Provided by: python3-lib389_1.4.3.6-2_all 
NAME
dsidm
SYNOPSIS
dsidm [-h] [-b BASEDN] [-v] [-D BINDDN] [-w BINDPW] [-W] [-y PWDFILE] [-Z] [-j] instance
{account,group,initialise,organizationalunit,posixgroup,user,client_config,role} ...
OPTIONS
instance
The instance name OR the LDAP url to connect to, IE localhost,
ldap://mai.example.com:389
Sub-commands
dsidm account
Manage generic accounts, with tasks like modify, locking and unlocking. To create an account, see
"user" subcommand instead.
dsidm group
Manage groups
dsidm initialise
Initialise a backend with domain information and sample entries
dsidm organizationalunit
Manage organizational units
dsidm posixgroup
Manage posix groups
dsidm user
Manage posix users
dsidm client_config
Display and generate client example configs for this LDAP server
dsidm role
Manage generic roles, with tasks like modify, locking and unlocking.
OPTIONS 'dsidm account'
usage: dsidm instance account [-h]
{list,get-by-dn,modify-by-dn,delete,lock,unlock,entry-status,subtree-
status,reset_password,change_password}
...
Sub-commands
dsidm account list
list accounts that could login to the directory
dsidm account get-by-dn
get-by-dn <dn>
dsidm account modify-by-dn
modify-by-dn <dn> <add|delete|replace>:<attribute>:<value> ...
dsidm account delete
deletes the account
dsidm account lock
lock
dsidm account unlock
unlock
dsidm account entry-status
status of a single entry
dsidm account subtree-status
status of a subtree
dsidm account reset_password
Reset the password of an account. This should be performed by a directory admin.
dsidm account change_password
Change the password of an account. This can be performed by any user (with correct rights)
OPTIONS 'dsidm account list'
usage: dsidm instance account list [-h]
OPTIONS 'dsidm account get-by-dn'
usage: dsidm instance account get-by-dn [-h] [dn]
dn The dn to get and display
OPTIONS 'dsidm account modify-by-dn'
usage: dsidm instance account modify-by-dn [-h] dn changes [changes ...]
dn The dn to get and display
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
OPTIONS 'dsidm account delete'
usage: dsidm instance account delete [-h] [dn]
dn The dn of the account to delete
OPTIONS 'dsidm account lock'
usage: dsidm instance account lock [-h] [dn]
dn The dn to lock
OPTIONS 'dsidm account unlock'
usage: dsidm instance account unlock [-h] [dn]
dn The dn to unlock
OPTIONS 'dsidm account entry-status'
usage: dsidm instance account entry-status [-h] [-V] [dn]
dn The single entry dn to check
-V, --details
Print more account policy details about the entry
OPTIONS 'dsidm account subtree-status'
usage: dsidm instance account subtree-status [-h] [-V] [-f FILTER]
[-s {one,sub}] [-i]
[-o BECOME_INACTIVE_ON]
basedn
basedn Search base for finding entries
-V, --details
Print more account policy details about the entries
-f FILTER, --filter FILTER
Search filter for finding entries
-s {one,sub}, --scope {one,sub}
Search scope (one, sub - default is sub
-i, --inactive-only
Only display inactivated entries
-o BECOME_INACTIVE_ON, --become-inactive-on BECOME_INACTIVE_ON
Only display entries that will become inactive before specified date (in a
format 2007-04-25T14:30)
OPTIONS 'dsidm account reset_password'
usage: dsidm instance account reset_password [-h] [dn] [new_password]
dn The dn to reset the password for
new_password
The new password to set
OPTIONS 'dsidm account change_password'
usage: dsidm instance account change_password [-h]
[dn] [new_password]
[current_password]
dn The dn to change the password for
new_password
The new password to set
current_password
The accounts current password
OPTIONS 'dsidm group'
usage: dsidm instance group [-h]
{list,get,get_dn,create,delete,modify,members,add_member,remove_member}
...
Sub-commands
dsidm group list
list
dsidm group get
get
dsidm group get_dn
get_dn
dsidm group create
create
dsidm group delete
deletes the object
dsidm group modify
modify <add|delete|replace>:<attribute>:<value> ...
dsidm group members
List member dns of a group
dsidm group add_member
Add a member to a group
dsidm group remove_member
Remove a member from a group
OPTIONS 'dsidm group list'
usage: dsidm instance group list [-h]
OPTIONS 'dsidm group get'
usage: dsidm instance group get [-h] [selector]
selector
The term to search for
OPTIONS 'dsidm group get_dn'
usage: dsidm instance group get_dn [-h] [dn]
dn The dn to get
OPTIONS 'dsidm group create'
usage: dsidm instance group create [-h] [--cn [CN]]
--cn [CN]
Value of cn
OPTIONS 'dsidm group delete'
usage: dsidm instance group delete [-h] [dn]
dn The dn to delete
OPTIONS 'dsidm group modify'
usage: dsidm instance group modify [-h] selector changes [changes ...]
selector
The cn to modify
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
OPTIONS 'dsidm group members'
usage: dsidm instance group members [-h] [cn]
cn cn of group to list members of
OPTIONS 'dsidm group add_member'
usage: dsidm instance group add_member [-h] [cn] [dn]
cn cn of group to add member to
dn dn of object to add to group as member
OPTIONS 'dsidm group remove_member'
usage: dsidm instance group remove_member [-h] [cn] [dn]
cn cn of group to remove member from
dn dn of object to remove from group as member
OPTIONS 'dsidm initialise'
usage: dsidm instance initialise [-h] [--version VERSION]
--version VERSION
The version of entries to create.
OPTIONS 'dsidm organizationalunit'
usage: dsidm instance organizationalunit [-h]
{list,get,get_dn,create,delete,modify}
...
Sub-commands
dsidm organizationalunit list
list
dsidm organizationalunit get
get
dsidm organizationalunit get_dn
get_dn
dsidm organizationalunit create
create
dsidm organizationalunit delete
deletes the object
dsidm organizationalunit modify
modify <add|delete|replace>:<attribute>:<value> ...
OPTIONS 'dsidm organizationalunit list'
usage: dsidm instance organizationalunit list [-h]
OPTIONS 'dsidm organizationalunit get'
usage: dsidm instance organizationalunit get [-h] [selector]
selector
The term to search for
OPTIONS 'dsidm organizationalunit get_dn'
usage: dsidm instance organizationalunit get_dn [-h] [dn]
dn The dn to get
OPTIONS 'dsidm organizationalunit create'
usage: dsidm instance organizationalunit create [-h] [--ou [OU]]
--ou [OU]
Value of ou
OPTIONS 'dsidm organizationalunit delete'
usage: dsidm instance organizationalunit delete [-h] [dn]
dn The dn to delete
OPTIONS 'dsidm organizationalunit modify'
usage: dsidm instance organizationalunit modify [-h]
selector changes [changes ...]
selector
The ou to modify
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
OPTIONS 'dsidm posixgroup'
usage: dsidm instance posixgroup [-h]
{list,get,get_dn,create,delete,modify} ...
Sub-commands
dsidm posixgroup list
list
dsidm posixgroup get
get
dsidm posixgroup get_dn
get_dn
dsidm posixgroup create
create
dsidm posixgroup delete
deletes the object
dsidm posixgroup modify
modify <add|delete|replace>:<attribute>:<value> ...
OPTIONS 'dsidm posixgroup list'
usage: dsidm instance posixgroup list [-h]
OPTIONS 'dsidm posixgroup get'
usage: dsidm instance posixgroup get [-h] [selector]
selector
The term to search for
OPTIONS 'dsidm posixgroup get_dn'
usage: dsidm instance posixgroup get_dn [-h] [dn]
dn The dn to get
OPTIONS 'dsidm posixgroup create'
usage: dsidm instance posixgroup create [-h] [--cn [CN]]
[--gidNumber [GIDNUMBER]]
--cn [CN]
Value of cn
--gidNumber [GIDNUMBER]
Value of gidNumber
OPTIONS 'dsidm posixgroup delete'
usage: dsidm instance posixgroup delete [-h] [dn]
dn The dn to delete
OPTIONS 'dsidm posixgroup modify'
usage: dsidm instance posixgroup modify [-h] selector changes [changes ...]
selector
The cn to modify
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
OPTIONS 'dsidm user'
usage: dsidm instance user [-h]
{list,get,get_dn,create,modify,delete,lock,status,unlock}
...
Sub-commands
dsidm user list
list
dsidm user get
get
dsidm user get_dn
get_dn
dsidm user create
create
dsidm user modify
modify <add|delete|replace>:<attribute>:<value> ...
dsidm user delete
deletes the object
dsidm user lock
lock
dsidm user status
status
dsidm user unlock
unlock
OPTIONS 'dsidm user list'
usage: dsidm instance user list [-h]
OPTIONS 'dsidm user get'
usage: dsidm instance user get [-h] [selector]
selector
The term to search for
OPTIONS 'dsidm user get_dn'
usage: dsidm instance user get_dn [-h] [dn]
dn The dn to get
OPTIONS 'dsidm user create'
usage: dsidm instance user create [-h] [--uid [UID]] [--cn [CN]]
[--displayName [DISPLAYNAME]]
[--uidNumber [UIDNUMBER]]
[--gidNumber [GIDNUMBER]]
[--homeDirectory [HOMEDIRECTORY]]
--uid [UID]
Value of uid
--cn [CN]
Value of cn
--displayName [DISPLAYNAME]
Value of displayName
--uidNumber [UIDNUMBER]
Value of uidNumber
--gidNumber [GIDNUMBER]
Value of gidNumber
--homeDirectory [HOMEDIRECTORY]
Value of homeDirectory
OPTIONS 'dsidm user modify'
usage: dsidm instance user modify [-h] selector changes [changes ...]
selector
The uid to modify
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
OPTIONS 'dsidm user delete'
usage: dsidm instance user delete [-h] [dn]
dn The dn to delete
OPTIONS 'dsidm user lock'
usage: dsidm instance user lock [-h] [uid]
uid The uid to lock
OPTIONS 'dsidm user status'
usage: dsidm instance user status [-h] [uid]
uid The uid to check
OPTIONS 'dsidm user unlock'
usage: dsidm instance user unlock [-h] [uid]
uid The uid to unlock
OPTIONS 'dsidm client_config'
usage: dsidm instance client_config [-h] {sssd.conf,ldap.conf,display} ...
Sub-commands
dsidm client_config sssd.conf
Generate a SSSD configuration for this LDAP server
dsidm client_config ldap.conf
Generate an OpenLDAP ldap.conf configuration for this LDAP server
dsidm client_config display
Display generic application parameters for LDAP connection
OPTIONS 'dsidm client_config sssd.conf'
usage: dsidm instance client_config sssd.conf [-h] [allowed_group]
allowed_group
The name of the group allowed access to this system
OPTIONS 'dsidm client_config ldap.conf'
usage: dsidm instance client_config ldap.conf [-h]
OPTIONS 'dsidm client_config display'
usage: dsidm instance client_config display [-h]
OPTIONS 'dsidm role'
usage: dsidm instance role [-h]
{list,get-by-dn,modify-by-dn,delete,lock,unlock,entry-status,subtree-status}
...
Sub-commands
dsidm role list
list roles that could login to the directory
dsidm role get-by-dn
get-by-dn <dn>
dsidm role modify-by-dn
modify-by-dn <dn> <add|delete|replace>:<attribute>:<value> ...
dsidm role delete
deletes the role
dsidm role lock
lock
dsidm role unlock
unlock
dsidm role entry-status
status of a single entry
dsidm role subtree-status
status of a subtree
OPTIONS 'dsidm role list'
usage: dsidm instance role list [-h]
OPTIONS 'dsidm role get-by-dn'
usage: dsidm instance role get-by-dn [-h] [dn]
dn The dn to get and display
OPTIONS 'dsidm role modify-by-dn'
usage: dsidm instance role modify-by-dn [-h] dn changes [changes ...]
dn The dn to get and display
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
OPTIONS 'dsidm role delete'
usage: dsidm instance role delete [-h] [dn]
dn The dn of the role to delete
OPTIONS 'dsidm role lock'
usage: dsidm instance role lock [-h] [dn]
dn The dn to lock
OPTIONS 'dsidm role unlock'
usage: dsidm instance role unlock [-h] [dn]
dn The dn to unlock
OPTIONS 'dsidm role entry-status'
usage: dsidm instance role entry-status [-h] [dn]
dn The single entry dn to check
OPTIONS 'dsidm role subtree-status'
usage: dsidm instance role subtree-status [-h] [-f FILTER] [-s {base,one,sub}]
basedn
basedn Search base for finding entries
-f FILTER, --filter FILTER
Search filter for finding entries
-s {base,one,sub}, --scope {base,one,sub}
Search scope (base, one, sub - default is sub
-b BASEDN, --basedn BASEDN
Basedn (root naming context) of the instance to manage
-v, --verbose
Display verbose operation tracing during command execution
-D BINDDN, --binddn BINDDN
The account to bind as for executing operations
-w BINDPW, --bindpw BINDPW
Password for binddn
-W, --prompt
Prompt for password for binddn
-y PWDFILE, --pwdfile PWDFILE
Specifies a file containing the password for the bind DN
-Z, --starttls
Connect with StartTLS
-j, --json
Return result in JSON object
AUTHORS
lib389 was written by Red Hat Inc. <389-devel@lists.fedoraproject.org>.
DISTRIBUTION
The latest version of lib389 may be downloaded from
http://www.port389.org/docs/389ds/FAQ/upstream-test-framework.html
Manual dsidm(8)