UnboundID Synchronization Server Command-Line Tool Reference

Synchronization Server Documentation Index
Command-Line Tool Reference Home

subtree-accessibility

Description

List or update the a set of subtree accessibility restrictions defined in the Directory Server.

Examples

Retrieve information about all subtree accessibility restrictions defined in the server.

subtree-accessibility --hostname server.example.com --port 389 \
     --bindDN uid=admin,dc=example,dc=com --bindPassword password

Create or update the subtree accessibility state definition for subtree 'ou=subtree,dc=example,dc=com' so that it is read-only for all users except 'uid=bypass,dc=example,dc=com'.

subtree-accessibility --hostname server.example.com --port 389 \
     --bindDN uid=admin,dc=example,dc=com --bindPassword password --set \
     --baseDN ou=subtree,dc=example,dc=com --state read-only-bind-allowed \
     --bypassUserDN uid=bypass,dc=example,dc=com

For examples and help with LDAP options see LDAP Option Help. For help with SASL authentication, see SASL Option Help

Arguments

-V
--version

Description

Display Synchronization Server version information

-H
--help

Description

Display general usage information

--help-ldap

Description

Display help for using LDAP options

--help-sasl

Description

Display help for using SASL options

--help-debug

Description	Display help for using debug options
Advanced	Yes

-h {host}
--hostname {host}

Description	The IP address or resolvable name to use to connect to the directory server. If this is not provided, then a default value of 'localhost' will be used.
Default Value	localhost
Required	Yes
Multi-Valued	No

-p {port}
--port {port}

Description	The port to use to connect to the directory server. If this is not provided, then a default value of 389 will be used.
Default Value	389
Required	Yes
Multi-Valued	No

-D {dn}
--bindDN {dn}

Description	The DN to use to bind to the directory server when performing simple authentication.
Required	No
Multi-Valued	No

-w {password}
--bindPassword {password}

Description	The password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism.
Required	No
Multi-Valued	No

-j {path}
--bindPasswordFile {path}

Description	The path to the file containing the password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism.
Required	No
Multi-Valued	No

-Z
--useSSL

Description

Use SSL when communicating with the directory server.

-q
--useStartTLS

Description

Use StartTLS when communicating with the directory server.

-X
--trustAll

Description

Trust any certificate presented by the directory server.

-K {path}
--keyStorePath {path}

Description	The path to the file to use as the key store for obtaining client certificates when communicating securely with the directory server.
Required	No
Multi-Valued	No

-W {password}
--keyStorePassword {password}

Description	The password to use to access the key store contents.
Required	No
Multi-Valued	No

-u {path}
--keyStorePasswordFile {path}

Description	The path to the file containing the password to use to access the key store contents.
Required	No
Multi-Valued	No

--keyStoreFormat {format}

Description	The format (e.g., jks, jceks, pkcs12, etc.) for the key store file.
Required	No
Multi-Valued	No

-P {path}
--trustStorePath {path}

Description	The path to the file to use as trust store when determining whether to trust a certificate presented by the directory server.
Required	No
Multi-Valued	No

-T {password}
--trustStorePassword {password}

Description	The password to use to access the trust store contents.
Required	No
Multi-Valued	No

-U {path}
--trustStorePasswordFile {path}

Description	The path to the file containing the password to use to access the trust store contents.
Required	No
Multi-Valued	No

--trustStoreFormat {format}

Description	The format (e.g., jks, jceks, pkcs12, etc.) for the trust store file.
Required	No
Multi-Valued	No

-N {nickname}
--certNickname {nickname}

Description	The nickname (alias) of the client certificate in the key store to present to the directory server for SSL client authentication.
Required	No
Multi-Valued	No

-o {name=value}
--saslOption {name=value}

Description	A name-value pair providing information to use when performing SASL authentication.
Required	No
Multi-Valued	Yes

-s
--set

Description

Indicates that the set of accessibility restrictions should be updated rather than retrieved.

-b {dn}
--baseDN {dn}

Description	The base DN of the subtree for which an accessibility restriction is to be updated.
Required	No
Multi-Valued	No

-S {state}
--state {state}

Description	The accessibility state to use for the accessibility restriction on the target subtree. Allowed values: accessible, read-only-bind-allowed, read-only-bind-denied, hidden.
Required	No
Multi-Valued	No

-B {dn}
--bypassUserDN {dn}

Description	The DN of a user who is allowed to bypass restrictions on the target subtree.
Required	No
Multi-Valued	No