nsdbparams

- FedFS connection management utility

Synopsis

nsdbparams [-r port] [-e nce] [-t sectype] [-f certfile]
     [-D bind_DN] [-w bind_PW | -] nsdb

nsdbparams delete [-r port] nsdb

nsdbparams show [-r port] nsdb

nsdbparams list

nsdbparams get

nsdbparams set [-r port] nsdb

Description

The nsdbparams command manages defaults and connection information for working with FedFS NSDBs (LDAP servers that store FedFS information).

The first form of the command, nsdbparams update, creates or updates a connection entry for the named NSDB. If the port number is not provided, the default LDAP port of 389 is used. If the NCE is not provided, the server will be queried to enumerate NCEs, and if only one is present it will be used. The LDAP bind DN must be provided if the entry is new. The LDAP bind password may be stored or not; if not stored, the password will be prompted for when needed. The -w - form may be used to force prompting for a password to be stored instead of placing it on the command line.

The second form of the command, nsdbparams delete, removes a connection entry for nsdb:port or nsdb:389 if the port number is not provided.

The fourth form of the command, nsdbparams list, enumerates all connection entries.

The fifth form of the command, nsdbparams get, shows a system-wide default NSDB and port number.

The sixth form of the command, nsdbparams set, sets the system-wide default NSDB and port number, using the default LDAP port of 389 if one is not provided.

Options

The following options are supported:

-r port

Specify the port on which the LDAP server implementing the NSDB is listening.

-e nce

Specify the distinguished name of the container of FedFS information on the LDAP server implementing the NSDB; this will often be a single unambiguous location and need not be specified.

-D bind_DN

Specify the distinguished name of a user permitted to change the NSDB information.

-w bind_PW | —

Specify the password for the bind DN user; use of hyphen (-) will force prompting.

-t sectype

Specify the security level used to contact the LDAP server. Value values are FEDFS_SEC_NONE, for no encryption, and FEDFS_SEC_TLS for a connection secured with StartTLS (RFC 4513). If a TLS connection is to be used, the -f certfile argument must be present or a certificate must already be stored.

-f certfile

Specify a TLS certificate to be used to secure a connection with RFC 4513 StartTLS when FEDFS_SEC_TLS is used.

Examples

Example 1 Using nsdbparams to Set Up Communications

The following example sets up communications with an NSDB called nsdb.cthon.org and makes it the default NSDB:

# nsdbparams update -D cn=Manager,dc=cthon,dc=org -w cthon.org \
nsdb.cthon.org
# nsdbparams show nikon.us.example.com
nikon.us.example.com:389
     default bind DN: cn=Manager,dc=cthon,dc=org
     default bind PW: cthon.org
     default NCE: dc=cthon,dc=org
     sectype: FEDFS_SEC_NONE
# nsdbparams set nsdb.cthon.org
# nsdbparams get
default nsdb: nsdb.cthon.org
default port: 389

Exit Status

0

Successful completion.

>0

An error occurred.

Attributes

See attributes(5) for descriptions of the following attributes:

See Also

nfsref(1M), nsdb-list(1M), nsdb-nces(1M), attributes(5), fedfs(5)