact the LDAP server. Value values are FEDFS_SEC_NONE, for no encryption, and FEDFS_SEC_TLS for a connection secured with StartTLS (RFC 4513). If a TLS connection is to be used, the -f certfile argument must be present or a certificate must already be stored.
Specify a TLS certificate to be used to secure a connection with RFC 4513 StartTLS when FEDFS_SEC_TLS is used.
示例 1 Using nsdbparams to Set Up Communications
The following example sets up communications with an NSDB called nsdb.cthon.org and makes it the default NSDB:
# nsdbparams update -D cn=Manager,dc=cthon,dc=org -w cthon.org \ nsdb.cthon.org # nsdbparams show nikon.us.example.com nikon.us.example.com:389 default bind DN: cn=Manager,dc=cthon,dc=org default bind PW: cthon.org default NCE: dc=cthon,dc=org sectype: FEDFS_SEC_NONE # nsdbparams set nsdb.cthon.org # nsdbparams get default nsdb: nsdb.cthon.org default port: 389
An error occurred.
See attributes(5) for descriptions of the following attributes: