setup — install OpenDJ server
Synopsis
setup {options}
Description
This utility sets up an OpenDJ server. Use the --help-profiles option to list available profiles.
Options
The setup command takes the following options:
Command options:
--acceptLicense
Automatically accepts the product license (if present).
Default: false
--adminConnectorPort {port}
Port on which the Administration Connector should listen for communication.
--bootstrapReplicationServer {bootstrapReplicationServer}
The addresses of one or more replication servers within the topology which the server should connect to for discovering the rest of the topology. Use syntax "hostname:port" or "[IPv6Address]:port" for IPv6 addresses.
-D | --rootUserDn {rootUserDN}
DN for the initial root user for the Directory Server.
Default: uid=admin
--deploymentKey {deploymentKey}
The deployment key which should be used for securing the deployment. If this option is not provided then a new deployment key will be generated automatically and displayed so that it can be re-used for subsequent servers in the deployment. If no existing certificates are specified using the key-store and trust-store options then the deployment key will also be used for securing all TLS network communication.
--deploymentKeyPassword {deploymentKeyPassword}
Deployment key password. The value is used as a new deployment key password or the password associated to an existing deployment key depending on whether the --deploymentKey is also used.
-h | --hostname {host}
The fully-qualified directory server host name that will be used when generating certificates for LDAP SSL/StartTLS, the administration connector, and replication.
--help-profile {name[:version]}
Display profile parameters.
--help-profiles
Display all available profiles.
Default: false
--httpPort {port}
Port on which the server should listen for HTTP communication.
--httpsPort {port}
Port on which the server should listen for HTTPS communication.
--instancePath {path}
Path were the instance should be set up.
Default: /tmp
--monitorUserDn {monitorUserDn}
DN of the default user allowed to query monitoring information.
Default: uid=Monitor
--monitorUserPassword {monitorUserPassword}
Password of the default user allowed to query monitoring information.
-N | --certNickname {nickname}
Nickname of a keystore entry containing a certificate that the server should use when negotiating secure connections using StartTLS or SSL. Multiple keystore entries may be provided by using this option multiple times.
-p | --ldapPort {port}
Port on which the Directory Server should listen for LDAP communication.
--profile {name[:version]}
Setup profile to apply when initially configuring the server. If the version is not specified, the most recent version older or equal to this OpenDJ version is used. Use this option multiple times to apply multiple profiles. This option cannot be combined with data import options. There are no setup profiles available for this OpenDJ version.
-q | --enableStartTls
Enable StartTLS to allow secure communication with the server using the LDAP port.
Default: false
-Q | --quiet
Use quiet mode.
Default: false
-r | --replicationPort {port}
Port used for replication protocol communications with other servers. Use this option to configure a local replication server. When this option is not used, this server is configured as a standalone DS (no local replication server).
-s | --start
Start the server when the configuration is completed.
Default: false
-S | --skipPortCheck
Skip the check to determine whether the specified ports are usable.
Default: false
--serverId {serverId}
Specify the server ID for this server. An acceptable ID is an ASCII alpha-numeric string; it may also contain underscore and hyphen characters provided they are not the first character.
--set {[profileName/]parameterName:value}
Assign a value to a setup profile parameter. Profile name must be provided if multiple profiles are provided, indicate the profile that a parameter applies to by using the profileName/parameterName format.
-T | --trustStorePassword {trustStorePassword}
Truststore cleartext password.
--useJavaKeyStore {keyStorePath}
Path of a JKS keystore containing the certificate(s) that the server should use when negotiating secure connections using StartTLS or SSL.
--useJavaTrustStore {trustStorePath}
Use existing JKS truststore file for validating peer SSL certificates.
--useJceKeyStore {keyStorePath}
Path of a JCEKS keystore containing the certificate(s) that the server should use when negotiating secure connections using StartTLS or SSL.
--useJceTrustStore {trustStorePath}
Use existing JCEKS truststore file for validating peer SSL certificates.
--usePkcs11KeyStore
Use certificate(s) in a PKCS#11 token that the server should use when accepting SSL-based connections or performing StartTLS negotiation.
Default: false
--usePkcs12KeyStore {keyStorePath}
Path of a PKCS#12 keystore containing the certificate(s) that the server should use when negotiating secure connections using StartTLS or SSL.
--usePkcs12TrustStore {trustStorePath}
Use existing PKCS12 truststore file for validating peer SSL certificates.
-w | --rootUserPassword {rootUserPassword}
Password for the initial root user for the Directory Server.
-W | --keyStorePassword {keyStorePassword}
Keystore cleartext password.
-X | --trustAll
Blindly trust peer SSL certificates.
Default: false
-Z | --ldapsPort {port}
Port on which the Directory Server should listen for LDAPS communication. The LDAPS port will be configured and SSL will be enabled only if this option is explicitly specified.
General options:
-V | --version
Display Directory Server version information.
Default: false
-H | --help
Display this usage information.
Default: false
Exit Codes
- 0
The command completed successfully.
- > 0
An error occurred.
Examples
The following command installs a directory server, enables StartTLS and imports 100 example entries:
$/path/to/opendj/setup \ --deploymentKey AFPxL0RlmdMZHeVkkcC3GYFsAHNlNQ5CBVN1bkVDM7FyW2gWxnvQdQ \ --deploymentKeyPassword password \ --rootUserDn uid=admin \ --rootUserPassword password \ --hostname opendj.example.com \ --adminConnectorPort 4444 \ --ldapPort 1389 \ --enableStartTls \ --profile ds-evaluation \ --set ds-evaluation/generatedUsers:100 \ --acceptLicense
Validating parameters..... Done Configuring certificates..... Done Configuring server..... Done Configuring profile DS evaluation......... Done Starting directory server.......... Done To see basic server status and configuration, you can launch /path/to/opendj/bin/status