Prepare a PingAuthorize Server and an external server for communication.
This tool can be used to update a Directory Server or a Directory Proxy Server for use as a user store by the PingAuthorize Server. Direct use of this tool is unnecessary if you use the create-initial-config tool to define and prepare user store instances.
This tool creates the PingAuthorize Server user account, sets the correct password, and configures the account with required privileges. If necessary, you are prompted for manager credentials so that the tool can perform any required modifications to the external server.
If a secure connection will be used by the PingAuthorize Server to communicate with the external server, you can supply the path and password of the truststore to have this tool populate it with the server certificate of the external server.
prepare-external-store --hostname server.example.com --port 1389 \
--bindDN "cn=Directory Manager" --bindPassword secret \
--governanceBindDN "cn=Authorize User,cn=Root DNs,cn=config" \
--governanceBindPassword password \
--userStoreBaseDN ou=people,dc=example,dc=com
prepare-external-store --hostname server.example.com --port 1636 --useSSL \
--governanceBindPassword password --trustStorePath /path/to/truststore \
--userStoreBaseDN ou=people,dc=example,dc=com
-V
--version
| Description | Display PingAuthorize Server version information |
-H
--help
| Description | Display general usage information |
--help-ldap
| Description | Display help for using LDAP options |
--help-sasl
| Description | Display help for using SASL options |
--help-debug
| Description | Display help for using debug options |
| Advanced | Yes |
-Z
--useSSL
| Description | Use SSL for secure communication with the server |
-q
--useStartTLS
| Description | Use StartTLS to secure communication with the server |
--useNoSecurity
| Description | Use no security when communicating with the server |
-D {bindDN}
--bindDN {bindDN}
| Description | DN used to bind to the server |
| Default Value | cn=Directory Manager |
| Required | No |
| Multi-Valued | No |
-w {bindPassword}
--bindPassword {bindPassword}
| Description | Password used to bind to the server |
| Required | No |
| Multi-Valued | No |
-j {bindPasswordFile}
--bindPasswordFile {bindPasswordFile}
| Description | Bind password file |
| Required | No |
| Multi-Valued | No |
-X
--trustAll
| Description | Trust all server SSL certificates |
-P {truststorePath}
--trustStorePath {truststorePath}
| Description | Certificate truststore path |
| Default Value | /home/centos/workspace/Core-Release-Pipeline/build/package/PingAuthorize/config/truststore |
| Required | No |
| Multi-Valued | No |
-T {truststorePassword}
--trustStorePassword {truststorePassword}
| Description | Certificate truststore PIN |
| Required | No |
| Multi-Valued | No |
-U {path}
--trustStorePasswordFile {path}
| Description | Certificate truststore PIN file |
| Required | No |
| Multi-Valued | No |
--trustStoreFormat {trustStoreFormat}
| Description | Certificate truststore format |
| Required | No |
| Multi-Valued | No |
--keyStoreFormat {keyStoreFormat}
| Description | Certificate keystore format |
| Required | No |
| Multi-Valued | No |
-h {host}
--hostname {host}
| Description | External server hostname or IP address |
| Default Value | localhost |
| Required | No |
| Multi-Valued | No |
-p {port}
--port {port}
| Description | External server port number |
| Default Value | 389 |
| Required | No |
| Multi-Valued | No |
-n
--no-prompt
| Description | Perform an installation in non-interactive mode. When this mode is used, this tool will require additional options. See the examples below |
-Q
--quiet
| Description | Use quiet mode |
--governanceBindDN {bindDN}
| Description | User account DN used by this PingAuthorize Server to access the server to be prepared |
| Default Value | cn=Authorize User,cn=Root DNs,cn=config |
| Required | No |
| Multi-Valued | No |
--governanceBindPassword {bindPassword}
| Description | User account password used by this PingAuthorize Server to access the server to be prepared |
| Required | No |
| Multi-Valued | No |
--governanceBindPasswordFile {bindPasswordFile}
| Description | Path to file containing the user account password used by this PingAuthorize Server to access the server to be prepared |
| Required | No |
| Multi-Valued | No |
--userStoreBaseDN {baseDN}
| Description | Base DN under which user entries are stored |
| Required | Yes |
| Multi-Valued | No |
--propertiesFilePath {propertiesFilePath}
| Description | Path to the file that contains default property values used for command-line arguments |
| Required | No |
| Multi-Valued | No |
--noPropertiesFile
| Description | Specify that no properties file will be used to get default command-line argument values |
--governanceTrustStorePath {truststorePath}
| Description | Path to the truststore to which this tool should add the prepared server's certificate. You must also specify a password to the truststore |
| Required | No |
| Multi-Valued | No |
--governanceTrustStorePassword {truststorePassword}
| Description | Password for the specified truststore. A truststore password is required in order for this tool to add the prepared server's certificate to the PingAuthorize Server truststore |
| Required | No |
| Multi-Valued | No |
--governanceTrustStorePasswordFile {path}
| Description | Path to file containing the password for the specified truststore. A truststore password is required in order for this tool to add the prepared server's certificate to the PingAuthorize Server truststore |
| Required | No |
| Multi-Valued | No |