Change Directory Server Attr (CHGDIRSVRA)
| Where allowed to run: All environments (*ALL) Threadsafe: Yes |
Parameters Examples Error messages |
The Change Directory Server Attributes (CHGDIRSVRA) command changes the Directory Server configuration. The Directory Server provides a Lightweight Directory Access Protocol (LDAP) server on IBM i.
Restrictions:
- You must have all object (*ALLOBJ) and input/output system configuration (*IOSYSCFG) special authorities to use this command.
- You must have read/write (*RW) authority to the Directory Server configuration file (ibmslapd.conf) located in the /QIBM/UserData/OS400/DirSrv/idsslapd-<INSTANCE>/etc directory, where the <INSTANCE> is replaced by the value of the INSTANCE parameter.
| Top |
Parameters
| Keyword | Description | Choices | Notes |
|---|---|---|---|
| INSTANCE | Instance | Name, QUSRDIR | Optional, Positional 1 |
| DN | Distinguished name | Single values: *SAME Other values: Element list |
Optional |
| Element 1: Distinguished name | Character value, *ADMINDN, *UPDATEDN | ||
| Element 2: Password | Character value |
| Top |
Instance (INSTANCE)
Specifies the Directory Server instance whose configuration is to be changed.
- QUSRDIR
- The name of the system default Directory Server instance.
- name
- Specify a Directory Server instance name. The name has a minimum of one character and a maximum of eight characters.
| Top |
Distinguished name (DN)
Specifies a new password for one of the Directory Server's administrative users. The passwords that can be changed include:
- The server administrator
- Local administrative group members
- Replication supplier bind distinguished names
Single value
- *SAME
- The value does not change.
Element 1: Distinguished name
- *ADMINDN
- Used to change the Directory Server administrator's password. To change the password for a member of the local administrative group, specify the DN for that administrative group member.
- *UPDATEDN
- Used to change the password for the distinguished name that a supplier server can use when propagating directory updates to this server. This corresponds to the DN and password specified for the default replication credentials. To change the password for a subtree-specific supplier, specify the bind DN for that supplier.
- character-value
- Specify the distinguished name to have its password changed, for example, cn=administrator. The maximum length is 50 characters.
Element 2: Password
- character-value
- Specify the new password for the distinguished name. The password is case sensitive and must be enclosed in apostrophes. The maximum length is 50 characters.
| Top |
Examples
Example 1: Change the Administrator Password
CHGDIRSVRA INSTANCE(QUSRDIR)
DN(*ADMINDN 'private')
This command changes the Directory Server administrator's password for the QUSRDIR Directory Server instance configuration.
Example 2: Change the Update Password
CHGDIRSVRA INSTANCE(QUSRDIR)
DN(*UPDATEDN 'private')
This command changes the password for the distinguished name that the master server must use when propagating directory updates to the QUSRDIR replica Directory Server instance configuration.
Example 3: Change the cn=Fluffy Password
CHGDIRSVRA INSTANCE(DOGGIES)
DN('cn=Fluffy' 'poodle')
This command changes the password for the Fluffy distinguished name in the DOGGIES Directory Server instance configuration.
| Top |
Error messages
*ESCAPE Messages
- GLD0215
- Directory server instance &1 not found.
- GLD0218
- Not enough authority or incorrect distinguished name and password specified.
- GLD0219
- Both the administrator distinguished name and the administrator password are required.
- GLD021C
- The caller of the API must have &1 and &2 special authority to configure the server.
- GLD0227
- Distinguished name cannot be modified while the server is active.
- GLD0229
- Validation list &1 in library &2 not found.
- GLD0231
- Cannot set the password for a projected user.
- CPFA314
- Memory allocation error.
| Top |