Validate the contents of an LDIF file against the server schema.
validate-ldif --hostname server.example.com --port 389 --ldifFile data.ldif \
--rejectFile rejects.ldif --numThreads 4
validate-ldif --schemaDirectory /ds/config/schema --ldifFile data.ldif \
--rejectFile rejects.ldif --ignoreStructuralObjectClasses \
--ignoreAttributeSyntax
-V
--version
| Description | Display Directory Server version information |
-H
--help
| Description | Display general usage information |
--help-ldap
| Description | Display help for using LDAP options |
--help-sasl
| Description | Display help for using SASL options |
--help-debug
| Description | Display help for using debug options |
| Advanced | Yes |
-h {host}
--hostname {host}
| Description | The IP address or resolvable name to use to connect to the directory server. If this is not provided, then a default value of 'localhost' will be used. |
| Default Value | localhost |
| Required | Yes |
| Multi-Valued | No |
-p {port}
--port {port}
| Description | The port to use to connect to the directory server. If this is not provided, then a default value of 389 will be used. |
| Default Value | 389 |
| Required | Yes |
| Multi-Valued | No |
-D {dn}
--bindDN {dn}
| Description | The DN to use to bind to the directory server when performing simple authentication. |
| Required | No |
| Multi-Valued | No |
-w {password}
--bindPassword {password}
| Description | The password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism. |
| Required | No |
| Multi-Valued | No |
-j {path}
--bindPasswordFile {path}
| Description | The path to the file containing the password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism. |
| Required | No |
| Multi-Valued | No |
--promptForBindPassword
| Description | Indicates that the tool should interactively prompt the user for the bind password. |
-Z
--useSSL
| Description | Use SSL when communicating with the directory server. |
-q
--useStartTLS
| Description | Use StartTLS when communicating with the directory server. |
-X
--trustAll
| Description | Trust any certificate presented by the directory server. |
-K {path}
--keyStorePath {path}
| Description | The path to the file to use as the key store for obtaining client certificates when communicating securely with the directory server. |
| Required | No |
| Multi-Valued | No |
-W {password}
--keyStorePassword {password}
| Description | The password to use to access the key store contents. |
| Required | No |
| Multi-Valued | No |
-u {path}
--keyStorePasswordFile {path}
| Description | The path to the file containing the password to use to access the key store contents. |
| Required | No |
| Multi-Valued | No |
--promptForKeyStorePassword
| Description | Indicates that the tool should interactively prompt the user for the password to use to access the key store contents. |
--keyStoreFormat {format}
| Description | The format (e.g., jks, jceks, pkcs12, etc.) for the key store file. |
| Required | No |
| Multi-Valued | No |
-P {path}
--trustStorePath {path}
| Description | The path to the file to use as trust store when determining whether to trust a certificate presented by the directory server. |
| Required | No |
| Multi-Valued | No |
-T {password}
--trustStorePassword {password}
| Description | The password to use to access the trust store contents. |
| Required | No |
| Multi-Valued | No |
-U {path}
--trustStorePasswordFile {path}
| Description | The path to the file containing the password to use to access the trust store contents. |
| Required | No |
| Multi-Valued | No |
--promptForTrustStorePassword
| Description | Indicates that the tool should interactively prompt the user for the password to use to access the trust store contents. |
--trustStoreFormat {format}
| Description | The format (e.g., jks, jceks, pkcs12, etc.) for the trust store file. |
| Required | No |
| Multi-Valued | No |
-N {nickname}
--certNickname {nickname}
| Description | The nickname (alias) of the client certificate in the key store to present to the directory server for SSL client authentication. |
| Required | No |
| Multi-Valued | No |
--enableSSLDebugging
| Description | Enable Java's low-level support for debugging SSL/TLS communication. This is equivalent to setting the "javax.net.debug" property to "all". |
-o {name=value}
--saslOption {name=value}
| Description | A name-value pair providing information to use when performing SASL authentication. |
| Required | No |
| Multi-Valued | Yes |
--useSASLExternal
| Description | Use the SASL EXTERNAL mechanism to authenticate. |
--helpSASL
| Description | Provide information about the supported SASL mechanisms, including the properties available for use with each. |
-f {path}
--ldifFile {path}
| Description | The path to the LDIF file to process. The tool will automatically attempt to detect whether the file is encrypted or compressed. |
| Required | Yes |
| Multi-Valued | No |
--encryptionPassphraseFile {path}
| Description | Indicates that the specified LDIF file is encrypted and that the encryption passphrase is contained in the specified file. If the LDIF data is encrypted and this argument is not provided, then the tool will interactively prompt for the encryption passphrase. |
| Required | No |
| Multi-Valued | No |
-R {path}
--rejectFile {path}
| Description | The path to the file to which rejected entries should be written. |
| Required | No |
| Multi-Valued | No |
--schemaDirectory {path}
| Description | The path to a directory containing one or more LDIF files with the schema information to use. If this is provided, then no LDAP communication will be performed. |
| Required | No |
| Multi-Valued | No |
-t {num}
--numThreads {num}
| Description | The number of threads to use when processing the LDIF file. |
| Upper Bound | 2147483647 |
| Default Value | 1 |
| Required | Yes |
| Multi-Valued | No |
--ignoreDuplicateValues
| Description | Ignore validation failures due to entries containing duplicate values for the same attribute. |
--ignoreUndefinedObjectClasses
| Description | Ignore validation failures due to object classes not defined in the schema. |
--ignoreUndefinedAttributes
| Description | Ignore validation failures due to attributes not defined in the schema. |
--ignoreMalformedDNs
| Description | Ignore validation failures due to entries with malformed DNs. |
--ignoreMissingRDNValues
| Description | Ignore validation failures due to entries with RDN attribute values that are missing from the set of entry attributes. |
--ignoreStructuralObjectClasses
| Description | Ignore validation failures due to entries without exactly structural object class. |
--ignoreProhibitedObjectClasses
| Description | Ignore validation failures due to entries with object classes that are not allowed. |
--ignoreMissingSuperiorObjectClasses
| Description | Ignore validation failures due to entries that are one or more superior object classes. |
--ignoreProhibitedAttributes
| Description | Ignore validation failures due to entries with attributes that are not allowed. |
--ignoreMissingAttributes
| Description | Ignore validation failures due to entries missing required attributes. |
--ignoreSingleValuedAttributes
| Description | Ignore validation failures due to entries with multiple values for single-valued attributes. |
--ignoreAttributeSyntax
| Description | Ignore validation failures due to entries with attribute values that violate their associated syntax. If this is provided, then no attribute syntax violations will be flagged. If this is not provided, then all attribute syntax violations will be flagged except for violations in those attributes excluded by the --ignoreSyntaxViolationsForAttribute argument. |
--ignoreSyntaxViolationsForAttribute {attr}
| Description | The name or OID of an attribute for which to ignore validation failures due to violations of the associated attribute syntax. This argument can only be used if the --ignoreAttributeSyntax argument is not provided. |
| Required | No |
| Multi-Valued | Yes |
--ignoreNameForms
| Description | Ignore validation failures due to entries with RDNs that violate the associated name form definition. |
--interactive
| Description | Launch the tool in interactive mode. |
--outputFile {path}
| Description | Write all standard output and standard error messages to the specified file instead of to the console. |
| Required | No |
| Multi-Valued | No |
--appendToOutputFile
| Description | Indicates that the tool should append to the file specified by the --outputFile argument if it already exists. If this argument is not provided and the output file already exists, it will be overwritten. |
--teeOutput
| Description | Write all standard output and standard error messages to the console as well as to the specified output file. The --outputFile argument must also be provided. |
--propertiesFilePath {path}
| Description | The path to a properties file used to specify default values for arguments not supplied on the command line. |
| Required | No |
| Multi-Valued | No |
--generatePropertiesFile {path}
| Description | Write an empty properties file that may be used to specify default values for arguments. |
| Required | No |
| Multi-Valued | No |
--noPropertiesFile
| Description | Do not obtain any argument values from a properties file. |
--suppressPropertiesFileComment
| Description | Suppress output listing the arguments obtained from a properties file. |