<?xml version="1.0" encoding="UTF-8"?>
<!--
! CCPL HEADER START
!
! This work is licensed under the Creative Commons
! Attribution-NonCommercial-NoDerivs 3.0 Unported License.
! To view a copy of this license, visit
! http://creativecommons.org/licenses/by-nc-nd/3.0/
! or send a letter to Creative Commons, 444 Castro Street,
! Suite 900, Mountain View, California, 94041, USA.
!
! You can also obtain a copy of the license at
! trunk/opendj3/legal-notices/CC-BY-NC-ND.txt.
! See the License for the specific language governing permissions
! and limitations under the License.
!
! If applicable, add the following below this CCPL HEADER, with the fields
! enclosed by brackets "[]" replaced with your own identifying information:
! Portions Copyright [yyyy] [name of copyright owner]
!
! CCPL HEADER END
!
! Copyright 2011-2014 ForgeRock AS
!
-->
<refentry xml:id='setup-1'
xmlns='http://docbook.org/ns/docbook'
version='5.0' xml:lang='en'
xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'
xsi:schemaLocation='http://docbook.org/ns/docbook
http://docbook.org/xml/5.0/xsd/docbook.xsd'>
<info><copyright><year>2011-2014</year><holder>ForgeRock AS</holder></copyright></info>
<refmeta>
<refentrytitle>setup</refentrytitle><manvolnum>1</manvolnum>
<refmiscinfo class="software">OpenDJ</refmiscinfo>
<refmiscinfo class="version"><?eval ${docTargetVersion}?></refmiscinfo>
</refmeta>
<refnamediv>
<refname>setup</refname>
<refpurpose>install OpenDJ directory server</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>setup</command>
<arg choice="opt">options</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para>This utility can be used to setup the directory server.</para>
</refsect1>
<refsect1>
<title>Options</title>
<para>The following options are supported.</para>
<variablelist>
<varlistentry>
<term><option>-a, --addBaseEntry</option></term>
<listitem>
<para>Indicates whether to create the base entry in the directory server
database</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--adminConnectorPort {port}</option></term>
<listitem>
<para>Port on which the Administration Connector should listen for
communication</para>
<para>Default value: 4444</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-b, --baseDN {baseDN}</option></term>
<listitem>
<para>Base DN for user information in the directory server. Multiple base
DNs may be provided by using this option multiple times</para>
<para>Default value: dc=example,dc=com</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-d, --sampleData {numEntries}</option></term>
<listitem>
<para>Specifies that the database should be populated with the specified
number of sample entries</para>
<para>Default value: 0</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-D, --rootUserDN {rootUserDN}</option></term>
<listitem>
<para>DN for the initial root user for the directory server</para>
<para>Default value: cn=Directory Manager</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--generateSelfSignedCertificate</option></term>
<listitem>
<para>Generate a self-signed certificate that the server should use when
accepting SSL-based connections or performing StartTLS negotiation</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-h, --hostname {host}</option></term>
<listitem>
<para>The fully-qualified directory server host name that will be used
when generating self-signed certificates for LDAP SSL/StartTLS, the
administration connector, and replication</para>
<para>Default value: localhost.localdomain</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-i, --cli</option></term>
<listitem>
<para>Use the command line install. If not specified the graphical
interface will be launched. The rest of the options (excluding help and
version) will only be taken into account if this option is specified</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-j, --rootUserPasswordFile {rootUserPasswordFile}</option></term>
<listitem>
<para>Path to a file containing the password for the initial root user for
the directory server</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-l, --ldifFile {ldifFile}</option></term>
<listitem>
<para>Path to an LDIF file containing data that should be added to the
directory server database. Multiple LDIF files may be provided by using
this option multiple times</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-N, --certNickname {nickname}</option></term>
<listitem>
<para>Nickname of the certificate that the server should use when
accepting SSL-based connections or performing StartTLS negotiation</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-O, --doNotStart</option></term>
<listitem>
<para>Do not start the server when the configuration is completed</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-p, --ldapPort {port}</option></term>
<listitem>
<para>Port on which the Directory Server should listen for LDAP
communication</para>
<para>Default value: 389</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-q, --enableStartTLS</option></term>
<listitem>
<para>Enable StartTLS to allow secure communication with the server using
the LDAP port</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-R, --rejectFile {rejectFile}</option></term>
<listitem>
<para>Write rejected entries to the specified file</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-S, --skipPortCheck</option></term>
<listitem>
<para>Skip the check to determine whether the specified ports are
usable</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--skipFile {skipFile}</option></term>
<listitem>
<para>Write skipped entries to the specified file</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-u, --keyStorePasswordFile {keyStorePasswordFile}</option></term>
<listitem>
<para>Certificate key store PIN file. A PIN is required when you specify
to use an existing certificate (JKS, JCEKS, PKCS#12 or PKCS#11) as server
certificate</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--useJavaKeystore {keyStorePath}</option></term>
<listitem>
<para>Path of a Java Key Store (JKS) containing a certificate to be used
as the server certificate</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--useJCEKS {keyStorePath}</option></term>
<listitem>
<para>Path of a JCEKS containing a certificate to be used as the server
certificate</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--usePkcs11Keystore</option></term>
<listitem>
<para>Use a certificate in a PKCS#11 token that the server should use when
accepting SSL-based connections or performing StartTLS negotiation</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--usePkcs12keyStore {keyStorePath}</option></term>
<listitem>
<para>Path of a PKCS#12 key store containing the certificate that the
server should use when accepting SSL-based connections or performing
StartTLS negotiation</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-w, --rootUserPassword {rootUserPassword}</option></term>
<listitem>
<para>Password for the initial root user for the Directory Server</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-W, --keyStorePassword {keyStorePassword}</option></term>
<listitem>
<para>Certificate key store PIN. A PIN is required when you specify
to use an existing certificate (JKS, JCEKS, PKCS#12 or PKCS#11) as server
certificate</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-x, --jmxPort {jmxPort}</option></term>
<listitem>
<para>Port on which the Directory Server should listen for JMX
communication</para>
<para>Default value: 1689</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-Z, --ldapsPort {port}</option></term>
<listitem>
<para>Port on which the Directory Server should listen for LDAPS
communication. The LDAPS port will be configured and SSL will be enabled
only if this argument is explicitly specified</para>
<para>Default value: 636</para>
</listitem>
</varlistentry>
</variablelist>
<refsect2>
<title>Utility Input/Output Options</title>
<variablelist>
<varlistentry>
<term><option>-n, --no-prompt</option></term>
<listitem>
<para>Use non-interactive mode. If data in the command is missing, the
user is not prompted and the tool will fail</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--noPropertiesFile</option></term>
<listitem>
<para>No properties file will be used to get default command line
argument values</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--propertiesFilePath {propertiesFilePath}</option></term>
<listitem>
<para>Path to the file containing default property values used for
command line arguments</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-Q, --quiet</option></term>
<listitem>
<para>Run setup in quiet mode. Quiet mode will not output progress
information to standard output</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-v, --verbose</option></term>
<listitem>
<para>Use verbose mode</para>
</listitem>
</varlistentry>
</variablelist>
</refsect2>
<refsect2>
<title>General Options</title>
<variablelist>
<varlistentry>
<term><option>-V, --version</option></term>
<listitem>
<para>Display version information</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-?, -H, --help</option></term>
<listitem>
<para>Display usage information</para>
</listitem>
</varlistentry>
</variablelist>
</refsect2>
</refsect1>
<refsect1>
<title>Exit Codes</title>
<variablelist>
<varlistentry>
<term>0</term>
<listitem>
<para>The command completed successfully.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>&gt; 0</term>
<listitem>
<para>An error occurred.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>Examples</title>
<para>The following command installs OpenDJ directory server, enabling
StartTLS and importing 100 example entries without interaction.</para>
<screen>
<userinput>$ /path/to/opendj/setup --cli -b dc=example,dc=com -d 100 \
-D "cn=Directory Manager" -w password -h opendj.example.com -p 1389 \
--generateSelfSignedCertificate --enableStartTLS -n</userinput>
<computeroutput>OpenDJ <?eval ${docTargetVersion}?>
Please wait while the setup program initializes...
See /var/.../opends-setup-484...561.log for a detailed log of this operation.
Configuring Directory Server ..... Done.
Configuring Certificates ..... Done.
Importing Automatically-Generated Data (100 Entries) ......... Done.
Starting Directory Server .......... Done.
To see basic server configuration status and configuration you can launch
/path/to/opendj/bin/status</computeroutput>
</screen>
</refsect1>
</refentry>