Ping Identity Directory Server Command-Line Tool Reference

Arguments

-V
--version

Description

Display Directory Server version information

-H
--help

Description

Display general usage information

--help-debug

Description	Display help for using debug options
Advanced	Yes

-h {host}
--hostname {host}

Description	The IP address or resolvable name to use to connect to the directory server. If this is not provided, then a default value of 'localhost' will be used.
Default Value	localhost
Required	Yes
Multi-Valued	No

-p {port}
--port {port}

Description	The port to use to connect to the directory server. If this is not provided, then a default value of 389 will be used.
Default Value	389
Required	Yes
Multi-Valued	No

-D {dn}
--bindDN {dn}

Description	The DN to use to bind to the directory server when performing simple authentication.
Required	No
Multi-Valued	No

-w {password}
--bindPassword {password}

Description	The password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism.
Required	No
Multi-Valued	No

-j {path}
--bindPasswordFile {path}

Description	The path to the file containing the password to use to bind to the directory server when performing simple authentication or a password-based SASL mechanism.
Required	No
Multi-Valued	No

--promptForBindPassword

Description

Indicates that the tool should interactively prompt the user for the bind password.

-Z
--useSSL

Description

Use SSL when communicating with the directory server.

-q
--useStartTLS

Description

Use StartTLS when communicating with the directory server.

--defaultTrust

Description

Use the JVM's default trust store, the server's default trust store, the server's topology registry, and optionally an additional trust store specified using the --trustStorePath argument to non-interactively determine whether to trust any certificate chain presented during TLS negotiation. If the chain cannot be trusted based on any of those sources, then negotiation will fail without prompting about whether to trust it.

-X
--trustAll

Description

Trust any certificate presented by the directory server.

-K {path}
--keyStorePath {path}

Description	The path to the file to use as the key store for obtaining client certificates when communicating securely with the directory server.
Required	No
Multi-Valued	No

-W {password}
--keyStorePassword {password}

Description	The password to use to access the key store contents.
Required	No
Multi-Valued	No

-u {path}
--keyStorePasswordFile {path}

Description	The path to the file containing the password to use to access the key store contents.
Required	No
Multi-Valued	No

--promptForKeyStorePassword

Description

Indicates that the tool should interactively prompt the user for the password to use to access the key store contents.

--keyStoreFormat {format}

Description	The format (e.g., JKS, PKCS12, PKCS11, BCFKS, etc.) for the key store file.
Required	No
Multi-Valued	No

-P {path}
--trustStorePath {path}

Description	The path to the file to use as trust store when determining whether to trust a certificate presented by the directory server.
Required	No
Multi-Valued	No

-T {password}
--trustStorePassword {password}

Description	The password to use to access the trust store contents.
Required	No
Multi-Valued	No

-U {path}
--trustStorePasswordFile {path}

Description	The path to the file containing the password to use to access the trust store contents.
Required	No
Multi-Valued	No

--promptForTrustStorePassword

Description

Indicates that the tool should interactively prompt the user for the password to use to access the trust store contents.

--trustStoreFormat {format}

Description	The format (e.g., JKS, PKCS12, PKCS11, BCFKS, etc.) for the trust store file.
Required	No
Multi-Valued	No

--verifyCertificateHostnames

Description

Indicates that the tool should verify that the hostname or IP addressed used to establish connections ot the LDAP server matches an address for which the server's TLS certificate was issued.

-N {nickname}
--certNickname {nickname}

Description	The nickname (alias) of the client certificate in the key store to present to the directory server for SSL client authentication.
Required	No
Multi-Valued	No

-o {name=value}
--saslOption {name=value}

Description	A name-value pair providing information to use when performing SASL authentication.
Required	No
Multi-Valued	Yes

--useSASLExternal

Description

Use the SASL EXTERNAL mechanism to authenticate.

--helpSASL

Description

Provide information about the supported SASL mechanisms, including the properties available for use with each.

-R {serverRootDir}
--serverRoot {serverRootDir}

Description	Specify the installation root of the server to update to this server root's version
Required	Yes
Multi-Valued	No

-n
--no-prompt

Description

Use non-interactive mode, disabling any prompts for confirmation or further information

-Q
--quiet

Description

Perform a quiet update or reversion

-v
--verbose

Description

Use verbose mode

--ignoreWarnings

Description

Tool should continue should warnings occur when used non-interactively. This option should be used with caution

--noMergeDefaults

Description

Do not attempt to incorporate any modifications to default values into the current configuration

--serverID {serverID}

Description	Specify the ID of the server to update as set in the admin backend. Use dsframework list-servers to determine the server ID. This option may be used if the update tool is unable to determine the entry for the server being updated in the admin backend while migrating data from the admin backend to the topology registry
Required	No
Multi-Valued	No

--licenseKeyFile {file}

Description	The license key file authorizing use of this product. The license file may be specified by this argument or copied to the target server's root directory in which case it will be imported automatically
Required	No
Multi-Valued	No

update

Description

Examples

Arguments