Prepare a Data Sync Server and an external server for communication.
This tool performs several functions that update a directory server to be used as an external server by the Data Sync Server. If you use the create-sync-pipe-config tool to define and prepare directory server instances use of this tool is unnecessary.
Among other functions, this tool creates the synchronization user account, sets the correct password, and configures the account with required privileges. If necessary you are prompted for manager credentials in order that the tool can perform any required modifications to the external server.
When using this tool, specify the LDAP connection options to establish a connection to the external server. Other options are used to specify information about the Data Sync Server which this tool uses to configure the external server.
If a secure connection will be used by the Data Sync Server to communicate with the external server you can supply the path and password of the truststore to have this tool populate the Data Sync Server's truststore with the server certificate of the external server.
Prepares the directory server on the remote host and listening on port 1389 for synchronization as a data source for the subtree 'dc=example,dc=com'. The Data Sync Server will access the external server using the user account 'cn=Sync User,cn=Root DNs,cn=config' which will be created on the server if it does not already exist:
prepare-endpoint-server --hostname server.example.com --port 1389 \
--syncServerBindDN "cn=Sync User,cn=Root DNs,cn=config" \
--syncServerBindPassword password --baseDN dc=example,dc=com --isSource
Prepares the directory server on the remote host and listening on port 1636 for synchronization as both a data source and destination for the subtree 'dc=example,dc=com'. The Data Sync Server will access the endpoint server using the user account 'cn=Sync User,cn=Root DNs,cn=config' which will be created on the server if it does not already exist:
prepare-endpoint-server --hostname server.example.com --port 1636 --useSSL \
--syncServerBindDN "cn=Sync User,cn=Root DNs,cn=config" \
--syncServerBindPassword password --trustStorePath /path/to/truststore \
--baseDN dc=example,dc=com --isSource --isDestination
For examples and help with LDAP options see LDAP Option Help. For help with SASL authentication, see SASL Option Help
-V
--version
| Description | Display Data Sync Server version information |
-H
--help
| Description | Display general usage information |
--help-ldap
| Description | Display help for using LDAP options |
--help-sasl
| Description | Display help for using SASL options |
--help-debug
| Description | Display help for using debug options |
| Advanced | Yes |
-Z
--useSSL
| Description | Use SSL for secure communication with the server |
-q
--useStartTLS
| Description | Use StartTLS to secure communication with the server |
--useNoSecurity
| Description | Use no security when communicating with the server |
-D {bindDN}
--bindDN {bindDN}
| Description | DN used to bind to the server |
| Default Value | cn=Directory Manager |
| Required | No |
| Multi-Valued | No |
-w {bindPassword}
--bindPassword {bindPassword}
| Description | Password used to bind to the server |
| Required | No |
| Multi-Valued | No |
-j {bindPasswordFile}
--bindPasswordFile {bindPasswordFile}
| Description | Bind password file |
| Required | No |
| Multi-Valued | No |
-X
--trustAll
| Description | Trust all server SSL certificates |
-P {truststorePath}
--trustStorePath {truststorePath}
| Description | Certificate truststore path |
| Default Value | /home/rocky/workspace/Core-Release-Pipeline/build/package/PingDataSync/config/truststore |
| Required | No |
| Multi-Valued | No |
-T {truststorePassword}
--trustStorePassword {truststorePassword}
| Description | Certificate truststore PIN |
| Required | No |
| Multi-Valued | No |
-U {path}
--trustStorePasswordFile {path}
| Description | Certificate truststore PIN file |
| Required | No |
| Multi-Valued | No |
--trustStoreFormat {trustStoreFormat}
| Description | Certificate truststore format |
| Required | No |
| Multi-Valued | No |
--keyStoreFormat {keyStoreFormat}
| Description | Certificate keystore format |
| Required | No |
| Multi-Valued | No |
-h {host}
--hostname {host}
| Description | External server hostname or IP address |
| Default Value | localhost |
| Required | No |
| Multi-Valued | No |
-p {port}
--port {port}
| Description | External server port number |
| Default Value | 389 |
| Required | No |
| Multi-Valued | No |
-n
--no-prompt
| Description | Perform an installation in non-interactive mode. When this mode is used, this tool will require additional options. See the examples below |
-Q
--quiet
| Description | Use quiet mode |
--syncServerBindDN {bindDN}
| Description | User account DN used by this Data Sync Server to access the server to be prepared |
| Default Value | cn=Sync User,cn=Root DNs,cn=config |
| Required | No |
| Multi-Valued | No |
--syncServerBindPassword {bindPassword}
| Description | User account password used by this Data Sync Server to access the server to be prepared |
| Required | No |
| Multi-Valued | No |
--syncServerBindPasswordFile {bindPasswordFile}
| Description | Path to file containing the user account password used by this Data Sync Server to access the server to be prepared |
| Required | No |
| Multi-Valued | No |
--baseDN {baseDN}
| Description | DN of a subtree of the server to be synchronized |
| Required | Yes |
| Multi-Valued | Yes |
--isSource
| Description | Indicate that the endpoint server will serve as a synchronization source |
--isDestination
| Description | Indicate that the endpoint server will serve as a synchronization destination |
--maxChangeLogAge {timeLimit}
| Description | Maximum age of changelog entries to set on the prepared server when the change log is enabled. This setting keeps the change log from growing too large and impacting server performance |
| Default Value | 2d |
| Required | No |
| Multi-Valued | No |
--syncServerTrustStorePath {truststorePath}
| Description | Path to the truststore to which this tool should add the prepared server's certificate. You must also specify a password to the truststore |
| Required | No |
| Multi-Valued | No |
--syncServerTrustStorePassword {truststorePassword}
| Description | Password for the specified truststore. A truststore password is required in order for this tool to add the prepared server's certificate to the Data Sync Server truststore |
| Required | No |
| Multi-Valued | No |
--syncServerTrustStorePasswordFile {path}
| Description | Path to file containing the password for the specified truststore. A truststore password is required in order for this tool to add the prepared server's certificate to the Data Sync Server truststore |
| Required | No |
| Multi-Valued | No |