Apq
/
389-ds-base
mirror of https://github.com/389ds/389-ds-base.git


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879
							.\"                                      Hey, EMACS: -*- nroff -*-
.\" First parameter, NAME, should be all caps
.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
.\" other parameters are allowed: see man(7), man(1)
.TH NS-NEWPWPOLICY.PL 8 "Mar 5, 2013"
.\" Please adjust this date whenever revising the manpage.
.\"
.\" Some roff macros, for reference:
.\" .nh        disable hyphenation
.\" .hy        enable hyphenation
.\" .ad l      left justify
.\" .ad b      justify to both left and right margins
.\" .nf        disable filling
.\" .fi        enable filling
.\" .br        insert line break
.\" .sp <n>    insert n+1 empty lines
.\" for manpage-specific macros, see man(7)
.SH NAME 
ns-newpwpolicy.pl - Directory Server perl script for preparing new password policies.
.SH SYNOPSIS
ns-newpwpolicy.pl [\-Z serverID] [\-v] [\-D rootdn] { \-w password | \-j filename } [\-P protocol] [\-p port] [\-h host] \-U UserDN \-S SuffixDN
.SH DESCRIPTION
Adds entries required for implementing the user- and subtree-level password policy.
.SH OPTIONS
A summary of options is included below:
.TP
.B \fB\-Z\fR \fIServer Identifier\fR
The server ID of the Directory Server instance.  If there is only 
one instance on the system, this option can be skipped.
.TP
.B \fB\-D\fR \fIRoot DN\fR
The Directory Manager DN, or root DN.  If not specified, the script will 
search the server instance configuration for the value.
.TP
.B \fB\-w\fR \fIpassword\fR
The rootdn password.
.TP
.B \fB\-w \-\fR 
.br
Prompt for the rootdn password.
.TP
.B \fB\-j\fR \fIpassword filename\fR
The name of the file that contains the root DN password.
.TP
.B \fB\-P\fR \fIProtocol\fR
The connection protocol to connect to the Directory Server.  Protocols are STARTTLS, LDAPS, LDAPI, and LDAP.
If this option is skipped, the most secure protocol that is available is used.  For LDAPI, AUTOBIND is also
available for the root user.
.TP
.B \fB\-h\fR \fIhost\fR
Host name of the Directory Server.
.TP
.B \fB\-p\fR \fIport\fR
Port number of the Directory Server.
.TP
.B \fB\-U\fR \fIuserDN\fR
Specifies the DN of the user entry that needs to be updated with user-level password policy attributes. 
.TP
.B \fB\-S\fR \fIsuffixDN\fR
Specifies the DN of the suffix entry that needs to be updated with subtree-level password policy attributes.
.TP
.B \fB\-v\fR 
.br
Display verbose output
.SH EXAMPLE
.TP
ns-newpwpolicy.pl \-Z instance3 \-D 'cn=directory manager' \-w password \-P STARTTLS \-U 'uid=user,ou=people,dc=example,dc=com' 

Note: security must be enabled to use protocol STARTTLS.  If STARTTLS is not available it will default to next strongest/available protocol automatically.
.SH DIAGNOSTICS
Exit status is zero if no errors occur.  Errors result in a 
non-zero exit status and a diagnostic message being written 
to standard error.
.SH AUTHOR
ns-newpwpolicy.pl was written by the 389 Project.
.SH "REPORTING BUGS"
Report bugs to https://fedorahosted.org/389/newticket.
.SH COPYRIGHT
Copyright \(co 2013 Red Hat, Inc.