System information
Table 6.1.
1.3. Usage
The following command generates PINs for all entries that have the CN attribute in their
distinguished name in an LDAP directory named csldap listening on port 19000. The PIN
Generator binds to the directory as Directory Manager and starts searching the directory from
the base DN dn=o=example.com in the directory tree. Any existing PINs are overwritten with the
new ones.
setpin host=csldap port=19000 binddn="CN=directory manager" bindpw=password
filter="(cn=*)" \
basedn="o=example.com" clobber write
2. How setpin Works
The PIN Generator generates PINs for user entries in an LDAP directory and updates the
directory with these PINs. To run the setpin command, the following five options are required:
• The host name (host) and port number (port) of the LDAP server
• The bind DN (binddn) and password (bindpw)
• An LDAP filter (filter) for filtering out the user entries that require PINs
The setpin command looks like the following:
setpin host=csldap port=19000 binddn="CN=Directory Manager" bindpw=redhat
filter="(ou=employees)" \
basedn="o=example.com"
This example queries the directory for all the entries in the employees organizational unit (ou).
For each entry matching the filter, information is printed out to standard error and to the
standard output.
Note
Because the PIN Generator makes a lot of changes to the directory, it is
important to use the correct filter, or the wrong entries are modified. Using the
write option is a safeguard because no changes are made to the directory
Usage
25