In a previous OpenDS Tip, I talked about dsconfig interactive mode saying that it’s the default mode. When starting with OpenDS and dsconfig, my guess is that the first command tried is dsconfig –help (or -?), and then a more complete command such as dsconfig -h localhost -p 4444 …
But the easiest way to start with dsconfig is just dsconfig with no option… The interactive mode will start querying all parameters to connect to the server before proposing a menu of configuration areas.
$ dsconfig >>>> Specify OpenDS LDAP connection parameters Directory server hostname or IP address [dhcp-egnb07-211-104.France.Sun.COM]: How do you want to trust the server certificate? 1) Automatically trust 2) Use a truststore 3) Manually validate Enter choice [3]: 1 Directory server administration port number [4444]: Administrator user bind DN [cn=Directory Manager]: Password for user 'cn=Directory Manager': >>>> OpenDS configuration console main menu What do you want to configure? 1) Access Control Handler 24) Monitor Provider 2) Account Status Notification 25) Network Group Handler 3) Administration Connector 26) Network Group Criteria 4) Alert Handler 27) Network Group Request Filtering Policy 5) Attribute Syntax 28) Network Group Resource Limits 6) Backend 29) Password Generator 7) Certificate Mapper 30) Password Policy 8) Connection Handler 31) Password Storage Scheme 9) Crypto Manager 32) Password Validator 10) Debug Target 33) Plugin 11) Entry Cache 34) Plugin Root 12) Extended Operation Handler 35) Replication Domain 13) Extension 36) Replication Server 14) Global Configuration 37) Root DN 15) Group Implementation 38) Root DSE Backend 16) Identity Mapper 39) SASL Mechanism Handler 17) Key Manager Provider 40) Synchronization Provider 18) Local DB Index 41) Trust Manager Provider 19) Local DB VLV Index 42) Virtual Attribute 20) Log Publisher 43) Work Queue 21) Log Retention Policy 44) Workflow 22) Log Rotation Policy 45) Workflow Element 23) Matching Rule q) quit Enter choice:
Also, if one of your goal is to be able to script configuration of OpenDS, use the –displayCommand option with the interactive mode: when an configuration setting is done to the server, dsconfig will display the command to use in a script to execute exactly the same configuration setting.
...
Enter choice: 14
>>>> Global Configuration management menu
What would you like to do?
1) View and edit the Global Configuration
b) back
q) quit
Enter choice [b]: 1
>>>> Configure the properties of the Global Configuration
Property Value(s)
----------------------------------------------------------------------
1) bind-with-dn-requires-password true
2) default-password-policy Default Password Policy
3) disabled-privilege If no values are defined, then
the server enforces all privileges.
4) entry-cache-preload false
5) etime-resolution milliseconds
6) idle-time-limit 0 ms
7) lookthrough-limit 5000
8) max-allowed-client-connections 0
9) proxied-authorization-identity-mapper Exact Match
10) reject-unauthenticated-requests false
11) return-bind-error-messages false
12) save-config-on-successful-startup true
13) size-limit 1000
14) smtp-server If no values are defined, then the server cannot
send email via SMTP.
15) time-limit 1 m
16) workflow-configuration-mode auto
17) writability-mode enabled
?) help
f) finish - apply any changes to the Global Configuration
c) cancel
q) quit
Enter choice [f]: 13
>>>> Configuring the "size-limit" property
Specifies the maximum number of entries that the Directory Server should
return to the client during a search operation.
A value of 0 indicates that no size limit is enforced. Note that this is
the default server-wide limit, but it may be overridden on a per-user
basis using the ds-rlim-size-limit operational attribute.
Syntax: 0 <= INTEGER
Do you want to modify the "size-limit" property?
1) Keep the default value: 1000
2) Change the value
?) help
q) quit
Enter choice [1]: 2
Enter a value for the "size-limit" property [continue]: 2000
Press RETURN to continue
>>>> Configure the properties of the Global Configuration
Property Value(s)
----------------------------------------------------------------------
1) bind-with-dn-requires-password true
2) default-password-policy Default Password Policy
3) disabled-privilege If no values are defined, then
the server enforces all privileges.
4) entry-cache-preload false
5) etime-resolution milliseconds
6) idle-time-limit 0 ms
7) lookthrough-limit 5000
8) max-allowed-client-connections 0
9) proxied-authorization-identity-mapper Exact Match
10) reject-unauthenticated-requests false
11) return-bind-error-messages false
12) save-config-on-successful-startup true
13) size-limit 2000
14) smtp-server If no values are defined, then the server cannot
send email via SMTP.
15) time-limit 1 m
16) workflow-configuration-mode auto
17) writability-mode enabled
?) help
f) finish - apply any changes to the Global Configuration
c) cancel
q) quit
Enter choice [f]:
The Global Configuration was modified successfully
The equivalent non-interactive command-line is:
dsconfig set-global-configuration-prop \
--set size-limit:2000 \
--hostname dhcp-egnb07-211-104.France.Sun.COM \
--trustAll \
--port 4444 \
--bindDN cn=Directory\ Manager \
--bindPassword ****** \
--no-prompt
Press RETURN to continue
Technorati Tags: directory-server, ldap, opends, tip
Ludo Sketches 