Page created: 22 Jul 2020
|
Page updated: 9 Feb 2021
PingDataGovernance Server provides the following command-line tools. You can run these tools in interactive, noninteractive, or script mode.
| For | Use this option | Example |
|---|---|---|
|
Information about arguments and subcommands Usage examples |
|
dsconfig --help |
|
A list of subcommands |
|
dsconfig --help-subcommands |
|
More information about a subcommand |
|
dsconfig list-log-publishers --help |
| Tool | Description |
|---|---|
| backup |
Run full or incremental backups on one or more PingDataGovernance Server backends. This tools supports the use of a properties file to pass command-line arguments. See Saving options in a file. |
| base64 | Encode raw data using the base64 algorithm or decode base64-encoded data back to its raw representation. |
| collect-support-data | Collect and package system information useful in troubleshooting problems. The information is packaged as a zip archive that you can send to a technical support representative. |
| config-diff | Compare PingDataGovernance Server configurations and produce the dsconfig batch file needed to bring the source inline with the target. |
| create-initial-config | Create an initial PingDataGovernance Server configuration. |
| create-rc-script | Create a Run Control (RC) script to start, stop, and restart the PingDataGovernance Server on UNIX-based systems. |
| create-systemd-script | Create a systemd script to start and stop the PingDataGovernance Server on Linux-based systems. |
| dsconfig | View and edit the PingDataGovernance Server configuration. |
| dsjavaproperties |
Configure the JVM options used to run PingDataGovernance Server and its associated tools. Before launching the command, edit the properties file located in config/java.properties to specify the desired JVM options and JAVA_HOME environment variable. |
| encrypt-file | Encrypt or decrypt data using a key generated from a user-supplied passphrase, a key generated from an encryption settings definition, or a key shared among servers in the topology. The data to be processed can be read from a file or standard input, and the resulting data can be written to a file or standard output. You can use this command to encrypt and subsequently decrypt arbitrary data, or to decrypt encrypted backups, LDIF exports, and log files generated by the server. |
| encryption-settings | Manage the server encryption settings database. |
| ldap-diff | Compare the contents of two LDAP servers. |
| ldap-result-code | Display and query LDAP result codes. |
| ldapcompare | Perform LDAP compare operations in the PingDataGovernance Server. |
| ldapdelete | Delete one or more entries from an LDAP directory server. You can provide the DNs of the entries to delete using named arguments, as trailing arguments, from a file, or from standard input. Alternatively, you can identify entries to delete using a search base DN and filter. |
| ldapmodify | Apply a set of add, delete, modify, and/or modify DN operations
to a directory server. Supply the changes to apply in LDIF format,
either from standard input or from a file specified with the
ldifFile argument. Change records must be
separated by at least one blank line. |
| ldappasswordmodify | Perform LDAP password modify operations in PingDataGovernance Server. |
| ldapsearch | Process one or more searches in an LDAP directory server. |
| list-backends | List the backends and base DNs configured in PingDataGovernance Server. |
| manage-certificates | Manage certificates and private keys in a JKS or PKCS #12 key store. |
| manage-extension | Install or update PingDataGovernance Server extension bundles. |
| manage-profile | Generate, compare, install, and replace server profiles. |
| manage-tasks | Access information about pending, running, and completed tasks scheduled in the PingDataGovernance Server. |
| manage-topology | Manage the topology registry. |
| prepare-external-store | Prepare a PingDataGovernance Server and an external server for communication. |
| reload-http-connection-handler-certificates | Reload HTTPS Connection Handler certificates. |
| remove-backup | Safely remove a backup and optionally all of its dependent backups from the specified PingDataGovernance Server backend. |
| remove-defunct-server | Remove a server from this server's topology. |
| replace-certificate | Replace the listener certificate for this PingDataGovernance Server server instance. |
| restore | Restore a backup of a PingDataGovernance Server backend. |
| revert-update | Revert this server package's most recent update. |
| review-license | Review and/or indicate your acceptance of the license agreement defined in legal/LICENSE.txt. |
| rotate-log | Trigger the rotation of one or more log files. |
| sanitize-log | Sanitize the contents of a server log file to remove potentially sensitive information while still attempting to retain enough information to make it useful for diagnosing problems or understanding load patterns. The sanitization process operates on fields that consist of name-value pairs. The field name is always preserved, but field values might be tokenized or redacted if they might include sensitive information. Supported log file types include the file-based access, error, sync, and resync logs, as well as the operation timing access log and the detailed HTTP operation log. |
| schedule-exec-task | Schedule an exec task to run a specified command in the server.
To run an exec task, a number of conditions must be satisfied: the
server's global configuration must have been updated to include
'com.unboundid.directory.server.tasks.ExecTask' in the set of
allowed-task values, the requester must have the
exec-task privilege, and the command to execute
must be listed in the
exec-command-whitelist.txt file in the
server's config directory. The absolute path
(on the server system) of the command to execute must be specified
as the first unnamed trailing argument to this program, and the
arguments to provide to that command (if any) should be specified as
the remaining trailing arguments. The server root is used as the
command's working directory, so any arguments that represent
relative paths are interpreted as relative to that
directory. |
| search-logs | Search across log files to extract lines matching the provided patterns, like the grep command-line tool. The benefits of using this tool over grep are its ability to handle multiline log messages, extract log messages within a given time range, and the inclusion of rotated log files. |
| server-state | View information about the current state of the PingDataGovernance Server process. |
| setup | Perform the initial setup for a server instance. |
| start-server | Start the PingDataGovernance Server. |
| status | Display basic server information. |
| stop-server | Stop or restart the server. |
| sum-file-sizes | Calculate the sum of the sizes for a set of files. |
| uninstall | Uninstall PingDataGovernance Server. |
| update | Update the PingDataGovernance Server to a newer version by downloading and unzipping the new server install package on the same host as the server you wish to update. Then, use the update tool from the new server package to update the older version of the server. Before upgrading a server, you should ensure that it is capable of starting without severe or fatal errors. During the update process, the server is stopped if running, then the update is performed, and a check is made to determine if the newly updated server starts without major errors. If it cannot start cleanly, the update will be backed out and the server returned to its prior state. See the revert-update tool for information on reverting an update. |
| validate-file-signature | Validate file signatures. For best results, file signatures should be validated by the same instance used to generate the file. However, it might be possible to validate signatures generated on other instances in a replicated topology. |