Provided by: liblemonldap-ng-common-perl_2.0.16+ds-4_all 
NAME
importMetadata - Script to import SAML federation metadata into LL::NG configuration
SYNOPSIS
importMetadata -m <metadata URL> [options]
Options:
-m, --metadata URL of metadata document
-i, --idpconfprefix Prefix used to set IDP configuration key
-s, --spconfprefix Prefix used to set SP configuration key
--ignore-sp ignore SP matching this entityID (can be specified multiple times)
--ignore-idp ignore IdP matching this entityID (can be specified multiple times)
-a, --nagios output statistics in Nagios format
-r, --remove remove provider from LemonLDAP::NG if it does not appear in metadata
-n, --dry-run print statistics but do not apply changes
-c, --config-file use provided configuration file
-v, --verbose increase verbosity of output
-h, --help print full documentation
OPTIONS
-m URL, --metadata=URL
Specifies the <URL> of the metadata document to import
-i PREFIX, --idpconfprefix=PREFIX
Prefix each IDP found the metadata document with the <PREFIX> when registring them
into LemonLDAP::NG
-s PREFIX, --spconfprefix=PREFIX
Prefix each SP found the metadata document with the <PREFIX> when registring them into
LemonLDAP::NG
--ignore-sp=ENTITYID
Ignore the specified Service Provider <ENTITYID>. It will not be added, updated or
deleted from LemonLDAP::NG configuration
--ignore-idp=ENTITYID
Ignore the specified Identity Provider <ENTITYID>. It will not be added, updated or
deleted from LemonLDAP::NG configuration
-a, --nagios
After each run, print statistics about added/modified/deleted items in Nagios format
-r, --remove
If this option is used, after a successful import, existing SP/IDPs who match the
configuration prefix will be removed from LemonLDAP::NG if they were not present in
the imported metadata
-n, --dry-run
This option prevents the modified configuration from being saved. It can be used for
testing.
-c, --config-file
Using a configuration file lets you do advanced configuration on a global per-provider
basis. The configuration file is stored in .ini format. Here is an example file
# main script options, these will be overriden by the CLI options
[main]
dry-run=1
verbose=1
metadata=http://url/to/metadata.xml
; Multi-value options
ignore-idp=entity-id-to-ignore-1
ignore-idp=entity-id-to-ignore-2
# Default exported attributes for IDPs
[exportedAttributes]
cn=0;cn
eduPersonPrincipalName=0;eduPersonPrincipalName
...
# options that apply to all providers
[ALL]
; Disable signature requirement on requests
samlSPMetaDataOptionsCheckSSOMessageSignature=0
samlSPMetaDataOptionsCheckSLOMessageSignature=0
; Store SAML assertions in session
samlIDPMetaDataOptionsStoreSAMLToken=1
; Mark ePPN as always required
attribute_required_eduPersonPrincipalName=1
...
# Specific provider configurations
[https://test-sp.federation.renater.fr]
; All attributes are optional for this provider
attribute_required=0
; Override some options
samlSPMetaDataOptionsNameIDFormat=persistent
[https://idp.renater.fr/idp/shibboleth]
; declare an extra attribute from this provider
exported_attribute_eduPersonAffiliation=1;uid
-v, --verbose
Increase verbosity during script execution
-h, --help
Displays the script's documentation
SEE ALSO
<http://lemonldap-ng.org/>
AUTHORS
Clement Oudot, <clement@oodo.net>
BUG REPORT
Use OW2 system to report bug or ask for features:
<https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>
DOWNLOAD
Lemonldap::NG is available at <https://lemonldap-ng.org/download>