1.4. Starting the Console

1.4.1. Starting the Directory Server Console

There is a simple script to launch the Directory Server Console. On Red Hat Enterprise Linux, the script is in the standard /usr/bin directory, so it can be run as follows:
HP-UX has a different location for the script:


Make sure that the correct Sun JDK or OpenJDK version is set in the PATH before launching the Console. Run the following to see if the Java program is in the PATH and to get the version and vendor information:
java -version
The login screen prompts for the username, password, and Administration Server location. It is possible to pass other information along with the Console command to supply the Administration Server URL, password, and username. For example:
redhat-idm-console -a http://localhost:9830 -u "cn=Directory Manager" -w secret

Table 1.4. redhat-idm-console Options

Option Description
-a adminURL Specifies a base URL for the instance of Administration Server to log into.
-f fileName Writes errors and system messages to fileName.
-h Prints out the help message for redhat-idm-console.
-s Specifies the directory instance to access, either by specifying the DN of the server instance entry (SIE) or the instance name, such as slapd-example.
-u Gives the user DN to use to log into the Console.
-w Gives the password to use to log into the Console.
-w - Reads the password from the standard output.
-x options Specifies extra options. There are three values for extraOptions:
nowinpos, which puts the Console window in the upper left corner of the screen
nologo, which keeps the splash screen from being displayed and only opens the login dialog
javalaf, which uses the Java look and feel for the Console interface rather than the platform-specific styles
To use multiple options, separate them with a comma.
-y file Reads the password from the specified input file.

1.4.2. Logging into Directory Server

After starting the Directory Server Console, a login screen opens, requiring the username and password for the user logging in and the URL for the Administration Server instance being access. The user logged in at the Console is the user who is binding to Directory Server. This determines the access permissions granted and allowed operations while access the directory tree. The user account used to log into the Directory Server Console can make significant differences in the access; for example, the Directory Manager has access to every user and configuration entry in Directory Server, while the admin entry created during installation has access to only configuration entries, not user entries. Regular user accounts are more limited.
To bind to, or log into, the Directory Server, supply a username and password at the login box.

1.4.3. Changing Login Identity

At any time during a session, you can log in as a different user, without having to restart the Console. To change the login identity:
  1. In the Directory Server Console, select the Tasks tab.
  2. Click Log on to the Directory Server as a New User.
  3. A login dialog box appears.
    Enter the full distinguished name of the entry with which to bind to the server. For example, to bind as user Barbara Jensen, enter her full DN in the login box:
    cn=Barbara Jensen, ou=People,dc=example,dc=com

1.4.4. Viewing the Current Console Bind DN

To see the bind DN that is currently logged into the Directory Server Console, click the login icon in the lower-left corner of the window. The current bind DN appears next to the login icon.
Viewing the Bind DN

Figure 1.1. Viewing the Bind DN