1DSCTL(8) Generated Python Manual DSCTL(8)
2
3
4
6 dsctl
7
9 dsctl [-h] [-v] [-j] [-l] [instance] {restart,start,stop,status,re‐
10 move,db2index,db2bak,db2ldif,dbverify,bak2db,ldif2db,backups,ld‐
11 ifs,tls,healthcheck,get-nsstate,ldifgen,dsrc,cockpit,dblib} ...
12
13
15 dsctl restart
16 Restart an instance of Directory Server, if it is running: else
17 start it.
18
19 dsctl start
20 Start an instance of Directory Server, if it is not currently
21 running
22
23 dsctl stop
24 Stop an instance of Directory Server, if it is currently running
25
26 dsctl status
27 Check running status of an instance of Directory Server
28
29 dsctl remove
30 Destroy an instance of Directory Server, and remove all data.
31
32 dsctl db2index
33 Initialise a reindex of the server database. The server must be
34 stopped for this to proceed.
35
36 dsctl db2bak
37 Initialise a BDB backup of the database. The server must be
38 stopped for this to proceed.
39
40 dsctl db2ldif
41 Initialise an LDIF dump of the database. The server must be
42 stopped for this to proceed.
43
44 dsctl dbverify
45 Perform a db verification. You should only do this at direction
46 of support
47
48 dsctl bak2db
49 Restore a BDB backup of the database. The server must be stopped
50 for this to proceed.
51
52 dsctl ldif2db
53 Restore an LDIF dump of the database. The server must be stopped
54 for this to proceed.
55
56 dsctl backups
57 List backup's found in the server's default backup directory
58
59 dsctl ldifs
60 List all the LDIF files located in the server's LDIF directory
61
62 dsctl tls
63 Manage TLS certificates
64
65 dsctl healthcheck
66 Run a healthcheck report on a local Directory Server instance.
67 This is a safe and read-only operation. Do not attempt to run
68 this on a remote Directory Server as this tool needs access to
69 local resources, otherwise the report may be inaccurate.
70
71 dsctl get-nsstate
72 Get the replication nsState in a human readable format
73
74 Replica DN: The DN of the replication configuration
75 entry Replica Suffix: The replicated suffix Replica ID:
76 The Replica identifier Gen Time The time the CSN
77 generator was created Gen Time String: The time string of
78 generator Gen as CSN: The generation CSN Local Offset:
79 The offset due to the local clock being set back Local Offset
80 String: The offset in a nice human format Remote Offset:
81 The offset due to clock difference with remote systems Remote
82 Offset String: The offset in a nice human format Time Skew:
83 The time skew between this server and its replicas Time Skew
84 String: The time skew in a nice human format Seq Num:
85 The number of multiple csns within a second System Time:
86 The local system time Diff in Seconds: The time difference
87 in seconds from the CSN generator creation to now Diff in
88 days/secs: The time difference broken up into days and sec‐
89 onds Endian: Little/Big Endian
90
91 dsctl ldifgen
92 LDIF generator to make sample LDIF files for testing
93
94 dsctl dsrc
95 Manage the .dsrc file
96
97 dsctl cockpit
98 Enable the Cockpit interface/UI
99
100 dsctl dblib
101 database library (i.e bdb/lmdb) migration
102
103
105 usage: dsctl [instance] restart [-h]
106
107
109 usage: dsctl [instance] start [-h]
110
111
113 usage: dsctl [instance] stop [-h]
114
115
117 usage: dsctl [instance] status [-h]
118
119
121 usage: dsctl [instance] remove [-h] [--do-it]
122
123
125 --do-it
126 By default we do a dry run. This actually initiates the removal
127 of the instance.
128
129
131 usage: dsctl [instance] db2index [-h] [--attr [ATTR ...]] [backend]
132
133
134 backend
135 The backend to reindex. IE userRoot
136
137
139 --attr [ATTR ...]
140 The attribute's to reindex. IE --attr aci cn givenname
141
142
144 usage: dsctl [instance] db2bak [-h] [archive]
145
146
147 archive
148 The destination for the archive. This will be created during the
149 db2bak process.
150
151
153 usage: dsctl [instance] db2ldif [-h] [--replication] [--encrypted]
154 backend [ldif]
155
156
157 backend
158 The backend to output as an LDIF. IE userRoot
159
160
161 ldif The path to the ldif output location.
162
163
165 --replication
166 Export replication information, suitable for importing on a new
167 consumer or backups.
168
169
170 --encrypted
171 Export encrypted attributes
172
173
175 usage: dsctl [instance] dbverify [-h] backend
176
177
178 backend
179 The backend to verify. IE userRoot
180
181
183 usage: dsctl [instance] bak2db [-h] archive
184
185
186 archive
187 The archive to restore. This will erase all current server data‐
188 bases.
189
190
192 usage: dsctl [instance] ldif2db [-h] [--encrypted] backend ldif
193
194
195 backend
196 The backend to restore from an LDIF. IE userRoot
197
198
199 ldif The path to the ldif to import
200
201
203 --encrypted
204 Import encrypted attributes
205
206
208 usage: dsctl [instance] backups [-h] [--delete DELETE]
209
210
212 --delete DELETE
213 Delete backup directory
214
215
217 usage: dsctl [instance] ldifs [-h] [--delete DELETE]
218
219
221 --delete DELETE
222 Delete LDIF file
223
224
226 usage: dsctl [instance] tls [-h]
227 {list-ca,list-client-ca,show-server-cert,show-cert,gen‐
228 erate-server-cert-csr,import-client-ca,import-ca,import-server-cert,im‐
229 port-server-key-cert,remove-cert,export-cert}
230 ...
231
232
234 dsctl tls list-ca
235 list server certificate authorities including intermediates
236
237 dsctl tls list-client-ca
238 list client certificate authorities including intermediates
239
240 dsctl tls show-server-cert
241 Show the active server certificate that clients will see and
242 verify
243
244 dsctl tls show-cert
245 Show a certificate's details referenced by it's nickname. This
246 is analogous to certutil -L -d <path> -n <nickname>
247
248 dsctl tls generate-server-cert-csr
249 Generate a Server-Cert certificate signing request - the csr is
250 then submitted to a CA for verification, and when signed you im‐
251 port with import-ca and import-server-cert
252
253 dsctl tls import-client-ca
254 Import a CA trusted to issue user (client) certificates. This is
255 part of how client certificate authentication functions.
256
257 dsctl tls import-ca
258 Import a CA or intermediate CA for signing this servers certifi‐
259 cates (aka Server-Cert). You should import all the CA's in the
260 chain as required. PEM bundles are accepted
261
262 dsctl tls import-server-cert
263 Import a new Server-Cert after the csr has been signed from a
264 CA.
265
266 dsctl tls import-server-key-cert
267 Import a new key and Server-Cert after having been signed from a
268 CA. This is used if you have an external csr tool or a service
269 like lets encrypt that generates PEM keys externally.
270
271 dsctl tls remove-cert
272 Delete a certificate from this database. This will remove it
273 from acting as a CA, a client CA or the Server-Cert role.
274
275 dsctl tls export-cert
276 Export a certificate to PEM or DER/Binary format. PEM format is
277 the default
278
279
281 usage: dsctl [instance] tls list-ca [-h]
282
283
285 usage: dsctl [instance] tls list-client-ca [-h]
286
287
289 usage: dsctl [instance] tls show-server-cert [-h]
290
291
293 usage: dsctl [instance] tls show-cert [-h] nickname
294
295
296 nickname
297 The nickname (friendly name) of the certificate to display
298
299
301 usage: dsctl [instance] tls generate-server-cert-csr [-h] [--subject
302 SUBJECT]
303 [alt_names ...]
304
305
306 alt_names
307 Certificate requests subject alternative names. These are
308 auto-detected if not provided
309
310
312 --subject SUBJECT, -s SUBJECT
313 Certificate Subject field to use
314
315
317 usage: dsctl [instance] tls import-client-ca [-h] cert_path nickname
318
319
320 cert_path
321 The path to the x509 cert to import as a client trust root
322
323
324 nickname
325 The name of the certificate once imported
326
327
329 usage: dsctl [instance] tls import-ca [-h] cert_path nickname [nickname
330 ...]
331
332
333 cert_path
334 The path to the x509 cert to import as a server CA
335
336
337 nickname
338 The name of the certificate once imported
339
340
342 usage: dsctl [instance] tls import-server-cert [-h] cert_path
343
344
345 cert_path
346 The path to the x509 cert to import as Server-Cert
347
348
350 usage: dsctl [instance] tls import-server-key-cert [-h] cert_path
351 key_path
352
353
354 cert_path
355 The path to the x509 cert to import as Server-Cert
356
357
358 key_path
359 The path to the x509 key to import associated to Server-Cert
360
361
363 usage: dsctl [instance] tls remove-cert [-h] nickname
364
365
366 nickname
367 The name of the certificate to delete
368
369
371 usage: dsctl [instance] tls export-cert [-h] [--binary-format]
372 [--output-file OUTPUT_FILE]
373 nickname
374
375
376 nickname
377 The name of the certificate to export
378
379
381 --binary-format
382 Export certificate in DER/binary format
383
384
385 --output-file OUTPUT_FILE
386 The name for the exported certificate. Default name is the cer‐
387 tificate nickname with an extension of ".pem" or ".crt"
388
389
391 usage: dsctl [instance] healthcheck [-h] [--list-checks] [--list-er‐
392 rors]
393 [--dry-run] [--check CHECK [CHECK
394 ...]]
395
396
398 --list-checks
399 List of known checks
400
401
402 --list-errors
403 List of known error codes
404
405
406 --dry-run
407 Do not execute the actual check, only list what would be done
408
409
410 --check CHECK [CHECK ...]
411 Areas to check. These can be obtained by --list-checks. Every
412 element on the left of the colon (:) may be replaced by an as‐
413 terisk if multiple options on the right are available.
414
415
417 usage: dsctl [instance] get-nsstate [-h] [--suffix SUFFIX] [--flip
418 FLIP]
419
420
422 --suffix SUFFIX
423 The DN of the replication suffix to read the state from
424
425
426 --flip FLIP
427 Flip between Little/Big Endian, this might be required for cer‐
428 tain architectures
429
430
432 usage: dsctl [instance] ldifgen [-h]
433 {users,groups,cos-def,cos-tem‐
434 plate,roles,mod-load,nested}
435 ...
436
437
439 dsctl ldifgen users
440 Generate a LDIF containing user entries
441
442 dsctl ldifgen groups
443 Generate a LDIF containing groups and members
444
445 dsctl ldifgen cos-def
446 Generate a LDIF containing a COS definition (classic, pointer,
447 or indirect)
448
449 dsctl ldifgen cos-template
450 Generate a LDIF containing a COS template
451
452 dsctl ldifgen roles
453 Generate a LDIF containing a role entry (managed, filtered, or
454 indirect)
455
456 dsctl ldifgen mod-load
457 Generate a LDIF containing modify operations. This is intended
458 to be consumed by ldapmodify.
459
460 dsctl ldifgen nested
461 Generate a heavily nested database LDIF in a cascading/fractal
462 tree design
463
464
466 usage: dsctl [instance] ldifgen users [-h] [--number NUMBER] [--suffix
467 SUFFIX]
468 [--parent PARENT] [--generic]
469 [--start-idx START_IDX]
470 [--rdn-cn]
471 [--localize] [--ldif-file
472 LDIF_FILE]
473
474
476 --number NUMBER
477 The number of users to create.
478
479
480 --suffix SUFFIX
481 The database suffix where the entries will be created.
482
483
484 --parent PARENT
485 The parent entry that the user entries should be created under.
486 If not specified, the entries are stored under random Organiza‐
487 tional Units.
488
489
490 --generic
491 Create generic entries in the format of "uid=user####". These
492 entries are also compatible with ldclt.
493
494
495 --start-idx START_IDX
496 For generic LDIF's you can choose the starting index for the
497 user entries. The default is "0".
498
499
500 --rdn-cn
501 Use the attribute "cn" as the RDN attribute in the DN instead of
502 "uid"
503
504
505 --localize
506 Localize the LDIF data
507
508
509 --ldif-file LDIF_FILE
510 The LDIF file name. Default location is the server's LDIF direc‐
511 tory using the name 'ldifgen.ldif'
512
513
515 usage: dsctl [instance] ldifgen groups [-h] [--number NUMBER]
516 [--suffix SUFFIX] [--parent PAR‐
517 ENT]
518 [--num-members NUM_MEMBERS]
519 [--create-members]
520 [--member-parent MEMBER_PARENT]
521 [--member-attr MEMBER_ATTR]
522 [--ldif-file LDIF_FILE]
523 NAME
524
525
526 NAME The group name.
527
528
530 --number NUMBER
531 The number of groups to create.
532
533
534 --suffix SUFFIX
535 The database suffix where the groups will be created.
536
537
538 --parent PARENT
539 The parent entry that the group entries should be created under.
540 If not specified the groups are stored under the suffix.
541
542
543 --num-members NUM_MEMBERS
544 The number of members in the group. Default is 10000
545
546
547 --create-members
548 Create the member user entries.
549
550
551 --member-parent MEMBER_PARENT
552 The entry DN that the members should be created under. The de‐
553 fault is the suffix entry.
554
555
556 --member-attr MEMBER_ATTR
557 The membership attribute to use in the group. Default is
558 "uniquemember".
559
560
561 --ldif-file LDIF_FILE
562 The LDIF file name. Default location is the server's LDIF direc‐
563 tory using the name 'ldifgen.ldif'
564
565
567 usage: dsctl [instance] ldifgen cos-def [-h] [--type TYPE] [--parent
568 PARENT]
569 [--create-parent]
570 [--cos-specifier COS_SPECIFIER]
571 [--cos-template COS_TEMPLATE]
572 [--cos-attr [COS_ATTR ...]]
573 [--ldif-file LDIF_FILE]
574 NAME
575
576
577 NAME The COS definition name.
578
579
581 --type TYPE
582 The COS definition type: "classic", "pointer", or "indirect".
583
584
585 --parent PARENT
586 The parent entry that the COS definition should be created un‐
587 der.
588
589
590 --create-parent
591 Create the parent entry
592
593
594 --cos-specifier COS_SPECIFIER
595 Used in a classic COS definition, this attribute located in the
596 user entry is used to select which COS template to use.
597
598
599 --cos-template COS_TEMPLATE
600 The DN of the COS template entry, only used for "classic" and
601 "pointer" COS definitions.
602
603
604 --cos-attr [COS_ATTR ...]
605 A list of attributes which defines which attribute the COS gen‐
606 erates values for.
607
608
609 --ldif-file LDIF_FILE
610 The LDIF file name. Default location is the server's LDIF direc‐
611 tory using the name 'ldifgen.ldif'
612
613
615 usage: dsctl [instance] ldifgen cos-template [-h] [--parent PARENT]
616 [--create-parent]
617 [--cos-priority COS_PRIOR‐
618 ITY]
619 [--cos-attr-val
620 COS_ATTR_VAL]
621 [--ldif-file LDIF_FILE]
622 NAME
623
624
625 NAME The COS template name.
626
627
629 --parent PARENT
630 The DN of the entry to store the COS template entry under.
631
632
633 --create-parent
634 Create the parent entry
635
636
637 --cos-priority COS_PRIORITY
638 Sets the priority of this conflicting/competing COS templates.
639
640
641 --cos-attr-val COS_ATTR_VAL
642 defines the attribute and value that the template provides.
643
644
645 --ldif-file LDIF_FILE
646 The LDIF file name. Default location is the server's LDIF direc‐
647 tory using the name 'ldifgen.ldif'
648
649
651 usage: dsctl [instance] ldifgen roles [-h] [--type TYPE] [--parent PAR‐
652 ENT]
653 [--create-parent] [--filter FIL‐
654 TER]
655 [--role-dn [ROLE_DN ...]]
656 [--ldif-file LDIF_FILE]
657 NAME
658
659
660 NAME The Role name.
661
662
664 --type TYPE
665 The Role type: "managed", "filtered", or "nested".
666
667
668 --parent PARENT
669 The DN of the entry to store the Role entry under
670
671
672 --create-parent
673 Create the parent entry
674
675
676 --filter FILTER
677 A search filter for gathering Role members. Required for a "fil‐
678 tered" role.
679
680
681 --role-dn [ROLE_DN ...]
682 A DN of a role entry that should be included in this role. Used
683 for "nested" roles only.
684
685
686 --ldif-file LDIF_FILE
687 The LDIF file name. Default location is the server's LDIF direc‐
688 tory using the name 'ldifgen.ldif'
689
690
692 usage: dsctl [instance] ldifgen mod-load [-h] [--create-users]
693 [--delete-users]
694 [--num-users NUM_USERS]
695 [--parent PARENT] [--cre‐
696 ate-parent]
697 [--add-users ADD_USERS]
698 [--del-users DEL_USERS]
699 [--modrdn-users MODRDN_USERS]
700 [--mod-users MOD_USERS]
701 [--mod-attrs [MOD_ATTRS ...]]
702 [--randomize] [--ldif-file
703 LDIF_FILE]
704
705
707 --create-users
708 Create the entries that will be modified or deleted. By default
709 the script assumes the user entries already exist.
710
711
712 --delete-users
713 Delete all the user entries at the end of the LDIF.
714
715
716 --num-users NUM_USERS
717 The number of user entries that will be modified or deleted
718
719
720 --parent PARENT
721 The DN of the parent entry where the user entries are located.
722
723
724 --create-parent
725 Create the parent entry
726
727
728 --add-users ADD_USERS
729 The number of additional entries to add during the load.
730
731
732 --del-users DEL_USERS
733 The number of entries to delete during the load.
734
735
736 --modrdn-users MODRDN_USERS
737 The number of entries to perform a modrdn operation on.
738
739
740 --mod-users MOD_USERS
741 The number of entries to modify.
742
743
744 --mod-attrs [MOD_ATTRS ...]
745 List of attributes the script will randomly choose from when
746 modifying an entry. The default is "description".
747
748
749 --randomize
750 Randomly perform the specified add, mod, delete, and modrdn op‐
751 erations
752
753
754 --ldif-file LDIF_FILE
755 The LDIF file name. Default location is the server's LDIF direc‐
756 tory using the name 'ldifgen.ldif'
757
758
760 usage: dsctl [instance] ldifgen nested [-h] [--num-users NUM_USERS]
761 [--node-limit NODE_LIMIT]
762 [--suffix SUFFIX]
763 [--ldif-file LDIF_FILE]
764
765
767 --num-users NUM_USERS
768 The total number of user entries to create in the entire LDIF
769 (does not include the container entries).
770
771
772 --node-limit NODE_LIMIT
773 The total number of user entries to create under each node/sub‐
774 tree
775
776
777 --suffix SUFFIX
778 The suffix DN for the LDIF
779
780
781 --ldif-file LDIF_FILE
782 The LDIF file name. Default location is the server's LDIF direc‐
783 tory using the name 'ldifgen.ldif'
784
785
787 usage: dsctl [instance] dsrc [-h] {create,modify,delete,dis‐
788 play,repl-mon} ...
789
790
792 dsctl dsrc create
793 Generate the .dsrc file
794
795 dsctl dsrc modify
796 Modify the .dsrc file
797
798 dsctl dsrc delete
799 Delete instance configuration from the .dsrc file.
800
801 dsctl dsrc display
802 Display the contents of the .dsrc file.
803
804 dsctl dsrc repl-mon
805 Display the contents of the .dsrc file.
806
807
809 usage: dsctl [instance] dsrc create [-h] [--uri URI] [--basedn BASEDN]
810 [--people-rdn PEOPLE_RDN]
811 [--groups-rdn GROUPS_RDN]
812 [--binddn BINDDN] [--saslmech
813 SASLMECH]
814 [--tls-cacertdir TLS_CACERTDIR]
815 [--tls-cert TLS_CERT] [--tls-key
816 TLS_KEY]
817 [--tls-reqcert TLS_REQCERT]
818 [--starttls]
819 [--pwdfile PWDFILE] [--do-it]
820
821
823 --uri URI
824 The URI (LDAP URL) for the Directory Server instance.
825
826
827 --basedn BASEDN
828 The default database suffix.
829
830
831 --people-rdn PEOPLE_RDN
832 Set the RDN for the 'people' subtree. Default is "ou=people"
833
834
835 --groups-rdn GROUPS_RDN
836 Set the RDN for the 'groups' subtree. Default is "ou=groups"
837
838
839 --binddn BINDDN
840 The default Bind DN used or authentication.
841
842
843 --saslmech SASLMECH
844 The SASL mechanism to use: PLAIN or EXTERNAL.
845
846
847 --tls-cacertdir TLS_CACERTDIR
848 The directory containing the Trusted Certificate Authority cer‐
849 tificate.
850
851
852 --tls-cert TLS_CERT
853 The absolute file name to the server certificate.
854
855
856 --tls-key TLS_KEY
857 The absolute file name to the server certificate key.
858
859
860 --tls-reqcert TLS_REQCERT
861 Request certificate strength: 'never', 'allow', 'hard'
862
863
864 --starttls
865 Use startTLS for connection to the server.
866
867
868 --pwdfile PWDFILE
869 The absolute path to a file containing the Bind DN's password.
870
871
872 --do-it
873 Create the file without any confirmation.
874
875
877 usage: dsctl [instance] dsrc modify [-h] [--uri [URI]] [--basedn
878 [BASEDN]]
879 [--people-rdn [PEOPLE_RDN]]
880 [--groups-rdn [GROUPS_RDN]]
881 [--binddn [BINDDN]]
882 [--saslmech [SASLMECH]]
883 [--tls-cacertdir [TLS_CACERTDIR]]
884 [--tls-cert [TLS_CERT]]
885 [--tls-key [TLS_KEY]]
886 [--tls-reqcert [TLS_REQCERT]]
887 [--starttls]
888 [--cancel-starttls] [--pwdfile
889 [PWDFILE]]
890 [--do-it]
891
892
894 --uri [URI]
895 The URI (LDAP URL) for the Directory Server instance.
896
897
898 --basedn [BASEDN]
899 The default database suffix.
900
901
902 --people-rdn [PEOPLE_RDN]
903 Sets the RDN used for the 'people' container
904
905
906 --groups-rdn [GROUPS_RDN]
907 Sets the RDN used for the 'groups' container
908
909
910 --binddn [BINDDN]
911 The default Bind DN used or authentication.
912
913
914 --saslmech [SASLMECH]
915 The SASL mechanism to use: PLAIN or EXTERNAL.
916
917
918 --tls-cacertdir [TLS_CACERTDIR]
919 The directory containing the Trusted Certificate Authority cer‐
920 tificate.
921
922
923 --tls-cert [TLS_CERT]
924 The absolute file name to the server certificate.
925
926
927 --tls-key [TLS_KEY]
928 The absolute file name to the server certificate key.
929
930
931 --tls-reqcert [TLS_REQCERT]
932 Request certificate strength: 'never', 'allow', 'hard'
933
934
935 --starttls
936 Use startTLS for connection to the server.
937
938
939 --cancel-starttls
940 Do not use startTLS for connection to the server.
941
942
943 --pwdfile [PWDFILE]
944 The absolute path to a file containing the Bind DN's password.
945
946
947 --do-it
948 Update the file without any confirmation.
949
950
952 usage: dsctl [instance] dsrc delete [-h] [--do-it]
953
954
956 --do-it
957 Delete this instance's configuration from the .dsrc file.
958
959
961 usage: dsctl [instance] dsrc display [-h]
962
963
965 usage: dsctl [instance] dsrc repl-mon [-h]
966 [--add-conn ADD_CONN [ADD_CONN
967 ...]]
968 [--del-conn DEL_CONN [DEL_CONN
969 ...]]
970 [--add-alias ADD_ALIAS [ADD_ALIAS
971 ...]]
972 [--del-alias DEL_ALIAS [DEL_ALIAS
973 ...]]
974
975
977 --add-conn ADD_CONN [ADD_CONN ...]
978 Add a replica connection: 'NAME:HOST:PORT:BINDDN:CREDENTIAL'
979
980
981 --del-conn DEL_CONN [DEL_CONN ...]
982 delete a replica connection by its NAME
983
984
985 --add-alias ADD_ALIAS [ADD_ALIAS ...]
986 Add a host/port alias: 'ALIAS_NAME:HOST:PORT'
987
988
989 --del-alias DEL_ALIAS [DEL_ALIAS ...]
990 delete a host/port alias by its ALIAS_NAME
991
992
994 usage: dsctl [instance] cockpit [-h]
995 {enable,open-firewall,dis‐
996 able,close-firewall}
997 ...
998
999
1001 dsctl cockpit enable
1002 Enable the Cockpit socket
1003
1004 dsctl cockpit open-firewall
1005 Open the firewall for the "cockpit" service
1006
1007 dsctl cockpit disable
1008 Disable the Cockpit socket
1009
1010 dsctl cockpit close-firewall
1011 Remove the "cockpit" service from the firewall settings
1012
1013
1015 usage: dsctl [instance] cockpit enable [-h]
1016
1017
1019 usage: dsctl [instance] cockpit open-firewall [-h] [--zone ZONE]
1020
1021
1023 --zone ZONE
1024 The firewall zone
1025
1026
1028 usage: dsctl [instance] cockpit disable [-h]
1029
1030
1032 usage: dsctl [instance] cockpit close-firewall [-h]
1033
1034
1036 usage: dsctl [instance] dblib [-h] {bdb2mdb,mdb2bdb,cleanup} ...
1037
1038
1040 dsctl dblib bdb2mdb
1041 Migrate bdb databases to lmdb
1042
1043 dsctl dblib mdb2bdb
1044 Migrate lmdb databases to bdb
1045
1046 dsctl dblib cleanup
1047 Remove migration ldif file and old database
1048
1049
1051 usage: dsctl [instance] dblib bdb2mdb [-h] [--tmpdir TMPDIR]
1052
1053
1055 --tmpdir TMPDIR
1056 ldif migration files directory path.
1057
1058
1060 usage: dsctl [instance] dblib mdb2bdb [-h] [--tmpdir TMPDIR]
1061
1062
1064 --tmpdir TMPDIR
1065 ldif migration files directory path.
1066
1067
1069 usage: dsctl [instance] dblib cleanup [-h]
1070
1071
1073 -v, --verbose
1074 Display verbose operation tracing during command execution
1075
1076
1077 -j, --json
1078 Return result in JSON object
1079
1080
1081 -l, --list
1082 List available Directory Server instances
1083
1084
1086 Red Hat, Inc., and William Brown <389-devel@lists.fedoraproject.org>
1087
1088
1090 The latest version of lib389 may be downloaded from
1091 ⟨http://www.port389.org/docs/389ds/FAQ/upstream-test-framework.html⟩
1092
1093
1094
1095lib389 1.4.0.1 2023-10-07 DSCTL(8)