Add Directory Server Instance (ADDDIRINST)
| Where allowed to run: All environments (*ALL) Threadsafe: No |
Parameters Examples Error messages |
The Add Directory Server Instance (ADDDIRINST) command is used to create a Directory Server instance. The user database library and instance configuration library are created, and the configuration and schema files for the instance are also created. The server instance can run as a standalone Directory Server. The server instance can be removed by running the Remove Directory Server Instance (RMVDIRINST) command.
Restrictions:
- You must have all object (*ALLOBJ) and input/output system configuration (*IOSYSCFG) special authorities to use this command.
| Top |
Parameters
| Keyword | Description | Choices | Notes |
|---|---|---|---|
| INSTANCE | Instance | Name | Required, Key, Positional 1 |
| ADMIN | Administrator | Element list | Optional |
| Element 1: Distinguished name | Character value, *DFT | ||
| Element 2: Password | Character value, *GEN | ||
| PORT | Port | 1-65535, 389 | Optional |
| SSLPORT | SSL port | 1-65535, 636 | Optional |
| TEXT | Text 'description' | Character value, *NONE | Optional |
| USERDBLIB | User database library | Element list | Optional |
| Element 1: User database library | Name, *INSTANCE | ||
| Element 2: If library does not exist | *CRT, *NOCRT | ||
| ENBCHGLOG | Enable change log | *NO, *YES | Optional |
| CHGLOGLIB | Change log library | Element list | Optional |
| Element 1: Change log library | Name, *INSTANCE | ||
| Element 2: If library does not exist | *CRT, *NOCRT | ||
| ASP | ASP number | 1-32, 1, *ASPDEV | Optional |
| ASPDEV | ASP device | Name, *ASP, *ASPGRPPRI, *SYSTEM | Optional |
| INTNETADR | Internet address | Single values: *CURSYS Other values (up to 5 repetitions): Character value |
Optional |
| AUTOSTART | Autostart server | *YES, *NO | Optional |
| SUFFIX | Suffix | Values (up to 10 repetitions): Character value, *HOSTNAME | Optional |
| Top |
Instance (INSTANCE)
Specifies the name of the Directory Server instance to be created.
This is a required parameter.
- QUSRDIR
- This is the system default Directory Server instance.
- name
- Specify a Directory Server instance name. The name has a minimum of one character and a maximum of eight characters.
| Top |
Administrator (ADMIN)
Specifies the name and password for the administrator of the Directory Server instance to be created.
Element 1: Distinguished name
- *DFT
- Use the default distinguished name for administrator, cn=administrator.
- character-value
- Specify the distinguished name of the administrator for the Directory Server instance to be created.
Element 2: Password
- *GEN
- A random password value will be generated for you.
- character-value
- Specify the password for the administrator for the Directory Server instance to be created. The password is case sensitive. The maximum length is 50 characters.
| Top |
Port (PORT)
Specifies the port to be listened by the Directory Server instance for unencrypted LDAP communication.
- 389
- The default port number for unencrypted LDAP communication.
- 1-65535
- Specify the port number for unencrypted LDAP communication.
| Top |
SSL port (SSLPORT)
Specifies the port to be listened by the Directory Server instance for encrypted LDAP communication.
- 636
- The default port number for encrypted LDAP communication.
- 1-65535
- Specify the port number for encrypted LDAP communication.
| Top |
Text 'description' (TEXT)
Specifies the description for the instance to be created.
- *NONE
- No descriptive text is associated with the instance.
- character-value
- Specify the description for the server instance. A maximum of 256 characters can be specified.
| Top |
User database library (USERDBLIB)
Specifies the library used to store the user data (Directory Entries) for the Directory Server instance to be created, and whether to create it or not if it does not exist on the system.
Element 1: User database library
- *INSTANCE
- The default name for the user database library is formed with the string "DB" appended to the instance name.
- name
- Specify the name for the user database library. The name has a minimum of one character and a maximum of ten characters.
Element 2: If library does not exist
- *CRT
- Create the library if it does not exist.
- *NOCRT
- Do not create the library. Please make sure the library exists on the system.
| Top |
Enable change log (ENBCHGLOG)
Specifies whether the change log is enabled or not for the instance to be created.
- *NO
- Disable the change log for the instance.
- *YES
- Enable the change log for the instance.
| Top |
Change log library (CHGLOGLIB)
Specifies the library used to store the change log for the Directory Server instance to be created, and whether to create it or not if it does not exist on the system.
Element 1: Change log library
- *INSTANCE
- The default name for the change log library is formed with the string "CL" appended to the instance name.
- name
- Specify the name for the change log library. The name has a minimum of one character and a maximum of ten characters.
Element 2: If library does not exist
- *CRT
- Create the library if it does not exist.
- *NOCRT
- Do not create the library. Please make sure the library exists on the system.
| Top |
ASP number (ASP)
Specifies the number of the system or basic user auxiliary storage pool (ASP) where storage for the library is allocated. For libraries created in an ASP, all objects in the library must be in the same ASP as the library. When a value other than *ASP is specified for the ASP device (ASPDEV) parameter, *ASPDEV is the only valid value that can be specified for the ASP number (ASP) parameter, if specified. Also when a value other than *ASP is specified for the ASPDEV parameter, the ASP parameter can be omitted and its defaulted value will be ignored.
- 1
- The storage space for the library is allocated from the system auxiliary storage pool ASP 1.
- *ASPDEV
- The storage for the library is allocated from the primary or secondary ASP specified for the ASPDEV parameter.
- 1-32
- Specify the number of the system or basic user ASP.
| Top |
ASP device (ASPDEV)
Specifies the auxiliary storage pool (ASP) device name where storage is allocated for the library. When a value other than *ASPDEV is specified for the ASP number (ASP) parameter, ASPDEV(*ASP) is the only valid value for the ASP device (ASPDEV) parameter, if specified. Other values for the ASPDEV parameter are valid if the ASP parameter is omitted. In this case, the defaulted value for the ASP parameter is ignored.
- *ASP
- The storage for the library is allocated from the system or basic user ASP specified for the ASP parameter.
- *ASPGRPPRI
- The storage for the library is allocated from the primary ASP of the thread's ASP group. If no ASP group is associated with the thread an error message is sent.
- *SYSTEM
- The storage for the library is allocated from the system ASP (ASP 1)
- name
-
- Specify the name of a primary or secondary ASP device. The storage for the library is allocated from the primary or secondary ASP. The primary or secondary ASP must have been activated (by varying on the ASP device) and have a status of 'Available'.
- Note: To specify a specific auxiliary storage pool (ASP) device name, you must have use (*USE) authority for each ASP device in the ASP group.
| Top |
Internet address (INTNETADR)
- Specifies the IP addresses to be used by the instance. This field can hold multiple values. The maximum length for each value is 45.
- An IPv4 internet address is specified in the form nnn.nnn.nnn.nnn, where nnn is a decimal number ranging from 0 through 255.
- An IPv6 internet address is specified in the form x:x:x:x:x:x:x:x, where x is a hexadecimal number ranging from 0 through X'FFFF'. "::" may be used once in the IPv6 address to indicate one or more groups of 16 bits of zeros. The "::" may be used to compress leading, imbedded, or trailing zeros in the address.
- An IPv4-mapped IPv6 address may be specified. An IPv4-mapped IPv6 address is specified in the form ::FFFF:nnn.nnn.nnn.nnn, where nnn is a decimal number ranging from 0 through 255.
Single values
- *CURSYS
- Use all the IP addresses that are configured on the system.
Other values (up to 5 repetitions)
- character-value
- Specify the IP addresses to be used by the instance.
| Top |
Autostart server (AUTOSTART)
Specifies whether the server instance starts automatically when TCP/IP starts.
- *YES
- Specify that the server instance starts automatically when TCP/IP starts.
- *NO
- Specify that the server instance does not start when TCP/IP starts.
| Top |
Suffix (SUFFIX)
Specifies the suffixes to be used by the instance. This field can hold multiple values. The maximum length for each value is 512. Directory suffixes determine which objects in an LDAP directory that the server can access. For the Directory Server to be able to access objects in a directory, objects must have one of the directory's suffixes at the end of their distinguished names (DNs).
For example, if "dc=company,dc=com" were specified as the only suffix on a Directory Server, the server could access an object in the directory that had DN "dc=product,dc=company,dc=com". However, "dc=products,dc=mycompany,dc=com" could not be accessed by the server unless a corresponding suffix, such as "dc=mycompany,dc=com", were added. Note, however, that the object "dc=products,dc=mycompany,dc=com" could still exist in the directory, where it might be accessed by another server that did have a corresponding suffix.
The suffix cannot be a duplicate, parent, or a child of a suffix already in the list. The suffix cannot be a reserved suffix for the Directory Server. The reserved suffixes are shown as below:
- cn=anybody
- cn=authenticated
- cn=debug
- cn=changelog
- cn=configuration
- cn=localhost
- cn=monitor
- cn=pwdpolicy
- cn=schema
- cn=this
- cn=ibmpolicies
- cn=deleted objects
You can specify 10 values for this parameter.
- *HOSTNAME
- The value for the suffix is the hostname in domain component (DC) notation. For example, "company.com.xx" is formated as "dc=company,dc=com,dc=xx".
- character-value
- Specify the suffixes to be used by the instance.
| Top |
Examples
Example 1: Create an Instance with Specified Ports
ADDDIRINST INSTANCE(MYINST1)
DN('CN=ADMINISTRATOR' 'mypassword')
PORT(1389)
SSLPORT(1636)
TEXT('my first instance')
This command creates a Directory Server instance with the name 'MYINST1'. The password for the administrator DN 'CN=ADMINISTRATOR' is 'mypassword'. The port number is 1389, and the SSL port number is 1636. The description for this instance is 'my first instance'. After the instance is created, a library named MYINST1DB is created to contain the user entries. And a directory path '/QIBM/UserData/OS400/DIRSRV/idsslapd-MYINST1' is created to contain the configuration and schema files.
Example 2: Create an Instance on an Independent ASP
ADDDIRINST INSTANCE(MYINST2)
ASP(*ASPDEV) ASPDEV(IASP1)
DN('CN=ADMINISTRATOR' 'mypassword')
PORT(2389)
SSLPORT(2636)
TEXT('my second instance')
This command creates a Directory Server instance with the name 'MYINST2'. The change log is enabled, and the library for the change log is MYINST2CL. The user entries and change logs are located on an IASP named IASP1.
| Top |
Error messages
*ESCAPE Messages
- GLD0201
- Directory server instance &1 already exists.
- GLD0218
- Not enough authority or incorrect distinguished name and password specified.
- GLD021C
- The caller of the API must have &1 and &2 special authority to configure the server.
- GLD0229
- Validation list &1 in library &2 not found.
- GLD095A
- Distinguished name is not valid.
- GLD095D
- Suffix syntax is not valid.
- GLD095E
- Suffix value is not valid.
- CPFA314
- Memory allocation error.
- CPF2172
- ASPDEV value not valid with value specified for ASP.
- CPF218A
- Library &1 cannot be created into ASP &2.
- CPF218B
- Library &1 cannot be created into ASPDEV &2.
- CPF2197
- Library &1 cannot be created into user ASP &2.
- CPF2209
- Library &1 not found.
| Top |