.TH dsctl "8" Manual .SH NAME dsctl .SH SYNOPSIS .B dsctl [-h] [-v] [-j] [-l] [instance] {restart,start,stop,status,remove,db2index,db2bak,db2ldif,dbverify,bak2db,ldif2db,backups,ldifs,tls,healthcheck,get-nsstate,ldifgen,dsrc,cockpit} ... .SH OPTIONS .TP \fBinstance\fR The name of the instance to act upon .SS \fBSub-commands\fR .TP \fBdsctl\fR \fI\,restart\/\fR Restart an instance of Directory Server, if it is running: else start it. .TP \fBdsctl\fR \fI\,start\/\fR Start an instance of Directory Server, if it is not currently running .TP \fBdsctl\fR \fI\,stop\/\fR Stop an instance of Directory Server, if it is currently running .TP \fBdsctl\fR \fI\,status\/\fR Check running status of an instance of Directory Server .TP \fBdsctl\fR \fI\,remove\/\fR Destroy an instance of Directory Server, and remove all data. .TP \fBdsctl\fR \fI\,db2index\/\fR Initialise a reindex of the server database. The server must be stopped for this to proceed. .TP \fBdsctl\fR \fI\,db2bak\/\fR Initialise a BDB backup of the database. The server must be stopped for this to proceed. .TP \fBdsctl\fR \fI\,db2ldif\/\fR Initialise an LDIF dump of the database. The server must be stopped for this to proceed. .TP \fBdsctl\fR \fI\,dbverify\/\fR Perform a db verification. You should only do this at direction of support .TP \fBdsctl\fR \fI\,bak2db\/\fR Restore a BDB backup of the database. The server must be stopped for this to proceed. .TP \fBdsctl\fR \fI\,ldif2db\/\fR Restore an LDIF dump of the database. The server must be stopped for this to proceed. .TP \fBdsctl\fR \fI\,backups\/\fR List backup's found in the server's default backup directory .TP \fBdsctl\fR \fI\,ldifs\/\fR List all the LDIF files located in the server's LDIF directory .TP \fBdsctl\fR \fI\,tls\/\fR Manage TLS certificates .TP \fBdsctl\fR \fI\,healthcheck\/\fR Run a healthcheck report on a local Directory Server instance. This is a safe and read-only operation. Do not attempt to run this on a remote Directory Server as this tool needs access to local resources, otherwise the report may be inaccurate. .TP \fBdsctl\fR \fI\,get-nsstate\/\fR Get the replication nsState in a human readable format Replica DN: The DN of the replication configuration entry Replica Suffix: The replicated suffix Replica ID: The Replica identifier Gen Time The time the CSN generator was created Gen Time String: The time string of generator Gen as CSN: The generation CSN Local Offset: The offset due to the local clock being set back Local Offset String: The offset in a nice human format Remote Offset: The offset due to clock difference with remote systems Remote Offset String: The offset in a nice human format Time Skew: The time skew between this server and its replicas Time Skew String: The time skew in a nice human format Seq Num: The number of multiple csns within a second System Time: The local system time Diff in Seconds: The time difference in seconds from the CSN generator creation to now Diff in days/secs: The time difference broken up into days and seconds Endian: Little/Big Endian .TP \fBdsctl\fR \fI\,ldifgen\/\fR LDIF generator to make sample LDIF files for testing .TP \fBdsctl\fR \fI\,dsrc\/\fR Manage the .dsrc file .TP \fBdsctl\fR \fI\,cockpit\/\fR Enable the Cockpit interface/UI .SH OPTIONS 'dsctl restart' usage: dsctl [instance] restart [-h] .SH OPTIONS 'dsctl start' usage: dsctl [instance] start [-h] .SH OPTIONS 'dsctl stop' usage: dsctl [instance] stop [-h] .SH OPTIONS 'dsctl status' usage: dsctl [instance] status [-h] .SH OPTIONS 'dsctl remove' usage: dsctl [instance] remove [-h] [--do-it] .TP \fB\-\-do\-it\fR By default we do a dry run. This actually initiates the removal of the .br instance. .SH OPTIONS 'dsctl db2index' usage: dsctl [instance] db2index [-h] backend .TP \fBbackend\fR The backend to reindex. IE userRoot .SH OPTIONS 'dsctl db2bak' usage: dsctl [instance] db2bak [-h] [archive] .TP \fBarchive\fR The destination for the archive. This will be created during the db2bak .br process. .SH OPTIONS 'dsctl db2ldif' usage: dsctl [instance] db2ldif [-h] [--replication] [--encrypted] backend [ldif] .TP \fBbackend\fR The backend to output as an LDIF. IE userRoot .TP \fBldif\fR The path to the ldif output location. .TP \fB\-\-replication\fR Export replication information, suitable for importing on a new consumer or .br backups. .TP \fB\-\-encrypted\fR Export encrypted attributes .SH OPTIONS 'dsctl dbverify' usage: dsctl [instance] dbverify [-h] backend .TP \fBbackend\fR The backend to verify. IE userRoot .SH OPTIONS 'dsctl bak2db' usage: dsctl [instance] bak2db [-h] archive .TP \fBarchive\fR The archive to restore. This will erase all current server databases. .SH OPTIONS 'dsctl ldif2db' usage: dsctl [instance] ldif2db [-h] [--encrypted] backend ldif .TP \fBbackend\fR The backend to restore from an LDIF. IE userRoot .TP \fBldif\fR The path to the ldif to import .TP \fB\-\-encrypted\fR Import encrypted attributes .SH OPTIONS 'dsctl backups' usage: dsctl [instance] backups [-h] [--delete DELETE] .TP \fB\-\-delete\fR \fI\,DELETE\/\fR Delete backup directory .SH OPTIONS 'dsctl ldifs' usage: dsctl [instance] ldifs [-h] [--delete DELETE] .TP \fB\-\-delete\fR \fI\,DELETE\/\fR Delete LDIF file .SH OPTIONS 'dsctl tls' usage: dsctl [instance] tls [-h] {list-ca,list-client-ca,show-server-cert,show-cert,generate-server-cert-csr,import-client-ca,import-ca,import-server-cert,import-server-key-cert,remove-cert} ... .SS \fBSub-commands\fR .TP \fBdsctl tls\fR \fI\,list-ca\/\fR list server certificate authorities including intermediates .TP \fBdsctl tls\fR \fI\,list-client-ca\/\fR list client certificate authorities including intermediates .TP \fBdsctl tls\fR \fI\,show-server-cert\/\fR Show the active server certificate that clients will see and verify .TP \fBdsctl tls\fR \fI\,show-cert\/\fR Show a certificate's details referenced by it's nickname. This is analogous to certutil -L -d -n .TP \fBdsctl tls\fR \fI\,generate-server-cert-csr\/\fR Generate a Server-Cert certificate signing request - the csr is then submitted to a CA for verification, and when signed you import with import-ca and import-server-cert .TP \fBdsctl tls\fR \fI\,import-client-ca\/\fR Import a CA trusted to issue user (client) certificates. This is part of how client certificate authentication functions. .TP \fBdsctl tls\fR \fI\,import-ca\/\fR Import a CA or intermediate CA for signing this servers certificates (aka Server-Cert). You should import all the CA's in the chain as required. .TP \fBdsctl tls\fR \fI\,import-server-cert\/\fR Import a new Server-Cert after the csr has been signed from a CA. .TP \fBdsctl tls\fR \fI\,import-server-key-cert\/\fR Import a new key and Server-Cert after having been signed from a CA. This is used if you have an external csr tool or a service like lets encrypt that generates PEM keys externally. .TP \fBdsctl tls\fR \fI\,remove-cert\/\fR Delete a certificate from this database. This will remove it from acting as a CA, a client CA or the Server-Cert role. .SH OPTIONS 'dsctl tls list-ca' usage: dsctl [instance] tls list-ca [-h] .SH OPTIONS 'dsctl tls list-client-ca' usage: dsctl [instance] tls list-client-ca [-h] .SH OPTIONS 'dsctl tls show-server-cert' usage: dsctl [instance] tls show-server-cert [-h] .SH OPTIONS 'dsctl tls show-cert' usage: dsctl [instance] tls show-cert [-h] nickname .TP \fBnickname\fR The nickname (friendly name) of the certificate to display .SH OPTIONS 'dsctl tls generate-server-cert-csr' usage: dsctl [instance] tls generate-server-cert-csr [-h] [--subject SUBJECT] [alt_names ...] .TP \fBalt_names\fR Certificate requests subject alternative names. These are auto\-detected if not .br provided .TP \fB\-\-subject\fR \fI\,SUBJECT\/\fR, \fB\-s\fR \fI\,SUBJECT\/\fR Certificate Subject field to use .SH OPTIONS 'dsctl tls import-client-ca' usage: dsctl [instance] tls import-client-ca [-h] cert_path nickname .TP \fBcert_path\fR The path to the x509 cert to import as a client trust root .TP \fBnickname\fR The name of the certificate once imported .SH OPTIONS 'dsctl tls import-ca' usage: dsctl [instance] tls import-ca [-h] cert_path nickname .TP \fBcert_path\fR The path to the x509 cert to import as a server CA .TP \fBnickname\fR The name of the certificate once imported .SH OPTIONS 'dsctl tls import-server-cert' usage: dsctl [instance] tls import-server-cert [-h] cert_path .TP \fBcert_path\fR The path to the x509 cert to import as Server\-Cert .SH OPTIONS 'dsctl tls import-server-key-cert' usage: dsctl [instance] tls import-server-key-cert [-h] cert_path key_path .TP \fBcert_path\fR The path to the x509 cert to import as Server\-Cert .TP \fBkey_path\fR The path to the x509 key to import associated to Server\-Cert .SH OPTIONS 'dsctl tls remove-cert' usage: dsctl [instance] tls remove-cert [-h] nickname .TP \fBnickname\fR The name of the certificate to delete .SH OPTIONS 'dsctl healthcheck' usage: dsctl [instance] healthcheck [-h] [--list-checks] [--list-errors] [--dry-run] [--check CHECK [CHECK ...]] .TP \fB\-\-list\-checks\fR List of known checks .TP \fB\-\-list\-errors\fR List of known error codes .TP \fB\-\-dry\-run\fR Do not execute the actual check, only list what would be done .TP \fB\-\-check\fR \fI\,CHECK\/\fR [\fI\,CHECK\/\fR ...] Areas to check. These can be obtained by \-\-list\-checks. Every element on the .br left of the colon (:) may be replaced by an asterisk if multiple options on .br the right are available. .SH OPTIONS 'dsctl get-nsstate' usage: dsctl [instance] get-nsstate [-h] [--suffix SUFFIX] [--flip FLIP] .TP \fB\-\-suffix\fR \fI\,SUFFIX\/\fR The DN of the replication suffix to read the state from .TP \fB\-\-flip\fR \fI\,FLIP\/\fR Flip between Little/Big Endian, this might be required for certain .br architectures .SH OPTIONS 'dsctl ldifgen' usage: dsctl [instance] ldifgen [-h] {users,groups,cos-def,cos-template,roles,mod-load,nested} ... .SS \fBSub-commands\fR .TP \fBdsctl ldifgen\fR \fI\,users\/\fR Generate a LDIF containing user entries .TP \fBdsctl ldifgen\fR \fI\,groups\/\fR Generate a LDIF containing groups and members .TP \fBdsctl ldifgen\fR \fI\,cos-def\/\fR Generate a LDIF containing a COS definition (classic, pointer, or indirect) .TP \fBdsctl ldifgen\fR \fI\,cos-template\/\fR Generate a LDIF containing a COS template .TP \fBdsctl ldifgen\fR \fI\,roles\/\fR Generate a LDIF containing a role entry (managed, filtered, or indirect) .TP \fBdsctl ldifgen\fR \fI\,mod-load\/\fR Generate a LDIF containing modify operations. This is intended to be consumed by ldapmodify. .TP \fBdsctl ldifgen\fR \fI\,nested\/\fR Generate a heavily nested database LDIF in a cascading/fractal tree design .SH OPTIONS 'dsctl ldifgen users' usage: dsctl [instance] ldifgen users [-h] [--number NUMBER] [--suffix SUFFIX] [--parent PARENT] [--generic] [--start-idx START_IDX] [--rdn-cn] [--localize] [--ldif-file LDIF_FILE] .TP \fB\-\-number\fR \fI\,NUMBER\/\fR The number of users to create. .TP \fB\-\-suffix\fR \fI\,SUFFIX\/\fR The database suffix where the entries will be created. .TP \fB\-\-parent\fR \fI\,PARENT\/\fR The parent entry that the user entries should be created under. If not .br specified, the entries are stored under random Organizational Units. .TP \fB\-\-generic\fR Create generic entries in the format of "uid=user####". These entries are also .br compatible with ldclt. .TP \fB\-\-start\-idx\fR \fI\,START_IDX\/\fR For generic LDIF's you can choose the starting index for the user entries. The .br default is "0". .TP \fB\-\-rdn\-cn\fR Use the attribute "cn" as the RDN attribute in the DN instead of "uid" .TP \fB\-\-localize\fR Localize the LDIF data .TP \fB\-\-ldif\-file\fR \fI\,LDIF_FILE\/\fR The LDIF file name. Default location is the server's LDIF directory using the .br name 'users.ldif' .SH OPTIONS 'dsctl ldifgen groups' usage: dsctl [instance] ldifgen groups [-h] [--number NUMBER] [--suffix SUFFIX] [--parent PARENT] [--num-members NUM_MEMBERS] [--create-members] [--member-parent MEMBER_PARENT] [--member-attr MEMBER_ATTR] [--ldif-file LDIF_FILE] NAME .TP \fBNAME\fR The group name. .TP \fB\-\-number\fR \fI\,NUMBER\/\fR The number of groups to create. .TP \fB\-\-suffix\fR \fI\,SUFFIX\/\fR The database suffix where the groups will be created. .TP \fB\-\-parent\fR \fI\,PARENT\/\fR The parent entry that the group entries should be created under. If not .br specified the groups are stored under the suffix. .TP \fB\-\-num\-members\fR \fI\,NUM_MEMBERS\/\fR The number of members in the group. Default is 10000 .TP \fB\-\-create\-members\fR Create the member user entries. .TP \fB\-\-member\-parent\fR \fI\,MEMBER_PARENT\/\fR The entry DN that the members should be created under. The default is the .br suffix entry. .TP \fB\-\-member\-attr\fR \fI\,MEMBER_ATTR\/\fR The membership attribute to use in the group. Default is "uniquemember". .TP \fB\-\-ldif\-file\fR \fI\,LDIF_FILE\/\fR The LDIF file name. Default is "/tmp/ldifgen.ldif" .SH OPTIONS 'dsctl ldifgen cos-def' usage: dsctl [instance] ldifgen cos-def [-h] [--type TYPE] [--parent PARENT] [--create-parent] [--cos-specifier COS_SPECIFIER] [--cos-template COS_TEMPLATE] [--cos-attr [COS_ATTR ...]] [--ldif-file LDIF_FILE] NAME .TP \fBNAME\fR The COS definition name. .TP \fB\-\-type\fR \fI\,TYPE\/\fR The COS definition type: "classic", "pointer", or "indirect". .TP \fB\-\-parent\fR \fI\,PARENT\/\fR The parent entry that the COS definition should be created under. .TP \fB\-\-create\-parent\fR Create the parent entry .TP \fB\-\-cos\-specifier\fR \fI\,COS_SPECIFIER\/\fR Used in a classic COS definition, this attribute located in the user entry is .br used to select which COS template to use. .TP \fB\-\-cos\-template\fR \fI\,COS_TEMPLATE\/\fR The DN of the COS template entry, only used for "classic" and "pointer" COS .br definitions. .TP \fB\-\-cos\-attr\fR [\fI\,COS_ATTR\/\fR ...] A list of attributes which defines which attribute the COS generates values .br for. .TP \fB\-\-ldif\-file\fR \fI\,LDIF_FILE\/\fR The LDIF file name. Default is "/tmp/ldifgen.ldif" .SH OPTIONS 'dsctl ldifgen cos-template' usage: dsctl [instance] ldifgen cos-template [-h] [--parent PARENT] [--create-parent] [--cos-priority COS_PRIORITY] [--cos-attr-val COS_ATTR_VAL] [--ldif-file LDIF_FILE] NAME .TP \fBNAME\fR The COS template name. .TP \fB\-\-parent\fR \fI\,PARENT\/\fR The DN of the entry to store the COS template entry under. .TP \fB\-\-create\-parent\fR Create the parent entry .TP \fB\-\-cos\-priority\fR \fI\,COS_PRIORITY\/\fR Sets the priority of this conflicting/competing COS templates. .TP \fB\-\-cos\-attr\-val\fR \fI\,COS_ATTR_VAL\/\fR defines the attribute and value that the template provides. .TP \fB\-\-ldif\-file\fR \fI\,LDIF_FILE\/\fR The LDIF file name. Default is "/tmp/ldifgen.ldif" .SH OPTIONS 'dsctl ldifgen roles' usage: dsctl [instance] ldifgen roles [-h] [--type TYPE] [--parent PARENT] [--create-parent] [--filter FILTER] [--role-dn [ROLE_DN ...]] [--ldif-file LDIF_FILE] NAME .TP \fBNAME\fR The Role name. .TP \fB\-\-type\fR \fI\,TYPE\/\fR The Role type: "managed", "filtered", or "nested". .TP \fB\-\-parent\fR \fI\,PARENT\/\fR The DN of the entry to store the Role entry under .TP \fB\-\-create\-parent\fR Create the parent entry .TP \fB\-\-filter\fR \fI\,FILTER\/\fR A search filter for gathering Role members. Required for a "filtered" role. .TP \fB\-\-role\-dn\fR [\fI\,ROLE_DN\/\fR ...] A DN of a role entry that should be included in this role. Used for "nested" .br roles only. .TP \fB\-\-ldif\-file\fR \fI\,LDIF_FILE\/\fR The LDIF file name. Default is "/tmp/ldifgen.ldif" .SH OPTIONS 'dsctl ldifgen mod-load' usage: dsctl [instance] ldifgen mod-load [-h] [--create-users] [--delete-users] [--num-users NUM_USERS] [--parent PARENT] [--create-parent] [--add-users ADD_USERS] [--del-users DEL_USERS] [--modrdn-users MODRDN_USERS] [--mod-users MOD_USERS] [--mod-attrs [MOD_ATTRS ...]] [--randomize] [--ldif-file LDIF_FILE] .TP \fB\-\-create\-users\fR Create the entries that will be modified or deleted. By default the script .br assumes the user entries already exist. .TP \fB\-\-delete\-users\fR Delete all the user entries at the end of the LDIF. .TP \fB\-\-num\-users\fR \fI\,NUM_USERS\/\fR The number of user entries that will be modified or deleted .TP \fB\-\-parent\fR \fI\,PARENT\/\fR The DN of the parent entry where the user entries are located. .TP \fB\-\-create\-parent\fR Create the parent entry .TP \fB\-\-add\-users\fR \fI\,ADD_USERS\/\fR The number of additional entries to add during the load. .TP \fB\-\-del\-users\fR \fI\,DEL_USERS\/\fR The number of entries to delete during the load. .TP \fB\-\-modrdn\-users\fR \fI\,MODRDN_USERS\/\fR The number of entries to perform a modrdn operation on. .TP \fB\-\-mod\-users\fR \fI\,MOD_USERS\/\fR The number of entries to modify. .TP \fB\-\-mod\-attrs\fR [\fI\,MOD_ATTRS\/\fR ...] List of attributes the script will randomly choose from when modifying an .br entry. The default is "description". .TP \fB\-\-randomize\fR Randomly perform the specified add, mod, delete, and modrdn operations .TP \fB\-\-ldif\-file\fR \fI\,LDIF_FILE\/\fR The LDIF file name. Default is "/tmp/ldifgen.ldif" .SH OPTIONS 'dsctl ldifgen nested' usage: dsctl [instance] ldifgen nested [-h] [--num-users NUM_USERS] [--node-limit NODE_LIMIT] [--suffix SUFFIX] [--ldif-file LDIF_FILE] .TP \fB\-\-num\-users\fR \fI\,NUM_USERS\/\fR The total number of user entries to create in the entire LDIF (does not .br include the container entries). .TP \fB\-\-node\-limit\fR \fI\,NODE_LIMIT\/\fR The total number of user entries to create under each node/subtree .TP \fB\-\-suffix\fR \fI\,SUFFIX\/\fR The suffix DN for the LDIF .TP \fB\-\-ldif\-file\fR \fI\,LDIF_FILE\/\fR The LDIF file name. Default location is the server's LDIF directory using the .br name 'users.ldif' .SH OPTIONS 'dsctl dsrc' usage: dsctl [instance] dsrc [-h] {create,modify,delete,display} ... .SS \fBSub-commands\fR .TP \fBdsctl dsrc\fR \fI\,create\/\fR Generate the .dsrc file .TP \fBdsctl dsrc\fR \fI\,modify\/\fR Modify the .dsrc file .TP \fBdsctl dsrc\fR \fI\,delete\/\fR Delete instance configuration from the .dsrc file. .TP \fBdsctl dsrc\fR \fI\,display\/\fR Display the contents of the .dsrc file. .SH OPTIONS 'dsctl dsrc create' usage: dsctl [instance] dsrc create [-h] [--uri URI] [--basedn BASEDN] [--binddn BINDDN] [--saslmech SASLMECH] [--tls-cacertdir TLS_CACERTDIR] [--tls-cert TLS_CERT] [--tls-key TLS_KEY] [--tls-reqcert TLS_REQCERT] [--starttls] [--pwdfile PWDFILE] [--do-it] .TP \fB\-\-uri\fR \fI\,URI\/\fR The URI (LDAP URL) for the Directory Server instance. .TP \fB\-\-basedn\fR \fI\,BASEDN\/\fR The default database suffix. .TP \fB\-\-binddn\fR \fI\,BINDDN\/\fR The default Bind DN used or authentication. .TP \fB\-\-saslmech\fR \fI\,SASLMECH\/\fR The SASL mechanism to use: PLAIN or EXTERNAL. .TP \fB\-\-tls\-cacertdir\fR \fI\,TLS_CACERTDIR\/\fR The directory containing the Trusted Certificate Authority certificate. .TP \fB\-\-tls\-cert\fR \fI\,TLS_CERT\/\fR The absolute file name to the server certificate. .TP \fB\-\-tls\-key\fR \fI\,TLS_KEY\/\fR The absolute file name to the server certificate key. .TP \fB\-\-tls\-reqcert\fR \fI\,TLS_REQCERT\/\fR Request certificate strength: 'never', 'allow', 'hard' .TP \fB\-\-starttls\fR Use startTLS for connection to the server. .TP \fB\-\-pwdfile\fR \fI\,PWDFILE\/\fR The absolute path to a file containing the Bind DN's password. .TP \fB\-\-do\-it\fR Create the file without any confirmation. .SH OPTIONS 'dsctl dsrc modify' usage: dsctl [instance] dsrc modify [-h] [--uri [URI]] [--basedn [BASEDN]] [--binddn [BINDDN]] [--saslmech [SASLMECH]] [--tls-cacertdir [TLS_CACERTDIR]] [--tls-cert [TLS_CERT]] [--tls-key [TLS_KEY]] [--tls-reqcert [TLS_REQCERT]] [--starttls] [--cancel-starttls] [--pwdfile [PWDFILE]] [--do-it] .TP \fB\-\-uri\fR [\fI\,URI\/\fR] The URI (LDAP URL) for the Directory Server instance. .TP \fB\-\-basedn\fR [\fI\,BASEDN\/\fR] The default database suffix. .TP \fB\-\-binddn\fR [\fI\,BINDDN\/\fR] The default Bind DN used or authentication. .TP \fB\-\-saslmech\fR [\fI\,SASLMECH\/\fR] The SASL mechanism to use: PLAIN or EXTERNAL. .TP \fB\-\-tls\-cacertdir\fR [\fI\,TLS_CACERTDIR\/\fR] The directory containing the Trusted Certificate Authority certificate. .TP \fB\-\-tls\-cert\fR [\fI\,TLS_CERT\/\fR] The absolute file name to the server certificate. .TP \fB\-\-tls\-key\fR [\fI\,TLS_KEY\/\fR] The absolute file name to the server certificate key. .TP \fB\-\-tls\-reqcert\fR [\fI\,TLS_REQCERT\/\fR] Request certificate strength: 'never', 'allow', 'hard' .TP \fB\-\-starttls\fR Use startTLS for connection to the server. .TP \fB\-\-cancel\-starttls\fR Do not use startTLS for connection to the server. .TP \fB\-\-pwdfile\fR [\fI\,PWDFILE\/\fR] The absolute path to a file containing the Bind DN's password. .TP \fB\-\-do\-it\fR Update the file without any confirmation. .SH OPTIONS 'dsctl dsrc delete' usage: dsctl [instance] dsrc delete [-h] [--do-it] .TP \fB\-\-do\-it\fR Delete this instance's configuration from the .dsrc file. .SH OPTIONS 'dsctl dsrc display' usage: dsctl [instance] dsrc display [-h] .SH OPTIONS 'dsctl cockpit' usage: dsctl [instance] cockpit [-h] {enable,open-firewall,disable,close-firewall} ... .SS \fBSub-commands\fR .TP \fBdsctl cockpit\fR \fI\,enable\/\fR Enable the Cockpit socket .TP \fBdsctl cockpit\fR \fI\,open-firewall\/\fR Open the firewall for the "cockpit" service .TP \fBdsctl cockpit\fR \fI\,disable\/\fR Disable the Cockpit socket .TP \fBdsctl cockpit\fR \fI\,close-firewall\/\fR Remove the "cockpit" service from the firewall settings .SH OPTIONS 'dsctl cockpit enable' usage: dsctl [instance] cockpit enable [-h] .SH OPTIONS 'dsctl cockpit open-firewall' usage: dsctl [instance] cockpit open-firewall [-h] [--zone ZONE] .TP \fB\-\-zone\fR \fI\,ZONE\/\fR The firewall zone .SH OPTIONS 'dsctl cockpit disable' usage: dsctl [instance] cockpit disable [-h] .SH OPTIONS 'dsctl cockpit close-firewall' usage: dsctl [instance] cockpit close-firewall [-h] .TP \fB\-v\fR, \fB\-\-verbose\fR Display verbose operation tracing during command execution .TP \fB\-j\fR, \fB\-\-json\fR Return result in JSON object .TP \fB\-l\fR, \fB\-\-list\fR List available Directory Server instances .SH AUTHORS .B lib389 was written by Red Hat Inc., and William Brown <389\-devel@lists.fedoraproject.org>. .SH DISTRIBUTION The latest version of lib389 may be downloaded from .UR http://www.port389.org/docs/389ds/FAQ/upstream\-test\-framework.html .UE