DS 7.2.4

setup

setup — install OpenDJ server

Synopsis

setup {options}

Description

This utility sets up an OpenDJ server. Use the --help-profiles option to list available profiles.

Options

The setup command takes the following options:

Command options:

--acceptLicense

Automatically accepts the product license (if present). Default: false

--adminConnectorPort {port}

Port on which the Administration Connector should listen for communication.

--bootstrapReplicationServer {bootstrapReplicationServer}

The addresses of one or more replication servers within the topology which the server should connect to for discovering the rest of the topology. Use syntax "hostname:port" or "[IPv6Address]:port" for IPv6 addresses.

-D | --rootUserDn {rootUserDN}

DN for the initial root user for the Directory Server. Default: uid=admin

--deploymentId {deploymentId}

The deployment ID which should be used for securing the deployment. If no existing certificates are specified using the key-store and trust-store options then the deployment ID will also be used for securing all TLS network communication.

--deploymentIdPassword[:env|:file] {deploymentIdPassword}

Deployment ID password.

-h | --hostname {host}

The fully-qualified directory server host name that will be used when generating certificates for LDAP SSL/StartTLS, the administration connector, and replication.

--help-profile {name[:version]}

Display profile parameters.

--help-profiles

Display all available profiles. Default: false

--httpPort {port}

Port on which the server should listen for HTTP communication.

--httpsPort {port}

Port on which the server should listen for HTTPS communication.

--instancePath {path}

Path were the instance should be set up. Default: /path/to/opendj

--monitorUserDn {monitorUserDn}

DN of the default user allowed to query monitoring information. Default: uid=Monitor

--monitorUserPassword[:env|:file] {monitorUserPassword}

Password of the default user allowed to query monitoring information.

-N | --certNickname {nickname}

Nickname of a keystore entry containing a certificate that the server should use when negotiating secure connections using StartTLS or SSL. Multiple keystore entries may be provided by using this option multiple times.

-p | --ldapPort {port}

Port on which the Directory Server should listen for LDAP communication.

--profile {name[:version]}

Setup profile to apply when initially configuring the server. If the version is not specified, the most recent version older or equal to this OpenDJ version is used. Use this option multiple times to apply multiple profiles. This option cannot be combined with data import options. There are no setup profiles available for this OpenDJ version.

-q | --enableStartTls

Enable StartTLS to allow secure communication with the server using the LDAP port. Default: false

-Q | --quiet

Use quiet mode. Default: false

-r | --replicationPort {port}

Port used for replication protocol communications with other servers. Use this option to configure a local replication server. When this option is not used, this server is configured as a standalone DS (no local replication server).

-s | --start

Start the server when the configuration is completed. Default: false

-S | --skipPortCheck

Skip the check to determine whether the specified ports are usable. Default: false

--serverId {serverId}

Specify the server ID for this server. An acceptable ID is an ASCII alpha-numeric string; it may also contain underscore and hyphen characters provided they are not the first character.

--set[:env|:file] {[profileName/]parameterName:value}

Assign a value to a setup profile parameter. Profile name must be provided if multiple profiles are provided, indicate the profile that a parameter applies to by using the profileName/parameterName format.

-T | --trustStorePassword[:env|:file] {trustStorePassword}

Truststore password which will be used as the cleartext configuration value.

-u | --keyStorePasswordFilePath {path}

Path of the file containing the keystore password. The specified path will be used as the configuration value in the new server.

-U | --trustStorePasswordFilePath {path}

Path of the file containing the truststore password. The specified path will be used as the configuration value in the new server.

--useJavaKeyStore {keyStorePath}

Path of a JKS keystore containing the certificate(s) that the server should use when negotiating secure connections using StartTLS or SSL.

--useJavaTrustStore {trustStorePath}

Use existing JKS truststore file for validating peer SSL certificates.

--useJceKeyStore {keyStorePath}

Path of a JCEKS keystore containing the certificate(s) that the server should use when negotiating secure connections using StartTLS or SSL.

--useJceTrustStore {trustStorePath}

Use existing JCEKS truststore file for validating peer SSL certificates.

--usePkcs11KeyStore

Use certificate(s) in a PKCS#11 token that the server should use when accepting SSL-based connections or performing StartTLS negotiation. Default: false

--usePkcs12KeyStore {keyStorePath}

Path of a PKCS#12 keystore containing the certificate(s) that the server should use when negotiating secure connections using StartTLS or SSL.

--usePkcs12TrustStore {trustStorePath}

Use existing PKCS12 truststore file for validating peer SSL certificates.

-w | --rootUserPassword[:env|:file] {rootUserPassword}

Password for the initial root user for the Directory Server.

-W | --keyStorePassword[:env|:file] {keyStorePassword}

Keystore password which will be used as the cleartext configuration value.

-X | --trustAll

Blindly trust peer SSL certificates. Default: false

-Z | --ldapsPort {port}

Port on which the Directory Server should listen for LDAPS communication. The LDAPS port will be configured and SSL will be enabled only if this option is explicitly specified.

General options:

-V | --version

Display Directory Server version information. Default: false

-H | --help

Display this usage information. Default: false

Exit codes

0

The command completed successfully.

> 0

An error occurred.

Copyright © 2010-2023 ForgeRock, all rights reserved.