DS diagnostic tools

Debug script

The bin/ script lets you obtain diagnostic information for any DS pod running in your cluster. It also lets you perform several cleanup and recovery operations on DS pods.

Run bin/ -h to refer to the command’s syntax.

The following bin/ subcommands provide diagnostic information:

Subcommand Diagnostics


Server details, connection handlers, backends, and disk space


Replication status


All the DNs in the ou=identities branch


All the directory entries in the cn=monitor branch


A list of the backups associated with a DS instance

The following bin/ subcommands are operational:

Subcommand Action


Purges all the backups associated with a DS instance


Performs a disaster recovery operation by executing the dsrepl start-disaster-recovery -X command, and then the the dsrepl end-disaster-recovery -X command

Debug tools container

The ds-util debug tools container provides a suite of diagnostic tools that you can execute inside of a running Kubernetes cluster.

The container has two types of tools:

  • DS tools. A DS instance is installed in the /opt/opendj directory of the ds-util container. DS tools, such as the ldapsearch and ldapmodify commands, are available in the /opt/opendj/bin directory.

  • Miscellaneous diagnostic tools. A set of diagnostic tools, including dig, netcat, nslookup, curl, and vi, have been installed in the container. The file, /path/to/forgeops/docker/ds/dsutil/Dockerfile, has the list of operating system packages that have been installed in the debug tools container.

To start the debug tools container:

$ kubectl run -it ds-util -- bash

After you start the tools container, a command prompt appears:


You can access all the tools available in the container from this prompt. For example:

root@ds-util:/opt/opendj# nslookup am

Copyright © 2010-2024 ForgeRock, all rights reserved.