Ping Identity Directory Server Command-Line Tool Reference

Directory Server Documentation Index
Command-Line Tool Reference Home

deliver-one-time-password

Description

Generate and deliver a one-time password to a user through some out-of-band mechanism. That password can then be used to authenticate via the UNBOUNDID-DELIVERED-OTP SASL mechanism.

Examples

Generate and deliver a one-time password to the user with DN 'uid=test.user,ou=People,dc=example,dc=com' via the default mechanisms configured in the server.

deliver-one-time-password --hostname server.example.com --port 389 \
     --bindDN uid=test.user,ou=People,dc=example,dc=com --bindPassword password \
     --messageSubject "Your one-time password" \
     --fullTextBeforeOTP "Your one-time password is '" --fullTextAfterOTP "'." \
     --compactTextBeforeOTP "Your OTP is '" --compactTextAfterOTP "'."

Generate and deliver a one-time password to the user with username 'test.user' via SMS if possible, or e-mail as a second choice.

deliver-one-time-password --hostname server.example.com --port 389 \
     --userName test.user --bindPassword password --deliveryMechanism SMS \
     --deliveryMechanism E-Mail --messageSubject "Your one-time password" \
     --fullTextBeforeOTP "Your one-time password is '" --fullTextAfterOTP "'." \
     --compactTextBeforeOTP "Your OTP is '" --compactTextAfterOTP "'."

For examples and help with LDAP options see LDAP Option Help. For help with SASL authentication, see SASL Option Help

Arguments

-V
--version

Description

Display Directory Server version information

-H
--help

Description

Display general usage information

--help-ldap

Description

Display help for using LDAP options

--help-sasl

Description

Display help for using SASL options

--help-debug

Description	Display help for using debug options
Advanced	Yes

-h {host}
--hostname {host}

Description	The IP address or resolvable name to use to connect to the directory server. If this is not provided, then a default value of 'localhost' will be used.
Default Value	localhost
Required	Yes
Multi-Valued	No

-p {port}
--port {port}

Description	The port to use to connect to the directory server. If this is not provided, then a default value of 389 will be used.
Default Value	389
Required	Yes
Multi-Valued	No

-Z
--useSSL

Description

Use SSL when communicating with the directory server.

-q
--useStartTLS

Description

Use StartTLS when communicating with the directory server.

-X
--trustAll

Description

Trust any certificate presented by the directory server.

-K {path}
--keyStorePath {path}

Description	The path to the file to use as the key store for obtaining client certificates when communicating securely with the directory server.
Required	No
Multi-Valued	No

-W {password}
--keyStorePassword {password}

Description	The password to use to access the key store contents.
Required	No
Multi-Valued	No

-u {path}
--keyStorePasswordFile {path}

Description	The path to the file containing the password to use to access the key store contents.
Required	No
Multi-Valued	No

--promptForKeyStorePassword

Description

Indicates that the tool should interactively prompt the user for the password to use to access the key store contents.

--keyStoreFormat {format}

Description	The format (e.g., jks, jceks, pkcs12, etc.) for the key store file.
Required	No
Multi-Valued	No

-P {path}
--trustStorePath {path}

Description	The path to the file to use as trust store when determining whether to trust a certificate presented by the directory server.
Required	No
Multi-Valued	No

-T {password}
--trustStorePassword {password}

Description	The password to use to access the trust store contents.
Required	No
Multi-Valued	No

-U {path}
--trustStorePasswordFile {path}

Description	The path to the file containing the password to use to access the trust store contents.
Required	No
Multi-Valued	No

--promptForTrustStorePassword

Description

Indicates that the tool should interactively prompt the user for the password to use to access the trust store contents.

--trustStoreFormat {format}

Description	The format (e.g., jks, jceks, pkcs12, etc.) for the trust store file.
Required	No
Multi-Valued	No

-N {nickname}
--certNickname {nickname}

Description	The nickname (alias) of the client certificate in the key store to present to the directory server for SSL client authentication.
Required	No
Multi-Valued	No

--enableSSLDebugging

Description

Enable Java's low-level support for debugging SSL/TLS communication. This is equivalent to setting the "javax.net.debug" property to "all".

-D {dn}
--bindDN {dn}

Description	The DN for the user to whom the one-time password should be delivered. Either the bind DN or username must be provided.
Required	No
Multi-Valued	No

-n {username}
--userName {username}

Description	The username for the user to whom the one-time password should be delivered. Either the bind DN or username must be provided.
Required	No
Multi-Valued	No

-w {password}
--bindPassword {password}

Description	The static password for the user to whom the one-time password should be delivered.
Required	No
Multi-Valued	No

-j {path}
--bindPasswordFile {path}

Description	The path to a file containing the static password for the user to whom the one-time password should be delivered.
Required	No
Multi-Valued	No

--promptForBindPassword

Description

Indicates that the tool should interactively prompt the user for the bind password.

-m {name}
--deliveryMechanism {name}

Description	The name of the mechanism that should be used to deliver the one-time password to the user. If multiple values are specified (using multiple instances of this argument) then they will be tried in the order in which they are given until one of them is able to deliver the one-time password. If this is not specified, then the server configuration will dictate which delivery mechanisms should be attempted.
Required	No
Multi-Valued	Yes

-s {subject}
--messageSubject {subject}

Description	The subject to use for the message containing the one-time password. This will be ignored for delivery mechanisms that do not require a subject.
Required	No
Multi-Valued	No

-f {text}
--fullTextBeforeOTP {text}

Description	The text to include immediately before the one-time password in the message delivered to the end user via a mechanism that does not impose a significant constraint on message size.
Required	No
Multi-Valued	No

-F {text}
--fullTextAfterOTP {text}

Description	The text to include immediately after the one-time password in the message delivered to the end user via a mechanism that does not impose a significant constraint on message size.
Required	No
Multi-Valued	No

-c {text}
--compactTextBeforeOTP {text}

Description	The text to include immediately before the one-time password in the message delivered to the end user via a mechanism that imposes a significant constraint on message size.
Required	No
Multi-Valued	No

-C {text}
--compactTextAfterOTP {text}

Description	The text to include immediately after the one-time password in the message delivered to the end user via a mechanism that imposes a significant constraint on message size.
Required	No
Multi-Valued	No

--interactive

Description

Launch the tool in interactive mode.

--outputFile {path}

Description	Write all standard output and standard error messages to the specified file instead of to the console.
Required	No
Multi-Valued	No

--appendToOutputFile

Description

Indicates that the tool should append to the file specified by the --outputFile argument if it already exists. If this argument is not provided and the output file already exists, it will be overwritten.

--teeOutput

Description

Write all standard output and standard error messages to the console as well as to the specified output file. The --outputFile argument must also be provided.

--propertiesFilePath {path}

Description	The path to a properties file used to specify default values for arguments not supplied on the command line.
Required	No
Multi-Valued	No

--generatePropertiesFile {path}

Description	Write an empty properties file that may be used to specify default values for arguments.
Required	No
Multi-Valued	No

--noPropertiesFile

Description

Do not obtain any argument values from a properties file.

--suppressPropertiesFileComment

Description

Suppress output listing the arguments obtained from a properties file.