move-subtree

Description Examples Arguments

Description

Move all entries in a specified subtree from one server to another.

Examples

Migrate all entries at or below 'cn=small subtree,dc=example,dc=com' from source server 'ds1.example.com' to target server 'ds2.example.com'.

move-subtree --sourceHostname ds1.example.com --sourcePort 389 \
     --sourceBindDN uid=admin,dc=example,dc=com --sourceBindPassword password \
     --targetHostname ds2.example.com --targetPort 389 \
     --targetBindDN uid=admin,dc=example,dc=com --targetBindPassword password \
     --baseDN "cn=small subtree,dc=example,dc=com" --sizeLimit 100 \
     --purpose "Migrate a small subtree from ds1 to ds2"
For examples and help with LDAP options see LDAP Option Help. For help with SASL authentication, see SASL Option Help

Arguments

-V
--version

Description Display Directory Server version information

-H
--help

Description Display general usage information

--help-ldap

Description Display help for using LDAP options

--help-sasl

Description Display help for using SASL options

--help-debug

Description Display help for using debug options
Advanced Yes

--sourceHostname {host}

Description The IP address or resolvable name to use to connect to the directory server. If this is not provided, then a default value of 'localhost' will be used.
Default Value localhost
Required Yes
Multi-Valued No

--sourcePort {port}

Description The port to use to connect to the directory server. If this is not provided, then a default value of 389 will be used.
Default Value 389
Required Yes
Multi-Valued No

--sourceBindDN {dn}

Description The DN to use to bind to the directory server when performing simple authentication.
Required No
Multi-Valued No

--sourceBindPassword {password}

Description The password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism.
Required No
Multi-Valued No

--sourceBindPasswordFile {path}

Description The path to the file containing the password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism.
Required No
Multi-Valued No

--sourceUseSSL

Description Use SSL when communicating with the directory server.

--sourceUseStartTLS

Description Use StartTLS when communicating with the directory server.

--sourceDefaultTrust

Description Use the JVM's default trust store, the server's default trust store, the server's topology registry, and optionally an additional trust store specified using the --trustStorePath argument to non-interactively determine whether to trust any certificate chain presented during TLS negotiation. If the chain cannot be trusted based on any of those sources, then negotiation will fail without prompting about whether to trust it.

--sourceTrustAll

Description Trust any certificate presented by the directory server.

--sourceKeyStorePath {path}

Description The path to the file to use as the key store for obtaining client certificates when communicating securely with the directory server.
Required No
Multi-Valued No

--sourceKeyStorePassword {password}

Description The password to use to access the key store contents.
Required No
Multi-Valued No

--sourceKeyStorePasswordFile {path}

Description The path to the file containing the password to use to access the key store contents.
Required No
Multi-Valued No

--sourceKeyStoreFormat {format}

Description The format (e.g., JKS, PKCS12, PKCS11, BCFKS, etc.) for the key store file.
Required No
Multi-Valued No

--sourceTrustStorePath {path}

Description The path to the file to use as trust store when determining whether to trust a certificate presented by the directory server.
Required No
Multi-Valued No

--sourceTrustStorePassword {password}

Description The password to use to access the trust store contents.
Required No
Multi-Valued No

--sourceTrustStorePasswordFile {path}

Description The path to the file containing the password to use to access the trust store contents.
Required No
Multi-Valued No

--sourceTrustStoreFormat {format}

Description The format (e.g., JKS, PKCS12, PKCS11, BCFKS, etc.) for the trust store file.
Required No
Multi-Valued No

--sourceCertNickname {nickname}

Description The nickname (alias) of the client certificate in the key store to present to the directory server for SSL client authentication.
Required No
Multi-Valued No

--sourceSASLOption {name=value}

Description A name-value pair providing information to use when performing SASL authentication.
Required No
Multi-Valued Yes

--targetHostname {host}

Description The IP address or resolvable name to use to connect to the directory server. If this is not provided, then a default value of 'localhost' will be used.
Default Value localhost
Required Yes
Multi-Valued No

--targetPort {port}

Description The port to use to connect to the directory server. If this is not provided, then a default value of 389 will be used.
Default Value 389
Required Yes
Multi-Valued No

--targetBindDN {dn}

Description The DN to use to bind to the directory server when performing simple authentication.
Required No
Multi-Valued No

--targetBindPassword {password}

Description The password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism.
Required No
Multi-Valued No

--targetBindPasswordFile {path}

Description The path to the file containing the password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism.
Required No
Multi-Valued No

--targetUseSSL

Description Use SSL when communicating with the directory server.

--targetUseStartTLS

Description Use StartTLS when communicating with the directory server.

--targetDefaultTrust

Description Use the JVM's default trust store, the server's default trust store, the server's topology registry, and optionally an additional trust store specified using the --trustStorePath argument to non-interactively determine whether to trust any certificate chain presented during TLS negotiation. If the chain cannot be trusted based on any of those sources, then negotiation will fail without prompting about whether to trust it.

--targetTrustAll

Description Trust any certificate presented by the directory server.

--targetKeyStorePath {path}

Description The path to the file to use as the key store for obtaining client certificates when communicating securely with the directory server.
Required No
Multi-Valued No

--targetKeyStorePassword {password}

Description The password to use to access the key store contents.
Required No
Multi-Valued No

--targetKeyStorePasswordFile {path}

Description The path to the file containing the password to use to access the key store contents.
Required No
Multi-Valued No

--targetKeyStoreFormat {format}

Description The format (e.g., JKS, PKCS12, PKCS11, BCFKS, etc.) for the key store file.
Required No
Multi-Valued No

--targetTrustStorePath {path}

Description The path to the file to use as trust store when determining whether to trust a certificate presented by the directory server.
Required No
Multi-Valued No

--targetTrustStorePassword {password}

Description The password to use to access the trust store contents.
Required No
Multi-Valued No

--targetTrustStorePasswordFile {path}

Description The path to the file containing the password to use to access the trust store contents.
Required No
Multi-Valued No

--targetTrustStoreFormat {format}

Description The format (e.g., JKS, PKCS12, PKCS11, BCFKS, etc.) for the trust store file.
Required No
Multi-Valued No

--targetCertNickname {nickname}

Description The nickname (alias) of the client certificate in the key store to present to the directory server for SSL client authentication.
Required No
Multi-Valued No

--targetSASLOption {name=value}

Description A name-value pair providing information to use when performing SASL authentication.
Required No
Multi-Valued Yes

-b {dn}
--baseDN {dn}

Description The base DN of the subtree to move.
Required No
Multi-Valued Yes

-f {path}
--baseDNFile {path}

Description The path to a file containing the base DNs of the subtrees to move. Each subtree base DN should be provided on a separate line.
Required No
Multi-Valued No

-z {num}
--sizeLimit {num}

Description The maximum number of entries to allow for the move.
Upper Bound 2147483647
Default Value 0
Required No
Multi-Valued No

--purpose {purpose}

Description The reason that the subtree is to be moved from the source server to the target server.
Required No
Multi-Valued No

-v
--verbose

Description Indicates that the tool should operate in verbose mode in which it will output detailed information as entries are added to the target server and removed from the source server.

--outputFile {path}

Description Write all standard output and standard error messages to the specified file instead of to the console.
Required No
Multi-Valued No

--appendToOutputFile

Description Indicates that the tool should append to the file specified by the --outputFile argument if it already exists. If this argument is not provided and the output file already exists, it will be overwritten.

--teeOutput

Description Write all standard output and standard error messages to the console as well as to the specified output file. The --outputFile argument must also be provided.

--propertiesFilePath {path}

Description The path to a properties file used to specify default values for arguments not supplied on the command line.
Required No
Multi-Valued No

--generatePropertiesFile {path}

Description Write an empty properties file that may be used to specify default values for arguments.
Required No
Multi-Valued No

--noPropertiesFile

Description Do not obtain any argument values from a properties file.

--suppressPropertiesFileComment

Description Suppress output listing the arguments obtained from a properties file.