Move all entries in a specified subtree from one server to another.
move-subtree --sourceHostname ds1.example.com --sourcePort 389 \
--sourceBindDN uid=admin,dc=example,dc=com --sourceBindPassword password \
--targetHostname ds2.example.com --targetPort 389 \
--targetBindDN uid=admin,dc=example,dc=com --targetBindPassword password \
--baseDN "cn=small subtree,dc=example,dc=com" --sizeLimit 100 \
--purpose "Migrate a small subtree from ds1 to ds2"
-V
--version
| Description | Display Synchronization Server version information |
-H
--help
| Description | Display general usage information |
--help-ldap
| Description | Display help for using LDAP options |
--help-sasl
| Description | Display help for using SASL options |
--help-debug
| Description | Display help for using debug options |
| Advanced | Yes |
--sourceHostname {host}
| Description | The IP address or resolvable name to use to connect to the directory server. If this is not provided, then a default value of 'localhost' will be used. |
| Default Value | localhost |
| Required | Yes |
| Multi-Valued | No |
--sourcePort {port}
| Description | The port to use to connect to the directory server. If this is not provided, then a default value of 389 will be used. |
| Default Value | 389 |
| Required | Yes |
| Multi-Valued | No |
--sourceBindDN {dn}
| Description | The DN to use to bind to the directory server when performing simple authentication. |
| Required | No |
| Multi-Valued | No |
--sourceBindPassword {password}
| Description | The password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism. |
| Required | No |
| Multi-Valued | No |
--sourceBindPasswordFile {path}
| Description | The path to the file containing the password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism. |
| Required | No |
| Multi-Valued | No |
--sourceUseSSL
| Description | Use SSL when communicating with the directory server. |
--sourceUseStartTLS
| Description | Use StartTLS when communicating with the directory server. |
--sourceTrustAll
| Description | Trust any certificate presented by the directory server. |
--sourceKeyStorePath {path}
| Description | The path to the file to use as the key store for obtaining client certificates when communicating securely with the directory server. |
| Required | No |
| Multi-Valued | No |
--sourceKeyStorePassword {password}
| Description | The password to use to access the key store contents. |
| Required | No |
| Multi-Valued | No |
--sourceKeyStorePasswordFile {path}
| Description | The path to the file containing the password to use to access the key store contents. |
| Required | No |
| Multi-Valued | No |
--sourceKeyStoreFormat {format}
| Description | The format (e.g., jks, jceks, pkcs12, etc.) for the key store file. |
| Required | No |
| Multi-Valued | No |
--sourceTrustStorePath {path}
| Description | The path to the file to use as trust store when determining whether to trust a certificate presented by the directory server. |
| Required | No |
| Multi-Valued | No |
--sourceTrustStorePassword {password}
| Description | The password to use to access the trust store contents. |
| Required | No |
| Multi-Valued | No |
--sourceTrustStorePasswordFile {path}
| Description | The path to the file containing the password to use to access the trust store contents. |
| Required | No |
| Multi-Valued | No |
--sourceTrustStoreFormat {format}
| Description | The format (e.g., jks, jceks, pkcs12, etc.) for the trust store file. |
| Required | No |
| Multi-Valued | No |
--sourceCertNickname {nickname}
| Description | The nickname (alias) of the client certificate in the key store to present to the directory server for SSL client authentication. |
| Required | No |
| Multi-Valued | No |
--sourceSASLOption {name=value}
| Description | A name-value pair providing information to use when performing SASL authentication. |
| Required | No |
| Multi-Valued | Yes |
--targetHostname {host}
| Description | The IP address or resolvable name to use to connect to the directory server. If this is not provided, then a default value of 'localhost' will be used. |
| Default Value | localhost |
| Required | Yes |
| Multi-Valued | No |
--targetPort {port}
| Description | The port to use to connect to the directory server. If this is not provided, then a default value of 389 will be used. |
| Default Value | 389 |
| Required | Yes |
| Multi-Valued | No |
--targetBindDN {dn}
| Description | The DN to use to bind to the directory server when performing simple authentication. |
| Required | No |
| Multi-Valued | No |
--targetBindPassword {password}
| Description | The password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism. |
| Required | No |
| Multi-Valued | No |
--targetBindPasswordFile {path}
| Description | The path to the file containing the password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism. |
| Required | No |
| Multi-Valued | No |
--targetUseSSL
| Description | Use SSL when communicating with the directory server. |
--targetUseStartTLS
| Description | Use StartTLS when communicating with the directory server. |
--targetTrustAll
| Description | Trust any certificate presented by the directory server. |
--targetKeyStorePath {path}
| Description | The path to the file to use as the key store for obtaining client certificates when communicating securely with the directory server. |
| Required | No |
| Multi-Valued | No |
--targetKeyStorePassword {password}
| Description | The password to use to access the key store contents. |
| Required | No |
| Multi-Valued | No |
--targetKeyStorePasswordFile {path}
| Description | The path to the file containing the password to use to access the key store contents. |
| Required | No |
| Multi-Valued | No |
--targetKeyStoreFormat {format}
| Description | The format (e.g., jks, jceks, pkcs12, etc.) for the key store file. |
| Required | No |
| Multi-Valued | No |
--targetTrustStorePath {path}
| Description | The path to the file to use as trust store when determining whether to trust a certificate presented by the directory server. |
| Required | No |
| Multi-Valued | No |
--targetTrustStorePassword {password}
| Description | The password to use to access the trust store contents. |
| Required | No |
| Multi-Valued | No |
--targetTrustStorePasswordFile {path}
| Description | The path to the file containing the password to use to access the trust store contents. |
| Required | No |
| Multi-Valued | No |
--targetTrustStoreFormat {format}
| Description | The format (e.g., jks, jceks, pkcs12, etc.) for the trust store file. |
| Required | No |
| Multi-Valued | No |
--targetCertNickname {nickname}
| Description | The nickname (alias) of the client certificate in the key store to present to the directory server for SSL client authentication. |
| Required | No |
| Multi-Valued | No |
--targetSASLOption {name=value}
| Description | A name-value pair providing information to use when performing SASL authentication. |
| Required | No |
| Multi-Valued | Yes |
-b {dn}
--baseDN {dn}
| Description | The base DN of the subtree to move. |
| Required | No |
| Multi-Valued | Yes |
-f {path}
--baseDNFile {path}
| Description | The path to a file containing the base DNs of the subtrees to move. Each subtree base DN should be provided on a separate line. |
| Required | No |
| Multi-Valued | No |
-z {num}
--sizeLimit {num}
| Description | The maximum number of entries to allow for the move. If the requested size limit is one (indicating that only a single entry should be moved), then that entry will be moved using interactive transactions. If no size limit is specified, or if a size limit greater than one is requested, then the move will be accomplished using restricted subtree accessibility, so that the target subtree will be made read-only on the source server until it is available on the target server. |
| Upper Bound | 2147483647 |
| Default Value | 0 |
| Required | No |
| Multi-Valued | No |
--purpose {purpose}
| Description | The reason that the subtree is to be moved from the source server to the target server. |
| Required | No |
| Multi-Valued | No |
-v
--verbose
| Description | Indicates that the tool should operate in verbose mode in which it will output detailed information as entries are added to the target server and removed from the source server. |