dsidmaccount
Manage generic accounts, with tasks like modify, locking and unlocking. To create an account, see
"user" subcommand instead.
dsidmgroup
Manage groups. The organizationalUnit (by default "ou=groups") needs to exist prior to managing
groups. Groups uses the objectclass "groupOfNames" and the grouping attribute "member"
dsidminitialise
Initialise a backend with domain information and sample entries
dsidmorganizationalunit
Manage organizational units
dsidmposixgroup
Manage posix groups The organizationalUnit (by default ou=groups") needs to exist prior to
managing posix groups.
dsidmuser
Manage posix users. The organizationalUnit (by default "ou=people") needs to exist prior to
managing users.
dsidmclient_config
Display and generate client example configs for this LDAP server
dsidmrole
Manage roles.
dsidmservice
Manage service accounts. The organizationalUnit (by default "ou=Services") needs to exist prior to
managing service accounts.
dsidmuniquegroup
Manage groups. The organizationalUnit (by default "ou=groups") needs to exist prior to managing
groups. Unique groups uses the objectclass "groupOfUniqueNames" and the grouping attribute
"uniquemember"
COMMAND'dsidmaccount'
usage: dsidm instance account [-h]
{list,get-by-dn,modify-by-dn,rename-by-dn,delete,lock,unlock,entry-status,subtree-status,reset_password,change_password,bulk_update}
...
POSITIONALARGUMENTS'dsidmaccount'dsidmaccountlist
list accounts that could login to the directory
dsidmaccountget-by-dn
get-by-dn <dn>
dsidmaccountmodify-by-dn
modify-by-dn <dn> <add|delete|replace>:<attribute>:<value> ...
dsidmaccountrename-by-dn
rename the object
dsidmaccountdelete
deletes the account
dsidmaccountlock
lock
dsidmaccountunlock
unlock
dsidmaccountentry-status
status of a single entry
dsidmaccountsubtree-status
status of a subtree
dsidmaccountreset_password
Reset the password of an account. This should be performed by a directory admin.
dsidmaccountchange_password
Change the password of an account. This can be performed by any user (with correct rights)
dsidmaccountbulk_update
Perform a common operation to a set of entries
COMMAND'dsidmaccountlist'
usage: dsidm [-v] [-j] instance account list [-h]
COMMAND'dsidmaccountget-by-dn'
usage: dsidm [-v] [-j] instance account get-by-dn [-h] [dn]
dn The dn to get and display
COMMAND'dsidmaccountmodify-by-dn'
usage: dsidm [-v] [-j] instance account modify-by-dn [-h] dn changes [changes ...]
dn The dn to get and display
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
COMMAND'dsidmaccountrename-by-dn'
usage: dsidm [-v] [-j] instance account rename-by-dn [-h] [--keep-old-rdn] dn new_dn
dn The dn to rename
new_dn A new role dn
OPTIONS'dsidmaccountrename-by-dn'--keep-old-rdn
Specify whether the old RDN (i.e. 'cn: old_role') should be kept as an attribute of the entry or
not
COMMAND'dsidmaccountdelete'
usage: dsidm [-v] [-j] instance account delete [-h] [dn]
dn The dn of the account to delete
COMMAND'dsidmaccountlock'
usage: dsidm [-v] [-j] instance account lock [-h] [dn]
dn The dn to lock
COMMAND'dsidmaccountunlock'
usage: dsidm [-v] [-j] instance account unlock [-h] [dn]
dn The dn to unlock
COMMAND'dsidmaccountentry-status'
usage: dsidm [-v] [-j] instance account entry-status [-h] [-V] [dn]
dn The single entry dn to check
OPTIONS'dsidmaccountentry-status'-V, --details
Print more account policy details about the entry
COMMAND'dsidmaccountsubtree-status'
usage: dsidm [-v] [-j] instance account subtree-status [-h] [-V] [-f FILTER]
[-s {one,sub}] [-i]
[-o BECOME_INACTIVE_ON]
basedn
basedn Search base for finding entries
OPTIONS'dsidmaccountsubtree-status'-V, --details
Print more account policy details about the entries
-fFILTER, --filterFILTER
Search filter for finding entries
-s{one,sub}, --scope{one,sub}
Search scope (one, sub - default is sub
-i, --inactive-only
Only display inactivated entries
-oBECOME_INACTIVE_ON, --become-inactive-onBECOME_INACTIVE_ON
Only display entries that will become inactive before specified date (in a format
2007-04-25T14:30)
COMMAND'dsidmaccountreset_password'
usage: dsidm [-v] [-j] instance account reset_password [-h] [dn] [new_password]
dn The dn to reset the password for
new_password
The new password to set
COMMAND'dsidmaccountchange_password'
usage: dsidm [-v] [-j] instance account change_password [-h]
[dn] [new_password]
[current_password]
dn The dn to change the password for
new_password
The new password to set
current_password
The accounts current password
COMMAND'dsidmaccountbulk_update'
usage: dsidm [-v] [-j] instance account bulk_update [-h] [-f FILTER] [-s {one,sub}] [-x]
basedn changes [changes ...]
basedn Search base for finding entries, only the children of this DN are processed
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
OPTIONS'dsidmaccountbulk_update'-fFILTER, --filterFILTER
Search filter for finding entries, default is '(objectclass=*)'
-s{one,sub}, --scope{one,sub}
Search scope (one, sub - default is sub
-x, --stop
Stop processing updates when an error occurs. Default is False
COMMAND'dsidmgroup'
usage: dsidm instance group [-h]
{list,get,get_dn,create,delete,modify,rename,members,add_member,remove_member}
...
POSITIONALARGUMENTS'dsidmgroup'dsidmgrouplist
list
dsidmgroupget
get
dsidmgroupget_dn
get_dn
dsidmgroupcreate
create
dsidmgroupdelete
deletes the object
dsidmgroupmodify
modify <add|delete|replace>:<attribute>:<value> ...
dsidmgrouprename
rename the object
dsidmgroupmembers
List member dns of a group
dsidmgroupadd_member
Add a member to a group
dsidmgroupremove_member
Remove a member from a group
COMMAND'dsidmgrouplist'
usage: dsidm [-v] [-j] instance group list [-h]
COMMAND'dsidmgroupget'
usage: dsidm [-v] [-j] instance group get [-h] [selector]
selector
The term to search for
COMMAND'dsidmgroupget_dn'
usage: dsidm [-v] [-j] instance group get_dn [-h] [dn]
dn The dn to get
COMMAND'dsidmgroupcreate'
usage: dsidm [-v] [-j] instance group create [-h] [--cn [CN]]
OPTIONS'dsidmgroupcreate'--cn[CN]
Value of cn
COMMAND'dsidmgroupdelete'
usage: dsidm [-v] [-j] instance group delete [-h] [dn]
dn The dn to delete
COMMAND'dsidmgroupmodify'
usage: dsidm [-v] [-j] instance group modify [-h] selector changes [changes ...]
selector
The cn to modify
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
COMMAND'dsidmgrouprename'
usage: dsidm [-v] [-j] instance group rename [-h] [--keep-old-rdn] selector new_name
selector
The cn to rename
new_name
A new group name
OPTIONS'dsidmgrouprename'--keep-old-rdn
Specify whether the old RDN (i.e. 'cn: old_group') should be kept as an attribute of the entry or
not
COMMAND'dsidmgroupmembers'
usage: dsidm [-v] [-j] instance group members [-h] [cn]
cn cn of group to list members of
COMMAND'dsidmgroupadd_member'
usage: dsidm [-v] [-j] instance group add_member [-h] [cn] [dn]
cn cn of group to add member to
dn dn of object to add to group as member
COMMAND'dsidmgroupremove_member'
usage: dsidm [-v] [-j] instance group remove_member [-h] [cn] [dn]
cn cn of group to remove member from
dn dn of object to remove from group as member
COMMAND'dsidminitialise'
usage: dsidm [-v] [-j] instance initialise [-h] [--version VERSION]
OPTIONS'dsidminitialise'--versionVERSION
The version of entries to create.
COMMAND'dsidmorganizationalunit'
usage: dsidm [-v] [-j] instance organizationalunit [-h]
{list,get,get_dn,create,delete,modify,rename} ...
POSITIONALARGUMENTS'dsidmorganizationalunit'dsidmorganizationalunitlist
list
dsidmorganizationalunitget
get
dsidmorganizationalunitget_dn
get_dn
dsidmorganizationalunitcreate
create
dsidmorganizationalunitdelete
deletes the object
dsidmorganizationalunitmodify
modify <add|delete|replace>:<attribute>:<value> ...
dsidmorganizationalunitrename
rename the object
COMMAND'dsidmorganizationalunitlist'
usage: dsidm [-v] [-j] instance organizationalunit list [-h]
COMMAND'dsidmorganizationalunitget'
usage: dsidm [-v] [-j] instance organizationalunit get [-h] [selector]
selector
The term to search for
COMMAND'dsidmorganizationalunitget_dn'
usage: dsidm [-v] [-j] instance organizationalunit get_dn [-h] [dn]
dn The dn to get
COMMAND'dsidmorganizationalunitcreate'
usage: dsidm [-v] [-j] instance organizationalunit create [-h] [--ou [OU]]
OPTIONS'dsidmorganizationalunitcreate'--ou[OU]
Value of ou
COMMAND'dsidmorganizationalunitdelete'
usage: dsidm [-v] [-j] instance organizationalunit delete [-h] [dn]
dn The dn to delete
COMMAND'dsidmorganizationalunitmodify'
usage: dsidm [-v] [-j] instance organizationalunit modify [-h]
selector
changes [changes ...]
selector
The ou to modify
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
COMMAND'dsidmorganizationalunitrename'
usage: dsidm [-v] [-j] instance organizationalunit rename [-h]
[--keep-old-rdn]
selector new_name
selector
The ou to rename
new_name
A new organizational unit name
OPTIONS'dsidmorganizationalunitrename'--keep-old-rdn
Specify whether the old RDN (i.e. 'ou: old_ou') should be kept as an attribute of the entry or not
COMMAND'dsidmposixgroup'
usage: dsidm instance posixgroup [-h]
{list,get,get_dn,create,delete,modify,rename} ...
POSITIONALARGUMENTS'dsidmposixgroup'dsidmposixgrouplist
list
dsidmposixgroupget
get
dsidmposixgroupget_dn
get_dn
dsidmposixgroupcreate
create
dsidmposixgroupdelete
deletes the object
dsidmposixgroupmodify
modify <add|delete|replace>:<attribute>:<value> ...
dsidmposixgrouprename
rename the object
COMMAND'dsidmposixgrouplist'
usage: dsidm [-v] [-j] instance posixgroup list [-h]
COMMAND'dsidmposixgroupget'
usage: dsidm [-v] [-j] instance posixgroup get [-h] [selector]
selector
The term to search for
COMMAND'dsidmposixgroupget_dn'
usage: dsidm [-v] [-j] instance posixgroup get_dn [-h] [dn]
dn The dn to get
COMMAND'dsidmposixgroupcreate'
usage: dsidm [-v] [-j] instance posixgroup create [-h] [--cn [CN]]
[--gidNumber [GIDNUMBER]]
OPTIONS'dsidmposixgroupcreate'--cn[CN]
Value of cn
--gidNumber[GIDNUMBER]
Value of gidNumber
COMMAND'dsidmposixgroupdelete'
usage: dsidm [-v] [-j] instance posixgroup delete [-h] [dn]
dn The dn to delete
COMMAND'dsidmposixgroupmodify'
usage: dsidm [-v] [-j] instance posixgroup modify [-h] selector changes [changes ...]
selector
The cn to modify
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
COMMAND'dsidmposixgrouprename'
usage: dsidm [-v] [-j] instance posixgroup rename [-h] [--keep-old-rdn]
selector new_name
selector
The cn to rename
new_name
A new posix group name
OPTIONS'dsidmposixgrouprename'--keep-old-rdn
Specify whether the old RDN (i.e. 'cn: old_group') should be kept as an attribute of the entry or
not
COMMAND'dsidmuser'
usage: dsidm instance user [-h]
{list,get,get_dn,create,modify,rename,delete} ...
POSITIONALARGUMENTS'dsidmuser'dsidmuserlist
list
dsidmuserget
get
dsidmuserget_dn
get_dn
dsidmusercreate
create
dsidmusermodify
modify <add|delete|replace>:<attribute>:<value> ...
dsidmuserrename
rename the object
dsidmuserdelete
deletes the object
COMMAND'dsidmuserlist'
usage: dsidm [-v] [-j] instance user list [-h]
COMMAND'dsidmuserget'
usage: dsidm [-v] [-j] instance user get [-h] [selector]
selector
The term to search for
COMMAND'dsidmuserget_dn'
usage: dsidm [-v] [-j] instance user get_dn [-h] [dn]
dn The dn to get
COMMAND'dsidmusercreate'
usage: dsidm [-v] [-j] instance user create [-h] [--uid [UID]] [--cn [CN]]
[--displayName [DISPLAYNAME]]
[--uidNumber [UIDNUMBER]]
[--gidNumber [GIDNUMBER]]
[--homeDirectory [HOMEDIRECTORY]]
OPTIONS'dsidmusercreate'--uid[UID]
Value of uid
--cn[CN]
Value of cn
--displayName[DISPLAYNAME]
Value of displayName
--uidNumber[UIDNUMBER]
Value of uidNumber
--gidNumber[GIDNUMBER]
Value of gidNumber
--homeDirectory[HOMEDIRECTORY]
Value of homeDirectory
COMMAND'dsidmusermodify'
usage: dsidm [-v] [-j] instance user modify [-h] selector changes [changes ...]
selector
The uid to modify
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
COMMAND'dsidmuserrename'
usage: dsidm [-v] [-j] instance user rename [-h] [--keep-old-rdn] selector new_name
selector
The uid to modify
new_name
A new user name
OPTIONS'dsidmuserrename'--keep-old-rdn
Specify whether the old RDN (i.e. 'cn: old_user') should be kept as an attribute of the entry or
not
COMMAND'dsidmuserdelete'
usage: dsidm [-v] [-j] instance user delete [-h] [dn]
dn The dn to delete
COMMAND'dsidmclient_config'
usage: dsidm instance client_config [-h] {sssd.conf,ldap.conf,display} ...
POSITIONALARGUMENTS'dsidmclient_config'dsidmclient_configsssd.conf
Generate a SSSD configuration for this LDAP server
dsidmclient_configldap.conf
Generate an OpenLDAP ldap.conf configuration for this LDAP server
dsidmclient_configdisplay
Display generic application parameters for LDAP connection
COMMAND'dsidmclient_configsssd.conf'
usage: dsidm instance client_config sssd.conf [-h] [allowed_group]
allowed_group
The name of the group allowed access to this system
COMMAND'dsidmclient_configldap.conf'
usage: dsidm instance client_config ldap.conf [-h]
COMMAND'dsidmclient_configdisplay'
usage: dsidm instance client_config display [-h]
COMMAND'dsidmrole'
usage: dsidm [-v] [-j] instance role [-h]
{list,get,get-by-dn,create-managed,create-filtered,create-nested,modify-by-dn,rename-by-dn,delete,lock,unlock,entry-status,subtree-status}
...
POSITIONALARGUMENTS'dsidmrole'dsidmrolelist
list roles that could login to the directory
dsidmroleget
get
dsidmroleget-by-dn
get-by-dn <dn>
dsidmrolecreate-managed
create
dsidmrolecreate-filtered
create
dsidmrolecreate-nested
create
dsidmrolemodify-by-dn
modify-by-dn <dn> <add|delete|replace>:<attribute>:<value> ...
dsidmrolerename-by-dn
rename the object
dsidmroledelete
deletes the role
dsidmrolelock
lock
dsidmroleunlock
unlock
dsidmroleentry-status
status of a single entry
dsidmrolesubtree-status
status of a subtree
COMMAND'dsidmrolelist'
usage: dsidm [-v] [-j] instance role list [-h]
COMMAND'dsidmroleget'
usage: dsidm [-v] [-j] instance role get [-h] [selector]
selector
The term to search for
COMMAND'dsidmroleget-by-dn'
usage: dsidm [-v] [-j] instance role get-by-dn [-h] [dn]
dn The dn to get and display
COMMAND'dsidmrolecreate-managed'
usage: dsidm [-v] [-j] instance role create-managed [-h] [--cn [CN]]
OPTIONS'dsidmrolecreate-managed'--cn[CN]
Value of cn
COMMAND'dsidmrolecreate-filtered'
usage: dsidm [-v] [-j] instance role create-filtered [-h] [--cn [CN]]
OPTIONS'dsidmrolecreate-filtered'--cn[CN]
Value of cn
COMMAND'dsidmrolecreate-nested'
usage: dsidm [-v] [-j] instance role create-nested [-h] [--cn [CN]]
[--nsRoleDN [NSROLEDN]]
OPTIONS'dsidmrolecreate-nested'--cn[CN]
Value of cn
--nsRoleDN[NSROLEDN]
Value of nsRoleDN
COMMAND'dsidmrolemodify-by-dn'
usage: dsidm [-v] [-j] instance role modify-by-dn [-h]
dn changes [changes ...]
dn The dn to modify
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
COMMAND'dsidmrolerename-by-dn'
usage: dsidm [-v] [-j] instance role rename-by-dn [-h] [--keep-old-rdn]
dn new_dn
dn The dn to rename
new_dn A new account dn
OPTIONS'dsidmrolerename-by-dn'--keep-old-rdn
Specify whether the old RDN (i.e. 'cn: old_account') should be kept as an attribute of the entry
or not
COMMAND'dsidmroledelete'
usage: dsidm [-v] [-j] instance role delete [-h] [dn]
dn The dn of the role to delete
COMMAND'dsidmrolelock'
usage: dsidm [-v] [-j] instance role lock [-h] [dn]
dn The dn to lock
COMMAND'dsidmroleunlock'
usage: dsidm [-v] [-j] instance role unlock [-h] [dn]
dn The dn to unlock
COMMAND'dsidmroleentry-status'
usage: dsidm [-v] [-j] instance role entry-status [-h] [dn]
dn The single entry dn to check
COMMAND'dsidmrolesubtree-status'
usage: dsidm [-v] [-j] instance role subtree-status [-h] [-f FILTER]
[-s {base,one,sub}]
basedn
basedn Search base for finding entries
OPTIONS'dsidmrolesubtree-status'-fFILTER, --filterFILTER
Search filter for finding entries
-s{base,one,sub}, --scope{base,one,sub}
Search scope (base, one, sub - default is sub
COMMAND'dsidmservice'
usage: dsidm [-v] [-j] instance service [-h]
{list,get,get_dn,create,modify,rename,delete} ...
POSITIONALARGUMENTS'dsidmservice'dsidmservicelist
list
dsidmserviceget
get
dsidmserviceget_dn
get_dn
dsidmservicecreate
create
dsidmservicemodify
modify <add|delete|replace>:<attribute>:<value> ...
dsidmservicerename
rename the object
dsidmservicedelete
deletes the object
COMMAND'dsidmservicelist'
usage: dsidm [-v] [-j] instance service list [-h]
COMMAND'dsidmserviceget'
usage: dsidm [-v] [-j] instance service get [-h] [selector]
selector
The term to search for
COMMAND'dsidmserviceget_dn'
usage: dsidm [-v] [-j] instance service get_dn [-h] [dn]
dn The dn to get
COMMAND'dsidmservicecreate'
usage: dsidm [-v] [-j] instance service create [-h] [--cn [CN]]
[--description [DESCRIPTION]]
OPTIONS'dsidmservicecreate'--cn[CN]
Value of cn
--description[DESCRIPTION]
Value of description
COMMAND'dsidmservicemodify'
usage: dsidm [-v] [-j] instance service modify [-h]
selector changes [changes ...]
selector
The cn to modify
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
COMMAND'dsidmservicerename'
usage: dsidm [-v] [-j] instance service rename [-h] [--keep-old-rdn]
selector new_name
selector
The cn to modify
new_name
A new service name
OPTIONS'dsidmservicerename'--keep-old-rdn
Specify whether the old RDN (i.e. 'cn: old_service') should be kept as an attribute of the entry
or not
COMMAND'dsidmservicedelete'
usage: dsidm [-v] [-j] instance service delete [-h] [dn]
dn The dn to delete
COMMAND'dsidmuniquegroup'
usage: dsidm instance uniquegroup [-h]
{list,get,get_dn,create,delete,modify,rename,members,add_member,remove_member}
...
POSITIONALARGUMENTS'dsidmuniquegroup'dsidmuniquegrouplist
list
dsidmuniquegroupget
get
dsidmuniquegroupget_dn
get_dn
dsidmuniquegroupcreate
create
dsidmuniquegroupdelete
deletes the object
dsidmuniquegroupmodify
modify <add|delete|replace>:<attribute>:<value> ...
dsidmuniquegrouprename
rename the object
dsidmuniquegroupmembers
List member dns of a group
dsidmuniquegroupadd_member
Add a member to a group
dsidmuniquegroupremove_member
Remove a member from a group
COMMAND'dsidmuniquegrouplist'
usage: dsidm [-v] [-j] instance uniquegroup list [-h]
COMMAND'dsidmuniquegroupget'
usage: dsidm [-v] [-j] instance uniquegroup get [-h] [selector]
selector
The term to search for
COMMAND'dsidmuniquegroupget_dn'
usage: dsidm [-v] [-j] instance uniquegroup get_dn [-h] [dn]
dn The dn to get
COMMAND'dsidmuniquegroupcreate'
usage: dsidm [-v] [-j] instance uniquegroup create [-h] [--cn [CN]]
OPTIONS'dsidmuniquegroupcreate'--cn[CN]
Value of cn
COMMAND'dsidmuniquegroupdelete'
usage: dsidm [-v] [-j] instance uniquegroup delete [-h] [dn]
dn The dn to delete
COMMAND'dsidmuniquegroupmodify'
usage: dsidm [-v] [-j] instance uniquegroup modify [-h] selector changes [changes ...]
selector
The cn to modify
changes
A list of changes to apply in format: <add|delete|replace>:<attribute>:<value>
COMMAND'dsidmuniquegrouprename'
usage: dsidm [-v] [-j] instance uniquegroup rename [-h] [--keep-old-rdn]
selector new_name
selector
The cn to rename
new_name
A new group name
OPTIONS'dsidmuniquegrouprename'--keep-old-rdn
Specify whether the old RDN (i.e. 'cn: old_group') should be kept as an attribute of the entry or
not
COMMAND'dsidmuniquegroupmembers'
usage: dsidm [-v] [-j] instance uniquegroup members [-h] [cn]
cn cn of group to list members of
COMMAND'dsidmuniquegroupadd_member'
usage: dsidm [-v] [-j] instance uniquegroup add_member [-h] [cn] [dn]
cn cn of group to add member to
dn dn of object to add to group as member
COMMAND'dsidmuniquegroupremove_member'
usage: dsidm [-v] [-j] instance uniquegroup remove_member [-h] [cn] [dn]
cn cn of group to remove member from
dn dn of object to remove from group as member
Install Now
PNG Icons
