Re-encode all or a specified portion of the entries in a local DB backend.
This tool may be used to initiate a task that will cause a local DB backend to re-encode all or a specified subset of the entries that it contains. The contents of the entries will not be altered, but this provides a useful mechanism for applying significant changes to the way that entries are actually stored in the backend (e.g., to apply encoding changes if a feature like data encryption or uncached attributes or entries is enabled).
This tool schedules an operation to run within the Directory Server's process. LDAP connection options must be supplied that allow this tool to communicate with the server through its task interface. Tasks can be scheduled to run immediately or at a later time (see Task Scheduling Options below). Once scheduled, tasks can be managed using the manage-tasks tool.
re-encode-entries --hostname directory.example.com --port 389 \ --bindDN uid=admin,dc=example,dc=com --bindPassword password \ --backendID userRoot
re-encode-entries --hostname directory.example.com --port 389 \ --bindDN uid=admin,dc=example,dc=com --bindPassword password \ --backendID userRoot --skipFullyUncachedEntries \ --skipPartiallyUncachedEntries --ratePerSecond 100
-V
--version
Description | Display Directory Server version information |
-H
--help
Description | Display general usage information |
--help-ldap
Description | Display help for using LDAP options |
--help-sasl
Description | Display help for using SASL options |
--help-debug
Description | Display help for using debug options |
Advanced | Yes |
-Z
--useSSL
Description | Use SSL for secure communication with the server |
-q
--useStartTLS
Description | Use StartTLS to secure communication with the server |
--useNoSecurity
Description | Use no security when communicating with the server |
-h {host}
--hostname {host}
Description | Directory Server hostname or IP address |
Default Value | localhost |
Required | No |
Multi-Valued | No |
-p {port}
--port {port}
Description | Directory Server port number |
Default Value | 389 |
Required | No |
Multi-Valued | No |
-D {bindDN}
--bindDN {bindDN}
Description | DN used to bind to the server |
Default Value | cn=Directory Manager |
Required | No |
Multi-Valued | No |
-w {bindPassword}
--bindPassword {bindPassword}
Description | Password used to bind to the server |
Required | No |
Multi-Valued | No |
-j {bindPasswordFile}
--bindPasswordFile {bindPasswordFile}
Description | Bind password file |
Required | No |
Multi-Valued | No |
-o {name=value}
--saslOption {name=value}
Description | SASL bind options |
Required | No |
Multi-Valued | Yes |
-X
--trustAll
Description | Trust all server SSL certificates |
-P {truststorePath}
--trustStorePath {truststorePath}
Description | Certificate truststore path |
Default Value | /home/centos/workspace/Core-Release/build/package/PingDirectory/config/truststore |
Required | No |
Multi-Valued | No |
-T {truststorePassword}
--trustStorePassword {truststorePassword}
Description | Certificate truststore PIN |
Required | No |
Multi-Valued | No |
-U {path}
--trustStorePasswordFile {path}
Description | Certificate truststore PIN file |
Required | No |
Multi-Valued | No |
-K {keystorePath}
--keyStorePath {keystorePath}
Description | Certificate keystore path |
Required | No |
Multi-Valued | No |
-W {keystorePassword}
--keyStorePassword {keystorePassword}
Description | Certificate keystore PIN |
Required | No |
Multi-Valued | No |
-u {keystorePasswordFile}
--keyStorePasswordFile {keystorePasswordFile}
Description | Certificate keystore PIN file |
Required | No |
Multi-Valued | No |
-N {nickname}
--certNickname {nickname}
Description | Nickname of the certificate for SSL client authentication |
Required | No |
Multi-Valued | No |
--propertiesFilePath {propertiesFilePath}
Description | Path to the file that contains default property values used for command-line arguments |
Required | No |
Multi-Valued | No |
--usePropertiesFile
Description | Specify that a properties file will be used to get default command-line argument values |
--script-friendly
Description | Use script-friendly mode |
--task
Description | Indicates that this tool should be invoked as a task which runs inside the Directory Server rather than as a separate process. At present, this argument is optional, but in a future release it may be required for running as a task |
-t {startTime}
--start {startTime}
Description | Indicates the date/time, expressed in format 'YYYYMMDDhhmmss', when the operation starts when scheduled as a server task. A value of '0' causes the task to be scheduled for immediate execution. When this option is specified, the operation is scheduled to start at the specified time, after which this utility will exit immediately |
Required | No |
Multi-Valued | No |
--startAlert
Description | Generate an administrative alert when the task starts running |
--successAlert
Description | Generate an administrative alert when the task completes successfully |
--errorAlert
Description | Generate an administrative alert when the task fails to complete successfully |
--startNotify {emailAddress}
Description | Email address of a recipient to be notified when this task starts running |
Required | No |
Multi-Valued | Yes |
--completionNotify {emailAddress}
Description | Email address of a recipient to be notified when the task completes, regardless of whether it succeeded or failed |
Required | No |
Multi-Valued | Yes |
--successNotify {emailAddress}
Description | Email address of a recipient to be notified when this task completes successfully |
Required | No |
Multi-Valued | Yes |
--errorNotify {emailAddress}
Description | Email address of a recipient to be notified if an error occurs when this task executes |
Required | No |
Multi-Valued | Yes |
--dependency {taskID}
Description | ID of a task upon which this task depends. A task will not start execution until all its dependencies have completed execution |
Required | No |
Multi-Valued | Yes |
--failedDependencyAction {action}
Description | Action this task will take should one of its dependent tasks fail. The value must be one of the following: PROCESS,CANCEL,DISABLE. If not specified, the default value is CANCEL |
Required | No |
Multi-Valued | Yes |
-Q
--quiet
Description | Use quiet mode |
-n {backendID}
--backendID {backendID}
Description | The backend ID of the backend containing the entries to re-encode |
Required | Yes |
Multi-Valued | No |
-b {baseDN}
--includeBranch {baseDN}
Description | The base DN of a branch containing entries to process. If one or more include branches is specified, then only entries in those branches will be re-encoded |
Required | No |
Multi-Valued | Yes |
-B {baseDN}
--excludeBranch {baseDN}
Description | The base DN of a branch containing entries to exclude from re-encode processing |
Required | No |
Multi-Valued | Yes |
-I {filter}
--includeFilter {filter}
Description | A search filter that may be used to identify entries that should be re-encoded. If one or more include filters is specified, then only entries matching those filters will be re-encoded |
Required | No |
Multi-Valued | Yes |
-E {filter}
--excludeFilter {filter}
Description | A search filter that may be used to identify entries that should be excluded from re-encode processing |
Required | No |
Multi-Valued | Yes |
-s
--skipFullyUncachedEntries
Description | Indicates that any entries which are currently stored as fully uncached should be excluded from re-encode processing |
-S
--skipPartiallyUncachedEntries
Description | Indicates that any entries that contain a mix of cached and uncached attributes should be excluded from re-encode processing |
-r {num}
--ratePerSecond {num}
Description | Specifies the maximum number of entries to be re-encoded per second. If no maximum rate is specified, then the re-encode process will occur as quickly as possible. However, limiting the rate of re-encode processing may help reduce the impact on other operations being processed in the server |
Lower Bound | 1 |
Required | No |
Multi-Valued | No |