Interactive mode is a convenient method to get the server up and running when you're just getting started, but the installation process for production deployments is generally scripted. For this process, non-interactive mode is a better choice and setup offers several useful arguments.

To join a topology with non-interactive setup:

  • Run setup:
    • Use the following arguments to join an existing Directory Server topology:
      --existingDSTopologyHostName {address}
      The address of a Directory Server instance in the topology to be joined.
      --existingDSTopologyPort {port}
      The port for communication with the Directory Server to retrieve information about the topology.
      --existingDSTopologyUseSSL
      Indicates that the communication with the Directory Server to retrieve information about the topology should be encrypted with SSL.
      --existingDSTopologyUseStartTLS
      Indicates that the communication with the Directory Server to retrieve information about the topology should be encrypted with the StartTLS extended operation.
      --existingDSTopologyUseNoSecurity
      Indicates that the communication with the Directory Server to retrieve information about the topology should be not be encrypted.
      --existingDSTopologyUseJavaTruststore{path}
      The path to a JKS trust store that has the information needed to trust the certificate presented by the Directory Server when using SSL or StartTLS.
      --existingDSTopologyUsePkcs12Truststore{path}
      The path to a PKCS #12 trust store that has the information needed to trust the certificate presented by the Directory Server when using SSL or StartTLS.
      --existingDSTopologyTrustStorePassword{password}
      The password needed to access the contents of the JKS or PKCS #12 trust store. A password is typically required when using a PKCS #12 trust store but is optional when using a JKS trust store.
      --existingDSTopologyTrustStorePasswordFile{path}
      The path to a file containing the password needed to access the contents of the JKS or PKCS #12 trust store.
      --existingDSTopologyBindDN{path}
      The DN of the account to use to authenticate to the Directory Server. This account must have full read and write access to the configuration and to manage the topology.
      --existingDSTopologyBindPassword{password}
      The password for the account to use to authenticate to the Directory Server.
      --existingDSTopologyBindPasswordFile{path}
      The path to a file containing the password to use to authenticate to the Directory Server.

      For example, you can use a command similar to the following to set up a PingDirectoryProxy Server instance in the same topology as a Directory Server instance.

      $ ./setup --acceptLicense \
           --licenseKeyFile PingDirectory.lic
           --maxHeapSize 2g \
           --localHostName proxy1.example.com \
           --skipHostnameCheck \
           --instanceName proxy1 \
           --location Austin \
           --rootUserDN "cn=Directory Manager" \
           --rootUserPasswordFile directory-manager-password.txt \
           --ldapPort 389 \
           --ldapsPort 636 \
           --httpsPort 443 \
           --enableStartTLS \
           --useJavaKeyStore config/keystore \
           --keyStorePasswordFile config/keystore.pin \
           --certNickname server-cert \
           --useJavaTrustStore config/truststore \
           --trustStorePasswordFile config/truststore.pin \
           --encryptDataWithPassphraseFromFile encryption-passphrase.txt \
           --existingDSTopologyHostName ds1.example.com \
           --existingDSTopologyPort 636 \
           --existingDSTopologyBindDN "cn=Directory Manager" \
           --existingDSTopologyBindPasswordFile directory-manager-password.txt \
           --existingDSTopologyUseSSL \
           --existingDSTopologyUseJavaTrustStore config/truststore \
           --no-prompt
    • Use the following arguments to clone the configuration of an existing PingDirectoryProxy Server instance, including joining the same topology as the existing instance:
      --peerHostName{address}
      The address of a PingDirectoryProxy Server instance whose configuration should be cloned and whose topology should be joined.
      --peerPort{port}
      The port communication with the PingDirectoryProxy Server to retrieve the configuration and topology information.
      --peerUseSSL
      Indicates that communication with the PingDirectoryProxy Server to retrieve configuration and topology information should be encrypted with SSL.
      --peerUseStartTLS
      Indicates that communication with the PingDirectoryProxy Server to retrieve configuration and topology information should be encrypted with the StartTLS extended operation.
      --peerUseNoSecurity
      Indicates that communication with the PingDirectoryProxy Server to retrieve configuration and topology information should not be encrypted.
      Note:

      When using SSL or StartTLS to encrypt the communication, you also need to use one of the --useJavaTruststore or --usePkcs12Truststore arguments to specify the path to a trust store with the information needed to trust the certificate that is presented by the PingDirectoryProxy Server.

      The following is an example of a sample command to set up a new PingDirectoryProxy Server as a clone of an existing PingDirectoryProxy Server instance.

      $ ./setup --acceptLicense \
           --licenseKeyFile PingDirectory.lic
           --maxHeapSize 2g \
           --localHostName proxy2.example.com \
           --skipHostnameCheck \
           --instanceName proxy2 \
           --location Austin \
           --rootUserDN "cn=Directory Manager" \
           --rootUserPasswordFile directory-manager-password.txt \
           --ldapPort 389 \
           --ldapsPort 636 \
           --httpsPort 443 \
           --enableStartTLS \
           --useJavaKeyStore config/keystore \
           --keyStorePasswordFile config/keystore.pin \
           --certNickname server-cert \
           --useJavaTrustStore config/truststore \
           --trustStorePasswordFile config/truststore.pin \
           --encryptDataWithPassphraseFromFile encryption-passphrase.txt \
           --peerHostName proxy1.example.com \
           --peerPort 636 \
           --peerUseSSL \
           --no-prompt