NeST(8) BSD System Manager's Manual NeST(8)
NAME
NeST -- Mac OS X Server NetInfo Setup Tool
SYNOPSIS
NeST command [args]
DESCRIPTION
NeST is used to configure the directory system for a server.
COMMANDS
NeST -createstaticip <parent IP address> <admin account name> [-withldap]
NeST -enableldapserver
NeST -disableldapserver
NeST -destroyparent [<parent tag>]
NeST -destroyorphanedparent [<parent tag>]
NeST -setldapdhcp
NeST -setldapstatic <IP or domain name> <port> SSL|NoSSL <search base>
NeST -settimpasswds <admin acct ID> <passwd>
NeST -broadcast
NeST -dhcp
NeST -static <server> <tag>
NeST -allbindings <server> <tag>
NeST -setnetinfo [broadcast] [dhcp] [static <server> <tag>]
NeST -addchild <child host name> <child IP address>
NeST -target <target IP address>
NeST -getconfig
NeST -getstyle
NeST -getparentconfig
NeST -getchildconfig
NeST -authserver
NeST -getpasswordserverstyle
NeST -getpasswordserveraddress
NeST -verifypasswordserveradmin <server IP> <admin name> <admin password>
NeST -startpasswordserver
NeST -stoppasswordserver
NeST -NOpasswordserver
NeST -usepasswordserver <server IP> <admin name> <admin password> <server
admin name> <server admin password>
NeST -hostpasswordserver <admin name> [<admin password>] [<default server
IP> <IP2> <IP3> ...]
NeST -convertuser <user name> [<directory node administrator> [<user
password> [<admin password>]]]
NeST -pwsrekey [<key size in bits>]
NeST -pwsstandalone [<admin name> <admin password>]
NeST -setupreplica <ip address of master> <admin name> <admin password>
NeST -stripsyncdates
NeST -migrateip <[old IP|all]> <new IP>
NeST -getprotocols
NeST -setprotocols <sasl mech name> <on|off> ...
NeST -ver
USAGE
-createstaticip This command is deprecated. Create a new master
domain binding to a specific IP address. Copies the
root account to new master domain and also copies
the admin user account if provided.
-enableldapserver Enables the LDAP server (requires that a network
NetInfo domain exists).
-disableldapserver Disables the LDAP server, but does not remove the
database.
-destroyparent Destroy the locally hosted master domain. Uses the
default network tag if non provided.
-setldapdhcp Enables binding to an LDAP server using DHCP option
95.
-setldapstatic Configures to use the specified LDAP server.
Requires server based mappings.
-settimpasswds Sets the tim password for the root and admin
accounts In both local and master domain if it
exists. Note: The tim authentication server must be
running and initialized with the autostart option
for this option to succeed.
-broadcast Removes targeted domain information.
-setnetinfo Sets the NetInfo binding based on parameters passed
in.
-addchild Adds a child for this server to bind to.
-target Targets the local domain to a specific parent.
-getconfig Returns uppercase for active and lowercase for
inactive. local,client,parent,broad-
cast,dhcp,static,tim,ip,tag.
-getstyle Returns whether configuration is local, child, par-
ent, or advanced, and whether a parent exists but
is not used locally.
-getparentconfig Returns whether there is a NetInfo parent, NetInfo
and LDAP, or no parent.
-getchildconfig Returns whether this machine is a NetInfo or LDAP
client, local only, or advanced.
-authserver Sets AUTHSERVER=-YES- in /etc/hostconfig.
-getpasswordserverstyle
Returns none, use, host.
-getpasswordserveraddress
Returns the address of the current password server
-verifypasswordserveradmin
Returns whether the directory user is an admin, and
the user's ID
-startpasswordserver Sets configuration and launches the password server
-stoppasswordserver Sets configuration and terminates the password
server
-NOpasswordserver Removes the configuration record for the password
server from the directory.
-usepasswordserver Sets the password server for this machine's domain
-hostpasswordserver Configures this system to host a password server
and creates a password server administrator. Omit
the password parameter to get a secure prompt.
-convertuser Converts a regular user to a password server
account. The user will not be able to administrate
the password server. Use -hostpasswordserver to
migrate administrators to password server.
-pwsrekey Divorces the password server from a replicated sys-
tem and issues a new RSA key. Users in the local
and LDAP directories are migrated to the new key.
Valid key sizes are 1024, 2048, and 3072.
-pwsstandalone Revokes the shared key pair from a replica and
issues a new RSA key. Users in the local directory
are migrated to the new key.
-stripsyncdates Removes the last synchronization dates from the
password server's replication list, causing an
update of all records.
-migrateip Replaces configuration data in the directory with a
new IP address. Updates user records in the local
directory to use the new IP address.
-getprotocols Returns the list of active SASL plug-ins
-setprotocols Modifies the list of SASL plug-ins
-ver Displays version information.
FILES & FOLDERS
/usr/sbin/NeST
SEE ALSO
mkpassdb(8)
Mac OS X Server 21 February 2002 Mac OS X Server
Mac OS X 10.4 Server - Generated Thu Jun 12 20:00:22 CDT 2008