NeST(8) BSD System Manager's Manual NeST(8)
NAME
NeST -- Mac OS X Server NetInfo Setup Tool
SYNOPSIS
NeST command [args]
DESCRIPTION
NeST is used to configure the directory system for a server.
COMMANDS
NeST -createstaticip <parent IP address> <admin account name> [-withldap] NeST -enableldapserver NeST -disableldapserver NeST -destroyparent [<parent tag>] NeST -destroyorphanedparent [<parent tag>] NeST -setldapdhcp NeST -setldapstatic <IP or domain name> <port> SSL|NoSSL <search base> NeST -settimpasswds <admin acct ID> <passwd> NeST -broadcast NeST -dhcp NeST -static <server> <tag> NeST -allbindings <server> <tag> NeST -setnetinfo [broadcast] [dhcp] [static <server> <tag>] NeST -addchild <child host name> <child IP address> NeST -target <target IP address> NeST -getconfig NeST -getstyle NeST -getparentconfig NeST -getchildconfig NeST -authserver NeST -getpasswordserverstyle NeST -getpasswordserveraddress NeST -verifypasswordserveradmin <server IP> <admin name> <admin password> NeST -startpasswordserver NeST -stoppasswordserver NeST -NOpasswordserver NeST -usepasswordserver <server IP> <admin name> <admin password> <server admin name> <server admin password> NeST -hostpasswordserver <admin name> [<admin password>] [<default server IP> <IP2> <IP3> ...] NeST -convertuser <user name> [<directory node administrator> [<user password> [<admin password>]]] NeST -pwsrekey [<key size in bits>] NeST -pwsstandalone [<admin name> <admin password>] NeST -setupreplica <ip address of master> <admin name> <admin password> NeST -stripsyncdates NeST -migrateip <[old IP|all]> <new IP> NeST -getprotocols NeST -setprotocols <sasl mech name> <on|off> ... NeST -ver
USAGE
-createstaticip This command is deprecated. Create a new master domain binding to a specific IP address. Copies the root account to new master domain and also copies the admin user account if provided. -enableldapserver Enables the LDAP server (requires that a network NetInfo domain exists). -disableldapserver Disables the LDAP server, but does not remove the database. -destroyparent Destroy the locally hosted master domain. Uses the default network tag if non provided. -setldapdhcp Enables binding to an LDAP server using DHCP option 95. -setldapstatic Configures to use the specified LDAP server. Requires server based mappings. -settimpasswds Sets the tim password for the root and admin accounts In both local and master domain if it exists. Note: The tim authentication server must be running and initialized with the autostart option for this option to succeed. -broadcast Removes targeted domain information. -setnetinfo Sets the NetInfo binding based on parameters passed in. -addchild Adds a child for this server to bind to. -target Targets the local domain to a specific parent. -getconfig Returns uppercase for active and lowercase for inactive. local,client,parent,broad- cast,dhcp,static,tim,ip,tag. -getstyle Returns whether configuration is local, child, par- ent, or advanced, and whether a parent exists but is not used locally. -getparentconfig Returns whether there is a NetInfo parent, NetInfo and LDAP, or no parent. -getchildconfig Returns whether this machine is a NetInfo or LDAP client, local only, or advanced. -authserver Sets AUTHSERVER=-YES- in /etc/hostconfig. -getpasswordserverstyle Returns none, use, host. -getpasswordserveraddress Returns the address of the current password server -verifypasswordserveradmin Returns whether the directory user is an admin, and the user's ID -startpasswordserver Sets configuration and launches the password server -stoppasswordserver Sets configuration and terminates the password server -NOpasswordserver Removes the configuration record for the password server from the directory. -usepasswordserver Sets the password server for this machine's domain -hostpasswordserver Configures this system to host a password server and creates a password server administrator. Omit the password parameter to get a secure prompt. -convertuser Converts a regular user to a password server account. The user will not be able to administrate the password server. Use -hostpasswordserver to migrate administrators to password server. -pwsrekey Divorces the password server from a replicated sys- tem and issues a new RSA key. Users in the local and LDAP directories are migrated to the new key. Valid key sizes are 1024, 2048, and 3072. -pwsstandalone Revokes the shared key pair from a replica and issues a new RSA key. Users in the local directory are migrated to the new key. -stripsyncdates Removes the last synchronization dates from the password server's replication list, causing an update of all records. -migrateip Replaces configuration data in the directory with a new IP address. Updates user records in the local directory to use the new IP address. -getprotocols Returns the list of active SASL plug-ins -setprotocols Modifies the list of SASL plug-ins -ver Displays version information.
FILES & FOLDERS
/usr/sbin/NeST
SEE ALSO
mkpassdb(8) Mac OS X Server 21 February 2002 Mac OS X Server
Mac OS X 10.4 Server - Generated Thu Jun 12 20:00:22 CDT 2008