Manualshelf

Setup guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE DIRECTORY SERVER 6.01
31323334353637383940
How the Tool Works
40 Netscape Certificate Management System Command-Line Tools Guide May 2002
The output also contains the status of each entry in the directory. It can be one of
the values specified i n Table 4-1.
If a PIN already exists f or a user, it will by default not be changed if you run the
setpin command a second time. This is so that you can generate PINs for new
users w ithout overwriting PINs for users who have previously been notified of
their PINs. If you want to overwrite a PIN, you should use the
clobber option.
Once you are sure that the filter is matching the right users, you should run the
setpin command again with the write option,andwith output set to the name of
the file to capture the unhashed PINs. This output file is in the same format as the
input file. For details about the output file, see “Output File” on page 42.
Input File
The PIN Generator can receive a list of DNs to modify in a text file specified by the
input=<file_name> argument. If you specify an input file, the tool compares the
DNs itfiltered fromthe LDAP directorywith theones inthe inputfile,and updates
only those DNs that matched the ones in the input file.
The purpose of the input file is multifold. It enables you to provide the Pin
Generator with an exact list of DNs to modify. Via the input file, you can also
provide the P IN Generator with PINs (in plain text format) for all DNs or for
specific DNs.
The following examples explain why you might want to use the input file:
Table 4-1 PIN Generator status
Exit code Description
notwritten Specifies that t he PINs were not written to the directory, b ecause the write
option was not specified on the command line.
writefailed Specifies that the tool made an attempt to modify the directory, but the write
operation was unsuccessful.
added Specifies that the tool added the new PIN to directory successfully.
replaced Specifies that the tool replaced an old PIN with a new one (the clobber option
was specified).
notreplaced Specifies that the tool did not replace the old PIN with a new one (the clobber
option was not specified).