Provided by: python3-lib389_1.4.3.6-2_all
NAME
dsidm
SYNOPSIS
dsidm [-h] [-b BASEDN] [-v] [-D BINDDN] [-w BINDPW] [-W] [-y PWDFILE] [-Z] [-j] instance {account,group,initialise,organizationalunit,posixgroup,user,client_config,role} ...
OPTIONS
instance The instance name OR the LDAP url to connect to, IE localhost, ldap://mai.example.com:389 Sub-commands dsidm account Manage generic accounts, with tasks like modify, locking and unlocking. To create an account, see "user" subcommand instead. dsidm group Manage groups dsidm initialise Initialise a backend with domain information and sample entries dsidm organizationalunit Manage organizational units dsidm posixgroup Manage posix groups dsidm user Manage posix users dsidm client_config Display and generate client example configs for this LDAP server dsidm role Manage generic roles, with tasks like modify, locking and unlocking.
OPTIONS 'dsidm account'
usage: dsidm instance account [-h] {list,get-by-dn,modify-by-dn,delete,lock,unlock,entry- status,subtree-status,reset_password,change_password} ... Sub-commands dsidm account list list accounts that could login to the directory dsidm account get-by-dn get-by-dn <dn> dsidm account modify-by-dn modify-by-dn <dn> <add|delete|replace>:<attribute>:<value> ... dsidm account delete deletes the account dsidm account lock lock dsidm account unlock unlock dsidm account entry-status status of a single entry dsidm account subtree-status status of a subtree dsidm account reset_password Reset the password of an account. This should be performed by a directory admin. dsidm account change_password Change the password of an account. This can be performed by any user (with correct rights)
OPTIONS 'dsidm account list'
usage: dsidm instance account list [-h]
OPTIONS 'dsidm account get-by-dn'
usage: dsidm instance account get-by-dn [-h] [dn] dn The dn to get and display
OPTIONS 'dsidm account modify-by-dn'
usage: dsidm instance account modify-by-dn [-h] dn changes [changes ...] dn The dn to get and display changes A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
OPTIONS 'dsidm account delete'
usage: dsidm instance account delete [-h] [dn] dn The dn of the account to delete
OPTIONS 'dsidm account lock'
usage: dsidm instance account lock [-h] [dn] dn The dn to lock
OPTIONS 'dsidm account unlock'
usage: dsidm instance account unlock [-h] [dn] dn The dn to unlock
OPTIONS 'dsidm account entry-status'
usage: dsidm instance account entry-status [-h] [-V] [dn] dn The single entry dn to check -V, --details Print more account policy details about the entry
OPTIONS 'dsidm account subtree-status'
usage: dsidm instance account subtree-status [-h] [-V] [-f FILTER] [-s {one,sub}] [-i] [-o BECOME_INACTIVE_ON] basedn basedn Search base for finding entries -V, --details Print more account policy details about the entries -f FILTER, --filter FILTER Search filter for finding entries -s {one,sub}, --scope {one,sub} Search scope (one, sub - default is sub -i, --inactive-only Only display inactivated entries -o BECOME_INACTIVE_ON, --become-inactive-on BECOME_INACTIVE_ON Only display entries that will become inactive before specified date (in a format 2007-04-25T14:30)
OPTIONS 'dsidm account reset_password'
usage: dsidm instance account reset_password [-h] [dn] [new_password] dn The dn to reset the password for new_password The new password to set
OPTIONS 'dsidm account change_password'
usage: dsidm instance account change_password [-h] [dn] [new_password] [current_password] dn The dn to change the password for new_password The new password to set current_password The accounts current password
OPTIONS 'dsidm group'
usage: dsidm instance group [-h] {list,get,get_dn,create,delete,modify,members,add_member,remove_member} ... Sub-commands dsidm group list list dsidm group get get dsidm group get_dn get_dn dsidm group create create dsidm group delete deletes the object dsidm group modify modify <add|delete|replace>:<attribute>:<value> ... dsidm group members List member dns of a group dsidm group add_member Add a member to a group dsidm group remove_member Remove a member from a group
OPTIONS 'dsidm group list'
usage: dsidm instance group list [-h]
OPTIONS 'dsidm group get'
usage: dsidm instance group get [-h] [selector] selector The term to search for
OPTIONS 'dsidm group get_dn'
usage: dsidm instance group get_dn [-h] [dn] dn The dn to get
OPTIONS 'dsidm group create'
usage: dsidm instance group create [-h] [--cn [CN]] --cn [CN] Value of cn
OPTIONS 'dsidm group delete'
usage: dsidm instance group delete [-h] [dn] dn The dn to delete
OPTIONS 'dsidm group modify'
usage: dsidm instance group modify [-h] selector changes [changes ...] selector The cn to modify changes A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
OPTIONS 'dsidm group members'
usage: dsidm instance group members [-h] [cn] cn cn of group to list members of
OPTIONS 'dsidm group add_member'
usage: dsidm instance group add_member [-h] [cn] [dn] cn cn of group to add member to dn dn of object to add to group as member
OPTIONS 'dsidm group remove_member'
usage: dsidm instance group remove_member [-h] [cn] [dn] cn cn of group to remove member from dn dn of object to remove from group as member
OPTIONS 'dsidm initialise'
usage: dsidm instance initialise [-h] [--version VERSION] --version VERSION The version of entries to create.
OPTIONS 'dsidm organizationalunit'
usage: dsidm instance organizationalunit [-h] {list,get,get_dn,create,delete,modify} ... Sub-commands dsidm organizationalunit list list dsidm organizationalunit get get dsidm organizationalunit get_dn get_dn dsidm organizationalunit create create dsidm organizationalunit delete deletes the object dsidm organizationalunit modify modify <add|delete|replace>:<attribute>:<value> ...
OPTIONS 'dsidm organizationalunit list'
usage: dsidm instance organizationalunit list [-h]
OPTIONS 'dsidm organizationalunit get'
usage: dsidm instance organizationalunit get [-h] [selector] selector The term to search for
OPTIONS 'dsidm organizationalunit get_dn'
usage: dsidm instance organizationalunit get_dn [-h] [dn] dn The dn to get
OPTIONS 'dsidm organizationalunit create'
usage: dsidm instance organizationalunit create [-h] [--ou [OU]] --ou [OU] Value of ou
OPTIONS 'dsidm organizationalunit delete'
usage: dsidm instance organizationalunit delete [-h] [dn] dn The dn to delete
OPTIONS 'dsidm organizationalunit modify'
usage: dsidm instance organizationalunit modify [-h] selector changes [changes ...] selector The ou to modify changes A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
OPTIONS 'dsidm posixgroup'
usage: dsidm instance posixgroup [-h] {list,get,get_dn,create,delete,modify} ... Sub-commands dsidm posixgroup list list dsidm posixgroup get get dsidm posixgroup get_dn get_dn dsidm posixgroup create create dsidm posixgroup delete deletes the object dsidm posixgroup modify modify <add|delete|replace>:<attribute>:<value> ...
OPTIONS 'dsidm posixgroup list'
usage: dsidm instance posixgroup list [-h]
OPTIONS 'dsidm posixgroup get'
usage: dsidm instance posixgroup get [-h] [selector] selector The term to search for
OPTIONS 'dsidm posixgroup get_dn'
usage: dsidm instance posixgroup get_dn [-h] [dn] dn The dn to get
OPTIONS 'dsidm posixgroup create'
usage: dsidm instance posixgroup create [-h] [--cn [CN]] [--gidNumber [GIDNUMBER]] --cn [CN] Value of cn --gidNumber [GIDNUMBER] Value of gidNumber
OPTIONS 'dsidm posixgroup delete'
usage: dsidm instance posixgroup delete [-h] [dn] dn The dn to delete
OPTIONS 'dsidm posixgroup modify'
usage: dsidm instance posixgroup modify [-h] selector changes [changes ...] selector The cn to modify changes A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
OPTIONS 'dsidm user'
usage: dsidm instance user [-h] {list,get,get_dn,create,modify,delete,lock,status,unlock} ... Sub-commands dsidm user list list dsidm user get get dsidm user get_dn get_dn dsidm user create create dsidm user modify modify <add|delete|replace>:<attribute>:<value> ... dsidm user delete deletes the object dsidm user lock lock dsidm user status status dsidm user unlock unlock
OPTIONS 'dsidm user list'
usage: dsidm instance user list [-h]
OPTIONS 'dsidm user get'
usage: dsidm instance user get [-h] [selector] selector The term to search for
OPTIONS 'dsidm user get_dn'
usage: dsidm instance user get_dn [-h] [dn] dn The dn to get
OPTIONS 'dsidm user create'
usage: dsidm instance user create [-h] [--uid [UID]] [--cn [CN]] [--displayName [DISPLAYNAME]] [--uidNumber [UIDNUMBER]] [--gidNumber [GIDNUMBER]] [--homeDirectory [HOMEDIRECTORY]] --uid [UID] Value of uid --cn [CN] Value of cn --displayName [DISPLAYNAME] Value of displayName --uidNumber [UIDNUMBER] Value of uidNumber --gidNumber [GIDNUMBER] Value of gidNumber --homeDirectory [HOMEDIRECTORY] Value of homeDirectory
OPTIONS 'dsidm user modify'
usage: dsidm instance user modify [-h] selector changes [changes ...] selector The uid to modify changes A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
OPTIONS 'dsidm user delete'
usage: dsidm instance user delete [-h] [dn] dn The dn to delete
OPTIONS 'dsidm user lock'
usage: dsidm instance user lock [-h] [uid] uid The uid to lock
OPTIONS 'dsidm user status'
usage: dsidm instance user status [-h] [uid] uid The uid to check
OPTIONS 'dsidm user unlock'
usage: dsidm instance user unlock [-h] [uid] uid The uid to unlock
OPTIONS 'dsidm client_config'
usage: dsidm instance client_config [-h] {sssd.conf,ldap.conf,display} ... Sub-commands dsidm client_config sssd.conf Generate a SSSD configuration for this LDAP server dsidm client_config ldap.conf Generate an OpenLDAP ldap.conf configuration for this LDAP server dsidm client_config display Display generic application parameters for LDAP connection
OPTIONS 'dsidm client_config sssd.conf'
usage: dsidm instance client_config sssd.conf [-h] [allowed_group] allowed_group The name of the group allowed access to this system
OPTIONS 'dsidm client_config ldap.conf'
usage: dsidm instance client_config ldap.conf [-h]
OPTIONS 'dsidm client_config display'
usage: dsidm instance client_config display [-h]
OPTIONS 'dsidm role'
usage: dsidm instance role [-h] {list,get-by-dn,modify-by-dn,delete,lock,unlock,entry- status,subtree-status} ... Sub-commands dsidm role list list roles that could login to the directory dsidm role get-by-dn get-by-dn <dn> dsidm role modify-by-dn modify-by-dn <dn> <add|delete|replace>:<attribute>:<value> ... dsidm role delete deletes the role dsidm role lock lock dsidm role unlock unlock dsidm role entry-status status of a single entry dsidm role subtree-status status of a subtree
OPTIONS 'dsidm role list'
usage: dsidm instance role list [-h]
OPTIONS 'dsidm role get-by-dn'
usage: dsidm instance role get-by-dn [-h] [dn] dn The dn to get and display
OPTIONS 'dsidm role modify-by-dn'
usage: dsidm instance role modify-by-dn [-h] dn changes [changes ...] dn The dn to get and display changes A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
OPTIONS 'dsidm role delete'
usage: dsidm instance role delete [-h] [dn] dn The dn of the role to delete
OPTIONS 'dsidm role lock'
usage: dsidm instance role lock [-h] [dn] dn The dn to lock
OPTIONS 'dsidm role unlock'
usage: dsidm instance role unlock [-h] [dn] dn The dn to unlock
OPTIONS 'dsidm role entry-status'
usage: dsidm instance role entry-status [-h] [dn] dn The single entry dn to check
OPTIONS 'dsidm role subtree-status'
usage: dsidm instance role subtree-status [-h] [-f FILTER] [-s {base,one,sub}] basedn basedn Search base for finding entries -f FILTER, --filter FILTER Search filter for finding entries -s {base,one,sub}, --scope {base,one,sub} Search scope (base, one, sub - default is sub -b BASEDN, --basedn BASEDN Basedn (root naming context) of the instance to manage -v, --verbose Display verbose operation tracing during command execution -D BINDDN, --binddn BINDDN The account to bind as for executing operations -w BINDPW, --bindpw BINDPW Password for binddn -W, --prompt Prompt for password for binddn -y PWDFILE, --pwdfile PWDFILE Specifies a file containing the password for the bind DN -Z, --starttls Connect with StartTLS -j, --json Return result in JSON object
AUTHORS
lib389 was written by Red Hat Inc. <389-devel@lists.fedoraproject.org>.
DISTRIBUTION
The latest version of lib389 may be downloaded from ⟨http://www.port389.org/docs/389ds/FAQ/upstream-test-framework.html⟩ Manual dsidm(8)