i am trying to put all the command that we mostly use while working in LDAP.
Change instance to use new generated certificate
Generating
Certificate thru command line in 5.2 server
insync command to check replication status thru command
creating replication agreement thru command at odsee 11g
./dsconf get-suffix-prop o=orasystemsusa.com
repl-accept-client-update-enabled
./dsconf set-suffix-prop o=orasystemsusa.com repl-accept-client-update-enabled:on
setting up referrals for a master
$ dsconf set-suffix-prop -h servername -p port o=suffixname referral-url:ldap://servername:port
$ ./dsconf set-suffix-prop -h servername -p port o=suffix referral-mode:only-on-write
removing server from referral mode thru command line at odsee 11g
ldapmodify -h orasystemsusa.com -p port -D "cn=directory manager" -w <directory manager password>
dn: cn=replica, cn="o=utc.com",cn=mapping tree,cn=config
changetype: modify
add: ds5BeginReplicaAcceptUpdates
ds5BeginReplicaAcceptUpdates: start
starting odsee 11g instances, creating instance
#opt/sun/ldap/ds6/bin> ./dsadm start /opt/sun/ldap/var/dscc6/dcc/ads (starting the dscc)
#/opt/sun/ldap/dsee6/cacao_2/usr/sbin> ./cacaoadm start (to start cacao)
#/opt/tomcat/bin> ./startup.sh (to start the tomcat web-browser)
#/opt/sun/ldap/dscc6/bin> ./dsccreg add-server /opt/sun/ldap/ins4
copy 99user.ldif if you want to use same schema information
99user.ldif - /opt/sun/ldap/ins5/config/schema/ (place where 99user.ldif is saved)
Binary Backup of odsee 11g command
for example
$dsconf backup /dsee7/dsinstances/instancesname /dsee7/dsinstances/instancesname/bak
Backup to LDIF File
$ dsadm restore
-h hostname -p port/dsee7/dsinstance/instance-name
/dsee7/dsinstances/instance-name/bak/backup_filename
LDIF Restoration from LDIF file
odsee 11g
# ./ dsreg remove-server -h dscc-host -p
dscc-registory-port <path
# ./ dsadm delete <path of the directory server
Instance>
Renewing Certificate.
./dsadm renew-cert /dsee7/dsinstances/slapd-Users/
server-cert /renewed-certificate-path
Adding Certificate
./dsadm add-cert /dsee7/dsinstances/slapd-Users/
server-cert / new-certificate-path
Listing Certificate.
./dsadm list-certs /dsee7/dsinstances/slapd-Users/
Removing Certificate
./dsadm remove-cert /dsee7/dsinstances/slapd-Users/
cert-name
Exporting Certificate
./dsadm export-cert
-W replmgpwd.txt -o /tmp/server-cert-0p.cert
/dsee7/dsinstances/slapd-Users server-cert
Importing Certificate
Importing certificate(if exporting from local server and importing it on same or
different server)
./dsadm import-cert -W replmgpwd.txt /dsee7/dsinstances/slapd-Users
/tmp/server-cert-0p.cert
./dsconf set-server-prop -h
ds1.idp-example.com -p 1489 ssl-rsa-cert-name:ds1
to generate 2048-bit certificate thru command line
/apps/dsee7/bin/dsadm
request-cert --name aaaaaaaa.utc.com --org orasystemsusa --org-unit COR -F ascii
--city [ Chicago] --state IL --country US --phone 1234567890
--email mshahbaz@orasystemsusa.com --keysize 2048 -o /tmp/aaaaaaaa_cert_request_file /dsee7/dsinstances/slapd-Users
root@orasystemsusa:(/iplanet52/servers/shared/bin)# ./certutil -W -d
/apps/iplanet52/servers/alias -P "slapd-"
Generate CSR for certificate
root@orasystemsusa:(/iplanet52/servers/shared/bin)#
./certutil -R -s
"cn=servername.com,o=orasystemsusa.com,l=Hartford,st=CT,c=us" -a -o
/tmp/cert-request.csr -d /iplanet52/servers/alias -P "slapd-" -g
2048
exporting LDIF backup from 5.2
./ldif2db -n userRoot -i
/tmp/2nd-ldifbak.ldif
import LDIF backup into 5.2
./db2ldif -D "cn=directory manager"
-w - -r -n userRoot -a /tmp/db2ldifbak.ldif
./insync -D "cn=directory manager" -w password -s
masterserver:port -c consumer:port
creating replication agreement thru command at odsee 11g
i.
./dsconf create-repl-agmt -p port
o=orasystemsusa.com destinationserver:port
ii.
./dsconf get-repl-agmt-prop -p port o=orasystemsusa.com destinationserver:port
iii.
./dsconf set-repl-agmt-prop -p port o=orasystemsusa.com destinationserver:port auth-pwd-file:pwd.txt
making server read/write odsee 11g thru command line
./dsconf set-suffix-prop o=orasystemsusa.com repl-accept-client-update-enabled:on
ldapmodify -h orasystemsusa.com -p port -D "cn=directory manager" -w <directory manager password>
dn: cn=replica, cn="o=utc.com",cn=mapping tree,cn=config
changetype: modify
add: ds5BeginReplicaAcceptUpdates
ds5BeginReplicaAcceptUpdates: start
#opt/sun/ldap/ds6/bin> ./dsadm start /opt/sun/ldap/var/dscc6/dcc/ads (starting the dscc)
#/opt/sun/ldap/dsee6/cacao_2/usr/sbin> ./cacaoadm start (to start cacao)
#/opt/tomcat/bin> ./startup.sh (to start the tomcat web-browser)
#/opt/sun/ldap/dscc6/bin> ./dsccreg add-server /opt/sun/ldap/ins4
copy 99user.ldif if you want to use same schema information
99user.ldif - /opt/sun/ldap/ins5/config/schema/ (place where 99user.ldif is saved)
Binary Backup of odsee 11g command
$dsadm
backup /dsee7/dsinstances/instancesname /dsee7/dsinstances/instancesname/bak
for example
$dsconf backup /dsee7/dsinstances/instancesname /dsee7/dsinstances/instancesname/bak
Backup to LDIF File
$dsadm export /dsee7/dsinstances/instances-name
o=suffix.com \ /dsee7/dsinstances/instance-name/ldif/ldif_name.ldif
$dsconf import –h
hostname –p port /dsee7/dsinstances/instance-name/ldif/ldif-file_name.ldif o=sufixname.com(suffix
DN)
to start DS 5.2
For starting the server,
Solaris Packages |
#
/usr/sbin/directoryserver
start |
Other Installations |
# ServerRoot/slapd-serverID/start-slapd |
Solaris Packages |
#
/usr/sbin/directoryserver stop |
Other Installations |
# ServerRoot/slapd-serverID/stop-slapd |
/iplanet52/servers/
run ./start-slapd
to stop
go to the same instance and run stop command
./stop-slapd
to start and stop ODSEE 11g
./dsadm start /instance/path
to stop
./dsadm stop /instance/path
to run script in the back ground
nohup ./scriptname &
To create New Directory Server Instance, use the
following command:
#./ dsadm create -p port-number -P port-number <path name>
where
-p -> LDAP Port
-P -> Secured port
To Start Directory Server Instance, use the following command:
# ./dsadm start <Directory server Instance Path>
·
To Registering Directory Server Instance, use the
following command:
# ./ dsreg add-server -P port-number <path>
·
To list Registering Directory Server Instance,
use the following command:
# ./ dsreg list-servers
-h dscc-host -p dscc-registoryport
·
To Remove Directory Server, use the following
command:
of the directory server Instance>
No comments:
Post a Comment