ManageAccount.java revision 0fd845d18cfaf23fc9f54e92775c735955e4e859
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper * CDDL HEADER START
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * The contents of this file are subject to the terms of the
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * Common Development and Distribution License, Version 1.0 only
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * (the "License"). You may not use this file except in compliance
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * with the License.
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * or http://forgerock.org/license/CDDLv1.0.html.
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * See the License for the specific language governing permissions
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * and limitations under the License.
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * When distributing Covered Code, include this CDDL HEADER in each
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * file and include the License file at legal-notices/CDDLv1_0.txt.
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * If applicable, add the following below this CDDL HEADER, with the
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * fields enclosed by brackets "[]" replaced with your own identifying
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * information:
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper * Portions Copyright [yyyy] [name of copyright owner]
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * CDDL HEADER END
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * Copyright 2006-2009 Sun Microsystems, Inc.
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * Portions Copyright 2011-2015 ForgeRock AS.
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport static com.forgerock.opendj.cli.ArgumentConstants.*;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport static com.forgerock.opendj.cli.Utils.*;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport static org.opends.messages.ToolMessages.*;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport static org.opends.server.extensions.PasswordPolicyStateExtendedOperation.*;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport static org.opends.server.protocols.ldap.LDAPResultCode.*;
4a09940f9ebf99366c5293b314a512cbbf7b02d0Phill Cunningtonimport static org.opends.server.util.ServerConstants.*;
4a09940f9ebf99366c5293b314a512cbbf7b02d0Phill Cunningtonimport static org.opends.server.util.StaticUtils.*;
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeperimport java.util.concurrent.atomic.AtomicInteger;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport org.forgerock.opendj.ldap.ByteStringBuilder;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport org.opends.server.admin.AdministrationConnector;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport org.opends.server.core.DirectoryServer.DirectoryServerVersionHandler;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport org.opends.server.protocols.ldap.ExtendedRequestProtocolOp;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport org.opends.server.protocols.ldap.ExtendedResponseProtocolOp;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport org.opends.server.protocols.ldap.LDAPMessage;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport org.opends.server.protocols.ldap.LDAPResultCode;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport org.opends.server.types.NullOutputStream;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport org.opends.server.util.args.LDAPConnectionArgumentParser;
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeperimport com.forgerock.opendj.cli.ArgumentException;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport com.forgerock.opendj.cli.BooleanArgument;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport com.forgerock.opendj.cli.CommonArguments;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport com.forgerock.opendj.cli.FileBasedArgument;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport com.forgerock.opendj.cli.IntegerArgument;
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeperimport com.forgerock.opendj.cli.MultiChoiceArgument;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport com.forgerock.opendj.cli.StringArgument;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeperimport com.forgerock.opendj.cli.SubCommandArgumentParser;
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * This class provides a tool that can be used to perform various kinds of
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * account management using the password policy state extended operation.
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper /** The fully-qualified name of this class. */
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper "org.opends.server.tools.ManageAccount";
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * The name of the subcommand that will be used to get all password policy
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper * state information for the user.
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper private static final String SC_GET_ALL = "get-all";
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * The name of the subcommand that will be used to get the DN of the password
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * policy for a given user.
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper private static final String SC_GET_PASSWORD_POLICY_DN =
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper "get-password-policy-dn";
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper * The name of the subcommand that will be used to get the disabled state for
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper private static final String SC_GET_ACCOUNT_DISABLED_STATE =
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper "get-account-is-disabled";
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * The name of the subcommand that will be used to set the disabled state for
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper private static final String SC_SET_ACCOUNT_DISABLED_STATE =
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper "set-account-is-disabled";
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * The name of the subcommand that will be used to clear the disabled state
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * for a user.
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper private static final String SC_CLEAR_ACCOUNT_DISABLED_STATE =
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper "clear-account-is-disabled";
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * The name of the subcommand that will be used to get the account expiration
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper private static final String SC_GET_ACCOUNT_EXPIRATION_TIME =
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper "get-account-expiration-time";
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * The name of the subcommand that will be used to set the account expiration
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper private static final String SC_SET_ACCOUNT_EXPIRATION_TIME =
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper "set-account-expiration-time";
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * The name of the subcommand that will be used to clear the account
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * expiration time.
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper private static final String SC_CLEAR_ACCOUNT_EXPIRATION_TIME =
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper "clear-account-expiration-time";
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper * The name of the subcommand that will be used to get the length of time
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper * before the account expires.
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper private static final String SC_GET_SECONDS_UNTIL_ACCOUNT_EXPIRATION =
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper "get-seconds-until-account-expiration";
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper * The name of the subcommand that will be used to get the time the password
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper * was last changed.
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper private static final String SC_GET_PASSWORD_CHANGED_TIME =
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper "get-password-changed-time";
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper * The name of the subcommand that will be used to set the time the password
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper * was last changed.
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper private static final String SC_SET_PASSWORD_CHANGED_TIME =
f109a33a8b5c6b0e4b6e49035f28b5febd5c84cdMark de Reeper "set-password-changed-time";
0cd8368ca65c58915ee90bc73d84e65f3da9e120Mark de Reeper * The name of the subcommand that will be used to clear the time the password
private static final String
return result;
return result;
catch(Exception e)
catch (Exception e)
return CLIENT_SIDE_SERVER_DOWN;
return CLIENT_SIDE_SERVER_DOWN;
return resultCode;
int opType;
catch (Exception e)
switch (opType)
message =
message =
message =
message =
.get();
message =
case OP_GET_LAST_LOGIN_TIME:
message =
.get();
message =
message =
.get();
case OP_GET_PASSWORD_HISTORY:
catch (Exception e)
return CLIENT_SIDE_SERVER_DOWN;
OPTION_LONG_HOST, false, false, true,
OPTION_LONG_PORT, false, false, true,
OPTION_LONG_BINDDN, false, false, true,
OPTION_LONG_BINDPWD, false, false,
null,
OPTION_LONG_SASLOPTION, false,
OPTION_LONG_KEYSTORE_PWD_FILE, false, false,
null,
msg);
booleanValues, false,
msg =
.get();
msg);
.get();
.get();
.get();
msg);
.get();
msg);
msg);
msg);
.get();
msg);
msg =
msg);
booleanValues, false,
msg);
msg);
msg);
msg);
msg =
msg);
msg =
.get();
msg);
return CLIENT_SIDE_LOCAL_ERROR;
return CLIENT_SIDE_PARAM_ERROR;
if (initServer)
ERR_PWPSTATE_MUTUALLY_EXCLUSIVE_ARGUMENTS.get(bindPW.getLongIdentifier(), bindPWFile.getLongIdentifier()));
return CLIENT_SIDE_PARAM_ERROR;
return CLIENT_SIDE_PARAM_ERROR;
return CLIENT_SIDE_PARAM_ERROR;
return CLIENT_SIDE_LOCAL_ERROR;
return CLIENT_SIDE_PARAM_ERROR;
mechanism = s;
return CLIENT_SIDE_PARAM_ERROR;
return CLIENT_SIDE_PARAM_ERROR;
return CLIENT_SIDE_CONNECT_ERROR;
return SUCCESS;
return CLIENT_SIDE_PARAM_ERROR;
return CLIENT_SIDE_PARAM_ERROR;
return CLIENT_SIDE_PARAM_ERROR;
a.getValue());
NO_VALUE);
NO_VALUE);
NO_VALUE);
NO_VALUE);
a.getValue());
NO_VALUE);
NO_VALUE);
return CLIENT_SIDE_PARAM_ERROR;
return CLIENT_SIDE_PARAM_ERROR;
NO_VALUE);
NO_VALUE);
a.getValue());
NO_VALUE);
NO_VALUE);
NO_VALUE);
return CLIENT_SIDE_PARAM_ERROR;
return SUCCESS;
value);