Most of the instance specific scripts have been converted to be system scripts located in /usr/sbin/. There are still “wrapper” scripts in the instance directory(/usr/lib64/dirsrv/slapd-INSTANCE) that call the scripts in /usr/sbin, and take the same usage. For the scripts that make LDAP connections to the Directory Server, you now have the option to specify the protocol(StartTLS, LDAPS, LDAPI, or LDAP).
Have the ability to call a single script, and be able to update any instance on the system. As well as control the protocol used to connect to the LDAP server.
The new script take a new option, -Z <Server instance identifier>. The script will then use this information to gather things like the server location, and gather necessary configuration settings: port, root dn, security settings, etc. If there is only one instance on the system, then the -Z option can be omitted.
Example where the server identifier is localhost(/etc/dirsrv/slapd-localhost): db2ldif -Z localhost -a /tmp/db.ldif -n userRoot
For the scripts that connect to the LDAP server, you can specify the protocol. Protocols include StartTLS, LDAPS, LDAPI, and LDAP. To set the protocol there is a new option -P <protocol>:
db2ldif.pl -Z localhost -a /tmp/db.ldif -n userRoot -P LDAPI
If you omit the -P option, the script will attempt to use the most secure protocol available to the server instance. If you specify a protocol that is not supported or not available, the script will try and use the next most secure available protocol.
No additional requirements.
CLI only.
New command line arguments:
-Z <Server Instance Identifer>
The server ID can be located by looking for the value after "slapi-": /etc/dirsrv/slapd-localhost --\> "localhost" is the server identifier.
-P <Protocol>
Valid protocol values are: StartTLS, LDAPS, LDAPI, and LDAP
No impact.
No impact.
No dependencies.
No external impact.
Mark Reynolds mreynolds@redhat.com