10.2. Command-Line Scripts Quick Reference

Specifying the Server Instance and Protocol

You can update any instance on the system and control the protocol used to connect to the LDAP server by calling a single script. The following command-line options can be used with core scripts:
-Z
This option takes one parameter, the server instance identifier. The script uses the identifier to get information such as the server location, or necessary configuration settings including port number, root DN, and security settings. The server instance identifier can be retrieved as part of the directory name in /etc/dirsrv/. For example, if your instance is located in /etc/dirsrv/slapd-localhost/, then localhost is the identifier:
# db2ldif -Z localhost -a /tmp/db.ldif -n userRoot
The instance-specific scripts use -Z automatically by default.
-P
This option only applies to Perl scripts and takes a protocol name as a parameter. If you do not supply the -P option or supply an invalid protocol name, the script attempts to use the most secure protocol available to the server instance. The supported protocols are StartTLS, LDAPS, LDAPI, and LDAP; this sequence also defines the order the script uses if fallback is needed.

Table 10.1. Shell Scripts

Script Name Description Location
bak2db Restores the database from the most recent archived backup.
/usr/sbin/
cl-dump Dumps and decodes the change log.
/usr/bin/
db2bak Creates a backup of the current database contents.
/usr/sbin/
db2ldif Exports the contents of the database to LDIF.
/usr/sbin/
db2index Reindexes the database index files.
/usr/sbin/
dbverify Checks back end database files.
/usr/sbin/
ds_removal Removes a server instance.
/usr/bin/
ldif2db Imports LDIF files to the database. Runs the ns-slapd command-line utility with the ldif2db keyword.
/usr/sbin/
ldif2ldap Performs an import operation over LDAP to the Directory Server.
/usr/sbin/
monitor Retrieves performance monitoring information using the ldapsearch command-line utility.
/usr/sbin/
pwdhash Prints the encrypted form of a password using one of the server's encryption algorithms. If a user cannot log in, use this script to compare the user's password to the password stored in the directory.
/usr/bin/
repl-monitor Provides in-progress status of replication.
/usr/bin/
restart-dirsrv Restarts a single Directory Server instance or all Directory Server instances.
/usr/sbin/
restart-ds-admin Restarts the Administration Server instance.
/usr/sbin/
restart-slapd Restarts Directory Server.
/usr/sbin/
restoreconfig Restores by default the most recently saved Administration Server configuration to NetscapeRoot partition.
/usr/sbin/
saveconfig Saves Administration Server configuration stored in the NetscapeRoot database to the /var/lib/dirsrv/slapd-instance/bak directory.
/usr/sbin/
start-slapd Starts Directory Server.
/usr/sbin/
start-dirsrv Starts a single Directory Server instance or all Directory Server instances.
/usr/sbin/
start-ds-admin Starts the Administration Server instance.
/usr/sbin/
stop-dirsrv Stops a single Directory Server instance or all Directory Server instances.
/usr/sbin/
stop-ds-admin Stops the Administration Server instance.
/usr/sbin/
stop-slapd Stops Directory Server.
/usr/sbin/
suffix2instance Maps a suffix to a back end name.
/usr/sbin/
upgradednformat Migrates older DN syntax formats to RFC 4514 compliant formats.
/usr/sbin/
vlvindex Creates and generates virtual list view (VLV) indexes.
/usr/sbin/

Table 10.2. Perl Scripts

Script Name Description Location
bak2db.pl Restores the database from the most recent archived backup.
/usr/sbin/
cl-dump.pl Dumps and decodes the change log.
/usr/bin/
db2bak.pl Creates a backup of the current database contents.
/usr/sbin/
db2index.pl Creates and regenerates indexes.
/usr/sbin/
db2ldif.pl Exports the contents of the database to LDIF.
/usr/sbin/
fixup-linkedattrs.pl Goes through all of the linked attributes in entries and updates the corresponding entries to have the correct managed attributes (and values).
/usr/sbin/
fixup-memberof.pl Regenerates the memberOf on user entries to reflect changes in group membership.
/usr/sbin/
ldif2db.pl Imports LDIF files to a database and runs the ns-slapd command-line utility with the ldif2db keyword.
/usr/sbin/
logconv.pl Analyzes the access logs of a Directory Server to extract usage statistics and count the occurrences of significant events.
/usr/bin/
migrate-ds-admin.pl Migrates a Directory Server 7.1 instance.
/usr/bin/
ns-accountstatus.pl Provides account status information to establish whether an entry or group of entries is locked.
/usr/sbin/
ns-activate.pl Activates an entry or a group of entries by unlocking them.
/usr/sbin/
ns-inactivate.pl Deactivates an entry or a group of entries.
/usr/sbin/
ns-newpwpolicy.pl Adds relevant entries required for the fine-grained (user- and subtree-level) password policy.
/usr/sbin/
register-ds-admin.pl Re-registers a Directory Server instance with the local Administration Server.
/usr/sbin/
remove-ds.pl Removes a Directory Server instance.
/usr/sbin/
remove-ds-admin.pl Removes a Directory Server instance and its associated Administration Server instance.
/usr/sbin/
repl-monitor.pl Provides in-progress status of replication.
/usr/bin/
setup-ds.pl Creates or recreates a Directory Server instance.
/usr/sbin/
setup-ds-admin.pl Creates a new Directory Server instance and local Administration Server instance.
/usr/sbin/
schema-reload.pl Reloads schema dynamically into the server instance.
/usr/sbin/
syntax-validate.pl Checks existing data in a database to find any syntax violations in the attribute values.
/usr/sbin/
usn-tombstone-cleanup.pl Deletes tombstone entries managed by the update sequence number plug-in for a server instance (as opposed to the replication tombstone entries).
/usr/sbin/
verify-db.pl Checks back end database files.
/usr/sbin/