OpenDS Tips: dsconfig for the complete beginners

opends2_picto In a previous OpenDS Tip, I talked about dsconfig interactive mode saying that it’s the default mode. When starting with OpenDS and dsconfig, my guess is that the first command tried is dsconfig –help (or -?), and then a more complete command such as dsconfig -h localhost -p 4444 …

But the easiest way to start with dsconfig is just dsconfig with no option… The interactive mode will start querying all parameters to connect to the server before proposing a menu of configuration areas.

$ dsconfig

>>>> Specify OpenDS LDAP connection parameters

Directory server hostname or IP address [dhcp-egnb07-211-104.France.Sun.COM]:

How do you want to trust the server certificate?

1) Automatically trust
2) Use a truststore
3) Manually validate
Enter choice [3]: 1

Directory server administration port number [4444]:

Administrator user bind DN [cn=Directory Manager]:

Password for user 'cn=Directory Manager':

>>>> OpenDS configuration console main menu

What do you want to configure?

1) Access Control Handler      24) Monitor Provider
2) Account Status Notification 25) Network Group Handler
3) Administration Connector    26) Network Group Criteria
4) Alert Handler               27) Network Group Request Filtering Policy
5) Attribute Syntax            28) Network Group Resource Limits
6) Backend                     29) Password Generator
7) Certificate Mapper          30) Password Policy
8) Connection Handler          31) Password Storage Scheme
9) Crypto Manager              32) Password Validator
10) Debug Target               33) Plugin
11) Entry Cache                34) Plugin Root
12) Extended Operation Handler 35) Replication Domain
13) Extension                  36) Replication Server
14) Global Configuration       37) Root DN
15) Group Implementation       38) Root DSE Backend
16) Identity Mapper            39) SASL Mechanism Handler
17) Key Manager Provider       40) Synchronization Provider
18) Local DB Index             41) Trust Manager Provider
19) Local DB VLV Index         42) Virtual Attribute
20) Log Publisher              43) Work Queue
21) Log Retention Policy       44) Workflow
22) Log Rotation Policy        45) Workflow Element
23) Matching Rule
q) quit
Enter choice:

Also, if one of your goal is to be able to script configuration of OpenDS, use the –displayCommand option with the interactive mode: when an configuration setting is done to the server, dsconfig will display the command to use in a script to execute exactly the same configuration setting.

...
 
Enter choice: 14

>>>> Global Configuration management menu
What would you like to do?
1) View and edit the Global Configuration
b) back
q) quit
Enter choice [b]: 1

>>>> Configure the properties of the Global Configuration

Property Value(s)
----------------------------------------------------------------------
1) bind-with-dn-requires-password true
2) default-password-policy Default Password Policy
3) disabled-privilege If no values are defined, then
   the server enforces all privileges.
4) entry-cache-preload false
5) etime-resolution milliseconds
6) idle-time-limit 0 ms
7) lookthrough-limit 5000
8) max-allowed-client-connections 0
9) proxied-authorization-identity-mapper Exact Match
10) reject-unauthenticated-requests false
11) return-bind-error-messages false
12) save-config-on-successful-startup true
13) size-limit 1000
14) smtp-server If no values are defined, then the server cannot
    send email via SMTP.
15) time-limit 1 m
16) workflow-configuration-mode auto
17) writability-mode enabled

?) help
f) finish - apply any changes to the Global Configuration
c) cancel
q) quit
Enter choice [f]: 13

>>>> Configuring the "size-limit" property

Specifies the maximum number of entries that the Directory Server should
return to the client during a search operation.

A value of 0 indicates that no size limit is enforced. Note that this is
the default server-wide limit, but it may be overridden on a per-user
basis using the ds-rlim-size-limit operational attribute.
Syntax: 0 <= INTEGER

Do you want to modify the "size-limit" property?

1) Keep the default value: 1000
2) Change the value
?) help
q) quit

Enter choice [1]: 2

Enter a value for the "size-limit" property [continue]: 2000
Press RETURN to continue

>>>> Configure the properties of the Global Configuration
Property Value(s)
----------------------------------------------------------------------
1) bind-with-dn-requires-password true
2) default-password-policy Default Password Policy
3) disabled-privilege If no values are defined, then
   the server enforces all privileges.
4) entry-cache-preload false
5) etime-resolution milliseconds
6) idle-time-limit 0 ms
7) lookthrough-limit 5000
8) max-allowed-client-connections 0
9) proxied-authorization-identity-mapper Exact Match
10) reject-unauthenticated-requests false
11) return-bind-error-messages false
12) save-config-on-successful-startup true
13) size-limit 2000
14) smtp-server If no values are defined, then the server cannot
    send email via SMTP.
15) time-limit 1 m
16) workflow-configuration-mode auto
17) writability-mode enabled

?) help
f) finish - apply any changes to the Global Configuration
c) cancel
q) quit
Enter choice [f]:

The Global Configuration was modified successfully
The equivalent non-interactive command-line is:

dsconfig set-global-configuration-prop \
 --set size-limit:2000 \
 --hostname dhcp-egnb07-211-104.France.Sun.COM \
 --trustAll \
 --port 4444 \
 --bindDN cn=Directory\ Manager \ 
 --bindPassword ****** \ 
 --no-prompt

Press RETURN to continue

Technorati Tags: , , ,

3 thoughts on “OpenDS Tips: dsconfig for the complete beginners

  1. Hamlet 07 June 2016 / 20:42

    Hello,

    i learning about OpenDJ 3.

    Please, can you tell me where is located the property entry-cache-preload?

    i using dsconfig.bat interactive mode. The Global Configuration Management Menu has the folowing options:

    >>>> Configure the properties of the Global Configuration

    Property Value(s)
    ———————————————————————-
    1) bind-with-dn-requires-password true
    2) default-password-policy Default Password Policy
    3) disabled-privilege If no values are defined, then
    the server enforces all
    privileges.
    4) etime-resolution milliseconds
    5) idle-time-limit 0 ms
    6) lookthrough-limit 5000
    7) max-allowed-client-connections 0
    8) max-psearches unlimited
    9) proxied-authorization-identity-mapper Exact Match
    10) reject-unauthenticated-requests false
    11) return-bind-error-messages false
    12) save-config-on-successful-startup true
    13) size-limit 1000
    14) smtp-server If no values are defined, then
    the server cannot send email
    via SMTP.
    15) time-limit 1 m
    16) writability-mode enabled

    ?) help
    f) finish – apply any changes to the Global Configuration
    c) cancel
    q) quit

    The online documentation show this:

    $ dsconfig
    set-backend-prop
    –port 4444
    –hostname opendj.example.com
    –bindDN “cn=Directory Manager”
    –bindPassword password
    –backend-name userRoot
    –set preload-time-limit:30m
    –trustAll
    –no-prompt

    i cant use this alternative, because i using windows server.

    Thanks you!

    • Ludo 08 June 2016 / 09:20

      Hi,
      The entry-cache-preload has been deprecated from OpenDJ 3, as there is no entry cache enabled by default in OpenDJ and we do not recommend to use one, unless for very specific entries.
      The preload-time-limit is the way to trigger Backend database level cache preload (warm up).

      • Hamlet 08 June 2016 / 16:30

        Thanks you so much!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s