Total Pageviews

Saturday, August 9, 2014

cheet sheet for LDAP DS 5.2 and ODSEE 11g commands

i am trying to put all the command that we mostly use while working in LDAP.



Renewing Certificate.

./dsadm renew-cert /dsee7/dsinstances/slapd-Users/ server-cert /renewed-certificate-path

 

Adding Certificate

./dsadm add-cert /dsee7/dsinstances/slapd-Users/ server-cert / new-certificate-path

 

Listing Certificate.

./dsadm list-certs /dsee7/dsinstances/slapd-Users/

 

Removing Certificate

./dsadm remove-cert /dsee7/dsinstances/slapd-Users/ cert-name

 

Exporting Certificate

 

./dsadm export-cert -W replmgpwd.txt -o /tmp/server-cert-0p.cert /dsee7/dsinstances/slapd-Users server-cert

 

Importing Certificate

Importing certificate(if exporting  from local server and importing it on same or different server)

 

./dsadm import-cert -W replmgpwd.txt  /dsee7/dsinstances/slapd-Users /tmp/server-cert-0p.cert

 
Change instance to use new generated certificate
 
 

./dsconf set-server-prop -h ds1.idp-example.com -p 1489 ssl-rsa-cert-name:ds1

 
 
to generate 2048-bit certificate thru command line
/apps/dsee7/bin/dsadm request-cert --name aaaaaaaa.utc.com --org orasystemsusa --org-unit COR  -F ascii  --city [ Chicago] --state IL --country US --phone 1234567890 --email mshahbaz@orasystemsusa.com --keysize 2048 -o /tmp/aaaaaaaa_cert_request_file  /dsee7/dsinstances/slapd-Users

 
Generating Certificate thru command line in 5.2 server

 
 
root@orasystemsusa:(/iplanet52/servers/shared/bin)#  ./certutil -W -d /apps/iplanet52/servers/alias -P "slapd-"
 
 

Generate CSR for certificate

 
root@orasystemsusa:(/iplanet52/servers/shared/bin)# ./certutil -R -s "cn=servername.com,o=orasystemsusa.com,l=Hartford,st=CT,c=us" -a -o /tmp/cert-request.csr -d /iplanet52/servers/alias -P "slapd-" -g 2048
 

exporting LDIF backup from 5.2
 
./ldif2db  -n userRoot -i /tmp/2nd-ldifbak.ldif

 

import LDIF backup into 5.2
./db2ldif  -D "cn=directory manager" -w - -r -n userRoot -a /tmp/db2ldifbak.ldif

 
insync command to check replication status thru command


./insync -D "cn=directory manager" -w password -s masterserver:port -c consumer:port


creating replication agreement thru command at odsee 11g


i.                 ./dsconf create-repl-agmt -p port o=orasystemsusa.com destinationserver:port

ii.                 ./dsconf get-repl-agmt-prop -p port o=orasystemsusa.com destinationserver:port

iii.                 ./dsconf set-repl-agmt-prop -p port o=orasystemsusa.com destinationserver:port auth-pwd-file:pwd.txt

 

making server read/write odsee 11g thru command line

 
./dsconf get-suffix-prop o=orasystemsusa.com repl-accept-client-update-enabled

./dsconf set-suffix-prop o=orasystemsusa.com repl-accept-client-update-enabled:on

setting up referrals for a master

$ dsconf set-suffix-prop -h servername -p port o=suffixname referral-url:ldap://servername:port

$ ./dsconf set-suffix-prop -h servername -p port o=suffix  referral-mode:only-on-write
 



removing server from referral mode thru command line at odsee 11g


ldapmodify -h orasystemsusa.com -p port -D "cn=directory manager" -w <directory manager password>

dn: cn=replica, cn="o=utc.com",cn=mapping tree,cn=config
changetype: modify
add: ds5BeginReplicaAcceptUpdates
ds5BeginReplicaAcceptUpdates: start

 
starting odsee 11g instances, creating instance

#opt/sun/ldap/ds6/bin> ./dsadm start /opt/sun/ldap/var/dscc6/dcc/ads (starting the dscc)

#/opt/sun/ldap/dsee6/cacao_2/usr/sbin> ./cacaoadm start (to start cacao)
#/opt/tomcat/bin> ./startup.sh (to start the tomcat web-browser)

#/opt/sun/ldap/dscc6/bin> ./dsccreg add-server /opt/sun/ldap/ins4

copy 99user.ldif if you want to use same schema information
99user.ldif - /opt/sun/ldap/ins5/config/schema/ (place where 99user.ldif is saved)


 Binary Backup of odsee 11g command



$dsadm backup /dsee7/dsinstances/instancesname    /dsee7/dsinstances/instancesname/bak

for example

$dsconf backup /dsee7/dsinstances/instancesname /dsee7/dsinstances/instancesname/bak



Backup to LDIF File


$dsadm export  /dsee7/dsinstances/instances-name o=suffix.com \ /dsee7/dsinstances/instance-name/ldif/ldif_name.ldif

 
 
 
 
 
 $ dsadm restore -h hostname -p port/dsee7/dsinstance/instance-name /dsee7/dsinstances/instance-name/bak/backup_filename
 
LDIF Restoration from LDIF file

$dsconf import –h hostname –p port /dsee7/dsinstances/instance-name/ldif/ldif-file_name.ldif o=sufixname.com(suffix DN)
 

 

 

to start DS 5.2
For starting the server,
Solaris Packages # /usr/sbin/directoryserver start
Other Installations # ServerRoot/slapd-serverID/start-slapd
For stopping the server,
Solaris Packages # /usr/sbin/directoryserver stop
Other Installations # ServerRoot/slapd-serverID/stop-slapd
 
/iplanet52/servers/
run ./start-slapd
 
to stop
go to the same instance and run stop command
./stop-slapd
 
to start and stop ODSEE 11g
 
./dsadm start /instance/path
 
to stop
./dsadm stop /instance/path
 
to run script in the back ground
 
nohup ./scriptname &
 
 
odsee 11g

To create New Directory Server Instance, use the following command:
#./ dsadm create -p port-number -P port-number  <path name>
where -p -> LDAP Port
               -P -> Secured port
To Start Directory Server Instance, use the following command:
     # ./dsadm start <Directory server Instance Path>

 
·        To Registering Directory Server Instance, use the following command:
     # ./ dsreg add-server -P port-number <path>
 
·        To list Registering Directory Server Instance, use the following command:
     # ./ dsreg list-servers -h dscc-host -p dscc-registoryport
 
·        To Remove Directory Server, use the following command:
  # ./ dsreg remove-server -h dscc-host -p dscc-registory-port <path    
                                      of the directory server Instance>
     # ./ dsadm delete <path of the directory server Instance>   
 
 

No comments:

Post a Comment