mfds

Parameters:

/d

Show debug information; this is a record of activity on the Directory Server that can be useful when investigating problems

/e root DNuser partition DNgroup partition DNresource partition DNschema formatldif-filenamesec-path

Export Directory Server users and groups from the MF Directory Server repository to an LDIF file:

• root-DN

  The application partition to which all of the exported entries will be assigned.

• user-partition-DN

  The name of the container within the application partition to which the exported users will be assigned.

• group-partition-DN

  The container within the application partition to which the exported groups will be assigned.

• root-DN

  The container within the application partition to which the exported resource definitions will be assigned.

• schema-format

  Values: 1 = Active Directory (Default).

• sec-path

  The location of the MF Directory Server repository.

/f userID

if you use this command before the MFDS process starts, MFDS changes the effective user ID to the specified value after it has started listening on its configured endpoint. This enables the MFDS process to run using a non-root user ID while still using the default privileged port 86. If the specified user ID specified invalid, the MFDS process terminates.

Equivalent to setting Default process user ID from the GUI.

/j directory-path

Override the journal path. Journal data will be written to the filesystem directory that you specify. For example: mfds /j e:\journal

/l [schema partition Distinguished Name] optionldif-filename [schema-version-1] [schema-version-2]

Export the schema extensions that an LDAP server will require to support Micro Focus applications.

schema partition Distinguished Name

Specifies the DN of the partition in the Directory Information Tree where the schema definition is held. The schema partition holds, amongst other things, attributeSchema and classSchema objectclass instances.

option

Specifies the target directory server type:

0

Microsoft Active Directory Lightweight Directory Server (AD LDS)

1

Active Directory

This is the default value.

2

OpenLDAP

3

Sun Directory

4

OpenLDAP (v2.4)

Note: If you specify the ldif-filename, you must also specify a value for this parameter.

ldif-filename

Specifies the name of the destination file.

The default: mfds_schema_[ mfds version ].ldf (for example, mfds_schema_1.05.09.ldf)

schema-version-1

Specifies the version of the schema extensions to be generated:

0

Is the current schema version and is the default value. Numbers greater than 0 specify older schema versions.

schema-version-2

This option is used for upgrading from a previous schema. If schema-version-2 is specified and is less than the schema-version-1, the output file is a delta between the schema-version-1 and schema-version-2.

If schema-version-2 is greater than or equal to schema-version-1, this option is ignored.

/m

Display the location of the Directory Server repository.

/n network-addresses

Bind to specific network adapters at network-addresses, where network-addresses can be an IPv4, IPv6 address, or a hostname. Multiple addresses can be specified as a quoted, space-separated list. Each address can be specified with either TCP: or UDP: protocol proceeding the address. For example:

mfds /n "TCP:252.162.131.105 UDP:6202:8e2a:686a:6a77:2855:c4df:960f:3cc2 TCP:host-name"

Note: If a UDP protocol is used then MFDS will attempt to start the UDP listener on that address. If no UDP protocol is used then MFDS will use the first available IPv4 address to start the UDP listener on.

If "0.0.0.0" is specified for the network-address then it will listen on all IPv4 addresses and if "::" is specified then it will listen on all IPv6 addresses. You can combine these to listen on both IPv4 and IPv6 addresses, for example, mfds /n "0.0.0.0 ::"

/r

Refuse access to the Enterprise Server Administration interface.

/s option [username password]

Request a controlled shutdown of a Directory Server and optionally the associated enterprise servers. If the Directory Server is not using the default port, then you must specify the CCITCP2_PORT environment variable with the port that is being used.

Option:

• Value 1: Shutdown the Directory Server only
• Value 2: Shutdown the Directory Server and any associated enterprise servers.

Username and password: These must be supplied if the Directory Server is running with Restrict administration access checked.

This option supports the specification of the optional Enterprise Server user id and password parameters using a configured Micro Focus Vault Facility location rather than using literal strings for credentials. For example:

mfds /s 1 mfsecret:user/user_001/id mfsecret:user/user_001/pwd

where user/user_001/id and user/user_001/pwd are examples of secrets stored in the default configured vault. These values can be populated and administered using the mfsecretsadmin utility. See Vault Facility for more information.

The mfds /x and /g command-line options also support credentials stored in the vault.

/v

Show version information for Directory Server

/x [repository type]

Enables you to export the Enterprise Server configuration information from the running MFDS process. You can exported in either of the following formats:

1

file://

5

XML

CAUTION:

If MFDS is configured to store sensitive values in the vault (for example XA openstring or autostart credentials), these values can be included when exporting Enterprise Server configuration data in legacy file, XML, or JSON format. Micro Focus recommends that you protect the exported files with appropriate access control.

[repository address]

Absolute directory path to repository.

[server name]

* = export all servers

<opts>

• D = (default) do not delete or overwrite any existing repository contents at specified location.
• O = delete and overwrite any existing repository contents at specified location.
• S = export server and security manager configuration.

<user id> <password>

These are the MFDS credentials required if administration access is restricted.

/g [repository type]

Enables you to import the Enterprise Server configuration into the current running MFDS process. You can import either of the following formats:

1

file://

5

XML

[repository address]

Absolute directory path to repository.

<opts>

• D = Default import, do not delete or overwrite any existing regions with a duplicate name in the current repository.
• O = Delete and overwrite any existing regions with a duplicate name in the current repository.
  Note: The D and O options are mutually exclusive.
• S = Import server and security manager configuration.
  Note: MFDS restricted administration access must be OFF.

<user id> <password>

These are the MFDS credentials required if administration access is restricted.

--listen-all

Set MFDS to listen on all configured network adapters.

--listen-loopback

Set MFDS to listen on loopback only.

--vault-migrate

Migrates sensitive data values from the default MFDS repository into the configured vault. From Enterprise Developer 8.0, the migration occurs automatically when MFDS first starts. Once migrated, sensitive data values stored in the MFDS repository are removed and are available only from the configured vault.

--ui-on

Set MFDS to enable Web UI.

--ui-off

Set MFDS to disable Web UI.

--anonymous-access-on

Set MFDS to allow anonymous client access.

--anonymous-access-off

Set MFDS to disallow anonymous client access.