The config/sample-dsconfig-batch-files directory contains dsconfig batch files that you can use to configure various aspects of the server. For example, these files can enable additional security capabilities or take advantage of features that might require customization from one environment to another.
Each file includes comments that describe the purpose and benefit of its configuration change. You can choose which of the changes you want to apply.
You need to customize some of the batch files to provide values that might vary from one
environment to another. To apply a batch file that requires changes, copy it to another
directory and edit the copy. Leave the files in the
config/sample-dsconfig-batch-files directory unchanged so that
they can be updated when you upgrade the server. To specify the path to the file that
contains the changes to apply, use the dsconfig tool
(bin/dsconfig on UNIX-based systems or
bat\dsconfig.bat on Windows) with the
--batch-file
argument.
You should also provide the arguments needed to connect and authenticate to the server. The
--no-prompt
argument ensures that the tool does not block while
waiting for input if any necessary arguments are missing. Consider this example.
bin/dsconfig --hostname localhost \
--port 636 --useSSL --trustStorePath config/truststore \
--bindDN "uid=admin,dc=example,dc=com" \
--bindPasswordFile admin-password.txt \
--batch-file config/hardening-dsconfig-batch-files/reject-insecure-request.dsconfig \
--no-prompt