1NSDB-REMOVE-NCI(8) System Manager's Manual NSDB-REMOVE-NCI(8)
3
7 nsdb-delete-nsdb - remove all FedFS info from an NSDB
8
10 nsdb-delete-nsdb [-?d] [-D binddn] [-l nsdbname] [-r nsdbport] nce
11
13 RFC 5716 introduces the Federated File System (FedFS, for short).
14 FedFS is an extensible standardized mechanism by which system adminis‐
15 trators construct a coherent namespace across multiple file servers
16 using file system referrals. For further details, see fedfs(7).
17 The bulk of FedFS junction information in a FedFS domain is stored on
19 one or more LDAP servers. These servers are known as namespace data‐
20 bases, or NSDBs, for short.
21 FedFS-enabled file servers and clients access the information stored on
23 NSDBs via standard LDAP queries. FedFS-enabled file servers use these
24 queries to resolve FedFS junctions. FedFS administrators use them to
25 manage information about file sets contained in a FedFS domain name
26 space.
27
29 The nsdb-delete-nsdb(8) command is part of a collection of low-level
30 single-use programs that is intended for testing the NSDB protocol or
31 for use in scripts. This command wipes part or all of an NSDB clean by
32 disconnecting an NSDB Container Entry, or NCE, and removing all FedFS
33 records under it.
34 This command has one positional parameter which specifies the fully
36 qualified distinguished name of the NCE to be removed.
37 The nsdb-delete-nsdb(8) command first removes the NSDB container infor‐
39 mation for the specified NCE to prevent FedFS-enabled clients and
40 servers from accessing the FedFS records under that NCE. Then, it
41 removes all FSN and FSL records under the NCE. The entry that was the
42 NCE is left on the LDAP server.
43
45 -d, --debug
46 Enables debugging messages during operation.
47 -?, --help
49 Displays nsdb-delete-nsdb(8) version information and a usage
50 message on stderr.
51 -D, --binddn=bind-distinguished-name
53 Specifies a distinguished name of an entity used to bind to the
54 LDAP server where the NSDB resides. If the --binddn option is
55 not specified, the value of the FEDFS_NSDB_ADMIN environment
56 variable is consulted. If this variable is not set, the NSDB
57 connection parameter database is searched for this DN. If none
58 of these is specified, or if this entity does not have permis‐
59 sion to modify this area of the server's DIT, the nsdb-delete-
60 nsdb(8) command fails.
61 -e, --nce=NSDB-container-entry-distinguished-name
63 Specifies the distinguished name of the NSDB Container Entry.
64 This option must be specified on the command line. No default
65 value is assumed or read from an environment variable.
66 -l, --nsdbname=NSDB-hostname
68 Specifies the hostname of the NSDB where the NSDB Container
69 Entry resides. If the --nsdbname option is not specified, the
70 value of the FEDFS_NSDB_HOST environment variable is consulted.
71 If the variable is not set and the --nsdbname option is not
72 specified, the nsdb-delete-nsdb(8) command fails.
73 -r, --nsdbport=NSDB-port
75 Specifies the IP port of the NSDB where the NSDB Container Entry
76 resides. If the --nsdbport option is not specified, the value
77 of the FEDFS_NSDB_PORT environment variable is consulted. The
78 default value if the variable is not set is 389.
79
81 The NSDB returns a value that reflects the success of the requested
82 operation.
83 FEDFS_OK
85 The LDAP modify request succeeded.
86 FEDFS_ERR_ACCESS
88 The bound entity does not have permission to perform the
89 requested operation.
90 FEDFS_ERR_INVAL
92 One of the arguments was not valid.
93 FEDFS_ERR_SVRFAULT
95 An unanticipated non-protocol error occurred.
96 FEDFS_ERR_NSDB_ROUTE
98 The nsdb-delete-nsdb(8) command was unable to find a route to
99 the specified NSDB.
100 FEDFS_ERR_NSDB_DOWN
102 The nsdb-delete-nsdb(8) command determined that the specified
103 NSDB was down.
104 FEDFS_ERR_NSDB_CONN
106 The nsdb-delete-nsdb(8) command was unable to establish a con‐
107 nection with the specified NSDB.
108 FEDFS_ERR_NSDB_AUTH
110 The nsdb-delete-nsdb(8) command was unable to authenticate and
111 establish a secure connection with the specified NSDB.
112 FEDFS_ERR_NSDB_LDAP
114 A non-specific LDAP error occurred on the connection between the
115 nsdb-delete-nsdb(8) command and specified NSDB.
116 FEDFS_ERR_NSDB_LDAP_VAL
118 An LDAP error occurred on the connection between the nsdb-
119 delete-nsdb(8) command and specified NSDB. The specific error
120 may be displayed on the command line.
121 FEDFS_ERR_NSDB_RESPONSE
123 The nsdb-delete-nsdb(8) command received a malformed response
124 from the specified NSDB.
125 FEDFS_ERR_NSDB_FAULT
127 An unanticipated error related to the specified NSDB occurred.
128 FEDFS_ERR_NSDB_PARAMS
130 The local NSDB connection parameter database does not have any
131 connection parameters on record for the specified NSDB.
132 FEDFS_ERR_NSDB_LDAP_REFERRAL
134 The nsdb-delete-nsdb(8) command received an LDAP referral that
135 it was unable to follow.
136 FEDFS_ERR_NSDB_LDAP_REFERRAL_VAL
138 The nsdb-delete-nsdb(8) command received an LDAP referral that
139 it was unable to follow. A specific error may be displayed on
140 the command line.
141 FEDFS_ERR_NSDB_LDAP_REFERRAL_NOTFOLLOWED
143 The nsdb-delete-nsdb(8) command received an LDAP referral that
144 it chose not to follow, either because the local implementation
145 does not support following LDAP referrals or LDAP referral fol‐
146 lowing is disabled.
147 FEDFS_ERR_NSDB_PARAMS_LDAP_REFERRAL
149 The nsdb-delete-nsdb(8) command received an LDAP referral that
150 it chose not to follow because the local NSDB connection parame‐
151 ter database had no connection parameters for the NSDB targeted
152 by the LDAP referral.
153
155 Suppose you are the FedFS administrator of the example.net FedFS domain
156 and that you want to wipe the NCE o=fedfs from the LDAP server
157 ldap.example.net.
158 $ nsdb-delete-nsdb -l ldap.example.net -D cn=Manager -e o=fedfs
160 Enter NSDB password:
161 Successfully removed NCE
162 This action removes all FedFS records under o=fedfs. Compare with the
164 action of the nsdb-remove-nci(8) command.
165
167 An entity with appropriate authority, such as an administrator entity,
168 must be used to modify LDAP entries. The nsdb-delete-nsdb(8) command
169 must bind as such an entity to perform this operation. The nsdb-
170 delete-nsdb(8) command asks for a password on stdin. Standard password
171 blanking techniques are used to obscure the password on the user's ter‐
172 minal.
173 The target LDAP server must be registered in the local NSDB connection
175 parameter database. The connection security mode listed in the NSDB
176 connection parameter database for the target LDAP server is used during
177 this operation. See nsdbparams(8) for details on how to register an
178 NSDB in the local NSDB connection parameter database.
179
181 fedfs(7), nsdb-nces(8), nsdb-list(8), nsdb-update-nci(8), nsdb-remove-
182 nci(8), nsdbparams(8)
183 RFC 5716 for FedFS requirements and overview
185 RFC 4510 for an introduction to LDAP
187
189 This page is part of the fedfs-utils package. A description of the
190 project and information about reporting bugs can be found at
191 http://wiki.linux-nfs.org/wiki/index.php/FedFsUtilsProject.
192
194 Chuck Lever <chuck.lever@oracle.com>
195 3 February 2014 NSDB-REMOVE-NCI(8)