Create an initial Identity Proxy configuration.
This tool is used to configure a basic Identity Proxy. The tool will prompt for basic information about your topology including directory server instances, their locations, and the credentials for communicating with them. This tool will record the configuration in a dsconfig batch file and apply the configuration to the local Identity Proxy.
The following assumptions are made about the topology to expedite setup:
1) All servers will be accessible via a single user account
2) All servers support the same communication security type
3) All servers are UnboundID, Alcatel-Lucent 8661, Sun
Java System 5.x, 6.x, or 7.x, or Red Hat (including Fedora and 389)
directory servers
If your topology does not meet these assumptions, use this tool to define a basic configuration and then use the 'dsconfig' tool or the web console to customize the configuration.
create-initial-proxy-config --port 1389 --bindDN "cn=Directory Manager" \
--bindPassword password
-V
--version
| Description | Display Identity Proxy version information |
-H
--help
| Description | Display general usage information |
--help-ldap
| Description | Display help for using LDAP options |
--help-sasl
| Description | Display help for using SASL options |
--help-debug
| Description | Display help for using debug options |
| Advanced | Yes |
-Z
--useSSL
| Description | Use SSL for secure communication with the server |
-q
--useStartTLS
| Description | Use StartTLS to secure communication with the server |
--useNoSecurity
| Description | Use no security when communicating with the server |
-h {host}
--hostname {host}
| Description | Fully qualified host name or IP address of the local Identity Proxy |
| Default Value | localhost |
| Required | No |
| Multi-Valued | No |
-p {port}
--port {port}
| Description | Identity Proxy port number |
| Default Value | 389 |
| Required | No |
| Multi-Valued | No |
-D {bindDN}
--bindDN {bindDN}
| Description | DN used to bind to the server |
| Default Value | cn=Directory Manager |
| Required | No |
| Multi-Valued | No |
-w {bindPassword}
--bindPassword {bindPassword}
| Description | Password used to bind to the server |
| Required | No |
| Multi-Valued | No |
-j {bindPasswordFile}
--bindPasswordFile {bindPasswordFile}
| Description | Bind password file |
| Required | No |
| Multi-Valued | No |
-o {name=value}
--saslOption {name=value}
| Description | SASL bind options |
| Required | No |
| Multi-Valued | Yes |
-X
--trustAll
| Description | Trust all server SSL certificates |
-P {trustStorePath}
--trustStorePath {trustStorePath}
| Description | Certificate trust store path |
| Required | No |
| Multi-Valued | No |
-T {trustStorePassword}
--trustStorePassword {trustStorePassword}
| Description | Certificate trust store PIN |
| Required | No |
| Multi-Valued | No |
-U {path}
--trustStorePasswordFile {path}
| Description | Certificate trust store PIN file |
| Required | No |
| Multi-Valued | No |
-K {keyStorePath}
--keyStorePath {keyStorePath}
| Description | Certificate key store path |
| Required | No |
| Multi-Valued | No |
-W {keyStorePassword}
--keyStorePassword {keyStorePassword}
| Description | Certificate key store PIN |
| Required | No |
| Multi-Valued | No |
-u {keyStorePasswordFile}
--keyStorePasswordFile {keyStorePasswordFile}
| Description | Certificate key store PIN file |
| Required | No |
| Multi-Valued | No |
-N {nickname}
--certNickname {nickname}
| Description | Nickname of the certificate for SSL client authentication |
| Required | No |
| Multi-Valued | No |
--propertiesFilePath {propertiesFilePath}
| Description | Path to the file that contains default property values used for command-line arguments |
| Required | No |
| Multi-Valued | No |
--noPropertiesFile
| Description | Specify that no properties file will be used to get default command-line argument values |
--script-friendly
| Description | Use script-friendly mode |
--proxyTrustStorePath {trustStorePath}
| Description | Path to the trust store which contains certificates for the external servers that are configured in this Identity Proxy |
| Required | No |
| Multi-Valued | No |
--proxyTrustStorePassword {trustStorePassword}
| Description | Password for the specified trust store. A trust store password is required in order for this tool to add the prepared server's certificate to the Identity Proxy trust store |
| Required | No |
| Multi-Valued | No |
--proxyTrustStorePasswordFile {path}
| Description | Path to file containing the password for the specified trust store. A trust store password is required in order for this tool to add the prepared server's certificate to the Identity Proxy trust store |
| Required | No |
| Multi-Valued | No |