Generate, compare, install, and replace server profiles.
Server profiles define a format for the configuration of a server, including dsconfig, initial DIT, setup arguments, server SDK extensions, and other files. These are combined into one concrete structure. This tool provides subcommands that can be used to generate a new profile from an existing server, to set up a new server, and to replace an existing server's profile with a different profile.
A template server profile file structure can be found in the resource/ directory.
Generate a server profile from the local server, placing the resulting profile in the /path/to/profile directory:
manage-profile generate-profile --profileRoot /path/to/profile
Generate a server profile from the local server, placing the resulting profile in the /path/to/profile directory. Always copies any files under config/encryption-settings/ in the server root to the generated profile's server-root/pre-setup directory:
manage-profile generate-profile --profileRoot /path/to/profile \
--includePath config/encryption-settings/
Generate a zipped server profile from the local server, placing the resulting profile in the /path/to/profile.zip archive:
manage-profile generate-profile --profileRoot /path/to/profile.zip --zip
Sets up and configures a server using a server profile. Variables in the profile are substituted using variables defined in the profile.variables file:
manage-profile setup --profile /path/to/profile \
--profileVariablesFile /path/to/profile.variables
Sets up and configures a server using a server profile, without starting the server:
manage-profile setup --profile /path/to/profile --doNotStart
Replaces the profile at the existing server using the specified profile. Variables in the profile are substituted using variables defined in the profile.variables file:
manage-profile replace-profile --serverRoot /path/to/existing/server \
--profile /path/to/profile \
--profileVariablesFile /path/to/profile.variables
Replaces the profile at the existing server using the specified profile. The existing server will be temporarily moved to the provided directory while the tool is running:
manage-profile replace-profile --serverRoot /path/to/existing/server \
--profile /path/to/profile --tempServerDirectory /path/to/temporary
Generate a profile from a configured server
Generate a profile based on the current configuration of the local server. The generated profile should be manually edited as necessary
Generate a server profile from the local server, placing the resulting profile in the /path/to/profile directory:
manage-profile generate-profile --profileRoot /path/to/profile
Generate a server profile from the local server, placing the resulting profile in the /path/to/profile directory. Always copies any files under config/encryption-settings/ in the server root to the generated profile's server-root/pre-setup directory:
manage-profile generate-profile --profileRoot /path/to/profile \
--includePath config/encryption-settings/
Generate a zipped server profile from the local server, placing the resulting profile in the /path/to/profile.zip archive:
manage-profile generate-profile --profileRoot /path/to/profile.zip --zip
-p {profileRootDirectory}
--profileRoot {profileRootDirectory}
| Description | Path indicating where the generated profile contents should be placed. When writing to a zip archive, this argument must refer to a file that does not already exist. When writing to a directory rather than a zip archive, if the directory already exists, it must be empty. If the directory doesn't exist, it will be created if possible |
| Required | Yes |
| Multi-Valued | No |
-i {relativePath}
--includePath {relativePath}
| Description | Specifies a relative path in the server root that should always be included in the generated profile. This argument can be used to include files in the generated profile that would normally be excluded, such as pin files or encryption settings files. Any files under the specified path will be included in the generated profile |
| Required | No |
| Multi-Valued | Yes |
-z
--zip
| Description | Package the generated profile as a zip archive |
--excludeSetupArguments
| Description | Do not include a setup-arguments.txt file in the generated server profile |
Replace an existing server's profile with another profile
Uses the configuration defined in a provided server profile to make changes to an existing server's configuration
Replaces the profile at the existing server using the specified profile. Variables in the profile are substituted using variables defined in the profile.variables file:
manage-profile replace-profile --serverRoot /path/to/existing/server \
--profile /path/to/profile \
--profileVariablesFile /path/to/profile.variables
Replaces the profile at the existing server using the specified profile. The existing server will be temporarily moved to the provided directory while the tool is running:
manage-profile replace-profile --serverRoot /path/to/existing/server \
--profile /path/to/profile --tempServerDirectory /path/to/temporary
-R {serverRootDirectory}
--serverRoot {serverRootDirectory}
| Description | Path to the installation root of the existing server to have its profile replaced |
| Required | Yes |
| Multi-Valued | No |
--tempServerDirectory {tempDirectory}
| Description | Path to a directory where the existing server should be placed temporarily. The temporary server will be deleted after the tool has finished running |
| Required | No |
| Multi-Valued | No |
--noRollbackOnStartupError
| Description | Do not rollback the server if startup errors occur when the final server is being validated |
--licenseKeyFile {file}
| Description | License key file to use when replacing the server profile. This argument is necessary only when a major version update is performed. Otherwise, the license can be included in the server profile |
| Required | No |
| Multi-Valued | No |
--replaceFullProfile
| Description | Execute the complete replace-profile process, regardless of what has changed between profiles |
-p {profileRootDirectory}
--profile {profileRootDirectory}
| Description | Path to a server profile |
| Required | Yes |
| Multi-Valued | No |
-v {profileVariablesFile}
--profileVariablesFile {profileVariablesFile}
| Description | Path to a variables file containing variables to be substituted in a server profile |
| Required | No |
| Multi-Valued | No |
-S
--skipVariableSubstitution
| Description | Do not perform any substitution of variable values on the profile used by this tool |
--tempProfileDirectory {tempDirectory}
| Description | Path to a directory where the temporary profile created by the manage-profile tool should be placed. The temporary profile will be deleted after the tool has finished running |
| Required | No |
| Multi-Valued | No |
-E
--useEnvironmentVariables
| Description | Use environment variable values when substituting variables in the server profile |
--skipValidation
| Description | Skip the validation step at the end of the replace-profile process. This will speed up the replace-profile process when run on an offline server, but will prevent the tool from being able to rollback to the previous profile if an error occurs when starting the server |
-Z
--useSSL
| Description | Use SSL for secure communication with the server |
-q
--useStartTLS
| Description | Use StartTLS to secure communication with the server |
--useNoSecurity
| Description | Use no security when communicating with the server |
-h {host}
--hostname {host}
| Description | Fully qualified host name or IP address of the local Directory Server |
| Default Value | localhost |
| Required | No |
| Multi-Valued | No |
--port {port}
| Description | Directory Server port number |
| Default Value | 389 |
| Required | No |
| Multi-Valued | No |
-D {bindDN}
--bindDN {bindDN}
| Description | DN used to bind to the server |
| Default Value | cn=Directory Manager |
| Required | No |
| Multi-Valued | No |
-w {bindPassword}
--bindPassword {bindPassword}
| Description | Password used to bind to the server |
| Required | No |
| Multi-Valued | No |
-j {bindPasswordFile}
--bindPasswordFile {bindPasswordFile}
| Description | Bind password file |
| Required | No |
| Multi-Valued | No |
-o {name=value}
--saslOption {name=value}
| Description | SASL bind options |
| Required | No |
| Multi-Valued | Yes |
-X
--trustAll
| Description | Trust all server SSL certificates |
-P {truststorePath}
--trustStorePath {truststorePath}
| Description | Certificate truststore path |
| Default Value | /home/centos/workspace/Core-Release-Pipeline/build/package/PingDirectory/config/truststore |
| Required | No |
| Multi-Valued | No |
-T {truststorePassword}
--trustStorePassword {truststorePassword}
| Description | Certificate truststore PIN |
| Required | No |
| Multi-Valued | No |
-U {path}
--trustStorePasswordFile {path}
| Description | Certificate truststore PIN file |
| Required | No |
| Multi-Valued | No |
--trustStoreFormat {trustStoreFormat}
| Description | Certificate truststore format |
| Required | No |
| Multi-Valued | No |
-K {keystorePath}
--keyStorePath {keystorePath}
| Description | Certificate keystore path |
| Required | No |
| Multi-Valued | No |
-W {keystorePassword}
--keyStorePassword {keystorePassword}
| Description | Certificate keystore PIN |
| Required | No |
| Multi-Valued | No |
-u {keystorePasswordFile}
--keyStorePasswordFile {keystorePasswordFile}
| Description | Certificate keystore PIN file |
| Required | No |
| Multi-Valued | No |
--keyStoreFormat {keyStoreFormat}
| Description | Certificate keystore format |
| Required | No |
| Multi-Valued | No |
-N {nickname}
--certNickname {nickname}
| Description | Nickname of the certificate for SSL client authentication |
| Required | No |
| Multi-Valued | No |
Set up and configure a new server using a server profile
Uses the configuration defined in a provided server profile to set up and configure a new server instance
Sets up and configures a server using a server profile. Variables in the profile are substituted using variables defined in the profile.variables file:
manage-profile setup --profile /path/to/profile \
--profileVariablesFile /path/to/profile.variables
Sets up and configures a server using a server profile, without starting the server:
manage-profile setup --profile /path/to/profile --doNotStart
-p {profileRootDirectory}
--profile {profileRootDirectory}
| Description | Path to a server profile |
| Required | Yes |
| Multi-Valued | No |
-v {profileVariablesFile}
--profileVariablesFile {profileVariablesFile}
| Description | Path to a variables file containing variables to be substituted in a server profile |
| Required | No |
| Multi-Valued | No |
-S
--skipVariableSubstitution
| Description | Do not perform any substitution of variable values on the profile used by this tool |
--tempProfileDirectory {tempDirectory}
| Description | Path to a directory where the temporary profile created by the manage-profile tool should be placed. The temporary profile will be deleted after the tool has finished running |
| Required | No |
| Multi-Valued | No |
-E
--useEnvironmentVariables
| Description | Use environment variable values when substituting variables in the server profile |
-O
--doNotStart
| Description | Do not start the server when the configuration is completed |
-R {rejectFile}
--rejectFile {rejectFile}
| Description | Write entries rejected while importing LDIF data to the specified file |
| Required | No |
| Multi-Valued | No |
--addMissingRdnAttributes
| Description | Add values to entries for missing RDN attribute values rather than rejecting them when importing LDIF data |
--licenseKeyFile {file}
| Description | License key file to use when setting up the server. This argument is not necessary if a license is included in the server profile |
| Required | No |
| Multi-Valued | No |
-V
--version
| Description | Display Directory Server version information |
-H
--help
| Description | Display general usage information |
--help-debug
| Description | Display help for using debug options |
| Advanced | Yes |
--help-subcommands
| Description | Display all subcommands |
-Q
--quiet
| Description | Run the tool in quiet mode. Quiet mode will not output progress information to standard output |
--verbose
| Description | Use verbose mode |