.unboundid-ldapsdk.6.0.11.source-code.unboundid-ldapsdk-tools.properties Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of unboundid-ldapsdk Show documentation
Show all versions of unboundid-ldapsdk Show documentation
The UnboundID LDAP SDK for Java is a fast, comprehensive, and easy-to-use
Java API for communicating with LDAP directory servers and performing
related tasks like reading and writing LDIF, encoding and decoding data
using base64 and ASN.1 BER, and performing secure communication. This
package contains the Standard Edition of the LDAP SDK, which is a
complete, general-purpose library for communicating with LDAPv3 directory
servers.
# Copyright 2008-2023 Ping Identity Corporation
# All Rights Reserved.
#
# -----
#
# Copyright 2008-2023 Ping Identity Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# -----
#
# Copyright (C) 2008-2023 Ping Identity Corporation
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License (GPLv2 only)
# or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
# as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, see .
# The fully-qualified name of the class to create.
class.name=com.unboundid.ldap.sdk.unboundidds.tools.ToolMessages
INFO_MANAGE_ACCT_TOOL_DESC=Retrieve or update information about the current \
state of a user account. Processing will be performed using the password \
policy state extended operation, and you must have the password-reset \
privilege to use this extended operation.
INFO_MANAGE_ACCT_ARG_GROUP_TARGET_USER_ARGS=Arguments for Identifying Target \
Users
INFO_MANAGE_ACCT_ARG_GROUP_PERFORMANCE=Arguments for Adjusting Performance
INFO_MANAGE_ACCT_ARG_DESC_TARGET_DN=The DN of the user entry on which to \
operate. This argument may be provided multiple times to specify multiple \
user DNs.
INFO_MANAGE_ACCT_ARG_DESC_DN_FILE=The path to a file containing the DNs of \
the user entries on which to operate. The DN file must contain one DN per \
line, and blank lines and lines starting with an octothorpe (#) will be \
ignored. This argument may be provided multiple times to use multiple DN \
files.
INFO_MANAGE_ACCT_ARG_DESC_TARGET_FILTER=An LDAP filter that may be used to \
identify the user entries on which to operate. The {0} argument may be \
used to specify the base DN for the search. This argument may be provided \
multiple times to specify multiple target filters.
INFO_MANAGE_ACCT_ARG_DESC_FILTER_INPUT_FILE=The path to a file containing a \
set of LDAP filters to use to identify the user entries on which to \
operate. The {0} argument may be used to specify the base DN for the \
searches. The filter file must contain one filter per line, and blank \
lines and lines starting with an octothorpe (#) will be ignored. This \
argument may be provided multiple times to use multiple filter files.
INFO_MANAGE_ACCT_ARG_DESC_TARGET_USER_ID=A string that identifies a user on \
which to operate. The tool will search for the user with a base DN \
specified by the {0} argument and a user ID attribute specified by the {1} \
argument. This argument may be provided multiple times to specify multiple \
target user IDs.
INFO_MANAGE_ACCT_ARG_DESC_USER_ID_INPUT_FILE=The path to a file containing a \
set of user ID values. The file must contain one user ID per line, and \
blank lines and lines starting with an octothorpe (#) will be ignored. The \
tool will search for the users with a base DN specified by the {0} argument \
and a user ID attribute specified by the {1} argument. This argument may \
be provided multiple times to use multiple user ID files.
INFO_MANAGE_ACCT_ARG_DESC_USER_ID_ATTR=The name or OID of the attribute used \
to identify users with IDs specified using the {0} and {1} arguments. If \
this argument is not provided, a default user ID attribute of {2} will be \
used.
INFO_MANAGE_ACCT_ARG_DESC_BASE_DN=The base DN to use when searching for user \
entries when using any of the {0}, {1}, {2}, or {3} arguments. If this \
argument is not provided, the default base DN will be the null DN.
INFO_MANAGE_ACCT_ARG_DESC_SIMPLE_PAGE_SIZE=Indicates that any searches \
performed to identify which users to target should make use of the simple \
paged results control to cause the entries to be returned in sets of no \
more than the specified number of entries. When processing searches that \
may return a large number of entries, setting a page size can help reduce \
the likelihood that the server will need to block while sending results \
to the client if matching entries are identified much more quickly than \
the client can process the desired {0} operations against those entries. \
Further, when performing searches that may return a large number of \
entries, and especially for unindexed searches, setting a page size can \
help the client more efficiently resume processing in the event that the \
connection used to process the search becomes unusable.
INFO_MANAGE_ACCT_ARG_DESC_NUM_THREADS=The number of concurrent threads to use \
when performing {0} operations against user entries. If this argument is \
not provided, a default value of one will be used.
INFO_MANAGE_ACCT_ARG_DESC_NUM_SEARCH_THREADS=The number of concurrent threads \
to use when searching for entries to target with {0} operations. This will \
only be used if arguments are provided that require the tool to perform \
searches to identify which entries to target (and will primarily be useful \
only in cases in which there will be multiple searches, as when reading \
filters or user IDs from a file). If this argument is not provided, a \
default value of one will be used.
INFO_MANAGE_ACCT_ARG_DESC_RATE_PER_SECOND=The maximum rate, in operations per \
second, at which to target user entries. If neither this nor the {0} \
argument is provided, then the tool will not perform any rate limiting.
INFO_MANAGE_ACCT_ARG_DESC_VARIABLE_RATE_DATA=The path to a file containing a \
variable rate definition that may be used to cause the tool to vary the \
amount of load it generates over time. If neither this nor the {0} \
argument is provided, then the tool will not perform any rate limiting.
INFO_MANAGE_ACCT_ARG_DESC_GENERATE_SAMPLE_RATE_FILE=The path to a file to \
create with a sample variable rate definition. This file will contain \
comments that describe the expected format for the file to use with the {0} \
argument.
INFO_MANAGE_ACCT_ARG_DESC_REJECT_FILE=The path to a file to write with a \
record of any unsuccessful attempts to retrieve or update account \
information for a user.
INFO_MANAGE_ACCT_ARG_DESC_APPEND_TO_REJECT_FILE=Indicates that the tool \
should append to the file specified by the {0} argument if it already \
exists. If this argument is not provided and the reject file already \
exists, it will be overwritten.
INFO_MANAGE_ACCT_ARG_DESC_SUPPRESS_EMPTY_RESULT_OPERATIONS=Indicates that the \
result information for each {0} operation processed should suppress \
information about password policy state operations included in the result \
that do not have any values. Operations presented without values generally \
indicated that the user''s password policy is not configured for the \
associated functionality (e.g., if the password expiration time was \
requested but password expiration is not enabled in the user''s password \
policy).
INFO_MANAGE_ACCT_SC_DESC_GET_ALL=Retrieve all available state information for \
a user.
INFO_MANAGE_ACCT_SC_GET_ALL_EXAMPLE=Retrieve all available state information \
for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_POLICY_DN=Retrieve the DN of the password policy \
that governs a user.
INFO_MANAGE_ACCT_SC_GET_POLICY_DN_EXAMPLE=Retrieve the DN of the password \
policy that governs user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_IS_USABLE=Determine whether a user account will \
be allowed to authenticate or be used as an alternate authorization identity.
INFO_MANAGE_ACCT_SC_GET_IS_USABLE_EXAMPLE=Determine whether user ''{0}'' will \
be permitted to authenticate or be used as an alternate authorization \
identity.
INFO_MANAGE_ACCT_SC_DESC_GET_USABILITY_NOTICES=Retrieve any password policy \
state account usability notice messages for a user. These messages may \
provide useful information about the state of the user account, but do not \
necessarily represent a current or imminent problem with the account.
INFO_MANAGE_ACCT_SC_GET_USABILITY_NOTICES_EXAMPLE=Retrieve any password \
policy state account usability notice messages for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_USABILITY_WARNINGS=Retrieve any password policy \
state account usability warning messages for a user. The messages may \
provide information about conditions that may leave a user account unusable \
in the near future unless corrective action is taken.
INFO_MANAGE_ACCT_SC_GET_USABILITY_WARNINGS_EXAMPLE=Retrieve any password \
policy state account usability warning messages for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_USABILITY_ERRORS=Retrieve any password policy \
state account usability error messages for a user. The messages may \
provide information about conditions that prevent a user account from \
authenticating, being used as an alternate authorization identity, or \
otherwise functioning normally.
INFO_MANAGE_ACCT_SC_GET_USABILITY_ERRORS_EXAMPLE=Retrieve any password \
policy state account usability error messages for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_PW_CHANGED_TIME=Retrieve the time that a user''s \
password was last changed, whether via a self change or an administrative \
reset.
INFO_MANAGE_ACCT_SC_GET_PW_CHANGED_TIME_EXAMPLE=Retrieve the time that the \
password for user ''{0}'' was last changed.
INFO_MANAGE_ACCT_SC_DESC_SET_PW_CHANGED_TIME=Set the password changed time \
value for a user.
INFO_MANAGE_ACCT_SC_SET_PW_CHANGED_TIME_ARG_VALUE=The new value for the \
password changed time. It must be a timestamp formatted either in \
generalized time form or in the local time zone using one of the following \
formats: YYYYMMDDhhmmss.uuu, YYYYMMDDhhmmss, or YYYYMMDDhhmm. If this \
argument is not provided, the password changed time will be set to the \
current time.
INFO_MANAGE_ACCT_SC_SET_PW_CHANGED_TIME_EXAMPLE=Set the password changed time \
for user ''{0}'' to ''{1}''.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_CHANGED_TIME=Clear the password changed \
time value for a user. For password policy evaluations that require \
knowing when the user''s password was last changed, the server will attempt \
to fall back to using the create timestamp, if available.
INFO_MANAGE_ACCT_SC_CLEAR_PW_CHANGED_TIME_EXAMPLE=Clear the password changed \
time for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_IS_DISABLED=Determine whether a user account has \
been disabled by an administrator and cannot authenticate or be used as an \
alternate authorization identity. This can also be accomplished with a \
standard LDAP search operation by determining whether the user entry has a \
ds-pwp-account-disabled operational attribute with a value of true.
INFO_MANAGE_ACCT_SC_GET_IS_DISABLED_EXAMPLE=Determine whether the account \
for user ''{0}'' has been disabled by an administrator.
INFO_MANAGE_ACCT_SC_DESC_SET_IS_DISABLED=Specify whether a user account is \
administratively disabled. A disabled account cannot authenticate or be \
used as an alternate authorization identity. This can also be accomplished \
with a standard LDAP modify operation by setting the value of the \
ds-pwp-account-disabled operational attribute in the user''s entry with a \
value of either true or false (or by removing the attribute from the \
user''s entry, which is equivalent to giving it a value of false).
INFO_MANAGE_ACCT_SC_SET_IS_DISABLED_ARG_VALUE=The new value for the flag \
indicating whether the user''s account is disabled. The value must be \
either ''true'' or ''false''.
INFO_MANAGE_ACCT_SC_SET_IS_DISABLED_EXAMPLE=Update user ''{0}'' to make the \
account administratively disabled.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_IS_DISABLED=Clear the account disabled state \
information from a user entry, which is logically equivalent to using the \
{0} subcommand with an {1} value of false. This can also be accomplished \
with a standard LDAP modify operation by removing the \
ds-pwp-account-disabled operational attribute from the user''s entry.
INFO_MANAGE_ACCT_SC_CLEAR_IS_DISABLED_EXAMPLE=Clear the account disabled \
state information for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_ACT_TIME=Retrieve the account activation \
time for a user. If the activation time is in the future, the user cannot \
authenticate or be used as an alternate authorization identity. This can \
also be accomplished with a standard LDAP search operation by retrieving \
the ds-pwp-account-activation-time operational attribute from the user''s \
entry.
INFO_MANAGE_ACCT_SC_GET_ACCT_ACT_TIME_EXAMPLE=Retrieve the account activation \
time for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_ACT_TIME=Set the account activation time \
for a user. If the activation time is in the future, the user cannot \
authenticate or be used as an alternate authorization identity. This can \
also be accomplished with a standard LDAP modify operation by setting the \
ds-pwp-account-activation-time attribute to have a generalized time \
representation of the desired activation time.
INFO_MANAGE_ACCT_SC_SET_ACCT_ACT_TIME_ARG_VALUE=The new value for the account \
activation time. It must be a timestamp formatted either in generalized \
time form or in the local time zone using one of the following formats: \
YYYYMMDDhhmmss.uuu, YYYYMMDDhhmmss, or YYYYMMDDhhmm. If this argument is \
not provided, the account activation time will be set to the current time.
INFO_MANAGE_ACCT_SC_SET_ACCT_ACT_TIME_EXAMPLE=Set the account activation time \
for user ''{0}'' to ''{1}''.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_ACCT_ACT_TIME=Clear the account activation \
time for a user. If the account previously had an activation time in the \
future, this will make it immediately eligible for use. This can also be \
accomplished with a standard LDAP modify operation by removing the \
ds-pwp-account-activation-time attribute from the user''s entry.
INFO_MANAGE_ACCT_SC_CLEAR_ACCT_ACT_TIME_EXAMPLE=Clear the account activation \
time for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_ACCT_ACT=Retrieve the length of \
time in seconds until a user''s account is eligible for use.
INFO_MANAGE_ACCT_SC_GET_SECONDS_UNTIL_ACCT_ACT_EXAMPLE=Retrieve the length of \
time in seconds until user account ''{0}'' will be eligible for use.
INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_NOT_YET_ACTIVE=Determine whether a user \
account has an activation time in the future and therefore cannot \
authenticate or be used as an alternate authorization identity.
INFO_MANAGE_ACCT_SC_GET_ACCT_NOT_YET_ACTIVE_EXAMPLE=Determine whether user \
''{0}'' has an account activation time in the future.
INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_EXP_TIME=Retrieve the account expiration \
time for a user. If the expiration time is in the past, the user cannot \
authenticate or be used as an alternate authorization identity. This can \
also be accomplished with a standard LDAP search operation by retrieving \
the ds-pwp-account-expiration-time operational attribute from the user''s \
entry.
INFO_MANAGE_ACCT_SC_GET_ACCT_EXP_TIME_EXAMPLE=Retrieve the account expiration \
time for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_EXP_TIME=Set the account expiration time \
for a user. If the expiration time is in the past, the user cannot \
authenticate or be used as an alternate authorization identity. This can \
also be accomplished with a standard LDAP modify operation by setting the \
ds-pwp-account-expiration-time attribute to have a generalized time \
representation of the desired expiration time.
INFO_MANAGE_ACCT_SC_SET_ACCT_EXP_TIME_ARG_VALUE=The new value for the account \
expiration time. It must be a timestamp formatted either in generalized \
time form or in the local time zone using one of the following formats: \
YYYYMMDDhhmmss.uuu, YYYYMMDDhhmmss, or YYYYMMDDhhmm. If this argument is \
not provided, the account expiration time will be set to the current time.
INFO_MANAGE_ACCT_SC_SET_ACCT_EXP_TIME_EXAMPLE=Set the account expiration time \
for user ''{0}'' to ''{1}''.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_ACCT_EXP_TIME=Clear the account expiration \
time for a user. If the account previously had an expiration time in the \
past, this will make it immediately eligible for use. This can also be \
accomplished with a standard LDAP modify operation by removing the \
ds-pwp-account-expiration-time attribute from the user''s entry.
INFO_MANAGE_ACCT_SC_CLEAR_ACCT_EXP_TIME_EXAMPLE=Clear the account expiration \
time for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_ACCT_EXP=Retrieve the length of \
time in seconds until a user''s account expires.
INFO_MANAGE_ACCT_SC_GET_SECONDS_UNTIL_ACCT_EXP_EXAMPLE=Retrieve the length \
of time in seconds until user account ''{0}'' expires.
INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_IS_EXPIRED=Determine whether a user account \
has an expiration time in the past and therefore cannot authenticate or be \
used as an alternate authorization identity.
INFO_MANAGE_ACCT_SC_GET_ACCT_IS_EXPIRED_EXAMPLE=Determine whether user \
''{0}'' has an account expiration time in the past.
INFO_MANAGE_ACCT_SC_DESC_GET_PW_EXP_WARNED_TIME=Retrieve the time that a user \
received the first warning about an upcoming password expiration. This \
will only be available if password expiration is enabled in the user''s \
password policy.
INFO_MANAGE_ACCT_SC_GET_PW_EXP_WARNED_TIME_EXAMPLE=Retrieve the time that \
user ''{0}'' received the first warning about an upcoming password \
expiration.
INFO_MANAGE_ACCT_SC_DESC_SET_PW_EXP_WARNED_TIME=Specify the time that a user \
received the first warning about an upcoming password expiration. Note \
that this will not in itself trigger a password expiration warning nor \
cause any account status notification handlers to be invoked. This will \
have no effect if password expiration is not enabled in the user''s \
password policy.
INFO_MANAGE_ACCT_SC_SET_PW_EXP_WARNED_TIME_ARG_VALUE=The new value for the \
password expiration warned time. It must be a timestamp formatted either \
in generalized time form or in the local time zone using one of the \
following formats: YYYYMMDDhhmmss.uuu, YYYYMMDDhhmmss, or YYYYMMDDhhmm. \
If this argument is not provided, the password expiration warned time will \
be set to the current time.
INFO_MANAGE_ACCT_SC_SET_PW_EXP_WARNED_TIME_EXAMPLE=Set the password \
expiration warned time for user ''{0}'' to ''{1}''.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_EXP_WARNED_TIME=Clear a record of any \
password expiration warning from a user''s entry.
INFO_MANAGE_ACCT_SC_CLEAR_PW_EXP_WARNED_TIME_EXAMPLE=Clear the password \
expiration warned time for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_PW_EXP_WARNING=Retrieve the length \
of time in seconds until a user will be eligible to start receiving \
warnings about an upcoming password expiration. This will only be \
available if password expiration is enabled in the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_SECONDS_UNTIL_PW_EXP_WARNING_EXAMPLE=Retrieve the \
length of time in seconds until user ''{0}'' will be eligible to start \
receiving password expiration warnings.
INFO_MANAGE_ACCT_SC_DESC_GET_PW_EXP_TIME=Retrieves the time that a user''s \
password will expire. This will only be available if password expiration \
is enabled in the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_PW_EXP_TIME_EXAMPLE=Retrieves the time that the \
password for user ''{0}'' will expire.
INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_PW_EXP=Retrieves the length of \
time in seconds until a user''s password will expire. This will only be \
available if password expiration is available in the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_SECONDS_UNTIL_PW_EXP_EXAMPLE=Retrieves the length of \
time in seconds until the password for user ''{0}'' expires.
INFO_MANAGE_ACCT_SC_DESC_GET_PW_IS_EXPIRED=Determine whether a user account \
has an expired password and therefore cannot authenticate or be used as an \
alternate authorization identity.
INFO_MANAGE_ACCT_SC_GET_PW_IS_EXPIRED_EXAMPLE=Determine whether user ''{0}'' \
has an expired password.
INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_FAILURE_LOCKED=Determines whether a user''s \
account is locked as a result of too many failed authentication attempts. \
This will only be available if failure lockout is enabled in the user''s \
password policy.
INFO_MANAGE_ACCT_SC_GET_ACCT_FAILURE_LOCKED_EXAMPLE=Determines whether the \
account for user ''{0}'' is locked as a result of too many failed \
authentication attempts.
INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_FAILURE_LOCKED=Specifies whether a user''s \
account should be locked as a result of too many failed authentication \
attempts. This will have no effect if failure lockout is not enabled in \
the user''s password policy.
INFO_MANAGE_ACCT_SC_SET_ACCT_FAILURE_LOCKED_ARG_VALUE=Indicates whether the \
user''s account should be locked as a result of too many failed \
authentication attempts. The value must be either ''true'' (in which case \
the server will update the user''s entry to include the necessary number of \
failed authentication attempts) or ''false'' (in which case the server will \
clear information about any authentication failures from a user''s entry).
INFO_MANAGE_ACCT_SC_SET_ACCT_FAILURE_LOCKED_EXAMPLE=Forces the account for \
user ''{0}'' to be locked as a result of too many failed authentication \
attempts.
INFO_MANAGE_ACCT_SC_DESC_GET_FAILURE_LOCKED_TIME=Retrieves the time that a \
user''s account was locked as a result of too many failed authentication \
attempts. This will only be available if failure lockout is enabled in \
the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_FAILURE_LOCKED_TIME_EXAMPLE=Retrieves the time that \
the account for user ''{0}'' was locked as a result of too many failed \
authentication attempts.
INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_FAILURE_UNLOCK=Retrieves the \
length of time in seconds until a user''s temporary failure lockout \
expires. This will only be available if failure lockout is enabled in the \
user''s password policy.
INFO_MANAGE_ACCT_SC_GET_SECONDS_UNTIL_FAILURE_UNLOCK_EXAMPLE=Retrieves the \
length of time in seconds until the temporary failure lockout for user \
''{0}'' expires.
INFO_MANAGE_ACCT_SC_DESC_GET_AUTH_FAILURE_TIMES=Retrieves the timestamps for \
any failed authentication attempts for a user since the user''s last \
successful authentication. This will only be available if failure lockout \
is enabled in the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_AUTH_FAILURE_TIMES_EXAMPLE=Retrieves the timestamps \
for any failed authentication attempts for user ''{0}'' since that user''s \
last successful authentication.
INFO_MANAGE_ACCT_SC_DESC_ADD_AUTH_FAILURE_TIME=Adds one or more new values \
to the set of authentication failure times for a user. If the resulting \
set of authentication failure times has reached the configured lockout \
failure count, the user''s account will be locked. This will have no \
effect if failure lockout is not enabled in the user''s password policy.
INFO_MANAGE_ACCT_SC_ADD_AUTH_FAILURE_TIME_ARG_VALUE=A timestamp for an \
authentication failure time to add to the user''s entry. It must be a \
timestamp formatted either in generalized time form or in the local time \
zone using one of the following formats: YYYYMMDDhhmmss.uuu, \
YYYYMMDDhhmmss, or YYYYMMDDhhmm. This argument may be provided multiple \
times to specify multiple authentication failure times. If this argument \
is not provided, the current time will be added to the set of \
authentication failure times.
INFO_MANAGE_ACCT_SC_ADD_AUTH_FAILURE_TIME_EXAMPLE=Adds the current time to \
the set of authentication failure times for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_SET_AUTH_FAILURE_TIMES=Sets the timestamps for \
failed authentication attempts for a user. If the number of authentication \
failure times provided is greater than or equal to the lockout failure \
count for the user''s password policy, the user''s account will be locked. \
This will have no effect if failure lockout is not enabled in the user''s \
password policy.
INFO_MANAGE_ACCT_SC_SET_AUTH_FAILURE_TIMES_ARG_VALUE=A timestamp for an \
authentication failure time to set in the user''s entry. It must be a \
timestamp formatted either in generalized time form or in the local time \
zone using one of the following formats: YYYYMMDDhhmmss.uuu, \
YYYYMMDDhhmmss, or YYYYMMDDhhmm. This argument may be provided multiple \
times to specify multiple authentication failure times. If this argument \
is not provided, the set of authentication failure times will be updated \
to include only the current time.
INFO_MANAGE_ACCT_SC_SET_AUTH_FAILURE_TIMES_EXAMPLE=Sets the authentication \
failure times for user ''{0}'' to include values of ''{1}'' and ''{2}''.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_AUTH_FAILURE_TIMES=Clears the set of \
authentication failure times for a user. If the user''s account had been \
locked be of too many failed authentication attempts, this will also clear \
that lockout.
INFO_MANAGE_ACCT_SC_CLEAR_AUTH_FAILURE_TIMES_EXAMPLE=Clears the \
authentication failure times for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_REMAINING_FAILURE_COUNT=Retrieves the number of \
additional failed authentication attempts that will be required to lock a \
user''s account. This will only be available if failure lockout is enabled \
in the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_REMAINING_FAILURE_COUNT_EXAMPLE=Retrieves the \
remaining number of failed authentication attempts that will be required to \
lock the account for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_IDLE_LOCKED=Determines whether a user''s \
account is locked because it has been too long since the user last \
authenticated. This will only be available if idle lockout is enabled in \
the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_ACCT_IDLE_LOCKED_EXAMPLE=Determines whether the \
account for user ''{0}'' is locked because it has been too long since the \
user last authenticated.
INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_IDLE_LOCKOUT=Retrieves the length \
of time in seconds until the user''s account will be locked because it has \
been too long since the user last authenticated. This will only be \
available if idle lockout is enabled in the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_SECONDS_UNTIL_IDLE_LOCKOUT_EXAMPLE=Retrieves the \
length of time until the account for user ''{0}'' will be locked because \
it has been too long since the user last authenticated.
INFO_MANAGE_ACCT_SC_DESC_GET_IDLE_LOCKOUT_TIME=Retrieves the time at which \
the user''s account was locked because it had been too long since the user \
last authenticated, or the time it will be locked unless the user \
authenticates before that time. This will only be available if idle \
lockout is enabled in the user''s password policy
INFO_MANAGE_ACCT_SC_GET_IDLE_LOCKOUT_TIME_EXAMPLE=Retrieves the time at which \
the account for user ''{0}'' was locked because it had been too long since \
the user had last authenticated.
INFO_MANAGE_ACCT_SC_DESC_GET_MUST_CHANGE_PW=Determines whether a user''s \
password has been reset by an administrator and the user must choose a new \
password before they will be allowed to perform any other operations.
INFO_MANAGE_ACCT_SC_GET_MUST_CHANGE_PW_EXAMPLE=Determines whether the \
password for user ''{0}'' has been reset and must be changed before any \
other operations will be allowed.
INFO_MANAGE_ACCT_SC_DESC_SET_MUST_CHANGE_PW=Specifies whether a user''s \
password has been reset by an administrator and the user must choose a new \
password before they will be allowed to perform any other operations.
INFO_MANAGE_ACCT_SC_SET_MUST_CHANGE_PW_ARG_VALUE=Indicates whether the user \
should be forced to choose a new password before being permitted to \
perform any other operations. The value must be either ''true'' or \
''false''.
INFO_MANAGE_ACCT_SC_SET_MUST_CHANGE_PW_EXAMPLE=Specifies that the password \
for user ''{0}'' has been reset by an administrator and must be changed \
before they will be allowed to perform any other operations.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_MUST_CHANGE_PW=Clears the password reset state \
information from a user''s account. If the account had previously been \
locked because the user failed to choose a new password in a timely manner \
after an administrative reset, that lockout will be lifted.
INFO_MANAGE_ACCT_SC_CLEAR_MUST_CHANGE_PW_EXAMPLE=Clears the password reset \
state information from the account for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_IS_RESET_LOCKED=Determines whether the \
user''s account is locked because the user failed to choose a new password \
in a timely manner after an administrative reset. This will only be \
available if a maximum password reset age is defined in the user''s \
password policy.
INFO_MANAGE_ACCT_SC_GET_ACCT_IS_RESET_LOCKED_EXAMPLE=Determines whether the \
account for user ''{0}'' is locked because the user failed to choose a new \
password in a timely manner after an administrative reset.
INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_UNTIL_RESET_LOCKOUT=Determines the \
length of time in seconds until the user''s account will be locked unless \
they choose a new password after an administrative password reset. This \
will only be available if a maximum password reset age is defined in the \
user''s password policy.
INFO_MANAGE_ACCT_SC_GET_SECONDS_UNTIL_RESET_LOCKOUT_EXAMPLE=Determines the \
length of time in seconds until the account for user ''{0}'' will be \
locked unless they choose a new password.
INFO_MANAGE_ACCT_SC_DESC_GET_RESET_LOCKOUT_TIME=Retrieves the time that a \
user''s account was or will be locked for failing to choose a new password \
in a timely manner after an administrative reset. This will only be \
available if a maximum password reset age is defined in the user''s \
password policy.
INFO_MANAGE_ACCT_SC_GET_RESET_LOCKOUT_TIME_EXAMPLE=Retrieves the time that \
the account for user ''{0}'' was or will be locked for failing to choose a \
new password in a timely manner after an administrative reset.
INFO_MANAGE_ACCT_SC_DESC_GET_LAST_LOGIN_TIME=Retrieves the time that a user \
last authenticated. This will only be available if last login time \
tracking is enabled in the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_LAST_LOGIN_TIME_EXAMPLE=Retrieves the time that user \
''{0}'' last authenticated.
INFO_MANAGE_ACCT_SC_DESC_SET_LAST_LOGIN_TIME=Specifies the time that a user \
last authenticated. This will have no effect if last login time tracking \
is not enabled in the user''s password policy.
INFO_MANAGE_ACCT_SC_SET_LAST_LOGIN_TIME_ARG_VALUE=The timestamp to use for \
the last login time value. It must be a timestamp formatted either in \
generalized time form or in the local time zone using one of the following \
formats: YYYYMMDDhhmmss.uuu, YYYYMMDDhhmmss, or YYYYMMDDhhmm. If this \
argument is not provided, the last login time will be set to the current \
time.
INFO_MANAGE_ACCT_SC_SET_LAST_LOGIN_TIME_EXAMPLE=Sets the last login time for \
user ''{0}'' to ''{1}''.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_LAST_LOGIN_TIME=Clears the last login time \
from a user''s entry. This will have no effect if last login time tracking \
is not enabled in the user''s password policy.
INFO_MANAGE_ACCT_SC_CLEAR_LAST_LOGIN_TIME_EXAMPLE=Clears the last login time \
for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_LAST_LOGIN_IP=Retrieves the IP address of the \
client from which a user last authenticated. This will only be available \
if last login IP address tracking is enabled in the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_LAST_LOGIN_IP_EXAMPLE=Retrieves the IP address of the \
client from which user ''{0}'' last authenticated.
INFO_MANAGE_ACCT_SC_DESC_SET_LAST_LOGIN_IP=Specifies the IP address of the \
client from which a user last authenticated. This will have no effect if \
last login IP address tracking is not enabled in the user''s password policy.
INFO_MANAGE_ACCT_SC_SET_LAST_LOGIN_IP_ARG_VALUE=The last login IP address \
value to use. It may be an IPv4 or IPv6 address.
INFO_MANAGE_ACCT_SC_SET_LAST_LOGIN_IP_EXAMPLE=Sets the last login IP address \
for user ''{0}'' to ''{1}''.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_LAST_LOGIN_IP=Clears the last login IP address \
from a user''s entry. This will have no effect if last login IP address \
tracking is not enabled in the user''s password policy.
INFO_MANAGE_ACCT_SC_CLEAR_LAST_LOGIN_IP_EXAMPLE=Clears the last login IP \
address for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_GRACE_LOGIN_TIMES=Retrieves the times that a \
user has authenticated with grace logins after their password had expired. \
This will only be available if both password expiration and grace login \
supports are configured in the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_GRACE_LOGIN_TIMES_EXAMPLE=Retrieves the grace login \
times for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_ADD_GRACE_LOGIN_TIME=Adds one or more new values to \
the set of grace login use times for a user. This will have no effect \
unless both password expiration and grace login support are configured in \
the user''s password policy.
INFO_MANAGE_ACCT_SC_ADD_GRACE_LOGIN_TIME_ARG_VALUE=A timestamp for a grace \
login use time to add to the user''s entry. It must be a timestamp \
formatted either in generalized time form or in the local time zone using \
one of the following formats: YYYYMMDDhhmmss.uuu, YYYYMMDDhhmmss, or \
YYYYMMDDhhmm. This argument may be provided multiple times to specify \
multiple grace login use times. If this argument is not provided, the \
current time will be used.
INFO_MANAGE_ACCT_SC_ADD_GRACE_LOGIN_TIME_EXAMPLE=Adds the current time to the \
set of grace login use times for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_SET_GRACE_LOGIN_TIMES=Replaces the set of grace \
login use times for a user. This will have no effect unless both password \
expiration and grace login support are configured in the user''s password \
policy.
INFO_MANAGE_ACCT_SC_SET_GRACE_LOGIN_TIMES_ARG_VALUE=A timestamp for a grace \
login use time to set in the user''s entry. It must be a timestamp \
formatted either in generalized time form or in the local time zone using \
one of the following formats: YYYYMMDDhhmmss.uuu, YYYYMMDDhhmmss, or \
YYYYMMDDhhmm. This argument may be provided multiple times to specify \
multiple grace login use times. If this argument is not provided, the \
set of grace login use times will be updated to contain only the current \
time.
INFO_MANAGE_ACCT_SC_SET_GRACE_LOGIN_TIMES_EXAMPLE=Sets the grace login use \
times for user ''{0}'' to be ''{1}'' and ''{2}''.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_GRACE_LOGIN_TIMES=Clears the set of grace \
login use times for a user. This will have no effect unless both password \
expiration and grace login support are configured in the user''s password \
policy.
INFO_MANAGE_ACCT_SC_CLEAR_GRACE_LOGIN_TIMES_EXAMPLE=Clears the set of grace \
login use times for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_REMAINING_GRACE_LOGIN_COUNT=Retrieves the number \
of additional grace logins that will be available to a user before they \
will be unable to authenticate with an expired password. This will only be \
available if both password expiration and grace login support are enabled \
in the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_REMAINING_GRACE_LOGIN_COUNT_EXAMPLE=Retrieves the \
remaining number of grace logins that for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_PW_CHANGED_BY_REQ_TIME=Retrieves the most recent \
required change time with which a user has complied. This will only be \
available if a required change time is configured in the user''s password \
policy.
INFO_MANAGE_ACCT_SC_GET_PW_CHANGED_BY_REQ_TIME_EXAMPLE=Retrieves the most \
recent required change time with which user ''{0}'' has complied.
INFO_MANAGE_ACCT_SC_DESC_SET_PW_CHANGED_BY_REQ_TIME=Specifies the most recent \
required change time with which a user has complied. This will not have \
any effect unless a required change time is configured in the user''s \
password policy.
INFO_MANAGE_ACCT_SC_SET_PW_CHANGED_BY_REQ_TIME_ARG_VALUE=The most recent \
required change time with which the user has complied. It must be a \
timestamp formatted either in generalized time form or in the local time \
zone using one of the following formats: YYYYMMDDhhmmss.uuu, \
YYYYMMDDhhmmss, or YYYYMMDDhhmm. If this argument is not provided, the \
most recent required change time will be used.
INFO_MANAGE_ACCT_SC_SET_PW_CHANGED_BY_REQ_TIME_EXAMPLE=Specifies that user \
''{0}'' has most recently complied with the most recent required change time.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_CHANGED_BY_REQ_TIME=Clears the record of \
the most recent required change time with which a user has complied. This \
will not have any effect unless a required change time is configured in the \
user''s password policy.
INFO_MANAGE_ACCT_SC_CLEAR_PW_CHANGED_BY_REQ_TIME_EXAMPLE=Clears the record of \
the most recent required change time with which user ''{0}'' complied.
INFO_MANAGE_ACCT_SC_DESC_GET_SECS_UNTIL_REQ_CHANGE_TIME=Retrieves the length \
of time in seconds until the user account is locked for failure to comply \
with a required change time. This will only be available if a required \
change time is configured in the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_SECS_UNTIL_REQ_CHANGE_TIME_EXAMPLE=Retrieves the \
length of time in seconds until the account for user ''{0}'' is locked for \
failure to comply with a required change time.
INFO_MANAGE_ACCT_SC_DESC_GET_PW_HISTORY_COUNT=Retrieves the number of \
passwords in a user''s password history. This will only be available if the \
password history is enabled in the user''s password policy.
INFO_MANAGE_ACCT_SC_GET_PW_HISTORY_COUNT_EXAMPLE=Retrieves the number of \
passwords in the password history for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_PW_HISTORY=Clears the password history for a \
user. This will have no effect if the password history is not enabled in \
the user''s password policy.
INFO_MANAGE_ACCT_SC_CLEAR_PW_HISTORY_EXAMPLE=Clears the password history for \
user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_HAS_RETIRED_PW=Determines whether a user has an \
active retired password.
INFO_MANAGE_ACCT_SC_GET_HAS_RETIRED_PW_EXAMPLE=Determines whether user \
''{0}'' has a retired password.
INFO_MANAGE_ACCT_SC_DESC_GET_PW_RETIRED_TIME=Retrieves the time that a \
user''s former password was retired.
INFO_MANAGE_ACCT_SC_GET_PW_RETIRED_TIME_EXAMPLE=Retrieves the time the former \
password for user ''{0}'' was retired.
INFO_MANAGE_ACCT_SC_DESC_GET_RETIRED_PW_EXP_TIME=Retrieves the time that a \
user''s retired password will expire.
INFO_MANAGE_ACCT_SC_GET_RETIRED_PW_EXP_TIME_EXAMPLE=Retrieves the time that \
the retired password for user ''{0}'' will expire.
INFO_MANAGE_ACCT_SC_DESC_PURGE_RETIRED_PW=Purges a retired password from a \
user''s entry so that it may no longer be used to authenticate.
INFO_MANAGE_ACCT_SC_PURGE_RETIRED_PW_EXAMPLE=Purges a retired password for \
user ''{0}''.
ERR_MANAGE_ACCT_CANNOT_GENERATE_SAMPLE_RATE_FILE=An error occurred while \
attempting to write a sample variable rate definition to file ''{0}'': {1}
ERR_MANAGE_ACCT_CANNOT_CREATE_RATE_ADJUSTOR=An error occurred while \
attempting to initialize the variable-rate adjustor to alter the maximum \
load over time based on the definitions contained in file ''{0}'': {1}
ERR_MANAGE_ACCT_CANNOT_CREATE_CONNECTION_POOL=An error occurred while \
attempting to create a connection pool to perform {0} processing: {1}
ERR_MANAGE_ACCT_CANNOT_CREATE_REJECT_WRITER=An error occurred while \
attempting to create a reject writer to write information about failed \
operation attempts to file ''{0}'': {1}
ERR_MANAGE_ACCT_CANNOT_CREATE_PROCESSOR=An error occurred while attempting to \
initialize the password policy state operation processor: {0}
ERR_MANAGE_ACCT_CANNOT_BASE64_DECODE_DN=An error occurred while attempting to \
base64-decode the DN in line ''{0}'' read from file ''{1}'': {2}
ERR_MANAGE_ACCT_ERROR_READING_DN_FILE=An error occurred while attempting to \
read from DN file ''{0}'': {1}
ERR_MANAGE_ACCT_MALFORMED_FILTER_FROM_FILE=Filter file ''{0}'' contains \
line ''{1}'' that cannot be parsed as a valid search filter: {2}
ERR_MANAGE_ACCT_ERROR_READING_FILTER_FILE=An error occurred while attempting \
to read from filter file ''{0}'': {1}
ERR_MANAGE_ACCT_ERROR_READING_USER_ID_FILE=An error occurred while attempting \
to read from user ID file ''{0}'': {1}
INFO_MANAGE_ACCT_UNSOLICITED_NOTIFICATION=NOTICE: Received an unsolicited \
notification on connection {0}: {1}
ERR_MANAGE_ACCT_PROCESSOR_NO_SUBCOMMAND=Unable to perform any {0} processing \
because no subcommand was selected.
ERR_MANAGE_ACCT_PROCESSOR_UNSUPPORTED_SUBCOMMAND=Support for the ''{0}'' \
subcommand is not currently implemented in the {1} tool.
ERR_MANAGE_ACCT_SEARCH_OP_ERROR_READING_PAGE_RESPONSE=An error occurred \
while attempting to retrieve a simple paged results response control from \
search result {0} for filter {1}: {2}
ERR_MANAGE_ACCT_SEARCH_OP_CANNOT_GET_CONNECTION=Unable to get an LDAP \
connection to use to process search request {0}: {1}
INFO_MANAGE_ACCT_SEARCH_OP_SUCCESSFUL_PAGE=Successfully retrieved a page of \
entries matching filter {0}. Entries returned: {1}.
INFO_MANAGE_ACCT_SEARCH_OP_SUCCESSFUL_FULL=Successfully completed the search \
matching filter {0}. Entries returned: {1}.
ERR_MANAGE_ACCT_SEARCH_OP_FAILED_NO_RETRY=An error occurred while attempting \
to search for entries matching filter {0}: {1} {2}. No retry attempt will \
be made for this search.
ERR_MANAGE_ACCT_SEARCH_OP_FAILED_SECOND_ATTEMPT=An error occurred while \
attempting to search for entries matching filter {0}: {1} {2}. This was \
the second attempt to process the search and no further retry attempts \
will be made.
ERR_MANAGE_ACCT_SEARCH_OP_EXCEPTION=An unexpected exception was raised while \
attempting to process search request {0}: {1}
WARN_MANAGE_ACCT_SEARCH_OP_REFERRAL=WARNING: Search result reference \
returned while searching for entries matching filter ''{0}'': {1}. This \
referral will not be followed, so entries only accessible via this referral \
will not be processed.
INFO_MANAGE_ACCT_SC_DESC_GET_AVAILABLE_SASL_MECHS=Retrieves a list of the \
SASL mechanisms that are available for a user. This will take into account \
the server configuration, the types of credentials the user has, and the \
authentication constraints defined for the user.
INFO_MANAGE_ACCT_SC_GET_AVAILABLE_SASL_MECHS_EXAMPLE=Retrieves a list of the \
SASL mechanisms that are available for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_AVAILABLE_OTP_MECHS=Retrieves a list of the \
one-time password delivery mechanisms that are available for a user. If \
the user''s entry includes information about which OTP delivery mechanisms \
are preferred, then the values will be returned in order of most preferred \
to least preferred.
INFO_MANAGE_ACCT_SC_GET_AVAILABLE_OTP_MECHS_EXAMPLE=Retrieves a list of the \
one-time password delivery mechanisms that are available for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_HAS_TOTP_SHARED_SECRET=Determines whether a user \
has at least one TOTP shared secret that may be used in conjunction with \
the UNBOUNDID-TOTP SASL mechanism or the Verify TOTP extended operation.
INFO_MANAGE_ACCT_SC_GET_HAS_TOTP_SHARED_SECRET_EXAMPLE=Determines whether \
user ''{0}'' has at least one TOTP shared secret.
INFO_MANAGE_ACCT_SC_DESC_ADD_TOTP_SHARED_SECRET=Adds a value to the set of \
TOTP shared secrets for a user.
INFO_MANAGE_ACCT_SC_ADD_TOTP_SHARED_SECRET_EXAMPLE=Adds value ''{0}'' to the \
set of TOTP shared secrets for user ''{1}''.
INFO_MANAGE_ACCT_SC_ADD_TOTP_SHARED_SECRET_ARG_VALUE=The TOTP shared secret \
to register for a user. This argument must be provided at least once, but \
may be provided multiple times to specify multiple TOTP shared secrets to \
register.
INFO_MANAGE_ACCT_SC_DESC_REMOVE_TOTP_SHARED_SECRET=Removes a value from the \
set of TOTP shared secrets for a user.
INFO_MANAGE_ACCT_SC_REMOVE_TOTP_SHARED_SECRET_EXAMPLE=Removes value ''{0}'' \
from the set of TOTP shared secrets for user ''{1}''.
INFO_MANAGE_ACCT_SC_REMOVE_TOTP_SHARED_SECRET_ARG_VALUE=The TOTP shared \
secret to deregister for a user. This argument must be provided at least \
once, but may be provided multiple times to specify multiple TOTP shared \
secrets to deregister.
INFO_MANAGE_ACCT_SC_DESC_SET_TOTP_SHARED_SECRETS=Replaces the set of TOTP \
shared secrets registered for a user.
INFO_MANAGE_ACCT_SC_SET_TOTP_SHARED_SECRETS_EXAMPLE=Replaces the set of TOTP \
shared secrets for user ''{0}'' with a single value of ''{1}''.
INFO_MANAGE_ACCT_SC_SET_TOTP_SHARED_SECRETS_ARG_VALUE=The TOTP shared secret \
to register for a user. This argument must be provided at least once, but \
may be provided multiple times to specify multiple TOTP shared secrets to \
register.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_TOTP_SHARED_SECRETS=Clears the set of TOTP \
shared secrets registered for a user.
INFO_MANAGE_ACCT_SC_CLEAR_TOTP_SHARED_SECRETS_EXAMPLE=Clears the set of TOTP \
shared secrets registered for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_HAS_YUBIKEY_ID=Determines whether a user has at \
least one registered YubiKey OTP device public ID.
INFO_MANAGE_ACCT_SC_GET_HAS_YUBIKEY_ID_EXAMPLE=Determines whether user \
''{0}'' has at least one registered YubiKey OTP device public ID.
INFO_MANAGE_ACCT_SC_DESC_GET_YUBIKEY_IDS=Retrieves a list of the public IDs \
of the YubiKey OTP devices registered for a user.
INFO_MANAGE_ACCT_SC_GET_YUBIKEY_IDS_EXAMPLE=Retrieves a list of the public \
IDs of the YubiKey OTP devices registered for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_ADD_YUBIKEY_ID=Adds a value to the set of registered \
YubiKey OTP public IDs for a user.
INFO_MANAGE_ACCT_SC_ADD_YUBIKEY_ID_EXAMPLE=Adds value ''{0}'' to the set of \
registered YubiKey OTP public IDs for user ''{1}''.
INFO_MANAGE_ACCT_SC_ADD_YUBIKEY_ID_ARG_VALUE=The public ID for a YubiKey OTP \
device to register for a user. This argument must be provided at least \
once, but may be provided multiple times to specify multiple public IDs to \
register.
INFO_MANAGE_ACCT_SC_DESC_REMOVE_YUBIKEY_ID=Removes a value from the set of \
registered YubiKey OTP public IDs for a user.
INFO_MANAGE_ACCT_SC_REMOVE_YUBIKEY_ID_EXAMPLE=Removes value ''{0}'' from the \
set of registered YubiKey OTP public IDs for user ''{1}''.
INFO_MANAGE_ACCT_SC_REMOVE_YUBIKEY_ID_ARG_VALUE=The public ID for a YubiKey \
OTP device to deregister for a user. This argument must be provided at \
least once, but may be provided multiple times to specify multiple public \
IDs to deregister.
INFO_MANAGE_ACCT_SC_DESC_SET_YUBIKEY_IDS=Replaces the list of the public \
IDs of the YubiKey OTP devices registered for a user.
INFO_MANAGE_ACCT_SC_SET_YUBIKEY_IDS_EXAMPLE=Replaces the list of the public \
IDs of the YubiKey OTP devices registered for user ''{0}'' with a single \
public ID of ''{1}''.
INFO_MANAGE_ACCT_SC_SET_YUBIKEY_IDS_ARG_VALUE=The public ID for a YubiKey OTP \
device to register for a user. This argument must be provided at least \
once, but may be provided multiple times to specify multiple public IDs to \
register.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_YUBIKEY_IDS=Clears the list of the public IDs \
of the YubiKey OTP devices registered for a user.
INFO_MANAGE_ACCT_SC_CLEAR_YUBIKEY_IDS_EXAMPLE=Clears the list of the public \
IDs of the YubiKey OTP devices registered for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_HAS_STATIC_PW=Determines whether a user has one \
static password.
INFO_MANAGE_ACCT_SC_GET_HAS_STATIC_PW_EXAMPLE=Determines whether user \
''{0}'' has a static password.
INFO_MANAGE_ACCT_SC_DESC_GET_LAST_BIND_PW_VALIDATION_TIME=Retrieves the \
time the server last invoked password validators during a bind operation \
for a user.
INFO_MANAGE_ACCT_SC_GET_LAST_BIND_PW_VALIDATION_TIME_EXAMPLE=Retrieves the \
time the server last invoked password validators during a bind operation \
for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_SECONDS_SINCE_LAST_BIND_PW_VALIDATION=Retrieves \
the length of time in seconds since the server last invoked password \
validators during a bind operation for a user.
INFO_MANAGE_ACCT_SC_GET_SECS_SINCE_LAST_BIND_PW_VALIDATION_EXAMPLE=Retrieves \
the length of time in seconds since the server last invoked password \
validators during a bind operation for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_SET_LAST_BIND_PW_VALIDATION_TIME=Specifies the \
time the server last invoked password validators during a bind operation \
for a user.
INFO_MANAGE_ACCT_SC_SET_LAST_BIND_PW_VALIDATION_TIME_ARG_VALUE=The new value \
for the last bind password validation time for the user. It must be a \
timestamp formatted either in generalized time form or in the local time \
zone using one of the following formats: YYYYMMDDhhmmss.uuu, \
YYYYMMDDhhmmss, or YYYYMMDDhhmm. If this argument is not provided, the \
last bind password validation time will be set to the current time.
INFO_MANAGE_ACCT_SC_SET_LAST_BIND_PW_VALIDATION_TIME_EXAMPLE=Updates the \
password policy state for user ''{0}'' to indicate that the server last \
invoked password validators during a bind at time ''{1}''.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_LAST_BIND_PW_VALIDATION_TIME=Clears the \
time the server last invoked password validators during a bind operation \
for a user.
INFO_MANAGE_ACCT_SC_CLEAR_LAST_BIND_PW_VALIDATION_TIME_EXAMPLE=Clears the \
time the server last invoked password validators during a bind operation \
for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_GET_ACCT_VALIDATION_LOCKED=Determines whether a \
user''s account is locked because it contains a password that does not \
satisfy all of the configured password validators.
INFO_MANAGE_ACCT_SC_GET_ACCT_VALIDATION_LOCKED_EXAMPLE=Determines whether the \
account for user ''{0}'' is locked because it contains a password that does \
not satisfy all of the configured password validators.
INFO_MANAGE_ACCT_SC_DESC_SET_ACCT_VALIDATION_LOCKED=Specifies whether a \
user''s account should be locked because it contains a password that does \
not satisfy all of the configured password validators.
INFO_MANAGE_ACCT_SC_SET_ACCT_VALIDATION_LOCKED_ARG_VALUE=Indicates whether \
the user''s account should be locked because it contains a password that \
does not satisfy all of the configured password validators. The value must \
be either ''true'' or ''false''.
INFO_MANAGE_ACCT_SC_SET_ACCT_VALIDATION_LOCKED_EXAMPLE=Forces the account for \
user ''{0}'' to be locked because it contains a password that does not \
satisfy all of the configured password validators.
INFO_MANAGE_ACCT_SC_DESC_GET_RECENT_LOGIN_HISTORY=Retrieves the user''s \
recent login history.
INFO_MANAGE_ACCT_SC_GET_RECENT_LOGIN_HISTORY_EXAMPLE=Retrieves the recent \
login history for user ''{0}''.
INFO_MANAGE_ACCT_SC_DESC_CLEAR_RECENT_LOGIN_HISTORY=Clears the user''s recent \
login history.
INFO_MANAGE_ACCT_SC_CLEAR_RECENT_LOGIN_HISTORY_EXAMPLE=Clears the recent \
login history for user ''{0}''.
INFO_GEN_TOTP_SECRET_TOOL_DESC=Generate a shared secret that may be used to \
generate time-based one-time password (TOTP) authentication codes for use \
in authenticating with the UNBOUNDID-TOTP SASL mechanism, or in conjunction \
with the validate TOTP password extended operation.
INFO_GEN_TOTP_SECRET_PLACEHOLDER_AUTH_ID='{'authID'}'
INFO_GEN_TOTP_SECRET_DESCRIPTION_AUTH_ID=An authentication ID that identifies \
the user for whom the TOTP shared secret should be generated. This must \
be provided, and it should either be in the form ''dn:'' followed by the DN \
of the target user''s entry, or in the form ''u:'' followed by the username \
for the target user.
INFO_GEN_TOTP_SECRET_PLACEHOLDER_USER_PW='{'password'}'
INFO_GEN_TOTP_SECRET_DESCRIPTION_USER_PW=The static password for the user \
targeted by the {0} argument.
INFO_GEN_TOTP_SECRET_DESCRIPTION_USER_PW_FILE=The path to a file containing \
the static password for the user targeted by the {0} argument.
INFO_GEN_TOTP_SECRET_DESCRIPTION_PROMPT_FOR_USER_PW=Indicates that the tool \
should interactively prompt for the static password for the user targeted \
by the {0} argument.
INFO_GEN_TOTP_SECRET_PLACEHOLDER_SECRET='{'totpSharedSecret'}'
INFO_GEN_TOTP_SECRET_DESCRIPTION_REVOKE=Indicates that the server should \
revoke the provided TOTP shared secret rather than generating a new secret \
for the specified user.
INFO_GEN_TOTP_SECRET_DESCRIPTION_REVOKE_ALL=Indicates that the server \
should revoke all existing TOTP shared secrets for the specified user \
rather than generating a new secret.
ERR_GEN_TOTP_SECRET_CANNOT_CONNECT=An error occurred while attempting to \
establish a connection to use to communicate with the server: {0}
ERR_GEN_TOTP_SECRET_CANNOT_READ_PW_FROM_FILE=An error occurred while \
attempting to read the static password from file ''{0}'': {1}
INFO_GEN_TOTP_SECRET_ENTER_PW=Enter the static password for user ''{0}'':
ERR_GEN_TOTP_SECRET_CANNOT_READ_PW_FROM_STDIN=An error occurred while \
attempting to read the static password from standard input: {0}
INFO_GEN_TOTP_SECRET_REVOKE_SUCCESS=Successfully revoked TOTP shared secret \
''{0}''.
ERR_GEN_TOTP_SECRET_REVOKE_FAILURE=Unable to revoke TOTP shared secret {0}.
INFO_GEN_TOTP_SECRET_REVOKE_ALL_SUCCESS=Successfully revoked all TOTP shared \
secrets.
ERR_GEN_TOTP_SECRET_REVOKE_ALL_FAILURE=Unable to revoke all TOTP shared \
secrets.
INFO_GEN_TOTP_SECRET_GEN_SUCCESS=Successfully generated TOTP shared secret \
''{0}''.
ERR_GEN_TOTP_SECRET_GEN_FAILURE=Unable to generate a TOTP shared secret.
ERR_GEN_TOTP_SECRET_RESULT_CODE=Result code: {0}
ERR_GEN_TOTP_SECRET_DIAGNOSTIC_MESSAGE=Diagnostic Message: {0}
ERR_GEN_TOTP_SECRET_MATCHED_DN=Matched DN: {0}
ERR_GEN_TOTP_SECRET_REFERRAL_URL=Referral URL: {0}
INFO_GEN_TOTP_SECRET_GEN_EXAMPLE=Generate a TOTP secret for the user with \
username ''john.doe'' and a password entered at an interactive prompt.
INFO_GEN_TOTP_SECRET_REVOKE_ALL_EXAMPLE=Revoke all TOTP shared secrets for \
the user with username ''john.doe'' whose password is contained in file \
''password.txt''.
INFO_PLACEHOLDER_ATTR='{'attr'}'
INFO_PLACEHOLDER_AUTHZID='{'authzID'}'
INFO_PLACEHOLDER_FIELD_NAME='{'fieldName'}'
INFO_PLACEHOLDER_FILTER='{'filter'}'
INFO_PLACEHOLDER_LEVEL='{'level'}'
INFO_PLACEHOLDER_NUM='{'num'}'
INFO_PLACEHOLDER_PATH='{'path'}'
INFO_PLACEHOLDER_PURPOSE='{'purpose'}'
INFO_PLACEHOLDER_TIMEOUT='{'timeout'}'
INFO_RESULT_UTILS_RESULT_CODE=Result Code: {0}
INFO_RESULT_UTILS_SUCCESS_WITH_TXN=NOTE: No changes will actually be applied \
to the server until the transaction is committed.
INFO_RESULT_UTILS_DIAGNOSTIC_MESSAGE=Diagnostic Message: {0}
INFO_RESULT_UTILS_MATCHED_DN=Matched DN: {0}
INFO_RESULT_UTILS_REFERRAL_URL=Referral URL: {0}
INFO_RESULT_UTILS_NUM_SEARCH_ENTRIES=Number of Entries Returned: {0,number,0}
INFO_RESULT_UTILS_NUM_SEARCH_REFERENCES=Number of References Returned: \
{0,number,0}
INFO_RESULT_UTILS_START_TXN_RESULT_TXN_ID=Start Transaction Extended Result \
Transaction ID: {0}
INFO_RESULT_UTILS_END_TXN_RESULT_FAILED_MSG_ID=End Transaction Extended \
Result Failed Operation Message ID: {0}
INFO_RESULT_UTILS_END_TXN_RESULT_OP_CONTROL=End Transaction Extended Result \
Response Control for Message ID {0}:
INFO_RESULT_UTILS_MULTI_UPDATE_CHANGES_APPLIED=Multi-Update Changes Applied: \
{0}
INFO_RESULT_UTILS_MULTI_UPDATE_RESULT_HEADER=Multi-Update {0} Operation Result:
INFO_RESULT_UTILS_PASSWORD_MODIFY_RESULT_GENERATED_PW=Password Modify \
Extended Result Generated Password: {0}
INFO_RESULT_UTILS_NOTICE_OF_DISCONNECTION_HEADER=Notice of Disconnection \
Unsolicited Notification
INFO_RESULT_UTILS_ABORTED_TXN_HEADER=Aborted Transaction Unsolicited \
Notification
INFO_RESULT_UTILS_TXN_ID_HEADER=Transaction ID: {0}
INFO_RESULT_UTILS_UNSOLICITED_NOTIFICATION_HEADER=Unsolicited Notification
INFO_RESULT_UTILS_RESPONSE_EXTOP_OID=Extended Result OID: {0}
INFO_RESULT_UTILS_RESPONSE_EXTOP_RAW_VALUE_HEADER=Extended Result Raw Value:
INFO_RESULT_UTILS_GENERIC_RESPONSE_CONTROL_HEADER=Response Control:
INFO_RESULT_UTILS_RESPONSE_CONTROL_OID=OID: {0}
INFO_RESULT_UTILS_RESPONSE_CONTROL_IS_CRITICAL=Is Critical: {0}
INFO_RESULT_UTILS_RESPONSE_CONTROL_RAW_VALUE_HEADER=Raw Value:
INFO_RESULT_UTILS_AUTHZ_ID_RESPONSE_HEADER=Authorization Identity Response \
Control:
INFO_RESULT_UTILS_AUTHZ_ID_RESPONSE_ID=Authorization ID: {0}
INFO_RESULT_UTILS_CONTENT_SYNC_DONE_RESPONSE_HEADER=Content Synchronization \
Done Response Control:
INFO_RESULT_UTILS_CONTENT_SYNC_DONE_REFRESH_DELETES=Refresh Deletes: {0}
INFO_RESULT_UTILS_CONTENT_SYNC_DONE_COOKIE_HEADER=Cookie Data:
INFO_RESULT_UTILS_CONTENT_SYNC_STATE_RESPONSE_HEADER=Content Synchronization \
State Response Control:
INFO_RESULT_UTILS_CONTENT_SYNC_STATE_ENTRY_UUID=Entry UUID: {0}
INFO_RESULT_UTILS_CONTENT_SYNC_STATE_NAME=Synchronization State: {0}
INFO_RESULT_UTILS_CONTENT_SYNC_STATE_COOKIE_HEADER=Cookie Data:
INFO_RESULT_UTILS_ECN_HEADER=Entry Change Notification Control:
INFO_RESULT_UTILS_ECN_CHANGE_TYPE=Change Type: {0}
INFO_RESULT_UTILS_ECN_CHANGE_NUMBER=Change Number: {0,number,0}
INFO_RESULT_UTILS_ECN_PREVIOUS_DN=Previous DN: {0}
INFO_RESULT_UTILS_PASSWORD_EXPIRED_HEADER=Password Expired Response Control:
INFO_RESULT_UTILS_PASSWORD_EXPIRING_HEADER=Password Expiring Response Control:
INFO_RESULT_UTILS_PASSWORD_EXPIRING_SECONDS_UNTIL_EXPIRATION=Seconds Until \
Expiration: {0,number,0}
INFO_RESULT_UTILS_POST_READ_HEADER=Post-Read Response Control:
INFO_RESULT_UTILS_POST_READ_ENTRY_HEADER=Post-Read Entry:
INFO_RESULT_UTILS_PRE_READ_HEADER=Pre-Read Response Control:
INFO_RESULT_UTILS_PRE_READ_ENTRY_HEADER=Pre-Read Entry:
INFO_RESULT_UTILS_SORT_HEADER=Server-Side Sort Response Control:
INFO_RESULT_UTILS_SORT_RESULT_CODE=Result Code: {0}
INFO_RESULT_UTILS_SORT_ATTRIBUTE_NAME=Attribute Name: {0}
INFO_RESULT_UTILS_PAGED_RESULTS_HEADER=Simple Paged Results Response Control:
INFO_RESULT_UTILS_PAGED_RESULTS_COUNT=Estimated Total Result Set Size: \
{0,number,0}
INFO_RESULT_UTILS_PAGED_RESULTS_COOKIE_HEADER=Cookie Data:
INFO_RESULT_UTILS_VLV_HEADER=Virtual List View Response Control:
INFO_RESULT_UTILS_VLV_RESULT_CODE=Result Code: {0}
INFO_RESULT_UTILS_VLV_CONTENT_COUNT=Estimated Content Count: {0,number,0}
INFO_RESULT_UTILS_VLV_TARGET_POSITION=Target Position: {0,number,0}
INFO_RESULT_UTILS_VLV_CONTEXT_ID_HEADER=Context ID:
INFO_RESULT_UTILS_ACCOUNT_USABLE_HEADER=Account Usable Response Control:
INFO_RESULT_UTILS_ACCOUNT_USABLE_IS_USABLE=Account Is Usable: {0}
INFO_RESULT_UTILS_ACCOUNT_USABLE_UNUSABLE_REASONS_HEADER=Unusable Reasons:
INFO_RESULT_UTILS_ACCOUNT_USABLE_PW_EXPIRED=Password Is Expired: {0}
INFO_RESULT_UTILS_ACCOUNT_USABLE_MUST_CHANGE_PW=Must Change Password: {0}
INFO_RESULT_UTILS_ACCOUNT_USABLE_IS_INACTIVE=Account Is Inactive: {0}
INFO_RESULT_UTILS_ACCOUNT_USABLE_REMAINING_GRACE=Remaining Grace Logins: \
{0,number,0}
INFO_RESULT_UTILS_ACCOUNT_USABLE_SECONDS_UNTIL_EXPIRATION=Seconds Until \
Password Expiration: {0,number,0}
INFO_RESULT_UTILS_ACCOUNT_USABLE_SECONDS_UNTIL_UNLOCK=Seconds Until Account \
Unlock: {0,number,0}
INFO_RESULT_UTILS_ASSURED_REPL_HEADER=Assured Replication Response Control:
INFO_RESULT_UTILS_ASSURED_REPL_CSN=Change Sequence Number: {0}
INFO_RESULT_UTILS_ASSURED_REPL_LOCAL_LEVEL=Local Assurance Level: {0}
INFO_RESULT_UTILS_ASSURED_REPL_LOCAL_SATISFIED=Local Assurance Satisfied: {0}
INFO_RESULT_UTILS_ASSURED_REPL_LOCAL_MESSAGE=Local Assurance Message: {0}
INFO_RESULT_UTILS_ASSURED_REPL_REMOTE_LEVEL=Remote Assurance Level: {0}
INFO_RESULT_UTILS_ASSURED_REPL_REMOTE_SATISFIED=Remote Assurance Satisfied: \
{0}
INFO_RESULT_UTILS_ASSURED_REPL_REMOTE_MESSAGE=Remote Assurance Message: {0}
INFO_RESULT_UTILS_ASSURED_REPL_SERVER_RESULT_HEADER=Server Result:
INFO_RESULT_UTILS_ASSURED_REPL_SERVER_RESULT_CODE=Server Result Code: {0}
INFO_RESULT_UTILS_ASSURED_REPL_SERVER_RESULT_REPL_SERVER_ID=Replication \
Server ID: {0,number,0}
INFO_RESULT_UTILS_ASSURED_REPL_SERVER_RESULT_REPL_ID=Replica ID: {0,number,0}
INFO_RESULT_UTILS_GENERATE_ACCESS_TOKEN_HEADER=Generate Access Token Response \
Control:
INFO_RESULT_UTILS_GENERATE_ACCESS_TOKEN_STRING=Access Token: {0}
INFO_RESULT_UTILS_GENERATE_ACCESS_TOKEN_EXP_TIME=Token Expiration Time: {0}
INFO_RESULT_UTILS_GENERATE_PW_HEADER=Generate Password Response Control:
INFO_RESULT_UTILS_GENERATE_PW_PASSWORD=Generated Password: {0}
INFO_RESULT_UTILS_GENERATE_PW_MUST_CHANGE=Must Change Password: {0}
INFO_RESULT_UTILS_GENERATE_PW_SECONDS_UNTIL_EXPIRATION=Seconds Until \
Expiration: {0,number,0}
INFO_RESULT_UTILS_GET_AUTHZ_ENTRY_HEADER=Get Authorization Entry Response \
Control:
INFO_RESULT_UTILS_GET_AUTHZ_ENTRY_IS_AUTHENTICATED=Is Authenticated: {0}
INFO_RESULT_UTILS_GET_AUTHZ_ENTRY_IDS_MATCH=Authentication and Authorization \
Identities Match: {0}
INFO_RESULT_UTILS_GET_AUTHZ_ENTRY_AUTHN_ID=Authentication Identity ID: {0}
INFO_RESULT_UTILS_GET_AUTHZ_ENTRY_AUTHN_ENTRY_HEADER=Authentication Identity \
Entry:
INFO_RESULT_UTILS_GET_AUTHZ_ENTRY_AUTHZ_ID=Authorization Identity ID: {0}
INFO_RESULT_UTILS_GET_AUTHZ_ENTRY_AUTHZ_ENTRY_HEADER=Authorization Identity \
Entry:
INFO_RESULT_UTILS_GET_BACKEND_SET_ID_HEADER=Get Backend Set ID Response \
Control:
INFO_RESULT_UTILS_GET_BACKEND_SET_ID_EB_RP_ID=Entry-Balancing Request \
Processor ID: {0}
INFO_RESULT_UTILS_GET_BACKEND_SET_ID=Backend Set ID: {0}
INFO_RESULT_UTILS_GET_PW_STATE_ISSUES_HEADER=Get Password Policy State Issues \
Response Control:
INFO_RESULT_UTILS_GET_PW_STATE_ISSUES_FAILURE_REASON_HEADER=Authentication \
Failure Reason:
INFO_RESULT_UTILS_GET_PW_STATE_ISSUES_FAILURE_TYPE=Failure Type: {0}
INFO_RESULT_UTILS_GET_PW_STATE_ISSUES_FAILURE_MESSAGE=Failure Message: {0}
INFO_RESULT_UTILS_GET_PW_STATE_ISSUES_ERROR_HEADER=Account Usability Error:
INFO_RESULT_UTILS_GET_PW_STATE_ISSUES_ERROR_NAME=Error Name: {0}
INFO_RESULT_UTILS_GET_PW_STATE_ISSUES_ERROR_MESSAGE=Error Message: {0}
INFO_RESULT_UTILS_GET_PW_STATE_ISSUES_WARNING_HEADER=Account Usability Warning:
INFO_RESULT_UTILS_GET_PW_STATE_ISSUES_WARNING_NAME=Warning Name: {0}
INFO_RESULT_UTILS_GET_PW_STATE_ISSUES_WARNING_MESSAGE=Warning Message: {0}
INFO_RESULT_UTILS_GET_PW_STATE_ISSUES_NOTICE_HEADER=Account Usability Notice:
INFO_RESULT_UTILS_GET_PW_STATE_ISSUES_NOTICE_NAME=Notice Name: {0}
INFO_RESULT_UTILS_GET_PW_STATE_ISSUES_NOTICE_MESSAGE=Notice Message: {0}
INFO_RESULT_UTILS_GET_RECENT_LOGIN_HISTORY_HEADER=Get Recent Login History \
Response Control:
INFO_RESULT_UTILS_GET_RECENT_LOGIN_HISTORY_NO_SUCCESSES=No Successful Attempts
INFO_RESULT_UTILS_GET_RECENT_LOGIN_HISTORY_SUCCESS_HEADER=Successful Attempt:
INFO_RESULT_UTILS_GET_RECENT_LOGIN_HISTORY_TIMESTAMP=Timestamp: {0}
INFO_RESULT_UTILS_GET_RECENT_LOGIN_HISTORY_AUTH_METHOD=Authentication \
Method: {0}
INFO_RESULT_UTILS_GET_RECENT_LOGIN_HISTORY_CLIENT_IP=Client IP Address: {0}
INFO_RESULT_UTILS_GET_RECENT_LOGIN_HISTORY_ADDITIONAL_COUNT=Additional \
Attempt Count: {0,number,0}
INFO_RESULT_UTILS_GET_RECENT_LOGIN_HISTORY_NO_FAILURES=No Failed Attempts
INFO_RESULT_UTILS_GET_RECENT_LOGIN_HISTORY_FAILURE_HEADER=Failed Attempt:
INFO_RESULT_UTILS_GET_RECENT_LOGIN_HISTORY_FAILURE_REASON=Failure Reason: {0}
INFO_RESULT_UTILS_GET_SERVER_ID_HEADER=Get Server ID Response Control:
INFO_RESULT_UTILS_GET_SERVER_ID=Server ID: {0}
INFO_RESULT_UTILS_GET_USER_RLIM_HEADER=Get User Resource Limits Response \
Control:
INFO_RESULT_UTILS_GET_USER_RLIM_VALUE_UNLIMITED=Unlimited
INFO_RESULT_UTILS_GET_USER_RLIM_UNIT_SECONDS=seconds
INFO_RESULT_UTILS_GET_USER_RLIM_SIZE_LIMIT=Size Limit: {0}
INFO_RESULT_UTILS_GET_USER_RLIM_TIME_LIMIT=Time Limit: {0}
INFO_RESULT_UTILS_GET_USER_RLIM_IDLE_TIME_LIMIT=Idle Time Limit: {0}
INFO_RESULT_UTILS_GET_USER_RLIM_LOOKTHROUGH_LIMIT=Lookthrough Limit: {0}
INFO_RESULT_UTILS_GET_USER_RLIM_EQUIVALENT_AUTHZ_USER_DN=Equivalent \
Authorization User DN: {0}
INFO_RESULT_UTILS_GET_USER_RLIM_CCP_NAME=Client Connection Policy Name: {0}
INFO_RESULT_UTILS_GET_USER_RLIM_GROUP_DNS_HEADER=Group DNs:
INFO_RESULT_UTILS_GET_USER_RLIM_PRIVILEGES_HEADER=Privileges:
INFO_RESULT_UTILS_GET_USER_RLIM_OTHER_ATTRIBUTES_HEADER=Other Attributes:
INFO_RESULT_UTILS_INTERMEDIATE_CLIENT_HEADER=Intermediate Client Response \
Control:
INFO_RESULT_UTILS_INTERMEDIATE_CLIENT_UPSTREAM_ADDRESS=Upstream Server \
Address: {0}
INFO_RESULT_UTILS_INTERMEDIATE_CLIENT_UPSTREAM_SECURE=Upstream Server \
Secure: {0}
INFO_RESULT_UTILS_INTERMEDIATE_CLIENT_SERVER_NAME=Server Name: {0}
INFO_RESULT_UTILS_INTERMEDIATE_CLIENT_SESSION_ID=Server Session ID: {0}
INFO_RESULT_UTILS_INTERMEDIATE_CLIENT_RESPONSE_ID=Server Response ID: {0}
INFO_RESULT_UTILS_INTERMEDIATE_CLIENT_UPSTREAM_RESPONSE_HEADER=Upstream \
Response:
INFO_RESULT_UTILS_JOIN_HEADER=Join Result Control:
INFO_RESULT_UTILS_JOIN_RESULT_CODE=Join Result Code: {0}
INFO_RESULT_UTILS_JOIN_DIAGNOSTIC_MESSAGE=Join Diagnostic Message: {0}
INFO_RESULT_UTILS_JOIN_MATCHED_DN=Join Matched DN: {0}
INFO_RESULT_UTILS_JOIN_REFERRAL_URL=Join Referral URL: {0}
INFO_RESULT_UTILS_JOINED_WITH_ENTRY_HEADER=Joined With Entry:
INFO_RESULT_UTILS_JSON_FORMATTED_HEADER=JSON-Formatted Response Control:
INFO_RESULT_UTILS_JSON_FORMATTED_EMBEDDED_CONTROL_HEADER=Embedded Control JSON:
INFO_RESULT_UTILS_MATCHING_ENTRY_COUNT_HEADER=Matching Entry Count Response \
Control:
INFO_RESULT_UTILS_MATCHING_ENTRY_COUNT_TYPE_EXAMINED=Count Type: Examined
INFO_RESULT_UTILS_MATCHING_ENTRY_COUNT_TYPE_UNEXAMINED=Count Type: Unexamined
INFO_RESULT_UTILS_MATCHING_ENTRY_COUNT_TYPE_UPPER_BOUND=Count Type: Upper \
Bound
INFO_RESULT_UTILS_MATCHING_ENTRY_COUNT_TYPE_UNKNOWN=Count Type: Unknown
INFO_RESULT_UTILS_MATCHING_ENTRY_COUNT_VALUE=Count Value: {0,number,0}
INFO_RESULT_UTILS_MATCHING_ENTRY_COUNT_INDEXED=Search Is Indexed: {0}
INFO_RESULT_UTILS_MATCHING_ENTRY_COUNT_SHORT_CIRCUITED=Short Circuited: {0}
INFO_RESULT_UTILS_MATCHING_ENTRY_COUNT_FULLY_INDEXED=Fully Indexed: {0}
INFO_RESULT_UTILS_MATCHING_ENTRY_COUNT_CANDIDATES_IN_SCOPE=Candidates Are in \
Scope: {0}
INFO_RESULT_UTILS_MATCHING_ENTRY_COUNT_REMAINING_FILTER=Remaining Filter: {0}
INFO_RESULT_UTILS_MATCHING_ENTRY_COUNT_DEBUG_HEADER=Debug Info:
INFO_RESULT_UTILS_PW_POLICY_HEADER=Password Policy Response Control:
INFO_RESULT_UTILS_PW_POLICY_ERROR_TYPE=Error Type: {0}
INFO_RESULT_UTILS_PW_POLICY_ERROR_TYPE_NONE=Error Type: None
INFO_RESULT_UTILS_PW_POLICY_WARNING_TYPE=Warning Type: {0}
INFO_RESULT_UTILS_PW_POLICY_WARNING_TYPE_NONE=Warning Type: None
INFO_RESULT_UTILS_PW_POLICY_WARNING_VALUE=Warning Value: {0,number,0}
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_HEADER=Password Validation Details \
Response Control:
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_RESULT_TYPE_RESULT=Result Type: \
Validation Result
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_RESULT_TYPE_NO_PW=Result Type: No \
Password Provided
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_RESULT_TYPE_MULTIPLE_PW=Result \
Type: Multiple Passwords Provided
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_RESULT_TYPE_NO_VALIDATION=Result \
Type: No Validation Attempted
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_RESULT_TYPE_DEFAULT=Result Type: {0}
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_MISSING_CURRENT=Missing Current \
Password: {0}
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_MUST_CHANGE=Must Change Password: {0}
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_SECONDS_TO_EXP=Seconds Until \
Expiration: {0,number,0}
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_PQR_HEADER=Password Quality \
Requirement Validation Result:
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_PQR_DESC=Password Quality \
Requirement Description: {0}
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_PQR_TYPE=Client-Side Validation \
Type: {0}
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_PQR_PROP=Client-Side Validation \
Property: {0}={1}
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_PQR_SATISFIED=Requirement Satisfied: \
{0}
INFO_RESULT_UTILS_PW_VALIDATION_DETAILS_PQR_INFO=Additional Validation Info: \
{0}
INFO_RESULT_UTILS_SOFT_DELETE_HEADER=Soft Delete Response Control:
INFO_RESULT_UTILS_SOFT_DELETED_DN=Soft-Deleted Entry DN: {0}
INFO_RESULT_UTILS_TXN_SETTINGS_HEADER=Transaction Settings Response Control:
INFO_RESULT_UTILS_TXN_SETTINGS_NUM_CONFLICTS=Number of Lock Conflicts: \
{0,number,0}
INFO_RESULT_UTILS_TXN_SETTINGS_BACKEND_LOCK_ACQUIRED=Backend Lock Acquired: \
{0}
INFO_RESULT_UTILS_UNIQUENESS_HEADER=Uniqueness Response Control:
INFO_RESULT_UTILS_UNIQUENESS_ID=Uniqueness ID: {0}
INFO_RESULT_UTILS_UNIQUENESS_PRE_COMMIT_STATUS=Pre-Commit Validation Status: \
{0}
INFO_RESULT_UTILS_UNIQUENESS_POST_COMMIT_STATUS=Post-Commit Validation \
Status: {0}
INFO_RESULT_UTILS_UNIQUENESS_MESSAGE=Message: {0}
INFO_RESULT_UTILS_UNIQUENESS_STATUS_VALUE_PASSED=Passed
INFO_RESULT_UTILS_UNIQUENESS_STATUS_VALUE_FAILED=Failed
INFO_RESULT_UTILS_UNIQUENESS_STATUS_VALUE_NOT_ATTEMPTED=Not Attempted
INFO_RESULT_UTILS_SEARCH_REFERENCE_HEADER=Search Result Reference:
INFO_REPORT_BIND_RESULT_HEADER=Bind Result:
INFO_LDAPMODIFY_ARG_GROUP_CONTROLS=Control Arguments
INFO_LDAPMODIFY_ARG_GROUP_DATA=Data Arguments
INFO_LDAPMODIFY_ARG_GROUP_OPS=Operation Arguments
INFO_LDAPMODIFY_TOOL_DESCRIPTION=Apply a set of add, delete, modify, and/or \
modify DN operations to a directory server. Supply the changes to apply \
in LDIF format, either from standard input or from a file specified \
with the ''{0}'' argument. Change records must be separated by at least \
one blank line.
INFO_LDAPMODIFY_ARG_DESCRIPTION_ALLOW_UNDELETE=Treat any add operation that \
includes the ''{0}'' attribute as an undelete operation. Undelete requests \
may be used to restore a soft-deleted entry, optionally using a different \
DN than was originally assigned to the entry. The server must be \
configured to allow soft delete operations, and the requester must have the \
soft-delete-read privilege.
INFO_LDAPMODIFY_ARG_DESCRIPTION_ASSURED_REPLICATION=Indicates that all \
operation requests should include the UnboundID-proprietary assured \
replication request control to indicate that the server should delay \
returning a response to the client until a minimum amount of replication \
processing has been performed for the operation. The ''--{0}'', ''--{1}'', \
and ''--{2}'' arguments may be used to configure the settings to use for \
the assured replication control, but the server will automatically \
determine an appropriate value for any argument that is not provided.
INFO_LDAPMODIFY_ARG_DESCRIPTION_AUTHZ_IDENTITY=Indicates that all bind \
requests should include the authorization identity request control as \
defined in RFC 3829. With this control, a successful bind result should \
include the authorization identity assigned to the connection.
INFO_LDAPMODIFY_ARG_DESCRIPTION_GENERATE_ACCESS_TOKEN=Indicates that the bind \
request should include the generate access token request control, which may \
be used to request that the server generate and return an access token that \
can be used to authorize subsequent connections via the OAUTHBEARER SASL \
mechanism.
INFO_LDAPMODIFY_ARG_DESCRIPTION_GENERATE_PASSWORD=Indicates that all add \
requests should include the generate password request control to request \
that the server generate a password for the new account. The generated \
password will be returned in a corresponding response control.
INFO_LDAPMODIFY_ARG_DESCRIPTION_CONTINUE_ON_ERROR=Continue processing changes \
even if an error is encountered. If this is not provided, then processing \
will abort after the first failed operation.
INFO_LDAPMODIFY_ARG_DESCRIPTION_DEFAULT_ADD=Assume that any LDIF change \
record without a changeType represents an add operation. If this is not \
provided, then any change record without a changeType will be considered an \
error.
INFO_LDAPMODIFY_ARG_DESCRIPTION_DRY_RUN=Parse the LDIF representations of the \
changes to apply but don''t actually perform any LDAP communication.
INFO_LDAPMODIFY_ARG_DESCRIPTION_FOLLOW_REFERRALS=Attempt to follow any \
referrals encountered while processing changes. If this is not provided, \
then any referral received will be considered an error.
INFO_LDAPMODIFY_ARG_DESCRIPTION_GET_AUTHZ_ENTRY_ATTR=Indicates that all bind \
requests should include the UnboundID-proprietary get authorization \
entry request control to request that the server return the specified \
attribute (or collection of attributes, in the case of a special identifier \
like ''*'' to indicate all user attributes or ''+'' to indicate all \
operational attributes) from the authenticated user''s entry. This \
argument may be provided multiple times to specify multiple attributes to \
request.
INFO_LDAPMODIFY_ARG_DESCRIPTION_GET_BACKEND_SET_ID=Indicates that all \
add, delete, modify, and modify DN requests should include the \
UnboundID-proprietary get backend set ID request control to request that \
the Directory Proxy Server include a corresponding get backend set ID \
response control in each operation response, indicating the entry-balancing \
backend set in which the write was processed.
INFO_LDAPMODIFY_ARG_DESCRIPTION_GET_RECENT_LOGIN_HISTORY=Indicates that all \
bind requests should include the get recent login history request control \
to request that the server include a corresponding response control with \
information about the user''s recent login history.
INFO_LDAPMODIFY_ARG_DESCRIPTION_GET_SERVER_ID=Indicates that all add, delete \
modify, and modify DN requests should include the UnboundID-proprietary \
get server ID request control to request that server include a \
corresponding get server ID response control in each operation response, \
indicating the server in which the write was processed.
INFO_LDAPMODIFY_ARG_DESCRIPTION_GET_USER_RESOURCE_LIMITS=Indicates that all \
bind requests should include the UnboundID-proprietary get user resource \
limits request control to request that the server return information \
about resource limits (e.g., size limit, time limit, idle time limit, etc.) \
imposed for the user.
INFO_LDAPMODIFY_ARG_DESCRIPTION_HARD_DELETE=Indicates that all delete \
requests should include the UnboundID-proprietary hard delete request \
control, which will permanently delete the target entry even if the \
server would have otherwise performed a soft delete operation to hide the \
entry for a period of time before deleting it.
INFO_LDAPMODIFY_ARG_DESCRIPTION_IGNORE_NO_USER_MOD=Indicates that all add \
and modify requests should include the UnboundID-proprietary ignore \
NO-USER-MODIFICATION request control to permit setting values for certain \
operational attributes not normally permitted to be provided by external \
clients.
INFO_LDAPMODIFY_ARG_DESCRIPTION_LDAP_VERSION=Specifies the LDAP protocol \
version that the tool should use when communicating with the directory \
server. This argument has no effect and is provided only for the purpose \
of compatibility with other ldapmodify tools.
INFO_LDAPMODIFY_ARG_DESCRIPTION_MANAGE_DSA_IT=Indicates that all \
requests should include the manageDsaIT request control to indicate that \
referral entries should be treated as regular entries.
INFO_LDAPMODIFY_ARG_DESCRIPTION_NAME_WITH_ENTRY_UUID=Include the \
UnboundID-proprietary name with entryUUID request control in all add \
requests sent to the server to indicate that the server should use the \
entryUUID operational attribute as the naming attribute for the resulting \
entry instead of the provided RDN.
INFO_LDAPMODIFY_ARG_DESC_NEVER_RETRY=Indicates that the tool should not \
attempt to retry operations that fail in a way that the connection to \
the directory server may be invalid. By default, it will automatically \
try to establish a new connection and retry the failed operation.
INFO_LDAPMODIFY_ARG_DESCRIPTION_NO_OPERATION=Include the LDAP no-operation \
control in all add, delete, modify, and modify DN requests sent to the \
server to indicate that the operation should be validated but no changes \
should actually be applied.
INFO_LDAPMODIFY_ARG_DESCRIPTION_PASSWORD_POLICY=Indicates that all add, bind \
and modify requests should include the password policy request control \
(as defined in draft-behera-ldap-password-policy-10) to request that the \
response include password policy-related information about the target entry.
INFO_LDAPMODIFY_PLACEHOLDER_NAME_EQUALS_VALUE='{'name=value'}'
INFO_LDAPMODIFY_ARG_DESCRIPTION_PW_UPDATE_BEHAVIOR=Specifies that all add and \
modify requests should include the password update behavior request control \
with the specified behavior. Values for this argument must be in the form \
''name=value'', where the property name can be any of the following: \
is-self-change, allow-pre-encoded-password, skip-password-validation, \
ignore-password-history, ignore-minimum-password-age, \
password-storage-scheme, and must-change-password. The value for each \
property should be either ''true'' or ''false'', with the exception of the \
password-storage-scheme property, whose value should be the name of the \
desired password storage scheme. This argument can be provided multiple \
times to specify multiple password update behaviors.
INFO_LDAPMODIFY_ARG_DESCRIPTION_PASSWORD_VALIDATION_DETAILS=Indicates that \
all add and modify requests that target either the ''{0}'' or ''{1}'' \
attribute should include the UnboundID-proprietary password validation \
details request control to indicate that the response should include \
information about the password quality requirements that the server will \
impose for the target user''s password and whether the provided password \
satisfies each of those constraints.
INFO_LDAPMODIFY_ARG_DESCRIPTION_PERMISSIVE_MODIFY=Indicates that all modify \
operation requests should include the permissive modify request control, \
which indicates that the server should be more lenient for certain \
types of changes (e.g., trying to add an attribute value that already \
exists, or trying to remove a value that does not exist) that would \
normally cause the modify operation to be rejected.
INFO_LDAPMODIFY_ARG_DESCRIPTION_PURGE_CURRENT_PASSWORD=Indicates that any \
modify operation that targets either the ''{0}'' or ''{1}'' attribute \
should include the UnboundID-proprietary purge current password request \
control. This will indicate that the server should could purge the \
current password from the entry (even if it would have otherwise been \
retired for a brief period of time).
INFO_LDAPMODIFY_ARG_DESCRIPTION_REPLICATION_REPAIR=Indicates that all \
operation requests should include the UnboundID-proprietary replication \
repair request control. This will cause the change to be applied only to \
the target directory server instance but not to any other server in the \
replication topology.
INFO_LDAPMODIFY_ARG_DESCRIPTION_RETIRE_CURRENT_PASSWORD=Indicates that any \
modify operation that targets either the ''{0}'' or ''{1}'' attribute \
should include the UnboundID-proprietary retire current password \
request control. This will indicate that the server should continue to \
allow the user to authenticate with their current password (in addition to \
the new password) for a brief period of time.
INFO_LDAPMODIFY_ARG_DESCRIPTION_RETRY_FAILED_OPERATIONS=Indicates that, if an \
operation fails in a way that indicates the connection to the server may no \
longer be valid, the tool should automatically create a new connection and \
re-try the operation before reporting it as a failure.
INFO_LDAPMODIFY_ARG_PLACEHOLDER_ROUTE_TO_BACKEND_SET=\
'{'entry-balancing-processor-id:backend-set-id'}'
INFO_LDAPMODIFY_ARG_DESCRIPTION_ROUTE_TO_BACKEND_SET=Specifies the ID of an \
entry-balancing backend set to which the Directory Proxy Server should \
send all of the add, delete, modify, and modify DN requests. The value \
should be formatted as the entry-balancing request processor ID followed by \
a colon and the desired backend set ID for that entry-balancing request \
processor. This argument can be provided multiple times to specify \
multiple backend set IDs for the same or different entry-balancing request \
processors. The request control will be configured to use absolute routing \
rather than a routing hint.
INFO_LDAPMODIFY_ARG_PLACEHOLDER_ROUTE_TO_SERVER='{'id'}'
INFO_LDAPMODIFY_ARG_DESCRIPTION_ROUTE_TO_SERVER=Specifies the ID of the \
backend server to which the Directory Proxy Server should send all add, \
delete, modify, and modify DN requests.
INFO_LDAPMODIFY_ARG_DESCRIPTION_SCRIPT_FRIENDLY=Indicates that the tool \
should operate in script-friendly mode. This argument has no effect and is \
provided only for the purpose of compatibility with other ldapmodify tools.
INFO_LDAPMODIFY_ARG_DESCRIPTION_SOFT_DELETE=Indicates that all delete \
requests should include the UnboundID-proprietary soft delete request \
control, which indicates that the server should hide the entry for a \
period of time before deleting it so that it may be restored with an \
undelete operation if the delete should be reverted.
INFO_LDAPMODIFY_ARG_DESCRIPTION_STRIP_TRAILING_SPACES=Indicates that the tool \
should strip any illegal trailing spaces from LDIF records before \
attempting to process them. If this is not provided, then any LDIF record \
with one or more illegal trailing spaces will be considered an error.
INFO_LDAPMODIFY_ARG_DESCRIPTION_CLIENT_SIDE_SUBTREE_DELETE=Indicates that all \
delete requests should be processed as client-side subtree deletes by \
searching for all entries below the target entry and then deleting them.
INFO_LDAPMODIFY_ARG_DESCRIPTION_SERVER_SIDE_SUBTREE_DELETE=Indicates that all \
delete requests should be processed as server-side subtree deletes using \
the subtree delete request control.
INFO_LDAPMODIFY_ARG_DESCRIPTION_SUPPRESS_REFERINT_UPDATES=Indicates that the \
tool should include the UnboundID-proprietary suppress referential \
integrity updates request control in all delete and modify DN operations \
to indicate that the server should not perform any referential integrity \
processing for those operations.
INFO_LDAPMODIFY_ARG_DESCRIPTION_USE_ADMIN_SESSION=Indicates that the tool \
should attempt to use an administrative session to process all operations \
using a dedicated pool of worker threads. This may be useful when trying \
to diagnose problems in a server that is unresponsive because all normal \
worker threads are busy processing other requests.
INFO_LDAPMODIFY_ARG_DESCRIPTION_USE_TRANSACTION=Indicates that the server \
should create a transaction to process all operations as a single atomic \
unit. This should generally only be used with a relatively small number of \
changes, and it is recommended that the changes be supplied in an LDIF file \
rather than via standard input.
INFO_LDAPMODIFY_ARG_DESCRIPTION_ASSURED_REPL_TIMEOUT=Specifies the timeout to \
use for assured replication processing. This should only be used if the \
''{0}'' argument is also provided. If assured replication is to be used \
but this argument is not provided, then the server will automatically \
determine the timeout to use.
INFO_LDAPMODIFY_ARG_DESCRIPTION_UNIQUE_ATTR=Indicates that all add, modify, \
and modify DN requests should include a uniqueness request control that \
indicates that the server should attempt to prevent the requested operation \
from introducing a conflict with the same value in an existing entry. This \
may be provided multiple times to specify multiple unique attribute types, \
and in that case the ''--uniquenessMultipleAttributeBehavior'' argument may \
be used to specify the behavior to exhibit for conflicts across those \
attribute types.
INFO_LDAPMODIFY_ARG_DESCRIPTION_UNIQUE_FILTER=Indicates that all add, modify \
and modify DN requests should include a uniqueness request control that \
indicates that the server should attempt to prevent the requested \
operation from introducing a conflict with other entries matching the \
provided filter. If the ''--uniquenessAttribute'' argument is provided, \
then this filter will be used to narrow the set of potentially conflicting \
entries to only those that also match this filter. If the \
''--uniquenessAttribute'' argument is not provided, then the server will \
consider it a conflict if any other entry matches the provided filter.
INFO_LDAPMODIFY_ARG_DESCRIPTION_UNIQUE_BASE_DN=Specifies the base DN that \
should be included in the uniqueness request control. This can only be \
used if at least one of the ''--uniquenessAttribute'' or \
''--uniquenessFilter'' arguments is provided. If this is not given, the \
server will look for uniqueness conflicts within all public naming contexts.
INFO_LDAPMODIFY_PLACEHOLDER_BEHAVIOR='{'behavior'}'
INFO_LDAPMODIFY_ARG_DESCRIPTION_UNIQUE_MULTIPLE_ATTRIBUTE_BEHAVIOR=Specifies \
the behavior that the server should exhibit if the multiple unique \
attribute types are configured. This can only be used if the \
''--uniquenessAttribute'' argument is provided. Allowed values for this \
argument are ''unique-within-each-attribute'' (to indicate that each \
attribute should be considered separately), \
''unique-across-all-attributes-including-in-same-entry'' (to indicate that \
the value of one unique attribute cannot also be present in the value of \
any other unique attributes, even if the conflicting values are in the same \
entry), ''unique-across-all-attributes-except-in-same-entry'' (to indicate \
that the value of one unique attribute cannot also be present in the value \
of any other unique attribute, although the same entry will be permitted to \
have the same value in multiple attributes), or ''unique-in-combination'' \
(to indicate that no other entry will be permitted to have the same \
combination of unique attribute values). If this is not specified, then a \
default of ''unique-within-each-attribute'' will be used.
INFO_LDAPMODIFY_PLACEHOLDER_LEVEL='{'level'}'
INFO_LDAPMODIFY_ARG_DESCRIPTION_UNIQUE_PRE_COMMIT_LEVEL=Specifies the \
level of pre-commit validation that should be used for the uniqueness \
request control. This can only be used if at least one of the \
''--uniquenessAttribute'' or ''--uniquenessFilter'' arguments is \
provided. Allowed values for this argument are ''none'' (to indicate that \
no pre-commit validation should be performed), ''all-subtree-views'' (to \
indicate that a minimum of one pre-commit check should be performed in each \
applicable subtree view), ''all-backend-sets'' (to indicate that a minimum \
of one pre-commit check should be performed in each entry-balancing backend \
set), and ''all-available-backend-servers'' (to indicate that the \
pre-commit check should be made in all backend servers available through \
the Directory Proxy Server). If this is not specified, then a default of \
''all-subtree-views'' will be used.
INFO_LDAPMODIFY_ARG_DESCRIPTION_UNIQUE_POST_COMMIT_LEVEL=Specifies the \
level of post-commit validation that should be used for the uniqueness \
request control. This can only be used if at least one of the \
''--uniquenessAttribute'' or ''--uniquenessFilter'' arguments is provided. \
Allowed values for this argument are ''none'' (to indicate that no \
post-commit validation should be performed), ''all-subtree-views'' (to \
indicate that a minimum of one post-commit check should be performed in \
each applicable subtree view), ''all-backend-sets'' (to indicate that a \
minimum of one post-commit check should be performed in each \
entry-balancing backend set), and ''all-available-backend-servers'' (to \
indicate that the post-commit check should be made in all backend servers \
available through the Directory Proxy Server). If this is not specified, \
then a default of ''all-subtree-views'' will be used.
INFO_LDAPMODIFY_ARG_DESCRIPTION_ADD_CONTROL=Specifies a control that should \
be included in all add requests sent to the server.
INFO_LDAPMODIFY_ARG_DESCRIPTION_BIND_CONTROL=Specifies a control that should \
be included in all bind requests used to authenticate to the server.
INFO_LDAPMODIFY_ARG_DESCRIPTION_DELETE_CONTROL=Specifies a control that \
should be included in all delete requests sent to the server.
INFO_LDAPMODIFY_ARG_DESCRIPTION_MODIFY_CONTROL=Specifies a control that \
should be included in all modify requests sent to the server.
INFO_LDAPMODIFY_ARG_DESCRIPTION_MODIFY_DN_CONTROL=Specifies a control that \
should be included in all modify DN requests sent to the server.
INFO_LDAPMODIFY_ARG_DESCRIPTION_OP_CONTROL=Specifies a control that should be \
included in all add, delete, modify, and modify DN requests sent to the \
server.
INFO_LDAPMODIFY_ARG_DESCRIPTION_LDIF_FILE=The path to the LDIF file \
containing the changes to process. If this is not provided, then the \
changes will be read from standard input. If this argument is provided \
multiple times to supply multiple LDIF files, then they will be processed \
in the order they were provided on the command line.
INFO_LDAPMODIFY_ARG_DESCRIPTION_ENCRYPTION_PW_FILE=The path to a file that \
contains the passphrase used to generate the key used to encrypt the LDIF \
data. If the data is encrypted and this argument is not provided, then the \
tool will interactively prompt for the correct password.
INFO_LDAPMODIFY_PLACEHOLDER_CHARSET='{'charset'}'
INFO_LDAPMODIFY_ARG_DESCRIPTION_CHARACTER_SET=The character set for the \
LDIF data to be read. If this argument is not provided, a default encoding \
of UTF-8 will be used.
INFO_LDAPMODIFY_ARG_DESCRIPTION_REJECT_FILE=The path to a file to which \
the tool should write information about any rejected changes.
INFO_LDAPMODIFY_ARG_DESCRIPTION_VERBOSE=Provide verbose output for \
operations processed.
INFO_LDAPMODIFY_ARG_DESCRIPTION_ASSERTION_FILTER=A filter that will be used \
in conjunction with the LDAP assertion request control (as described in RFC \
4528) to indicate that the server should only apply changes to entries that \
match this filter.
INFO_LDAPMODIFY_ARG_DESCRIPTION_MODIFY_ENTRIES_MATCHING_FILTER=Indicates that \
the changes read from standard input or the specified LDIF file should be \
applied to all entries that match the specified filter. Only modify \
operations will be processed when this argument is provided, and the DN of \
the modify change record will be used as the base DN for the search used to \
identify the entries to modify. If the filter may match a large number of \
entries, then it is strongly recommended that the {0} argument be provided \
to process the search in batches. This argument may be provided multiple \
times to specify multiple filters to use to search for entries to modify.
INFO_LDAPMODIFY_ARG_DESCRIPTION_MODIFY_FILTER_FILE=Indicates that the changes \
read from standard input or the specified LDIF file should be applied to \
all entries that match a filter read from the specified file. Only modify \
operations will be processed when this argument is provided, and the DN of \
the modify change record will be used as the base DN for the search used to \
identify the entries to modify. If any of the filters may match a large \
number of entries, then it is strongly recommended that the {0} argument be \
provided to process the search in batches. This argument may be provided \
multiple times to specify multiple filter files to use to search for \
entries to modify.
INFO_LDAPMODIFY_ARG_DESCRIPTION_MODIFY_ENTRY_DN=Indicates that the changes \
read from standard input or the specified LDIF file should be applied to \
the entry with the specified DN rather than the DN contained in the change \
record. Only modify operations will be processed when this argument is \
provided, and it may be provided multiple times to specify the DNs of \
multiple entries to modify.
INFO_LDAPMODIFY_ARG_DESCRIPTION_MODIFY_DN_FILE=Indicates that the changes \
read from standard input or the specified LDIF file should be applied to \
the entries whose DNs are contained in the specified file rather than the \
DN contained in the change record. Only modify operations will be \
processed when this argument is provided, and it may be provided multiple \
times to specify multiple DN files.
INFO_LDAPMODIFY_ARG_DESCRIPTION_SEARCH_PAGE_SIZE=Specifies the page size to \
use in conjunction with the simple paged results control when searching \
for entries to modify based on the filter provided in the {0} or {1} \
argument. If this argument is not provided, then the simple paged results \
control will not be used.
INFO_LDAPMODIFY_ARG_DESCRIPTION_RATE_PER_SECOND=Specifies a maximum operation \
rate that the tool should be permitted to achieve.
INFO_LDAPMODIFY_ARG_DESCRIPTION_ASSURED_REPL_LOCAL_LEVEL=Specifies the local \
assurance level to use for the assured replication request control. This \
should only be used if the ''{0}'' argument is provided. The value \
should be one of ''none'', ''received-any-server'', or \
''processed-all-servers''. If assured replication is to be used but this \
argument is not provided, then the server will automatically determine the \
local assurance level to use.
INFO_LDAPMODIFY_ARG_DESCRIPTION_ASSURED_REPL_REMOTE_LEVEL=Specifies the \
remote assurance level to use for the assured replication request control. \
This should only be used if the ''{0}'' argument is provided. The value \
should be one of ''none'', ''received-any-remote-location'', \
''received-all-remote-locations'', or ''processed-all-remote-servers''. If \
assured replication is to be used but this argument is not provided, then \
the server will automatically determine the remote assurance level to use.
INFO_LDAPMODIFY_ARG_PLACEHOLDER_NAME_VALUE='{'name:value'}'
INFO_LDAMODIFY_ARG_DESCRIPTION_ACCESS_LOG_FIELD=Indicates that all update \
requests should include an access log field request control to indicate \
that the server should include a custom field with the specified name and \
value. The field name must contain only ASCII letters, digits, dashes, and \
underscores. The field name must be followed by a colon and the field \
value for that field. This argument may be provided multiple times to \
request multiple access log fields.
INFO_LDAPMODIFY_ARG_DESCRIPTION_OPERATION_PURPOSE=Indicates that all \
operations should include the UnboundID-proprietary operation purpose \
request control to provide the specified reason for the operation.
INFO_LDAPMODIFY_ARG_DESCRIPTION_MULTI_UPDATE_ERROR_BEHAVIOR=Indicates that \
all add, delete, modify, and modify DN requests should be sent to the \
server in a single multi-update request with the specified error behavior. \
The value for this argument must be one of ''atomic'' (to indicate that all \
updates should be processed atomically so that they will either all \
succeed or all fail), ''abort-on-error'' (to indicate that the server \
should only process changes until the first error is encountered and ignore \
any remaining changes after that error), or ''continue-on-error'' (to \
indicate that the server should continue attempting to process changes, \
even after one of them has resulted in a failure).
INFO_LDAPMODIFY_ARG_DESCRIPTION_POST_READ_ATTRIBUTE=Indicates that all \
add, modify, and modify DN requests should include the post-read control \
(as described in RFC 4527) to retrieve the value(s) of the specified \
attribute as they appear immediately after the operation has been processed.
INFO_LDAPMODIFY_ARG_DESCRIPTION_PRE_READ_ATTRIBUTE=Indicates that all delete, \
modify, and modify DN requests should include the pre-read control (as \
described in RFC 4527) to retrieve the value(s) of the specified attribute \
as they appear immediately before the operation has been processed.
INFO_LDAPMODIFY_ARG_DESCRIPTION_PROXY_AS=Indicates that all requests should \
include the proxied authorization request control (as described in RFC \
4370) to process the operation under an alternate authorization identity. \
The authorization ID should generally be specified in the form ''dn:'' \
followed by the target user''s DN, or ''u:'' followed by the username.
INFO_LDAPMODIFY_ARG_DESCRIPTION_PROXY_V1_AS=Indicates that all requests \
should include the legacy proxied authorization v1 request control (as \
described in draft-weltman-ldapv3-proxy-04) to process the operation \
under an alternate authorization identity, specified as the DN of the \
desired user.
INFO_LDAPMODIFY_ARG_DESCRIPTION_SUPPRESS_OP_ATTR_UPDATES=Indicates that \
all operations should include the UnboundID-proprietary suppress \
operational attribute updates request control to indicate that the \
server should not apply any updates to the specified operational \
attributes. The value may be one of ''last-access-time'', \
''last-login-time'', ''last-login-ip'', or ''lastmod''.
ERR_LDAPMODIFY_ROUTE_TO_BACKEND_SET_INVALID_FORMAT=Value ''{0}'' provided for \
argument ''{1}'' is invalid. The value must contain the ID of the \
entry-balancing request processor followed by a colon and the ID of a \
desired backend set to use for that entry-balancing request processor.
ERR_LDAPMODIFY_PROXY_AS_DN_NOT_DN=The value of the {0} argument is not valid \
because ''{1}'' cannot be parsed as a valid LDAP DN.
ERR_LDAPMODIFY_PROXY_AS_VALUE_MISSING_PREFIX=The value of the {0} argument is \
not valid because it does not start with either ''dn:'' (to indicate that \
the following value is an LDAP DN) or ''u:'' (to indicate that the \
following value is a username).
ERR_LDAPMODIFY_CANNOT_CREATE_CONNECTION_POOL=An error occurred while \
attempting to create a connection pool to communicate with the directory \
server: {0}
INFO_LDAPMODIFY_CONNECTION_ESTABLISHED=Successfully connected to {0}.
INFO_LDAPMODIFY_STARTED_TXN=Successfully started a transaction with ID {0}
ERR_LDAPMODIFY_ENCRYPTION_PW_FILE_EMPTY=Encryption passphrase file ''{0}'' \
is empty.
ERR_LDAPMODIFY_ENCRYPTION_PW_FILE_MULTIPLE_LINES=Encryption passphrase file \
''{0}''has multiple lines. The file must contain exactly one line, which \
is comprised entirely of the encryption passphrase.
ERR_LDAPMODIFY_ENCRYPTION_PW_FILE_READ_ERROR=An error occurred while trying \
to read the encryption passphrase from file ''{0}'': {1}
ERR_LDAPMODIFY_CANNOT_START_TXN=An error occurred while trying to start an \
LDAP transaction: {0}
ERR_LDAPMODIFY_CANNOT_CREATE_LDIF_READER=An error occurred while attempting \
to create an LDIF reader to obtain the changes to process: {0}
ERR_LDAPMODIFY_CANNOT_CREATE_REJECT_WRITER=An error occurred while attempting \
to create a reject writer to write rejected changes to file ''{0}'': {1}
ERR_LDAPMODIFY_IO_ERROR_READING_CHANGE=An I/O error occurred while attempting \
to read an LDIF change record: {0}. It is not possible to continue \
processing changes.
ERR_LDAPMODIFY_RECOVERABLE_LDIF_ERROR_READING_CHANGE=An invalid LDIF change \
record was encountered while reading changes at or near line {0}: {1}. \
That change will be skipped, but the ldapmodify tool will continue trying \
to read additional changes to process.
ERR_LDAPMODIFY_UNRECOVERABLE_LDIF_ERROR_READING_CHANGE=An invalid LDIF change \
record was encountered while reading changes at or near line {0}: {1}. \
That change will be skipped, and the ldapmodify tool cannot continue \
processing changes.
ERR_LDAPMODIFY_INVALID_LINES=The lines that comprise the invalid change \
record are as follows:
ERR_LDAPMODIFY_ERROR_OPENING_FILTER_FILE=An error occurred while attempting \
to open filter file ''{0}'' for reading: {1}
ERR_LDAPMODIFY_IO_ERROR_READING_FILTER_FILE=An I/O error occurred while \
attempting to read from filter file ''{0}'': {1}
ERR_LDAPMODIFY_ERROR_OPENING_DN_FILE=An error occurred while attempting to \
open DN file ''{0}'' for reading: {1}
ERR_LDAPMODIFY_IO_ERROR_READING_DN_FILE=An I/O error occurred while \
attempting to read from filter file ''{0}'': {1}
ERR_LDAPMODIFY_NON_MODIFY_WITH_BULK=Refusing to process a non-modify \
operation when the {0} argument was provided.
ERR_LDAPMODIFY_CANNOT_GET_SEARCH_CONNECTION=Unable to obtain an LDAP \
connection to use to search for entries beneath ''{0}'' that match filter \
''{1}'': {2}
ERR_LDAPMODIFY_SEARCH_FAILED=A search operation used to identify entries \
below ''{0}'' matching filter ''{1}'' returned a non-success result.
ERR_LDAPMODIFY_SEARCH_FAILED_CANNOT_RECONNECT=A search operation used to \
identify entries below ''{0}'' matching filter ''{1}'' returned a \
non-success result indicating that the connection may no longer be valid, \
but it was not possible to obtain a replacement connection to re-try the \
search.
ERR_LDAPMODIFY_CANNOT_DECODE_PAGED_RESULTS_CONTROL=A search operation used to \
identify entries below ''{0}'' matching filter ''{1}'' succeeded, but an \
error occurred while attempting to decode the simple paged results \
response control contained in the search result. Search processing \
cannot continue.
ERR_LDAPMODIFY_MISSING_PAGED_RESULTS_RESPONSE=A search operation used to \
identify entries below ''{0}'' matching filter ''{1}'' succeeded, but the \
search result did not include the expected simple paged results response \
control needed to determine whether there are more entries to be \
processed. Search processing cannot continue.
INFO_LDAPMODIFY_SEARCH_COMPLETED_MORE_PAGES=Completed search processing for \
a page of results for entries below ''{0}'' matching filter ''{1}'', but \
there are still more entries to process. {2,number,0} entries processed \
so far.
INFO_LDAPMODIFY_SEARCH_COMPLETED=Completed search processing for {0,number,0} \
entries below ''{1}'' matching filter ''{2}''.
ERR_LDAPMODIFY_UNSUPPORTED_CHANGE_RECORD_HEADER=Unsupported change record:
INFO_LDAPMODIFY_SENDING_MULTI_UPDATE_REQUEST=Sending the changes to the \
server in a multi-update request ...
INFO_LDAPMODIFY_DRY_RUN_ADD=Would have attempted to add entry {0} if \
argument {1} had not been provided.
INFO_LDAPMODIFY_ADDING_ENTRY=Adding entry {0} ...
INFO_LDAPMODIFY_DRY_RUN_DELETE=Would have attempted to delete entry {0} if \
argument {1} had not been provided.
INFO_LDAPMODIFY_DELETING_ENTRY=Deleting entry {0} ...
INFO_LDAPMODIFY_CLIENT_SIDE_DELETING_SUBTREE=Attempting a client-side \
delete of the subtree with base DN {0} ...
ERR_LDAPMODIFY_CLIENT_SIDE_SUB_DEL_SUCCEEDED_WITH_0_ENTRIES=The client-side \
subtree delete completed successfully, but did not delete any entries, \
presumably because base entry ''{0}'' did not exist.
INFO_LDAPMODIFY_CLIENT_SIDE_SUB_DEL_SUCCEEDED_WITH_1_ENTRY=The client-side \
subtree delete completed successfully, removing base entry ''{0}'', which \
did not have any subordinates.
INFO_LDAPMODIFY_CLIENT_SIDE_SUB_DEL_SUCCEEDED_WITH_ENTRIES=The client-side \
subtree delete completed successfully, removing a total of {0,number,0} \
entries at and below ''{1}''.
ERR_LDAPMODIFY_CLIENT_SIDE_SUB_DEL_SEARCH_ERROR=At least one error occurred \
while searching for entries to delete. The first search error encountered \
was:
ERR_LDAPMODIFY_CLIENT_SIDE_SUB_DEL_ERROR=An error occurred while trying to \
delete entry ''{0}'':
ERR_LDAPMODIFY_CLIENT_SIDE_SUB_DEL_FINAL_ERR_BASE=The client-side subtree \
delete attempt did not complete successfully.
ERR_LDAPMODIFY_CLIENT_SIDE_SUB_DEL_FINAL_SEARCH_ERR=One or more errors \
occurred while searching for entries to delete.
ERR_LDAPMODIFY_CLIENT_SIDE_SUB_DEL_FINAL_DEL_ERR_COUNT_1=One delete error was \
encountered.
ERR_LDAPMODIFY_CLIENT_SIDE_SUB_DEL_FINAL_DEL_ERR_COUNT={0,number,0} delete \
errors were encountered.
ERR_LDAPMODIFY_CLIENT_SIDE_SUB_DEL_FINAL_DEL_COUNT_1=One entry was \
successfully deleted.
ERR_LDAPMODIFY_CLIENT_SIDE_SUB_DEL_FINAL_DEL_COUNT={0,number,0} entries were \
successfully deleted.
INFO_LDAPMODIFY_DRY_RUN_MODIFY=Would have attempted to modify entry {0} if \
argument {1} had not been provided.
INFO_LDAPMODIFY_MODIFYING_ENTRY=Modifying entry {0} ...
INFO_LDAPMODIFY_DRY_RUN_RENAME=Would have attempted to rename entry {0} if \
argument {1} had not been provided.
INFO_LDAPMODIFY_RENAMING_ENTRY=Renaming entry {0} ...
INFO_LDAPMODIFY_DRY_RUN_RENAME_TO=Would have attempted to rename entry {0} to \
{1} if argument {2} had not been provided.
INFO_LDAPMODIFY_RENAMING_ENTRY_TO=Renaming entry {0} to {1} ...
INFO_LDAPMODIFY_DRY_RUN_MOVE=Would have attempted to move entry {0} if \
argument {1} had not been provided.
INFO_LDAPMODIFY_MOVING_ENTRY=Moving entry {0} ...
INFO_LDAPMODIFY_DRY_RUN_MOVE_TO=Would have attempted to move entry {0} to \
{1} if argument {2} had not been provided.
INFO_LDAPMODIFY_MOVING_ENTRY_TO=Moving entry {0} to {1} ...
INFO_LDAPMODIFY_ADD_ADDED_TO_MULTI_UPDATE=Add request for entry {0} added to \
the set of operations to be included in the multi-update request.
INFO_LDAPMODIFY_DELETE_ADDED_TO_MULTI_UPDATE=Delete request for entry {0} \
added to the set of operations to be included in the multi-update request.
INFO_LDAPMODIFY_MODIFY_ADDED_TO_MULTI_UPDATE=Modify request for entry {0} \
added to the set of operations to be included in the multi-update request.
INFO_LDAPMODIFY_MODIFY_DN_ADDED_TO_MULTI_UPDATE=Modify DN request for entry \
{0} added to the set of operations to be included in the multi-update \
request.
INFO_LDAPMODIFY_NO_OP=The operation was accepted by the server but no change \
was applied because the request included the LDAP no-op control.
INFO_LDAPMODIFY_ASSERTION_FAILED=The server refused to process the operation \
because entry ''{0}'' did not match assertion filter ''{1}''.
ERR_LDAPMODIFY_ACCESS_LOG_FIELD_NO_COLON=Unable to parse {0} argument value \
''{1}'' because it does not include a colon to separate the field name from \
the value.
ERR_LDAPMODIFY_ACCESS_LOG_FIELD_DUPLICATE_FIELD=Multiple {0} values provided \
for field ''{1}''. The same field may not be provided multiple times.
ERR_LDAPMODIFY_MALFORMED_PW_UPDATE_BEHAVIOR=Value ''{0}'' provided for \
argument ''{1}'' is invalid. The value should be in the form \
''name=value'', where name is one of ''is-self-change'', \
''allow-pre-encoded-password'', ''skip-password-validation'', \
''ignore-password-history'', ''ignore-minimum-password-age'', \
''password-storage-scheme'', or ''must-change-password''. For all \
property names except ''password-storage-scheme'', the value should be \
either ''true'' or ''false'' (for example, ''is-self-change=true''). For \
the ''password-storage-scheme'' property, the value should be the name of \
the desired password storage scheme (for example, \
''password-storage-scheme=PBKDF2'').
ERR_LDAPMODIFY_UNRECOGNIZED_PW_UPDATE_BEHAVIOR=Unrecognized password update \
behavior ''{0}''. The supported behaviors are: ''is-self-change'', \
''allow-pre-encoded-password'', ''skip-password-validation'', \
''ignore-password-history'', ''ignore-minimum-password-age'', \
''password-storage-scheme'', and ''must-change-password''.
ERR_LDAPMODIFY_INVALID_PW_UPDATE_BOOLEAN_VALUE=Invalid value ''{0}'' \
provided for password update behavior property ''{1}''. The value must \
be either ''true'' or ''false''.
ERR_LDAPMODIFY_UNABLE_TO_WRITE_REJECTED_CHANGE=Unable to write information \
about the rejected change to file ''{0}'': {1}
INFO_LDAPMODIFY_EXAMPLE_1=Read the changes to apply from standard input and \
send them to the target directory server over an unencrypted LDAP \
connection. Any change records that don''t include a changetype will be \
treated as entries to be added.
INFO_LDAPMODIFY_EXAMPLE_2=Read the changes to apply from the specified LDIF \
and apply them to all entries matching filter ''(objectClass=person)'' \
using the simple paged results control to retrieve no more than 100 entries \
at a time. The communication will be encrypted with SSL, and if the first \
server is unavailable, the second server will be tried.
ERR_LDAPMODIFY_SEARCH_LISTENER_REFERRAL=A search result reference was \
returned while attempting to modify entries below ''{0}'' matching \
filter ''{1}''. The referral will not be followed. The reference \
included the following referral URL(s): {2}.
INFO_LDAPSEARCH_ARG_GROUP_CONTROLS=Control Arguments
INFO_LDAPSEARCH_ARG_GROUP_DATA=Data Arguments
INFO_LDAPSEARCH_ARG_GROUP_OPS=Operation Arguments
INFO_LDAPSEARCH_ARG_GROUP_TRANSFORMATIONS=Entry Transformation Arguments
INFO_LDAPSEARCH_TOOL_DESCRIPTION=Process one or more searches in an LDAP \
directory server.
INFO_LDAPSEARCH_ADDITIONAL_DESCRIPTION_PARAGRAPH_1=The criteria for the \
search request can be specified in a number of different ways, including \
providing all of the details directly via command-line arguments, providing \
all of the arguments except the filter via command-line arguments and \
specifying a file that holds the filters to use, or specifying a file that \
includes a set of LDAP URLs with the base DN, scope, filter, and attributes \
to return.
INFO_LDAPSEARCH_ADDITIONAL_DESCRIPTION_PARAGRAPH_2=See the examples below for \
a number of sample command lines for this tool.
INFO_LDAPSEARCH_ARG_PLACEHOLDER_NAME_VALUE='{'name:value'}'
INFO_LDAPSEARCH_ARG_DESCRIPTION_ACCESS_LOG_FIELD=Indicates that all search \
requests should include an access log field request control to indicate \
that the server should include a custom field with the specified name and \
value. The field name must contain only ASCII letters, digits, dashes, and \
underscores. The field name must be followed by a colon and the field \
value for that field. This argument may be provided multiple times to \
request multiple access log fields.
INFO_LDAPSEARCH_ARG_DESCRIPTION_ACCOUNT_USABLE=Indicates that all search \
requests should include the UnboundID-proprietary account usable request \
control to request that each search result entry returned include a \
response control with information about the password policy usability \
state for the entry.
INFO_LDAPSEARCH_ARG_DESCRIPTION_AUTHZ_IDENTITY=Indicates that all bind \
requests should include the authorization identity request control as \
defined in RFC 3829. With this control, a successful bind result should \
include the authorization identity assigned to the connection.
INFO_LDAPSEARCH_ARG_DESCRIPTION_CONTINUE_ON_ERROR=Continue processing \
searches even if an error is encountered. If this is not provided, then \
processing will abort after the first failed search.
INFO_LDAPSEARCH_ARG_DESCRIPTION_COUNT_ENTRIES=Indicates that the tool exit \
code should represent the number of entries returned during search \
processing. If this is not provided, or if an error is encountered while \
processing the search, then the tool exit code will reflect the LDAP result \
code received during search processing (or an appropriate client-side \
result code if a problem was encountered before sending any searches). \
Note that because some operating systems do not allow exit code values \
greater than 255, that will be the maximum exit value for this tool even if \
more than 255 entries are returned. Also note that this argument can only \
be used when processing a single search.
INFO_LDAPSEARCH_ARG_DESCRIPTION_WRAP_COLUMN=The column at which long lines in \
the LDIF representation of an entry should be wrapped. A value of zero \
indicates that no wrapping should be performed. If this is not provided, \
then the wrap column will be based on the width of the terminal used to \
run the tool.
INFO_LDAPSEARCH_ARG_DESCRIPTION_DONT_WRAP=Indicates that no line wrapping \
should be performed when displaying the LDIF representations of matching \
entries.
INFO_LDAPSEARCH_ARG_DESCRIPTION_SUPPRESS_BASE64_COMMENTS=Indicates that the \
tool should not include any comments that attempt to provide a \
human-readable representation of any base64-encoded attribute values in \
the search results. If this argument is not provided, then any attribute \
value whose LDIF representation requires base64 encoding will be \
immediately followed by a comment that attempts to provide a human-readable \
representation of the raw bytes that comprise that base64-encoded value.
INFO_LDAPSEARCH_ARG_DESCRIPTION_DRY_RUN=Indicate which searches would be \
issued but do not actually send them to the server.
INFO_LDAPSEARCH_ARG_DESCRIPTION_FOLLOW_REFERRALS=Attempt to follow any \
referrals and search result references encountered during search \
processing. If this is not provided, then referrals and search references \
will be displayed in the output.
INFO_LDAPSEARCH_ARG_DESCRIPTION_GET_USER_RESOURCE_LIMITS=Indicates that all \
bind requests should include the UnboundID-proprietary get user resource \
limits request control to request that the server return information \
about resource limits (e.g., size limit, time limit, idle time limit, etc.) \
imposed for the user.
INFO_LDAPSEARCH_ARG_DESCRIPTION_INCLUDE_REPL_CONFLICTS=Indicates that all \
search requests should include the UnboundID-proprietary return conflict \
entries request control to indicate that the server may return any \
replication conflict entries that match the search criteria. Replication \
conflict entries are normally excluded from search results.
INFO_LDAPSEARCH_ARG_DESCRIPTION_INCLUDE_SOFT_DELETED=Indicates that all \
search requests should include the UnboundID-proprietary soft-deleted \
entry access request control to indicate that the server may return any \
soft-deleted entries that match the search criteria. Soft-deleted entries \
are normally excluded from search results. The value for this argument \
must be one of: ''with-non-deleted-entries'' (indicates that both regular \
and soft-deleted entries should be returned), \
''without-non-deleted-entries'' (indicates that only soft-deleted entries \
should be returned), or ''deleted-entries-in-undeleted-form'' (returns \
only soft-deleted entries in the form in the form the entries had before \
they were deleted).
INFO_LDAPSEARCH_ARG_DESCRIPTION_INCLUDE_DRAFT_LDUP_SUBENTRIES=Indicates that \
all search requests should include the subentries request control as \
described in draft-ietf-ldup-subentry to indicate that the server may \
return any LDAP subentries that match the search criteria. LDAP subentries \
are normally excluded from search results. This control does not take a \
value.
INFO_LDAPSEARCH_ARG_PLACEHOLDER_INCLUDE_RFC_3672_SUBENTRIES=\
'{'returnOnlySubentries'}'
INFO_LDAPSEARCH_ARG_DESCRIPTION_INCLUDE_RFC_3672_SUBENTRIES=Indicates that \
all search requests should include the subentries request control as \
described in RFC 3672 to indicate that the server may return any LDAP \
subentries that match the search criteria, optionally including regular \
entries along with the subentries. LDAP subentries are normally excluded \
from search results. This control requires a Boolean value of either \
''true'' or ''false'' to indicate whether the server should return only \
subentries (if true), or both regular entries and subentries (if false).
INFO_LDAPSEARCH_ARG_DESCRIPTION_JOIN_RULE=Indicates that all search requests \
should include the join request control to indicate that matching entries \
should be joined with related entries based on the specified criteria. \
Allowed values include ''dn:'' followed by the name of an attribute in the \
source entry containing the DNs of the entries with which to join; \
''reverse-dn:'' followed by the name of an attribute in the target entries \
whose value is the DN of the source entry; ''equals:'' followed by the \
name of an attribute in the source entry, a colon, and the name of an \
attribute in target entries that must exactly match the source attribute; \
or ''contains:'' followed by the name of an attribute in the source entry, \
a colon, and the name of an attribute in target entries that must match or \
contain the value of the source attribute.
INFO_LDAPSEARCH_ARG_DESCRIPTION_JOIN_BASE_DN=Specifies the base DN to use \
for searches used to join search result entries with related entries. \
The value may be one of ''search-base'' to use the base DN of the search \
request, ''source-entry-dn'' to use the DN of the source entry as the base \
DN for join searches, or any valid LDAP DN to use a custom base DN for join \
searches. If this is not specified, then the default join base DN will be \
the search base DN.
INFO_LDAPSEARCH_ARG_DESCRIPTION_JOIN_SCOPE=Specifies the scope to use for \
searches used to join search result entries with related entries. The \
value may be one of ''base'', ''one'', ''sub'', or ''subordinates''. If \
this is not specified, then the scope of the search request will be used as \
the join scope.
INFO_LDAPSEARCH_ARG_DESCRIPTION_JOIN_SIZE_LIMIT=Specifies the maximum number \
of entries that the server will permit to be joined with any single search \
result entry. If this is not provided, the size limit from the search \
request will be used. Note that the server will impose a maximum join size \
limit of 1000 entries, so any join size limit greater than that will be \
limited to 1000.
INFO_LDAPSEARCH_ARG_DESCRIPTION_JOIN_FILTER=Specifies an additional filter \
that the server will require target entries to match in order to be joined \
with the source entry. If this is not provided, no additional join filter \
will be used.
INFO_LDAPSEARCH_ARG_DESCRIPTION_JOIN_ATTR=Specifies an identifier that \
indicates which attribute(s) should be included in entries joined with \
search result entries. The value may be an attribute name or OID, a \
special token like ''*'' to indicate all user attributes or ''+'' to \
indicate all operational attributes, or an object class name prefixed by an \
''@'' symbol to indicate all attributes associated with the specified \
object class. This may be provided multiple times to specify multiple \
requested attributes. If this is not specified, then the server will \
behave as if all user attributes had been requested.
INFO_LDAPSEARCH_ARG_DESCRIPTION_JOIN_REQUIRE_MATCH=Indicates that the server \
should not return an entry that matches the search criteria if it is not \
joined with at least one additional entry. If this is not provided, then \
entries matching the search criteria will be returned even if they are not \
joined with any other entries.
INFO_LDAPSEARCH_ARG_DESCRIPTION_MANAGE_DSA_IT=Indicates that all search \
requests should include the manageDsaIT request control to indicate that \
any referral entries in the scope of the search should be treated as \
regular entries rather than causing the server to send search result \
references.
INFO_LDAPSEARCH_ARG_DESCRIPTION_REAL_ATTRS_ONLY=Indicates that all search \
requests should include the UnboundID-proprietary real attributes only \
request control to indicate that the server should not include any \
virtual attributes in entries that are returned.
INFO_LDAPSEARCH_ARG_DESCRIPTION_RETRY_FAILED_OPERATIONS=Indicates that, if a \
search fails in a way that indicates the connection to the server may no \
longer be valid, the tool should automatically create a new connection and \
re-try the search before reporting it as a failure.
INFO_LDAPSEARCH_ARG_DESCRIPTION_SCRIPT_FRIENDLY=Indicates that the tool \
should operate in script-friendly mode. This argument has no effect and is \
provided only for the purpose of compatibility with other ldapsearch tools.
INFO_LDAPSEARCH_ARG_DESCRIPTION_SEPARATE_OUTPUT_FILES=Indicates that the tool \
should generate a separate output file for each search rather than \
combining all results into a single file.
INFO_LDAPSEARCH_ARG_DESCRIPTION_TEE=Indicates that search results should be \
written to standard output as well as to the output file specified via the \
''{0}'' argument.
INFO_LDAPSEARCH_ARG_DESCRIPTION_USE_ADMIN_SESSION=Indicates that the tool \
should attempt to use an administrative session to process all operations \
using a dedicated pool of worker threads. This may be useful when trying \
to diagnose problems in a server that is unresponsive because all normal \
worker threads are busy processing other requests.
INFO_LDAPSEARCH_ARG_DESCRIPTION_SUPPRESS_OP_ATTR_UPDATES=Indicates that \
all operations should include the UnboundID-proprietary suppress \
operational attribute updates request control to indicate that the \
server should not apply any updates to the specified operational \
attributes. The value may be one of ''last-access-time'', \
''last-login-time'', ''last-login-ip'', or ''lastmod''.
INFO_LDAPSEARCH_ARG_DESCRIPTION_PASSWORD_POLICY=Indicates that bind requests \
should include the password policy request control (as defined in \
draft-behera-ldap-password-policy-10) to request that the response include \
password policy-related information about the target entry.
INFO_LDAPSEARCH_ARG_DESCRIPTION_TYPES_ONLY=Indicates that the server should \
only include the names of the attributes contained in the entry rather than \
both names and values.
INFO_LDAPSEARCH_ARG_DESCRIPTION_TERSE=Indicates that the tool should generate \
terse output. The only thing written to standard output will be search \
result entries and references, without any summary messages. Standard \
error will not be affected.
INFO_LDAPSEARCH_ARG_DESCRIPTION_VERBOSE=Indicates that the tool should \
generate verbose output.
INFO_LDAPSEARCH_ARG_DESCRIPTION_VIRTUAL_ATTRS_ONLY=Indicates that all search \
requests should include the UnboundID-proprietary virtual attributes \
only request control to indicate that the server should only include \
virtual attributes in entries that are returned.
INFO_LDAPSEARCH_ARG_DESCRIPTION_BIND_CONTROL=Specifies a control that should \
be included in all bind requests used to authenticate to the server.
INFO_LDAPSEARCH_ARG_DESCRIPTION_SEARCH_CONTROL=Specifies a control that \
should be included in all search requests sent to the server.
INFO_LDAPSEARCH_ARG_DESCRIPTION_BASE_DN=Specifies the base DN that should be \
used for the search. If a filter file is provided, then this base DN will \
be used for each search with a filter read from that file. This argument \
must not be provided if the --ldapURLFile is given. If no base DN is \
specified, then the null base DN will be used by default.
INFO_LDAPSEARCH_ARG_DESCRIPTION_EXCLUDE_BRANCH=Indicates that all search \
requests should include the UnboundID-proprietary exclude branch \
request control to indicate that matching entries below the specified \
base DN should be excluded from search results. This argument may be \
provided multiple times if multiple branches should be excluded.
INFO_LDAPSEARCH_ARG_DESCRIPTION_GENERATE_ACCESS_TOKEN=Indicates that the bind \
request should include the generate access token request control, which may \
be used to request that the server generate and return an access token that \
can be used to authorize subsequent connections via the OAUTHBEARER SASL \
mechanism.
INFO_LDAPSEARCH_ARG_DESCRIPTION_FILTER_FILE=Specifies the path to a file \
containing the search filters to issue. Each filter should be on a \
separate line. Blank lines and lines beginning with the ''#'' character \
will be ignored. This argument may be provided multiple times to specify \
multiple filter files. If a filter file is provided, then the first \
trailing argument will not be interpreted as a search filter (all trailing \
arguments will be interpreted as requested attributes).
INFO_LDAPSEARCH_ARG_DESCRIPTION_LDAP_URL_FILE=Specifies the path to a file \
containing LDAP URLs that define the search requests to issue. The LDAP \
URLs will specify the base DN, scope, filter, and attributes to return for \
each search (any hostnames and port numbers included in the URLs will be \
ignored). Each URL should be on a separate line. Blank lines and lines \
beginning with the ''#'' character will be ignored. This argument may be \
provided multiple times to specify multiple LDAP URL files.
INFO_LDAPSEARCH_ARG_DESCRIPTION_OUTPUT_FORMAT=Specifies the format that \
should be used for the output generated by this tool. Allowed values are \
''LDIF'' (LDAP Data Interchange Format, which is the standard string \
representation for LDAP data), ''JSON'' (JavaScript Object Notation, which \
is a popular format used by web services), ''CSV'' (comma-separated \
values, which is a commonly used format for text processing, with only a \
single value per attribute), ''multi-valued-csv'' (comma-separated values \
with a vertical bar between values of multivalued attributes), \
''tab-delimited'' (another commonly used general text format, with only a \
single value per attribute), ''multi-valued-tab-delimited'' (tab-delimited \
text with a vertical bar between values of multivalued attributes), \
''dns-only'' (in which only the DN of each matching entry will be written \
on a line by itself with no information about the entry''s attributes), and \
''values-only'' (in which each value returned will be written on a line by \
itself with no attribute names, entry DNs, or delimiters between entries). \
If either the ''CSV'' or ''tab-delimited'' format is selected (or one of \
their multivalued variants), the set of requested attributes must be \
provided with the ''{0}'' argument, the order in which the attributes are \
provided on the command line specifies the order in which they will be \
listed in the output, and if any of those attributes has multiple values \
then only the first value will be used. Further, the ''CSV'' and \
''tab-delimited'' formats cannot be used in conjunction with the ''{1}'' \
argument. If no output format is specified, a default of ''LDIF'' will be \
used.
INFO_LDAPSEARCH_ARG_DESCRIPTION_REQUIRE_MATCH=Indicates that {0} should \
exit with a nonzero result code, {1}, if the search completes successfully \
but does not return any matching entries. This argument only affects the \
tool exit code; it will not have any visible effect on the output.
INFO_LDAPSEARCH_ARG_DESCRIPTION_OUTPUT_FILE=Specifies the path to the file to \
which search results should be written. If this argument is not provided \
then results will be written to standard output.
INFO_LDAPSEARCH_ARG_DESCRIPTION_COMPRESS_OUTPUT=Indicates that the output \
should be gzip-compressed. This can only be used if the --outputFile \
argument is provided and the --teeResultsToStandardOut argument is not \
provided.
INFO_LDAPSEARCH_ARG_DESCRIPTION_ENCRYPT_OUTPUT=Indicates that the output \
should be encrypted with a key generated from a provided password. This \
can only be used if the --outputFile argument is provided and the \
--teeResultsToStandardOut argument is not provided. If the \
--encryptionPassphraseFile argument is provided, then that file will be used \
to specify the encryption passphrase; otherwise, the passphrase will be \
interactively requested.
INFO_LDAPSEARCH_ARG_DESCRIPTION_ENCRYPTION_PW_FILE=The path to a file that \
specifies the passphrase to use to encrypt the output. This can only be \
provided if the --encryptOutput argument is given, but if that argument is \
given and no passphrase file is specified, then the passphrase will be \
interactively requested. If a file is specified, then that file must \
exist and must contain exactly one line comprised entirely of the passphrase.
INFO_LDAPSEARCH_ARG_DESCRIPTION_ASSERTION_FILTER=A filter that will be used \
in conjunction with the LDAP assertion request control (as described in RFC \
4528) to indicate that the server should only process searches in which the \
entry specified as the base DN matches this filter.
INFO_LDAPSEARCH_ARG_DESCRIPTION_FILTER=Specifies a filter to use when \
processing a search. This may be provided multiple times to issue multiple \
searches with different filters. If this argument is provided, then the \
first trailing argument will not be interpreted as a search filter (all \
trailing arguments will be interpreted as requested attributes).
INFO_LDAPSEARCH_ARG_DESCRIPTION_MATCHED_VALUES_FILTER=Indicates that all \
search requests should include the matched values request control (as \
described in RFC 3876) to indicate that search result entries should only \
include values for a given attribute that match the provided filter. This \
argument may be provided multiple times to specify multiple matched values \
filters.
INFO_LDAPSEARCH_ARG_DESCRIPTION_RATE_PER_SECOND=Specifies a maximum search \
rate that the tool should be permitted to achieve. Note that this limit \
applies only to the rate at which the client issues search requests and not \
to the rate at which the server may send matching entries.
INFO_LDAPSEARCH_ARG_DESCRIPTION_PAGE_SIZE=Indicates that all search requests \
should include the simple paged results control (as described in RFC \
2696) to indicate that the search should return entries in pages of no more \
than the specified size. This can be useful for searches that must return \
a large number of entries but the server restricts the number of entries \
that may be returned for any search.
INFO_LDAPSEARCH_ARG_DESCRIPTION_SIZE_LIMIT=Specifies the maximum number of \
entries that the server should return for each search. A value of zero \
(which is the default if this argument is not used) indicates that no \
client-side size limit should be imposed. Note that the server may impose \
its own limit on the number of entries that may be returned for a search.
INFO_LDAPSEARCH_ARG_DESCRIPTION_TIME_LIMIT=Specifies the maximum length of \
time in seconds that the server should spend processing each search. A \
value of zero (which is the default if this argument is not provided) \
indicates that no client-side time limit should be imposed. Note that the \
server may impose its own time limit for search requests.
INFO_LDAPSEARCH_ARG_DESCRIPTION_SCOPE=Specifies the scope that to use for \
search requests. The value should be one of ''base'', ''one'', ''sub'', or \
''subordinates''. If this argument is not provided, a default of ''sub'' \
will be used.
INFO_LDAPSEARCH_ARG_DESCRIPTION_DEREFERENCE_POLICY=Specifies the alias \
dereferencing policy to use for search requests. The value should be one \
of ''never'', ''always'', ''search'', or ''find''. If this argument is not \
provided, a default of ''never'' will be used.
INFO_LDAPSEARCH_ARG_DESCRIPTION_GET_AUTHZ_ENTRY_ATTR=Indicates that all bind \
requests should include the UnboundID-proprietary get authorization \
entry request control to request that the server return the specified \
attribute (or collection of attributes, in the case of a special identifier \
like ''*'' to indicate all user attributes or ''+'' to indicate all \
operational attributes) from the authenticated user''s entry. This argument \
may be provided multiple times to specify multiple attributes to request.
INFO_LDAPSEARCH_ARG_DESCRIPTION_GET_BACKEND_SET_ID=Indicates that all \
search requests should include the UnboundID-proprietary get backend set \
ID request control to request that the Directory Proxy Server include a \
corresponding get backend set ID response control in each search result \
entry, indicating the entry-balancing backend set from which that entry was \
retrieved.
INFO_LDAPSEARCH_ARG_DESCRIPTION_GET_RECENT_LOGIN_HISTORY=Indicates that all \
bind requests should include the get recent login history request control \
to request that the server include a corresponding response control with \
information about the user''s recent login history.
INFO_LDAPSEARCH_ARG_DESCRIPTION_GET_SERVER_ID=Indicates that all search \
requests should include the UnboundID-proprietary get server ID request \
control to request that server include a corresponding get server ID \
response control in each search result entry, indicating the server from \
which that entry was retrieved.
INFO_LDAPSEARCH_ARG_DESCRIPTION_GET_EFFECTIVE_RIGHTS_ATTR=Indicates that all \
search requests should include the UnboundID-proprietary get effective \
rights request control to return information about the access control \
rights that a user has when interacting with each matching entry. This \
argument may be provided multiple times to specify multiple attributes.
INFO_LDAPSEARCH_ARG_DESCRIPTION_GET_EFFECTIVE_RIGHTS_AUTHZID=Indicates that \
all search requests should include the UnboundID-proprietary get \
effective rights request control to return information about the \
access control rights the specified user has when interacting with each \
matching entry.
INFO_LDAPSEARCH_ARG_DESCRIPTION_MATCHING_ENTRY_COUNT_CONTROL=Indicates that \
all search requests should include the UnboundID-proprietary matching \
entry count request control, which indicates that the server should \
return information about the number of entries that match the search \
criteria. The maximum number of entries to examine must be specified, \
which helps indicate whether an exact count or an estimate will be \
returned. If alwaysExamine is specified and the number of candidates is \
less than the examine count, then each candidate will be examined to verify \
that it matches the criteria and would actually be returned to the client \
in a search. If allowUnindexed is specified, then the count will be \
allowed to be processed even if the search is unindexed (and may take a \
very long time to complete). If extended is specified, then the client \
will request extended response data from the server. If debug is \
specified, then additional debug information may be included in the output.
INFO_LDAPSEARCH_ARG_DESCRIPTION_OPERATION_PURPOSE=Indicates that all search \
requests should include the UnboundID-proprietary operation purpose \
request control to provide the specified reason for the operation.
INFO_LDAPSEARCH_NAME_VALUE_PLACEHOLDER='{'name=value'}'
INFO_LDAPSEARCH_ARG_DESCRIPTION_OVERRIDE_SEARCH_LIMIT=Indicates that search \
operations should include the override search limits request control with \
the specified name-value pair. This may be provided multiple times to \
specify multiple property name-value pairs to include in the control.
INFO_LDAPSEARCH_ARG_DESCRIPTION_PERSISTENT_SEARCH=Indicates that the search \
request should include the persistent search request control (as described \
in draft-ietf-ldapext-psearch) to indicate that the server should return \
information about changes to entries that match the search criteria as \
they are processed. This argument may only be used when processing a \
single search operation.
INFO_LDAPSEARCH_ARG_DESCRIPTION_PROXY_AS=Indicates that all search requests \
should include the proxied authorization request control (as described in \
RFC 4370) to process the operation under an alternate authorization \
identity. The authorization ID should generally be specified in the form \
''dn:'' followed by the target user''s DN, or ''u:'' followed by the username.
INFO_LDAPSEARCH_ARG_DESCRIPTION_PROXY_V1_AS=Indicates that all search \
requests should include the legacy proxied authorization v1 request control \
(as described in draft-weltman-ldapv3-proxy-04) to process the search under \
an alternate authorization identity, specified as the DN of the desired user.
INFO_LDAPSEARCH_ARG_DESCRIPTION_REQUESTED_ATTR=Specifies an identifier that \
indicates which attribute(s) should be included in entries that match the \
search criteria. The value may be an attribute name or OID, a special \
token like ''*'' to indicate all user attributes or ''+'' to indicate all \
operational attributes, or an object class name prefixed by an ''@'' symbol \
to indicate all attributes associated with the specified object class. \
This may be provided multiple times to specify multiple requested \
attributes, and it may be provided instead of or in addition to the set of \
requested attributes in the set of trailing arguments. If this is not \
specified, then the server will behave as if all user attributes had been \
requested.
INFO_LDAPSEARCH_ARG_PLACEHOLDER_ROUTE_TO_BACKEND_SET=\
'{'entry-balancing-processor-id:backend-set-id'}'
INFO_LDAPSEARCH_ARG_DESCRIPTION_ROUTE_TO_BACKEND_SET=Specifies the ID of an \
entry-balancing backend set to which the Directory Proxy Server should \
send all of the search requests. The value should be formatted as the \
entry-balancing request processor ID followed by a colon and the desired \
backend set ID for that entry-balancing request processor. This argument \
can be provided multiple times to specify multiple backend set IDs for the \
same or different entry-balancing request processors. The request control \
will be configured to use absolute routing rather than a routing hint.
INFO_LDAPSEARCH_ARG_PLACEHOLDER_ROUTE_TO_SERVER='{'id'}'
INFO_LDAPSEARCH_ARG_DESCRIPTION_ROUTE_TO_SERVER=Specifies the ID of the \
backend server to which the Directory Proxy Server should send all search \
requests.
INFO_LDAPSEARCH_ARG_DESCRIPTION_SORT_ORDER=Indicates that all search requests \
should include the server-side sort request control (as described in RFC \
2891) to request that the server sort results before returning them to the \
client. The sort order should be a comma-separated list of attribute \
names, each of which may be optionally prefixed by ''+'' (to indicate that \
sorting should be in ascending order for that attribute) or ''-'' (for \
descending order), and may be optionally followed by a colon and the name \
or OID for the ordering matching rule that should be used when sorting. \
Ascending order will be used if neither ''+'' or ''-'' is specified, and if \
no matching rule ID is given then the attribute type''s own ordering rule \
will be used.
INFO_LDAPSEARCH_ARG_DESCRIPTION_VLV=Indicates that all search requests should \
include the virtual list view (VLV) request control (as described in \
draft-ietf-ldapext-ldapv3-vlv) to indicate that the server should return \
the specified subset of the sorted search results (and the ''{0}'' argument \
must also be given to specify the sort order). The value should be a \
colon-delimited list indicating which page of results to return, and it may \
take one of two forms. In either case, the first element specifies the \
number of elements to return before the entry identified as the start of \
the results, and the second is the number of entries after the ''start'' \
entry. The third element identifies the start of the result set, and it \
may be either an integer offset (in which the first entry in the result \
set has an offset of one), or a string that provides a value for which the \
server should identify the first entry whose value for the primary sort \
attribute is greater than or equal to the given string. In the event that \
an offset is provided, a fourth element must also be given to indicate the \
expected number of entries in the result set, or zero if that is not \
known. For example, a value of ''0:9:1:0'' indicates that the server \
should return the first ten entries of the result set (starting at offset \
1, which is the first entry, return the zero previous entries and the nine \
following entries, with no indication of how many entries match the search \
criteria). Alternately, a value of ''0:99:smith'' indicates that the \
server should the first 100 entries in the result set for which the primary \
sort attribute has a value that is greater than or equal to ''smith''.
INFO_LDAPSEARCH_ARG_DESCRIPTION_REJECT_UNINDEXED_SEARCH=Indicates that all \
search requests should include the UnboundID-proprietary reject unindexed \
search request control to indicate that the server should not process the \
search operation if it cannot do so efficiently using server indexes, even \
if the requester has the unindexed-search privilege.
INFO_LDAPSEARCH_ARG_DESCRIPTION_PERMIT_UNINDEXED_SEARCH=Indicates that all \
search requests should include the UnboundID-proprietary permit unindexed \
search request control to indicate that the server should process the \
search operation even if it cannot do so efficiently using server indexes. \
The requester must have either the unindexed-search or \
unindexed-search-with-control privilege.
INFO_LDAPSEARCH_ARG_DESCRIPTION_USE_JSON_FORMATTED_CONTROLS=Indicates that \
any request controls should be encapsulated in a JSON-formatted request \
control. Even if there wouldn''t otherwise be any request controls, an \
empty JSON-formatted request control will be included to indicate that the \
server should encapsulate any response controls in a JSON-formatted \
response control.
INFO_LDAPSEARCH_ARG_DESCRIPTION_EXCLUDE_ATTRIBUTE=Specifies the name or OID \
of an attribute that should be excluded from search result entries. This \
argument may be provided multiple times to specify multiple attributes to \
exclude.
INFO_LDAPSEARCH_ARG_DESCRIPTION_REDACT_ATTRIBUTE=Specifies the name or OID of \
an attribute whose values should be redacted to indicate that the attribute \
is present in search result entries but to hide the actual values for that \
attribute. This argument may be provided multiple times to specify \
multiple attributes to redact.
INFO_LDAPSEARCH_ARG_DESCRIPTION_HIDE_REDACTED_VALUE_COUNT=Indicates that the \
output should not reveal the number of values contained in redacted \
attributes. If this argument is present, then a redacted attribute will \
only ever have a single value of ''***REDACTED***''. If this argument is \
not present, then a redacted attribute with multiple values will still have \
the same number of values that it originally had, but those values will \
be ''***REDACTED1***'', ''***REDACTED2***'', etc.
INFO_LDAPSEARCH_ARG_DESCRIPTION_SCRAMBLE_ATTRIBUTE=Specifies the name or OID \
of an attribute whose values should be scrambled. Scrambling will be \
performed in a manner that attempts to preserve the associated attribute \
syntax and that will generally try to ensure that a given input value will \
consistently yield the same scrambled output. This argument may be \
provided multiple times to specify multiple attributes to scramble.
INFO_LDAPSEARCH_ARG_DESCRIPTION_SCRAMBLE_JSON_FIELD=Specifies the name of a \
JSON field whose values should be scrambled. If the --scrambleAttribute \
argument is used to scramble any attributes whose values may be JSON \
objects, then all JSON field names will be preserved and only the values of \
the specified fields will be scrambled. If this argument is given (and it \
may be provided multiple times to target multiple JSON fields), then only \
the specified fields will have their values scrambled. If this argument \
is not provided, then any of the scramble attribute values that are JSON \
objects will have all values scrambled. JSON field names will be treated \
in a case-insensitive manner.
INFO_LDAPSEARCH_ARG_DESCRIPTION_SCRAMBLE_RANDOM_SEED=Specifies the value that \
will be used to seed the random number generator used in the course of \
scrambling attribute values. If a random seed is provided, then scrambling \
the same entry with the same seed should consistently yield the same \
scrambled representations. If no random seed is specified, an appropriate \
value will be selected automatically.
INFO_LDAPSEARCH_ARG_DESCRIPTION_RENAME_ATTRIBUTE_FROM=Specifies the name or \
OID of an attribute that should have its name replaced with the value \
specified in the --renameAttributeTo argument. This argument may be \
provided multiple times as long as the --renameAttributeTo argument is also \
provided the same number of times, and the order of --renameAttributeFrom \
values must correspond to the order of --renameAttributeTo values.
INFO_LDAPSEARCH_ARG_DESCRIPTION_RENAME_ATTRIBUTE_TO=Specifies the new name \
to use for an attribute to be renamed. This argument must be provided the \
same number of times as the --renameAttributeFrom argument.
INFO_LDAPSEARCH_ARG_DESCRIPTION_MOVE_SUBTREE_FROM=Specifies the base DN for \
a subtree to be moved to another location in the DIT, with this source DN \
being replaced with the base DN specified using the --moveSubtreeTo \
argument. This argument may be provided multiple times as long as the \
--moveSubtreeTo argument is also provided the same number of times, and the \
order of --moveSubtreeFrom values must correspond to the order of \
--moveSubtreeTo values.
INFO_LDAPSEARCH_ARG_DESCRIPTION_MOVE_SUBTREE_TO=Specifies the new base DN for \
a subtree to be moved. This argument must be provided the same number of \
times as the --moveSubtreeFrom argument.
INFO_LDAPSEARCH_ARG_DESCRIPTION_LDAP_VERSION=Specifies the LDAP protocol \
version that the tool should use when communicating with the directory \
server. This argument has no effect and is provided only for the purpose \
of compatibility with other ldapsearch tools.
INFO_LDAPSEARCH_TRAILING_ARGS_PLACEHOLDER='{'filter'}' ['{'attr1'}' \
['{'attr2'}' ...]]
ERR_LDAPSEARCH_TRAILING_ARGS_WITH_URL_FILE=Trailing arguments are not allowed \
when the ''{0}'' argument is provided.
ERR_LDAPSEARCH_TRAILING_FILTER_WITH_FILTER_FILE=If a filter file is \
specified, then a filter cannot be provided as a trailing argument.
ERR_LDAPSEARCH_NO_TRAILING_ARGS=If neither the ''{0}'' nor the ''{1}'' \
argument is provided, the filter to use for the search must be provided as \
a trailing argument.
ERR_LDAPSEARCH_FIRST_TRAILING_ARG_NOT_FILTER=The first trailing argument \
''{0}'' is not a valid LDAP search filter.
WARN_LDAPSEARCH_TRAILING_ARG_STARTS_WITH_DASH=WARNING: Unnamed trailing \
argument ''{0}'' starts with a dash. Trailing arguments should only be \
used for the search filter (unless a different argument is used to specify \
the filters) and set of requested attributes to include in search result \
entries. If this was intended to be a named argument, it should be \
placed earlier in the argument list.
ERR_LDAPSEARCH_INVALID_MATCHED_VALUES_FILTER=Filter ''{0}'' is a valid \
search filter, but is not valid for use with the matched values request \
control.
ERR_LDAPSEARCH_MATCHING_ENTRY_COUNT_INVALID_VALUE=The value provided for the \
''{0}'' argument is invalid. The value must start with ''examineCount='' \
followed by an integer greater than or equal to zero. It may optionally \
also contain '':alwaysExamine'' (to indicate that it should always attempt \
to examine candidate entries to determine whether they actually match), \
'':allowUnindexed'' (to indicate that the server should attempt to \
determine the matching entry count even if the search criteria is not \
indexed), '':skipResolvingExplodedIndexes'' (to indicate whether the server \
should skip the effort of actually retrieving the candidate entry IDs for \
exploded index keys in which the number of matching entries is known), \
'':fastShortCircuitThreshold='' followed by an integer value (to specify \
the short-circuit threshold that the server should use when determining \
whether to continue with index processing, even if there may be additional \
filter components that may be very fast to process), \
'':slowShortCircuitThreshold='' followed by an integer value (to specify \
the short-circuit threshold that should be used if it is expected that \
there may be potentially-expensive filter components left to evaluate), \
and/or '':debug'' (to indicate that the response control should include \
debug information about the processing performed in the course of making \
the determination.
ERR_LDAPSEARCH_OVERRIDE_LIMIT_NO_EQUAL=A value provided for the ''{0}'' \
argument is invalid because it does not contain an equal sign to separate \
the property name from the value.
ERR_LDAPSEARCH_OVERRIDE_LIMIT_EMPTY_PROPERTY_NAME=A value provided for the \
''{0}'' argument is invalid because it starts with an equal sign, \
indicating an empty property name. Property names must not be empty.
ERR_LDAPSEARCH_OVERRIDE_LIMIT_DUPLICATE_PROPERTY_NAME=A value provided for \
the ''{0}'' argument is invalid because there are multiple attempts to set \
a value for property ''{1}''. The same property cannot be set multiple \
times.
ERR_LDAPSEARCH_OVERRIDE_LIMIT_EMPTY_PROPERTY_VALUE=A value provided for the \
''{0}'' argument is invalid because it contains an empty value for property \
''{1}''. Property values must not be empty.
ERR_LDAPSEARCH_PERSISTENT_SEARCH_INVALID_VALUE=The value provided for the \
''{0}'' argument is invalid. The value must start with ''ps''. That may \
be followed by a colon and a comma-delimited list of change types (''add'', \
''delete'', ''modify'', or ''modifydn''), or ''any'' to indicate that all \
change types should be included. That may be followed by a colon and a \
''1'' to indicate that the search should only return matching entries when \
they are argeted by an appropriate operation, or ''0'' to indicate that the \
search should first return all existing entries that match the criteria \
before transitioning to returning to returning entries as updates occur. \
That may be followed by a colon and a ''1'' to request that the server \
include entry change notification controls with search result entries, or \
''0'' to request no such controls. A value of just ''ps'' is equivalent \
to ''ps:any:1:1''.
ERR_LDAPSEARCH_SORT_ORDER_INVALID_VALUE=The value provided for the ''{0}'' \
argument is invalid. The value must be a comma-delimited list of one or \
more attribute names or OIDs, each of which may be prefixed by ''-'' to \
indicate that sorting for that attribute should be in descending order, or \
''+'' to indicate that sorting for that attribute should be in ascending \
order. If an attribute name is not prefixed with either ''-'' or ''+'', \
then sorting for that attribute will be in ascending order.
ERR_LDAPSEARCH_VLV_INVALID_VALUE=The value provided for the ''{0}'' argument \
is invalid. The value must either be a colon-delimited list of four \
integers (representing the before count; after count; offset index; and \
expected result set size, with zero used if the expected result set size is \
not known), or a colon-delimited list of two integers and one string \
(representing the before count, after count, and the primary sort attribute \
value that should be used as the start of the result set).
ERR_LDAPSEARCH_JOIN_RULE_INVALID_VALUE=The value provided for the ''{0}'' \
argument is invalid. The value must be one of the following: the string \
''dn:'' followed by the name or OID of an attribute in the source entry \
whose values are the DNs of the entries with which to join; the string \
''reverse-dn:'' followed by the name or OID of an attribute in the target \
entry with a value that matches the DN of the source entry; the string \
''equals:'' followed by the name or OID of an attribute in the source \
entry, a colon, and the name or OID of an attribute in target entries that \
must have a value that equals at least one value of the source attribute; \
or the string ''contains:'' followed by the name or OID of an attribute in \
the source entry, a colon, and the name or OID of an attribute in target \
entries that must have a value that matches or contains as a substring at \
least one value of the source attribute.
ERR_LDAPSEARCH_JOIN_BASE_DN_INVALID_VALUE=The value provided for the ''{0}'' \
argument is invalid. The value may be ''search-base'' to use the base DN \
from the search request as the base DN for join searches, \
''source-entry-dn'' to use the DN of the source entry as the base DN for \
join searches, or any valid DN to use that DN as the base DN for join \
searches.
ERR_LDAPSEARCH_ROUTE_TO_BACKEND_SET_INVALID_FORMAT=Value ''{0}'' provided for \
argument ''{1}'' is invalid. The value must contain the ID of the \
entry-balancing request processor followed by a colon and the ID of a \
desired backend set to use for that entry-balancing request processor.
ERR_LDAPSEARCH_RENAME_ATTRIBUTE_MISMATCH=The --renameAttributeFrom argument \
must be provided the same number of times as the --renameAttributeTo \
argument.
ERR_LDAPSEARCH_PROXY_AS_DN_NOT_DN=The value of the {0} argument is not valid \
because ''{1}'' cannot be parsed as a valid LDAP DN.
ERR_LDAPSEARCH_PROXY_AS_VALUE_MISSING_PREFIX=The value of the {0} argument is \
not valid because it does not start with either ''dn:'' (to indicate that \
the following value is an LDAP DN) or ''u:'' (to indicate that the \
following value is a username).
ERR_LDAPSEARCH_MOVE_SUBTREE_MISMATCH=The --moveSubtreeFrom argument must be \
provided the same number of times as the --moveSubtreeTo argument.
ERR_LDAPSEARCH_OUTPUT_FORMAT_NOT_SUPPORTED_WITH_URLS=The ''{0}'' output \
format cannot be used in conjunction with the ''{1}'' argument.
ERR_LDAPSEARCH_OUTPUT_FORMAT_REQUIRES_REQUESTED_ATTR_ARG=The ''{0}'' output \
format requires that the set of requested arguments be identified with the \
''{1}'' argument rather than as unnamed trailing arguments.
ERR_LDAPSEARCH_CANNOT_OPEN_OUTPUT_FILE=Unable to open output file ''{0}'' \
for writing: {1}
ERR_LDAPSEARCH_CANNOT_CREATE_CONNECTION_POOL=An error occurred while \
attempting to create a connection pool to communicate with the directory \
server: {0}
ERR_LDAPSEARCH_MALFORMED_LDAP_URL=LDAP URL file ''{0}'' contains value \
''{1}'' that cannot be parsed as a valid LDAP URL.
ERR_LDAPSEARCH_CANNOT_READ_LDAP_URL_FILE=An error occurred while attempting \
to read from LDAP URL file ''{0}'': {1}
ERR_LDAPSEARCH_MALFORMED_FILTER=Filter file ''{0}'' contains a value that \
cannot be parsed as a valid LDAP search filter: {1}
ERR_LDAPSEARCH_CANNOT_READ_FILTER_FILE=An error occurred while attempting \
to read from filter URL file ''{0}'': {1}
INFO_LDAPSEARCH_DRY_RUN_REQUEST_NOT_SENT=No search operation was actually \
processed because the {0} argument was provided. The request that would \
have been sent is: {1}
INFO_LDAPSEARCH_SENDING_SEARCH_REQUEST=Sending search request {0}
ERR_LDAPSEARCH_MISSING_PAGED_RESULTS_RESPONSE_CONTROL=The search request \
included the simple paged results request control, but the corresponding \
search result did not include the expected response control. It is not \
possible to continue paging through the search results.
ERR_LDAPSEARCH_CANNOT_DECODE_PAGED_RESULTS_RESPONSE_CONTROL=An error occurred \
while attempting to decode the simple paged results response control \
included in the search result: {0}. It is not possible to continue \
paging through the search results.
INFO_LDAPSEARCH_INTERMEDIATE_PAGED_SEARCH_RESULT=Intermediate search result \
with more pages to retrieve:
INFO_LDAPSEARCH_TOTAL_SEARCH_ENTRIES=Total Entries Returned: {0,number,0}
INFO_LDAPSEARCH_TOTAL_SEARCH_REFERENCES=Total References Returned: \
{0,number,0}
ERR_LDAPSEARCH_ACCESS_LOG_FIELD_NO_COLON=Unable to parse {0} argument value \
''{1}'' because it does not include a colon to separate the field name from \
the value.
ERR_LDAPSEARCH_ACCESS_LOG_FIELD_DUPLICATE_FIELD=Multiple {0} values provided \
for field ''{1}''. The same field may not be provided multiple times.
INFO_LDAPSEARCH_EXAMPLE_1=Establishes an unencrypted LDAP connection to \
directory.example.com:389, performs a simple bind to authenticate as user \
''uid=jdoe,ou=People,dc=example,dc=com'', and issues a search request to \
retrieve the givenName, sn, and mail attributes for the user with uid \
''jqpublic'' below dc=example,dc=com. The search results will be written \
to standard output.
INFO_LDAPSEARCH_EXAMPLE_2=Establishes an SSL-encrypted LDAP connection to \
directory.example.com:636, interactively prompting the user about whether \
to trust the certificate presented by the directory server. The tool \
will then bind with the SASL PLAIN mechanism using an authentication ID of \
''u:jdoe'' and a password read from a file. It will then issue a search \
request for each filter in a given file, writing the results for each \
search into a separate output file.
INFO_LDAPSEARCH_EXAMPLE_3=Establishes an LDAP connection to \
directory.example.com:389 that is secured with the StartTLS extended \
operation, using the information in the provided trust store file to \
determine whether to trust the certificate presented by the directory \
server. It will then issue an unauthenticated search to retrieve all \
user and operational attributes from the server''s root DSE. The output \
will be written to a specified output file as well as displayed on standard \
output.
INFO_LDAPSEARCH_EXAMPLE_4=Issues a search request to retrieve all entries at \
or below ''dc=example,dc=com'', using the simple paged results control to \
retrieve up to 100 entries at a time. The search will use an unencrypted \
LDAP connection, and the tool will interactively prompt the user for the \
password to use when performing simple authentication.
INFO_LDAPSEARCH_EXAMPLE_5=Issues a search request to retrieve a \
special entry that provides details about the server''s use of indexes to \
determine the candidate set of potential matching entries. This feature \
is only supported in the UnboundID/Ping Identity Directory Server, and \
the user must have access control rights to retrieve the ''cn=debugsearch'' \
entry and the ''debugsearchindex'' operational attribute.
INFO_SPLIT_LDIF_TOOL_DESCRIPTION=Splits a single LDIF file into multiple \
sets by separating entries below a specified base DN into different \
mutually-exclusive collections of entries. A number of algorithms are \
available to determine how entries should be split, and entries outside the \
split base DN may be included in all sets or added to a dedicated LDIF file.
INFO_SPLIT_LDIF_GLOBAL_ARG_DESC_SOURCE_LDIF=The path to an LDIF file \
containing the data to be split into multiple sets. This argument may be \
provided multiple times to specify multiple LDIF files, and the files will \
be processed in the order they were provided on the command line.
INFO_SPLIT_LDIF_GLOBAL_ARG_DESC_SOURCE_COMPRESSED=Indicates that the source \
LDIF files are gzip-compressed.
INFO_SPLIT_LDIF_GLOBAL_ARG_DESC_TARGET_LDIF_BASE=The path and base name to \
use for the LDIF files containing the data that has been split. The \
resulting LDIF files will use this path with different extensions \
(''.set1'' for the first set, ''.set2'' for the second set, and so on, and \
''.outside-split-base-dn'' if a file is to be created to hold entries that \
exist outside of the split base DN). If this is not provided, then the \
source LDIF path will be used as the base name.
INFO_SPLIT_LDIF_GLOBAL_ARG_DESC_COMPRESS_TARGET=Indicates that the target \
LDIF files should be gzip-compressed.
INFO_SPLIT_LDIF_GLOBAL_ARG_DESC_ENCRYPT_TARGET=Indicates that the target LDIF \
files should be encrypted with a key generated from a provided \
passphrase. If the --encryptionPassphraseFile argument is provided, then \
the passphrase will be read from the specified file. Otherwise, it will be \
interactively requested from the user.
INFO_SPLIT_LDIF_GLOBAL_ARG_DESC_ENCRYPT_PW_FILE=The path to the file \
containing the passphrase to use to generate the encryption key. This \
passphrase will be used to decrypt the input (if it is encrypted) and to \
encrypt the output (if it is to be encrypted). If this is not provided and \
either the input or output is encrypted, then the passphrase will be \
interactively requested. If it is provided, then the specified file must \
exist and must contain exactly one line that is comprised entirely of the \
encryption passphrase.
INFO_SPLIT_LDIF_GLOBAL_ARG_DESC_SPLIT_BASE_DN=The base DN below which entries \
should be split. The entry with this DN will appear in all sets, but each \
entry below this base DN will appear in exactly one set. This must be \
provided.
INFO_SPLIT_LDIF_GLOBAL_ARG_DESC_OUTSIDE_TO_ALL_SETS=Indicates that entries \
outside the split base DN should be added to all sets containing split data.
INFO_SPLIT_LDIF_GLOBAL_ARG_DESC_OUTSIDE_TO_DEDICATED_SET=Indicates that \
entries outside the split base DN should be added to a dedicated set in its \
own file.
INFO_SPLIT_LDIF_GLOBAL_ARG_DESC_SCHEMA_PATH=The path to a file or directory \
from which to read schema definitions to use when processing. If the \
provided path is a file, then it must be an LDIF file containing the \
definitions to read. If the provided path is a directory, then schema \
definitions will be read from all files with an extension of ''.ldif'' in \
that directory. If this argument is provided multiple times, then the \
paths will be processed in the order they were provided on the command \
line. If this argument is not provided, then a default standard schema \
will be used.
INFO_SPLIT_LDIF_GLOBAL_ARG_DESC_NUM_THREADS=The number of threads to use when \
processing. If this is not specified, a single thread will be used.
INFO_SPLIT_LDIF_SC_HASH_ON_RDN_DESC=Splits the data by computing a hash on \
the normalized representation of the DN component immediately below the \
split base DN, and using a modulus operation to determine the set in which \
to place the entry. This split algorithm does not require any caching to \
ensure that a subordinate entry is placed in the same set as its parent.
INFO_SPLIT_LDIF_SC_HASH_ON_RDN_ARG_DESC_NUM_SETS=The number of sets into \
which the data should be split. This must be provided, and the value must \
be greater than or equal to two.
INFO_SPLIT_LDIF_SC_HASH_ON_RDN_EXAMPLE=Splits LDIF file ''whole.ldif'' so \
that entries below ''ou=People,dc=example,dc=com'' will be split into four \
sets, selected by computing a digest of the RDN component immediately below \
''ou=People,dc=example,dc=com'', with names starting with ''split.ldif''.
INFO_SPLIT_LDIF_SC_HASH_ON_ATTR_DESC=Splits the data by computing a hash on \
the value(s) of a specified attribute in entries immediately below the \
split base DN, and using a modulus operation to determine the set in which \
to place the entry. If an entry does not contain the target attribute, the \
set will be chosen based on a hash of the DN component immediately below \
the split base DN. Unless the --assumeFlatDIT argument is provided, a \
cache will be used to ensure that subordinate entries are added into the \
same set as their parents.
INFO_SPLIT_LDIF_SC_HASH_ON_ATTR_ARG_DESC_ATTR_NAME=The name or OID of the \
attribute for which to compute the hash. This must be provided.
INFO_SPLIT_LDIF_SC_HASH_ON_ATTR_ARG_DESC_NUM_SETS=The number of sets into \
which the data should be split. This must be provided, and the value must \
be greater than or equal to two.
INFO_SPLIT_LDIF_SC_HASH_ON_ATTR_ARG_DESC_ALL_VALUES=Indicates that the \
hashing process should examine all values for the target attribute. If \
this argument is not provided, then only the first value for the attribute \
will be used to determine the set in which an entry should be placed.
INFO_SPLIT_LDIF_SC_HASH_ON_ATTR_ARG_DESC_ASSUME_FLAT_DIT=Indicates that the \
tool should assume that all entries below the split base DN will be exactly \
one level below that entry, so that it is not necessary to maintain a cache \
to determine where a subordinate entry''s parent resides. If this argument \
is provided but one or more subordinate entries are found, then they will \
be added to a separate file so the appropriate set can be manually \
identified.
INFO_SPLIT_LDIF_SC_HASH_ON_ATTR_EXAMPLE=Splits LDIF file ''whole.ldif'' so \
that entries below ''ou=People,dc=example,dc=com'' will be split into four \
sets, selected by computing a digest of the first value of the ''uid'' \
attribute, with names starting with ''split.ldif''.
INFO_SPLIT_LDIF_SC_FEWEST_ENTRIES_DESC=Splits the data by selecting the \
set with the fewest number of entries. When processing data in a flat DIT, \
this will essentially be a round-robin distribution. When processing data \
in a DIT with branches of varying sizes, this can help ensure that the \
resulting LDIF files will have roughly the same number of entries (although \
running the tool with multiple threads may make this less accurate). \
Unless the --assumeFlatDIT argument is provided, a cache will be used to \
ensure that subordinate entries are added into the same set as their parents.
INFO_SPLIT_LDIF_SC_FEWEST_ENTRIES_ARG_DESC_NUM_SETS=The number of sets into \
which the data should be split. This must be provided, and the value must \
be greater than or equal to two.
INFO_SPLIT_LDIF_SC_FEWEST_ENTRIES_ARG_DESC_ASSUME_FLAT_DIT=Indicates that the \
tool should assume that all entries below the split base DN will be exactly \
one level below that entry, so that it is not necessary to maintain a cache \
to determine where a subordinate entry''s parent resides. If this argument \
is provided but one or more subordinate entries are found, then they will \
be added to a separate file so the appropriate set can be manually \
identified.
INFO_SPLIT_LDIF_SC_FEWEST_ENTRIES_EXAMPLE=Splits LDIF file ''whole.ldif'' \
into four sets, with names starting with ''split.ldif'', so that each entry \
immediately below ''ou=People,dc=example,dc=com'' will be placed in the set \
that currently has the fewest entries.
INFO_SPLIT_LDIF_SC_FILTER_DESC=Splits the data by using search filters to \
select the appropriate set. The filters will be evaluated in the order \
they were provided on the command line, and the entry will be added to the \
first set for which a matching filter is found. If the entry doesn''t \
match any of the provided filters, then the appropriate set will be \
determined by computing a hash on the RDN. Unless the --assumeFlatDIT \
argument is provided, a cache will be used to ensure that subordinate \
entries are added into the same set as their parents.
INFO_SPLIT_LDIF_SC_FILTER_ARG_DESC_FILTER=A filter to evaluate against \
entries exactly one level below the split base DN to determine which set \
should be used to hold the entry. This argument should be provided \
multiple times, once for each set into which the data should be split, and \
the filters will be evaluated in the order they were provided on the \
command line until one is found that matches the target entry.
INFO_SPLIT_LDIF_SC_FILTER_ARG_DESC_ASSUME_FLAT_DIT=Indicates that the tool \
should assume that all entries below the split base DN will be exactly one \
level below that entry, so that it is not necessary to maintain a cache to \
determine where a subordinate entry''s parent resides. If this argument is \
provided but one or more subordinate entries are found, then they will be \
added to a separate file so the appropriate set can be manually identified.
INFO_SPLIT_LDIF_SC_FILTER_EXAMPLE=Splits LDIF file ''whole.ldif'' into four \
sets, with names starting with ''split.ldif'', so that each entry \
immediately below ''ou=People,dc=example,dc=com'' will be selected by \
matching that entry against a search filter. Entries matching \
''(timeZone=Eastern)'' will go into the first set, entries matching \
''(timeZone=Central)'' into the second set, ''(timeZone=Mountain)'' into \
the third set, and ''(timeZone=Pacific)'' into the fourth. Any entries not \
matching any of those filters will be placed by computing a hash on its RDN.
ERR_SPLIT_LDIF_NO_TARGET_BASE_PATH=If the {0} argument is provided multiple \
times, then the {1} argument must also be provided to specify the base \
path and name for the file to be written.
ERR_SPLIT_LDIF_NON_UNIQUE_FILTER=All values provided for the ''{0}'' argument \
must be unique. Filter ''{1}'' was provided multiple times.
ERR_SPLIT_LDIF_NOT_ENOUGH_FILTERS=If the ''{0}'' subcommand is used, the \
''{1}'' argument must be provided multiple times, with each occurrence \
defining the criteria for a different set.
ERR_SPLIT_LDIF_CANNOT_DETERMINE_SPLIT_ALGORITHM=Unable to determine which \
algorithm should be used to split the data. One of the following \
subcommands must be used to specify the algorithm: {0}
ERR_SPLIT_LDIF_ERROR_CREATING_LDIF_READER=An error occurred while attempting \
to create the LDIF reader: {0}
ERR_SPLIT_LDIF_INVALID_LDIF_RECORD_RECOVERABLE=A malformed LDIF record was \
encountered while in the source data: {0}. This record will be skipped, \
but processing will continue.
ERR_SPLIT_LDIF_INVALID_LDIF_RECORD_UNRECOVERABLE=A malformed LDIF record was \
encountered while in the source data: {0}. Processing cannot continue.
ERR_SPLIT_LDIF_IO_READ_ERROR=An I/O error occurred while attempting \
to read the source data: {0}. Processing cannot continue.
ERR_SPLIT_LDIF_UNEXPECTED_READ_ERROR=An unexpected error was encountered \
while attempting to read the source data: {0}. Processing cannot continue.
ERR_SPLIT_LDIF_ENTRY_WITHOUT_PARENT=Unable to determine which set should hold \
entry ''{0}'' because it is more than one level below split base DN ''{1}'' \
but one or more of its superiors does not exist in the LDIF file.
INFO_SPLIT_LDIF_PROGRESS=Processed {0,number,0} entries
ERR_SPLIT_LDIF_CANNOT_OPEN_OUTPUT_FILE=An error occurred while attempting to \
open output file ''{0}'' for writing: {1}
ERR_SPLIT_LDIF_ERROR_WRITING_ERROR_TO_FILE=An error occurred while attempting \
to write information about error ''{0}'' to output file ''{1}'': {2}
ERR_SPLIT_LDIF_ERROR_WRITING_TO_FILE=An error occurred while attempting to \
write entry ''{0}'' to output file ''{1}'': {2}
INFO_SPLIT_LDIF_PROCESSING_COMPLETE=Processing complete. Read {0,number,0} \
entries.
INFO_SPLIT_LDIF_EXCLUDED_COUNT=Excluded {0,number,0} entries that were not \
within the split base DN.
INFO_SPLIT_LDIF_COUNT_TO_FILE=Wrote {0,number,0} entries to file {1}.
ERR_SPLIT_LDIF_ERROR_CLOSING_FILE=An error was encountered while attempting \
to close output file ''{0}'': {1}. The file may be incomplete.
ERR_SPLIT_LDIF_NO_SCHEMA_FILES=The {0} argument was provided, but no schema \
files were found in the specified path(s).
ERR_SPLIT_LDIF_ERROR_LOADING_SCHEMA=An error occurred while attempting to \
read schema information from the specified schema path(s): {0}
ERR_SPLIT_LDIF_TRANSLATOR_CANNOT_GET_MD5=Unable to obtain an MD5 message \
digest generator: {0}
ERR_SPLIT_LDIF_RDN_HASH_TRANSLATOR_CANNOT_PARSE_DN=Unable to parse the entry \
DN: {0}
ERR_SPLIT_LDIF_ATTR_HASH_TRANSLATOR_CANNOT_PARSE_DN=Unable to parse the \
entry DN: {0}
ERR_SPLIT_LDIF_ATTR_HASH_TRANSLATOR_NON_FLAT_DIT=Unable to determine which \
set should hold an entry more than one level below split base DN ''{0}'' \
because the tool was configured to assume a flat DIT and therefore is not \
maintaining the cache needed to ensure that a subordinate entry is placed \
in the same set as its parent.
ERR_SPLIT_LDIF_FEWEST_ENTRIES_TRANSLATOR_CANNOT_PARSE_DN=Unable to parse the \
entry DN: {0}
ERR_SPLIT_LDIF_FEWEST_ENTRIES_TRANSLATOR_NON_FLAT_DIT=Unable to determine \
which set should hold an entry more than one level below split base DN \
''{0}'' because the tool was configured to assume a flat DIT and therefore \
is not maintaining the cache needed to ensure that a subordinate entry is \
placed in the same set as its parent.
ERR_SPLIT_LDIF_FILTER_TRANSLATOR_CANNOT_PARSE_DN=Unable to parse the entry \
DN: {0}
ERR_SPLIT_LDIF_FILTER_TRANSLATOR_NON_FLAT_DIT=Unable to determine which \
set should hold an entry more than one level below split base DN ''{0}'' \
because the tool was configured to assume a flat DIT and therefore is not \
maintaining the cache needed to ensure that a subordinate entry is placed \
in the same set as its parent.
INFO_TOOL_INTERRUPTED_BY_JVM_SHUTDOWN=Tool processing was interrupted by an \
unexpected JVM shutdown.
ERR_TOOL_LOGGER_ERROR_LOADING_PROPERTIES_FILE=An error occurred while \
trying to load the tool invocation logging properties from file ''{0}'': {1}
ERR_TOOL_LOGGER_CANNOT_PARSE_BOOLEAN_PROPERTY=Unable to parse value ''{0}'' \
of property ''{1}'' in tool invocation logging properties file ''{2}'' as \
a Boolean value.
ERR_TOOL_LOGGER_PATH_NOT_FILE=Value ''{0}'' for property ''{1}'' in tool \
invocation logging properties file ''{2}'' cannot be used as an invocation \
log file because the path references a directory rather than a file.
ERR_TOOL_LOGGER_PATH_PARENT_MISSING=Value ''{0}'' for property ''{1}'' in \
tool invocation logging properties file ''{2}'' cannot be used as an \
invocation log file because parent directory ''{3}'' either does not exist \
or is not a directory.
ERR_TOOL_LOGGER_NO_LOG_FILES=No invocation logging will be performed for \
command ''{0}'' because properties file ''{1}'' does not have a valid value \
for either the ''{2}'' or the ''{3}'' property.
ERR_TOOL_LOGGER_ERROR_WRITING_LOG_MESSAGE=An error occurred while trying to \
write a tool invocation log message to file ''{0}'': {1}
ERR_TOOL_LOGGER_ERROR_OPENING_LOG_FILE=An error occurred while trying to open \
log file ''{0}'' for writing an invocation log message: {1}
ERR_TOOL_LOGGER_UNABLE_TO_ACQUIRE_FILE_LOCK=Unable to acquire an exclusive \
lock on tool invocation log file ''{0}'' after {1,number,0} attempts.
ERR_TOOL_UTILS_ENCRYPTION_PW_FILE_MISSING=Encryption passphrase file ''{0}'' \
does not exist.
ERR_TOOL_UTILS_ENCRYPTION_PW_FILE_NOT_FILE=Encryption passphrase file ''{0}'' \
exists but is not a file.
ERR_TOOL_UTILS_ENCRYPTION_PW_FILE_EMPTY=Encryption passphrase file ''{0}'' is \
empty. The file must consist of exactly one line that is comprised \
entirely of the encryption passphrase.
ERR_TOOL_UTILS_ENCRYPTION_PW_FILE_MULTIPLE_LINES=Encryption passphrase file \
''{0}'' contains multiple lines. The file must consist of exactly one line \
that is comprised entirely of the encryption passphrase.
ERR_TOOL_UTILS_ENCRYPTION_PW_FILE_READ_ERROR=An error occurred while \
attempting to read the encryption passphrase from file ''{0}'': {1}
INFO_TOOL_UTILS_ENCRYPTION_PW_PROMPT=Enter the encryption passphrase:
ERR_TOOL_UTILS_ENCRYPTION_PW_EMPTY=ERROR: The encryption passphrase must not \
be empty.
INFO_TOOL_UTILS_ENCRYPTION_PW_CONFIRM=Confirm the encryption passphrase:
ERR_TOOL_UTILS_ENCRYPTION_PW_MISMATCH=ERROR: The passphrases do not match.
INFO_TOOL_UTILS_ENCRYPTED_LDIF_FILE_PW_PROMPT=LDIF file ''{0}'' is \
encrypted. Please enter the passphrase required to decrypt it:
ERR_TOOL_UTILS_ENCRYPTED_LDIF_FILE_WRONG_PW=The provided passphrase is \
incorrect.
ERR_TOOL_UTILS_ENCRYPTED_LDIF_FILE_CANNOT_DECRYPT=LDIF file ''{0}'' is \
encrypted, but an error occurred while attempting to decrypt it: {1}
ERR_TOOL_UTILS_UNAVAILABLE_PASSPHRASE=Unable to obtain the passphrase needed \
to read encrypted data.
INFO_LDAPDELETE_TOOL_DESCRIPTION=Delete one or more entries from an LDAP \
directory server. You can provide the DNs of the entries to delete using \
named arguments, as trailing arguments, from a file, or from standard \
input. Alternatively, you can identify entries to delete using a search \
base DN and filter.
INFO_LDAPDELETE_TRAILING_ARGS_PLACEHOLDER=['{'dn1'}' ['{'dn2'}' ['{'dn3'}' \
...] ] ]
INFO_LDAPDELETE_ARG_GROUP_DATA=Data Arguments
INFO_LDAPDELETE_ARG_DESC_DN=The DN of an entry to delete. This argument may \
be provided multiple times to specify the DNs of multiple entries to \
delete, and entries will be deleted in the order in which the arguments \
were given. This argument must not be used in conjunction with any other \
argument used to indicate which entries should be deleted.
INFO_LDAPDELETE_ARG_DESC_DN_FILE=The path to a file containing the DNs of the \
entries to delete. Each DN must be on its own line in the file, with blank \
lines and lines starting with the ''#'' character being ignored. Each DN \
line may optionally start with ''dn:'' (or ''dn::'' to indicate that the \
DN is base64-encoded), and long DNs may be wrapped across multiple lines by \
starting subsequent lines with at least one space. This argument may be \
provided multiple times to specify multiple DN files, and the files will \
be processed in the order they were provided. This argument must not be \
used in conjunction with any other argument used to indicate which entries \
should be deleted.
INFO_LDAPDELETE_ARG_DESC_DELETE_ENTRIES_MATCHING_FILTER=An LDAP search \
filter that can be used to identify the entries to delete. The base DN \
for the searches should be specified using the --searchBaseDN argument, \
with the null DN being used by default if that argument is not given. This \
argument may be provided multiple times to specify multiple filters, and \
searches will be performed in the order in which the filters are provided. \
This argument must not be used in conjunction with any other argument used \
to indicate which entries should be deleted.
INFO_LDAPDELETE_ARG_DESC_DELETE_ENTRIES_MATCHING_FILTER_FILE=The path to a \
file containing LDAP search filters (one filter per line, with blank lines \
and lines starting with the ''#'' character being ignored) that can be used \
to identify the entries to delete. The base DN for the searches should be \
specified using the --searchBaseDN argument, with the null DN being used by \
default if that argument is not given. This argument may be provided \
multiple times to specify the paths to multiple filter files, and the \
files will be processed in the order they are provided on the command \
line. This argument must not be used in conjunction with any other \
argument used to indicate which entries should be deleted.
INFO_LDAPDELETE_ARG_DESC_SEARCH_BASE_DN=The base DN to use when searching for \
entries to delete. This argument may only be used in conjunction with the \
--deleteEntriesMatchingFilter or --deleteEntriesMatchingFiltersFromFile \
arguments. It may be provided multiple times to specify multiple search \
base DNs. If this argument is not given, the null DN will be used as the \
base DN for the searches.
INFO_LDAPDELETE_ARG_DESC_SEARCH_PAGE_SIZE=The page size to use in conjunction \
with the simple paged results control when retrieving entries. This \
argument may be used in conjunction with either the \
--deleteEntriesMatchingFilter or the --deleteEntriesMatchingFilterFromFile \
argument to indicate that the search should use the simple paged results \
control to retrieve the entries in pages rather than all at once. It may \
also be used in conjunction with the --clientSideSubtreeDelete argument to \
indicate the page size for the simple paged results control that it uses.
INFO_LDAPDELETE_ARG_DESC_ENCRYPTION_PW_FILE=The path to a file containing \
the passphrase used to encrypt an input file. If this is not provided and \
an input file is encrypted (and the encryption key cannot be automatically \
obtained, for example, from a Ping Identity Directory Server''s encryption \
settings database), then the user will be interactively prompted for the \
passphrase.
INFO_LDAPDELETE_ARG_PLACEHOLDER_CHARSET='{'charset'}'
INFO_LDAPDELETE_ARG_DESC_CHARSET=The character set/data encoding to use when \
reading data from files or standard input. If this is not specified, the \
UTF-8 character set will be used by default.
INFO_LDAPDELETE_ARG_DESC_REJECT_FILE=The path to a file that will be \
updated with the DNs of any entries that could not be deleted, along with \
information about the failed delete attempt. If this is not provided, then \
failure information will only be written to standard error.
INFO_LDAPDELETE_ARG_DESC_VERBOSE=Generate verbose output.
INFO_LDAPDELETE_ARG_DESC_SCRIPT_FRIENDLY=Generate script-friendly output.
INFO_LDAPDELETE_ARG_GROUP_OPERATION=Delete Operation Arguments
INFO_LDAPDELETE_ARG_DESC_RETRY_FAILED_OPS=Indicates that if an operation \
fails in a way that indicates that the connection to the directory server \
may be invalid, the tool should automatically retry the failed operation \
on a newly created connection.
INFO_LDAPDELETE_ARG_DESC_NEVER_RETRY=Indicates that the tool should not \
attempt to retry operations that fail in a way that the connection to \
the directory server may be invalid. By default, it will automatically \
try to establish a new connection and retry the failed operation.
INFO_LDAPDELETE_ARG_DESC_DRY_RUN=Indicates that the tool should display what \
it would do, and may perform searches if appropriate, but will not actually \
attempt to delete any entries. Note that if the server supports the \
no-operation request control, you may wish to use the --noOperation \
argument instead, which will actually send the delete requests with a \
control indicating that the server should perform as much validation of \
the request that it can, but should not actually delete the target entry.
INFO_LDAPDELETE_ARG_DESC_CONTINUE_ON_ERROR=Indicates that the tool should \
continue processing even after encountering an error. This is only \
applicable if it is run with arguments that would cause it to attempt to \
delete multiple entries.
INFO_LDAPDELETE_ARG_DESC_FOLLOW_REFERRALS=Indicates that the tool should \
attempt to follow any referrals that it encounters. By default, any \
referrals that are returned will be treated as failures.
INFO_LDAPDELETE_ARG_DESC_USE_ADMIN_SESSION=Indicates that the tool should \
attempt to use the Ping Identity-proprietary start administrative session \
extended operation to create an administrative session that will cause all \
requests to be processed in a dedicated pool of worker threads. This may \
be useful when trying to diagnose or resolve an issue when all regular \
worker threads are busy processing other requests
INFO_LDAPDELETE_ARG_PLACEHOLDER_RATE_PER_SECOND='{'deletesPerSecond'}'
INFO_LDAPDELETE_ARG_DESC_RATE_PER_SECOND=The maximum number of delete \
operations that should be attempted per second. If this is not provided, \
then no rate limit will be imposed on delete requests.
INFO_LDAPDELETE_ARG_DESC_LDAP_VERSION=The LDAP protocol version that should \
be used.
INFO_LDAPDELETE_ARG_GROUP_CONTROLS=Control Arguments
INFO_LDAPDELETE_ARG_DESC_CLIENT_SIDE_SUB_DEL=Indicates that all delete \
requests should be processed as client-side subtree deletes by searching \
for all entries below the target entry and then deleting them.
INFO_LDAPDELETE_ARG_DESC_SERVER_SIDE_SUB_DEL=Indicates that all delete \
requests should be processed as server-side subtree deletes by using the \
subtree delete request control.
INFO_LDAPDELETE_ARG_DESC_SOFT_DELETE=Indicates that delete requests should \
include the Ping Identity-proprietary soft delete request control to \
indicate that the server should hide the entries rather than deleting \
them immediately. Soft-deleted may or may not be completely removed after \
a period of time, based on the server configuration.
INFO_LDAPDELETE_ARG_DESC_HARD_DELETE=Indicates that delete requests should \
include the Ping Identity-proprietary hard delete request control to \
indicate that the target entries should be completely removed, even if they \
would have otherwise been processed as soft deletes.
INFO_LDAPDELETE_ARG_PLACEHOLDER_AUTHZ_ID='{'authzID'}'
INFO_LDAPDELETE_ARG_DESC_PROXY_AS=Indicates that search and delete requests \
should include the proxied authorization v2 request control, to request \
that they be processed under the authority of the specified user.
INFO_LDAPDELETE_ARG_DESC_PROXY_V1_AS=Indicates that search and delete \
requests should include the proxied authorization v1 request control, to \
request that they be processed under the authority of the specified user.
INFO_LDAPDELETE_ARG_DESC_MANAGE_DSA_IT=Indicates that search and delete \
requests should include the Manage DSA IT request control to indicate that \
the server should treat referral entries as regular entries.
INFO_LDAPDELETE_ARG_DESC_ASSERTION_FILTER=Indicates that delete requests \
should include the assertion request control to indicate that the server \
should reject any attempt to delete an entry that does not match the \
provided filter.
INFO_LDAPDELETE_ARG_PLACEHOLDER_ATTR='{'attr'}'
INFO_LDAPDELETE_ARG_DESC_PRE_READ_ATTR=Indicates that delete requests should \
include the pre-read request control to indicate that delete responses \
should include a post-read response control with the values of the \
specified at the time the entry was deleted. This may be provided multiple \
times to request multiple pre-read attributes.
INFO_LDAPDELETE_ARG_DESC_NO_OP=Indicates that delete requests should include \
the no-operation request control to indicate that the server should perform \
as much processing as possible for the delete operation without actually \
removing the entry.
INFO_LDAPDELETE_ARG_DESC_GET_BACKEND_SET_ID=Indicates that delete requests \
sent through a Directory Proxy Server should include the Ping \
Identity-proprietary get backend set ID request control to indicate that \
the response should include a control with the ID of the entry-balancing \
backend set in which the delete was processed.
INFO_LDAPDELETE_ARG_PLACEHOLDER_ROUTE_TO_BACKEND_SET=\
'{'entry-balancing-processor-id:backend-set-id'}'
INFO_LDAPDELETE_ARG_DESC_ROUTE_TO_BACKEND_SET=Indicates that search and \
delete requests should include the Ping Identity-proprietary route to \
backend set request control to indicate that the Directory Proxy Server \
should forward those requests to servers in the specified entry-balancing \
backend set. This control may be provided multiple times to specify \
multiple backend sets for the same or different entry-balancing request \
processors.
INFO_LDAPDELETE_ARG_DESC_GET_SERVER_ID=Indicates that delete requests should \
include the Ping Identity-proprietary get server ID request control to \
indicate that the response should include a control with the server ID of \
the Directory Server instance in which the delete was processed.
INFO_LDAPDELETE_ARG_PLACEHOLDER_ID='{'id'}'
INFO_LDAPDELETE_ARG_DESC_ROUTE_TO_SERVER=Indicates that search and delete \
requests should include the Ping Identity-proprietary route to server \
request control to indicate that the Directory Proxy Server should forward \
those requests to the specified backend server.
INFO_LDAPDELETE_ARG_DESC_USE_ASSURED_REPLICATION=Indicates that delete \
requests should include the Ping Identity-proprietary assured replication \
request control to delay the response from the server until the change has \
been replicated to other servers. The --assuredReplicationLocalLevel, \
--assuredReplicationRemoteLevel, and --assuredReplicationTimeout arguments \
may also be used to customize the content of the request control.
INFO_LDAPDELETE_ARG_PLACEHOLDER_ASSURED_REPLICATION_LOCAL_LEVEL=\
'{'none|received-any-server|processed-all-servers'}'
INFO_LDAPDELETE_ARG_DESC_ASSURED_REPLICATION_LOCAL_LEVEL=The replication \
assurance level that should be used for servers in the same location as \
the server that originally processed the change. The value must be one of \
''none'', ''received-any-server'', or ''processed-all-servers''. If this \
is not provided, the server will determine an appropriate local assurance \
level.
INFO_LDAPDELETE_ARG_PLACEHOLDER_ASSURED_REPLICATION_REMOTE_LEVEL=\
'{'none|received-any-remote-location|received-all-remote-locations|\
processed-all-remote-servers'}'
INFO_LDAPDELETE_ARG_DESC_ASSURED_REPLICATION_REMOTE_LEVEL=The replication \
assurance level that should be used for servers in a different location \
from the server that originally processed the change. The value must be \
one of ''none'', ''received-any-remote-location'', \
''received-all-remote-locations'', or ''processed-all-remote-servers''. If \
this is not provided, the server will determine an appropriate remote \
assurance level.
INFO_LDAPDELETE_ARG_DESC_ASSURED_REPLICATION_TIMEOUT=The maximum length of \
time that the server should delay the response to the delete operation \
while waiting for the desired replication assurance to be achieved. If \
this is not provided, the server will determine an appropriate timeout to \
use.
INFO_LDAPDELETE_ARG_DESC_REPLICATION_REPAIR=Indicates that delete requests \
should include the Ping Identity-proprietary replication repair request \
control to indicate that the delete operation should not be replicated.
INFO_LDAPDELETE_ARG_DESC_SUPPRESS_REFINT_UPDATES=Indicates that delete \
requests should include the Ping Identity-proprietary suppress referential \
integrity updates request control so that the server will not perform any \
referential integrity processing for the delete operation.
INFO_LDAPDELETE_ARG_DESC_OP_PURPOSE=Indicates that requests should include \
the Ping Identity-proprietary operation purpose request control to indicate \
the intended purpose for the operations.
INFO_LDAPDELETE_ARG_DESC_AUTHZ_ID=Indicates that bind requests should include \
the authorization identity request control to retrieve the authorization \
identity for the authenticated connection.
INFO_LDAPDELETE_ARG_DESC_GET_AUTHZ_ENTRY_ATTR=Indicates that bind requests \
should include the Ping Identity-proprietary get authorization entry \
request control to retrieve the specified attribute from the authenticated \
user''s entry. This argument may be provided multiple times to request \
that multiple attributes be returned.
INFO_LDAPDELETE_ARG_DESC_GET_USER_RESOURCE_LIMITS=Indicates that bind \
requests should include the Ping Identity-proprietary get user resource \
limits request control to retrieve information about the resource limits \
that the server will impose for the authenticated connection.
INFO_LDAPDELETE_ARG_DESC_DELETE_CONTROL=Provides a control to include in all \
delete requests.
INFO_LDAPDELETE_ARG_DESC_BIND_CONTROL=Provides a control to include in all \
bind requests.
ERR_LDAPDELETE_TRAILING_ARG_CONFLICT=If the {0} argument is provided, then \
you cannot also use trailing arguments to specify the DNs entries to delete.
ERR_LDAPDELETE_ROUTE_TO_BACKEND_SET_INVALID_FORMAT=Value ''{0}'' provided for \
argument ''{1}'' is invalid. The value must contain the ID of the \
entry-balancing request processor followed by a colon and the ID of a \
desired backend set to use for that entry-balancing request processor.
ERR_LDAPDELETE_CANNOT_READ_ENCRYPTION_PW_FILE=An error occurred while \
trying to read the encryption passphrase from file ''{0}'': {1}
ERR_LDAPDELETE_UNSUPPORTED_CHARSET=Unsupported character set: {0}.
ERR_LDAPDELETE_ERROR_CLOSING_REJECT_WRITER=An error occurred while attempting \
to close reject file ''{0}'': {1}. It is possible that some data at the \
end of the file may have been lost.
INFO_LDAPDELETE_READING_DNS_FROM_FILE=Opening DN file ''{0}'' for reading
ERR_LDAPDELETE_ERROR_OPENING_DN_FILE=An error occurred while attempting to \
open DN file ''{0}'' for reading: {1}
INFO_LDAPDELETE_ENCRYPTION_PASSPHRASE_PROMPT=The data to be read is \
encrypted. Please provide the passphrase needed to decrypt the data:
ERR_LDAPDELETE_ENCRYPTION_PASSPHRASE_ERROR=Unable to decrypt the data using \
the provided passphrase.
ERR_LDAPDELETE_DN_LINE_STARTS_WITH_UNEXPECTED_SPACE=A malformed DN was \
encountered on line {0,number,0}. The line starts with a space, which \
indicates that it should be a continuation of the previous line, but either \
there was no previous line, or the previous line was blank or contained a \
comment.
ERR_LDAPDELETE_BASE64_DN_EMPTY=The input data contained base64-encoded DN \
line ''{0}'' with no DN.
ERR_LDAPDELETE_BASE64_DN_NOT_BASE64=The input data contained base64-encoded \
DN line ''{0}'' whose value did not have a valid base64 encoding.
ERR_LDAPDELETE_DN_EMPTY=The input data contained DN line ''{0}'' with no DN.
INFO_LDAPDELETE_READING_FROM_STDIN=Enter the DNs of the entries to delete, \
with one DN per line:
ERR_LDAPDELETE_ERROR_READING_STDIN=An error occurred while attempting to \
read data from standard input: {0}
INFO_LDAPDELETE_READING_FILTERS_FROM_FILE=Opening filter file ''{0}'' for \
reading
ERR_LDAPDELETE_ERROR_READING_FILTER_FILE=An error occurred while trying to \
read data from filter file ''{0}'': {1}
ERR_LDAPDELETE_SEARCH_RETURNED_NO_ENTRIES=Did not delete any entries \
matching filter ''{0}'' because the search to identify entries matching \
that filter did not return any results.
INFO_LDAPDELETE_ISSUING_SEARCH_REQUEST=Issuing search request {0}...
INFO_LDAPDELETE_RECEIVED_SEARCH_RESULT=Received search result {0}
ERR_LDAPDELETE_MISSING_PAGED_RESULTS_RESPONSE=The search returned a result of \
{0}, but that result did not include the expected simple paged results \
control.
ERR_LDAPDELETE_SEARCH_ERROR=The search with base DN ''{0}'' and filter \
''{1}'' failed with result code {2} and message ''{3}''.
INFO_LDAPDELETE_DELETING_ENTRY=Deleting entry ''{0}''...
INFO_LDAPDELETE_CLIENT_SIDE_SUBTREE_DELETING=Attempting a client-side subtree \
delete with base entry ''{0}''...
INFO_LDAPDELETE_NOT_DELETING_BECAUSE_OF_DRY_RUN=Not actually attempting the \
delete because the {0} argument was provided.
INFO_LDAPDELETE_SENDING_DELETE_REQUEST=Sending delete request {0}
ERR_LDAPDELETE_CLIENT_SIDE_SUBTREE_DEL_NO_BASE_ENTRY=The client-side subtree \
delete attempt for entry ''{0}'' did not remove any entries. This likely \
indicates that either the entry doesn''t exist or that it is not accessible \
to the requester.
INFO_LDAPDELETE_CLIENT_SIDE_SUBTREE_DEL_ONLY_BASE=Successfully deleted entry \
''{0}'', which did not have any subordinate entries.
INFO_LDAPDELETE_CLIENT_SIDE_SUBTREE_DEL_WITH_SUBS=Successfully deleted \
''{0}'' and {1,number,0} subordinate entries.
ERR_LDAPDELETE_CLIENT_SIDE_SUBTREE_DEL_FAILED=The client-side subtree delete \
attempt failed with one or more errors.
ERR_LDAPDELETE_CLIENT_SIDE_SUBTREE_DEL_SEARCH_ERROR=One or more errors were \
encountered while searching for entries below ''{0}''. The first search \
error was:
ERR_LDAPDELETE_CLIENT_SIDE_SUBTREE_DEL_DEL_ERROR=The following error was \
encountered while trying to delete entry ''{0}'' as part of the client-side \
subtree delete for entry ''{1}'':
ERR_LDAPDELETE_WRITE_TO_REJECTS_FAILED=An error occurred while attempting to \
write to the rejects file: {0}
INFO_LDAPDELETE_EXAMPLE_1=Deletes the entry with DN \
''uid=test.user,ou=People,dc=example,dc=com''
INFO_LDAPDELETE_EXAMPLE_2=Deletes the entries whose DNs are contained in \
the file ''dns-to-delete.txt''.
INFO_LDAPDELETE_EXAMPLE_3=Deletes all entries matching filter \
''(description=delete)'' below base entry ''ou=People,dc=example,dc=com''.
INFO_LDAPDELETE_EXAMPLE_4=Deletes the entries whose DNs are read from \
standard input (one DN per line).
ERR_LDAPDELETE_SEARCH_LISTENER_CANNOT_PARSE_ENTRY_DN=The search with base DN \
''{0}'' and filter ''{1}'' returned an entry with DN ''{2}'' that could \
not be parsed: {3}
ERR_LDAPDELETE_SEARCH_LISTENER_REFERENCE=The search with base DN ''{0}'' and \
filter ''{1}'' returned {0}. This reference will not be followed.
INFO_CSD_TOOL_DESCRIPTION_1=Collect and package system information useful in \
troubleshooting problems. The information is packaged as a zip archive \
that can be sent to a technical support representative.
INFO_CSD_TOOL_DESCRIPTION_2=Information collected may include configuration \
files, server monitor entries, portions of log files, JVM thread stack \
dumps, system metrics, and other data that may be helpful in diagnosing \
problems, understanding server performance, or otherwise assisting with \
support requests. Although the tool will do its best to obscure or omit \
sensitive data, and the entire archive may be encrypted if you desire, you \
may wish to review the resulting support data archive to ensure verify its \
contents. Further, the archive will include a summary of any potential \
problems or concerns that are identified in the course of collecting the \
support data.
INFO_CSD_ARG_GROUP_OUTPUT=Output Arguments
INFO_CSD_ARG_GROUP_COLLECTION=Data Collection Arguments
INFO_CSD_ARG_GROUP_COMMUNICATION=Communication Arguments
INFO_CSD_ARG_DEC_USE_REMOTE_SERVER=Indicates that the collect-support-data \
request should be sent to a server over LDAP rather than operating against \
the local instance.
INFO_CSD_ARG_DESC_USE_ADMIN_SESSION=Indicates that the tool should attempt to \
use an administrative session to process all operations using a dedicated \
pool of worker threads. This may be useful when trying to diagnose \
problems in a server that is unresponsive because all normal worker threads \
are busy processing other requests. This argument may only be used in \
conjunction with the --useRemoteServer argument.
INFO_CSD_ARG_PLACEHOLDER_ADDRESS='{'address'}'
INFO_CSD_ARG_DESC_PROXY_TO_ADDRESS=The address of a server to which the \
collect-support-data extended request should be forwarded. This may be \
useful for retrieving support data information from a backend Directory \
Server instance that can only be accessed through a Directory Proxy \
Server. The server to which the initial request will be sent (the one \
specified by the --hostname and --port arguments) must either be configured \
with an LDAP external server that has the specified proxy-to address and \
port values or there must be a server instance with that address and port \
in the topology registry. This argument may only be provided if both the \
--useRemoteServer and --proxyToServerPort arguments are also given.
INFO_CSD_ARG_PLACEHOLDER_PORT='{'port'}'
INFO_CSD_ARG_DESC_PROXY_TO_PORT=The port of a server to which the \
collect-support-data extended request should be forwarded. This argument \
may only be provided if both the --useRemoteServer and \
--proxyToServerAddress arguments are also given.
INFO_CSD_ARG_DESC_OUTPUT_PATH=Specifies the path to which the support data \
archive should be written. If this path references a file that already \
exists, then that file will be overwritten with the new support data \
archive. If it references a directory that already exists, then a new \
support data archive will be created in that directory with a name that is \
dynamically generated. If it references a file that does not exist, then \
the parent directory must exist, and a new support data archive file will \
be created with that path and name.
INFO_CSD_ARG_DESC_NO_LDAP=Indicates that no attempt should be made to \
collect any information over LDAP. This option should only be used as a \
last resort if the server is completely unresponsive or will not start, and \
it must not be used in conjunction with the --useRemoteServer argument.
INFO_CSD_ARG_PLACEHOLDER_PID='{'pid'}'
INFO_CSD_ARG_DESC_PID=Specifies the process ID of an additional process \
about which information should be collected. This option may be useful for \
troubleshooting external server tools. It may be provided multiple times \
to specify multiple process IDs.
INFO_CSD_ARG_DESC_SEQUENTIAL=Collect data sequentially rather than in \
parallel. This has the effect of reducing the initial memory footprint of \
this tool, but at the expense of taking longer to complete. Use this \
option if running without it results in out-of-memory errors.
INFO_CSD_ARG_PLACEHOLDER_COUNT='{'count'}'
INFO_CSD_ARG_DESC_REPORT_COUNT=The number of intervals of data to collect \
from tools that use interval-based sampling (e.g., vmstat, iostat, mpstat, \
etc.). A value of zero indicates that no information should be collected \
from these tools. If this argument is not provided, then data will be \
collected from ten intervals by default.
INFO_CSD_ARG_PLACEHOLDER_SECONDS='{'seconds'}'
INFO_CSD_ARG_DESC_REPORT_INTERVAL_SECONDS=The number of seconds that should \
elapse between intervals from tools that use interval-based sampling \
(e.g., vmstat, iostat, mpstat, etc.). If this argument is provided, the \
value must be greater than zero. If it is not provided, an interval \
duration of one second will be used by default.
INFO_CSD_ARG_DESC_JSTACK_COUNT=The number of times the jstack tool should be \
invoked to obtain stack traces of all threads running in the JVM. A value \
of zero indicates that the jstack tool should not be invoked. If this \
argument is not provided, the tool will be invoked ten times by default.
INFO_CSD_ARG_DESC_COLLECT_EXPENSIVE_DATA=Indicates that the tool should \
attempt to collect information that may be time-consuming or \
resource-intensive to obtain, or that may affect server performance or \
responsiveness.
INFO_CSD_ARG_DESC_COLLECT_REPL_STATE=Indicates that the support data archive \
should include a replication state dump, which may be several megabytes in \
size. This argument cannot be used in conjunction with the --noLDAP \
argument.
INFO_CSD_ARG_DESC_INCLUDE_BINARY_FILES=Indicates that the support data \
archive should include any binary files that would have otherwise been \
omitted, but that may contain information that could be helpful in \
investigating the underlying issue. Note that sensitive information in \
these binary files may not be obscured or redacted in the same way that \
it would be in plain text files.
INFO_CSD_ARG_PLACEHOLDER_SECURITY_LEVEL='{'none|obscure-secrets|maximum'}'
INFO_CSD_ARG_DESC_SECURITY_LEVEL=Specifies the degree to which the tool \
will attempt to obscure or omit potentially sensitive information. A \
value of ''none'' indicates that the tool will not attempt to obscure or \
redact any information. A value of ''obscure-secrets'' indicates that the \
tool will attempt to obscure secret information (like the values of \
sensitive configuration properties) and omit log files containing user \
data (like the data recovery log). A value of ''maximum'' indicates that \
the tool will take even more drastic measures, like omitting access log \
files and obscuring attribute values in entry DNs and search filters, but \
at the risk of omitting information that could be useful in investigating \
the associated issue. If this is not provided, a value of \
''obscure-secrets'' will be used by default.
INFO_CSD_ARG_DESC_ENCRYPT=Indicates that the resulting support data archive \
should be encrypted. If the --passphraseFile argument is provided in \
conjunction with the --generatePassphrase argument, then a passphrase will \
dynamically generated and written to the specified file. If the \
--passphraseFile argument is provided without the --generatePassphrase \
argument, then that file must exist and it will be read to obtain the \
passphrase used to generate the encryption key. If the --passphraseFile \
argument is not provided, then the encryption passphrase will be \
interactively requested. Note that when providing an encrypted \
collect-support-data archive to support personnel, it is strongly \
recommended that the passphrase be provided over a separate channel than \
the encrypted archive itself to help prevent unauthorized third-party access.
INFO_CSD_ARG_DESC_PASSPHRASE_FILE=The path to a file containing the \
passphrase used to encrypt or decrypt the support data archive. If this \
file exists, then it must contain exactly one line that consists entirely \
of the encryption passphrase. If this file does not exist, then the \
--generatePassphrase argument must have also been provided, and the \
generated passphrase will be written into the specified file.
INFO_CSD_ARG_DESC_GENERATE_PASSPHRASE=Indicates that the tool should \
automatically generate the passphrase used to generate the encryption key \
and write it to the file specified by the --passphraseFile argument. This \
argument may only be used if both the --encrypt and --passphraseFile \
arguments are also provided.
INFO_CSD_ARG_DESC_DECRYPT=Decrypts the encrypted support data archive \
contained in the specified file. If the --passphraseFile argument is \
provided, then it will be used to obtain the passphrase to use to generate \
the encryption key. Otherwise, the passphrase will be interactively \
requested.
INFO_CSD_ARG_PLACEHOLDER_TIME_RANGE='{'startTime[,endTime]'}'
INFO_CSD_ARG_DESC_TIME_RANGE=Include log messages falling within the \
indicated time range. The start and end time values should be formatted in \
the generalized time format (e.g., ''YYYYMMDDhhmmss.uuuZ''), a format \
similar to the generalized time format but without the time zone indicator \
to indicate that the value should be in the local time zone (e.g., \
''YYYYMMDDhhmmss.uuu''), or the server''s default log timestamp format \
(e.g., ''[DD/MMM/YYYY:hh:mm:ss Z]'' or ''[DD/MMM/YYYY:hh:mm:ss.uuu Z]''). \
If the end time is omitted, the current time will be used.
INFO_CSD_ARG_DESC_DURATION=Include log messages within the specified \
duration before the current time. If specified, the value must consist of \
an integer followed by a time unit, which may be one of millisecond, \
second, minute, hour, or day, or their plurals (e.g., ''5 minutes'' or \
''1 hour'').
INFO_CSD_ARG_PLACEHOLDER_SIZE_KB='{'sizeKB'}'
INFO_CSD_ARG_DESC_LOG_HEAD_SIZE_KB=The amount of data in kilobytes that the \
tool should capture from the beginning of each log file. If this is \
specified, then the value must be greater than or equal to zero.
INFO_CSD_ARG_DESC_LOG_TAIL_SIZE_KB=The amount of data in kilobytes that the \
tool should capture from the end of each log file. If this is specified, \
then the value must be greater than or equal to zero.
INFO_CSD_ARG_DESC_ARCHIVE_EXTENSION_SOURCE=Indicates that the resulting \
support data archive should include the source code (if available) for \
any third-party extensions installed in the server.
INFO_CSD_ARG_DESC_COMMENT=Provides a comment that will be included in a \
README file within the support data archive. This comment may provide \
additional context about the issue being investigated.
INFO_CSD_ARG_DESC_NO_PROMPT=Indicates that the tool should not interactively \
prompt for any information, but should fail if any required information is \
not provided.
INFO_CSD_ARG_DESC_DRY_RUN=Indicates that the tool should validate the \
set of arguments but should not actually generate the support data \
archive. If the --useRemoteServer argument is provided, then the extended \
request will include the LDAP no-operation request control.
INFO_CSD_ARG_DESC_SCRIPT_FRIENDLY=Indicates that the tool should generate \
script-friendly output.
ERR_CSD_PASSPHRASE_FILE_MISSING=Passphrase file ''{0}'' does not exist.
ERR_CSD_TIME_RANGE_START_GREATER_THAN_END=The value provided for the \
''--logTimeRange'' argument is not valid because the start time is after \
the end time.
ERR_CSD_TIME_RANGE_CANNOT_PARSE_TIMESTAMP=The value provided for the \
--logTimeRange argument is not valid because value ''{0}'' cannot be parsed \
as a timestamp in any of the supported formats. Supported formats include \
the generalized time format (e.g., ''YYYYMMDDhhmmss.uuuZ''), a format \
similar to the generalized time format but without the time zone indicator \
to indicate that the value should be in the local time zone (e.g., \
''YYYYMMDDhhmmss.uuu''), or the server''s default log timestamp format \
(e.g., ''[DD/MMM/YYYY:hh:mm:ss Z]'' or ''[DD/MMM/YYYY:hh:mm:ss.uuu Z]'').
ERR_CSD_ERROR_SENDING_REQUEST=An error occurred while trying to send the \
collect support data extended request or to read the response: {0}
INFO_CSD_COMPLETED_WITH_RESULT_CODE=The collect-support-data extended \
operation completed with result code {0} and no diagnostic message.
ERR_CSD_CANNOT_WRITE_GENERATED_PASSPHRASE=An error occurred while attempting \
to write the generated encryption passphrase to file ''{0}'': {1}
ERR_CSD_CANNOT_READ_PASSPHRASE=An error occurred while attempting to read the \
encryption passphrase from file ''{0}'': {1}
ERR_CSD_NO_PASSPHRASE_WITH_NO_PROMPT=If the --noPrompt argument is used in \
conjunction with an encrypted support data archive, then the \
--passphraseFile argument must be provided to supply the encryption \
passphrase.
INFO_CSD_PASSPHRASE_INITIAL_PROMPT=Enter the passphrase to use to generate \
the encryption key:
INFO_CSD_PASSPHRASE_CONFIRM_PROMPT=Confirm the passphrase:
ERR_CSD_PASSPHRASE_MISMATCH=ERROR: The provided passphrase values do not \
match.
ERR_CSD_PASSPHRASE_PROMPT_READ_ERROR=An error occurred while attempting to \
interactively prompt for the encryption passphrase: {0}
INFO_CSD_LOCAL_MODE_DRY_RUN=Exiting without actually invoking the \
collect-support-data processing because the --dryRun argument was provided.
ERR_CSD_SERVER_CODE_NOT_AVAILABLE=Unable to perform local \
collect-support-data processing because the necessary server-side support \
could not be found in the classpath. When using the collect-support-data \
tool outside of the server codebase, the --useRemoteServer argument must be \
provided.
ERR_CSD_INVOKE_ERROR=An error occurred while attempting to invoke the \
server-side collect-support-data tool to perform local processing: {0}
INFO_CSD_EXAMPLE_1=Collects information about the local server instance \
using the default settings
INFO_CSD_EXAMPLE_2=Collects information about the specified remote instance, \
including log messages from the last 10 minutes and a more extensive \
set of support data. The output will be encrypted with a generated \
passphrase written to a file, and the maximum amount of sanitization will \
be used.
INFO_CSD_EXAMPLE_3=Decrypts an encrypted support data archive using a \
passphrase read from the specified file.
ERR_CSD_LISTENER_CANNOT_CREATE_OUTPUT_FILE=An error occurred while attempting \
to create support data archive output file ''{0}'': {1}
INFO_CSD_LISTENER_WROTE_FRAGMENT=Wrote {0} of {1} bytes of the support data \
archive {2}.
ERR_CSD_LISTENER_WRITE_ERROR=An error occurred while attempting to write to \
support data archive file ''{0}'': {1}
WARN_CSD_LISTENER_UNEXPECTED_IR=WARNING: The server returned an unexpected \
intermediate response message with OID ''{0}'' as part of \
collect-support-data extended operation processing. This unrecognized \
intermediate response message will be ignored.
ERR_CSD_LISTENER_CLOSE_ERROR=An error occurred while attempting to close the \
output stream used to write to support data archive file ''{0}'': {1}
ERR_VALUES_ONLY_OUTPUT_FORMAT_WRITE_ERROR=An error occurred while attempting \
to write output using the values-only output format: {0}
INFO_PWMOD_TOOL_DESCRIPTION_1=Update the password for a user in an LDAP \
directory server using the password modify extended operation (as defined \
in RFC 3062), a standard LDAP modify operation, or an Active \
Directory-specific modification.
INFO_PWMOD_TOOL_DESCRIPTION_2=Unless the password change method is explicitly \
specified (using the --passwordChangeMethod argument), this tool will \
attempt to automatically determine which method is the most appropriate for \
the target server using information provided in the server''s root DSE. \
If the server advertises support for the password modify extended \
operation, then that method will be used. If it appears to be an Active \
Directory server, then an Active Directory-specific password change method \
will be selected, using a regular LDAP modify to update the unicodePwd \
attribute with a specially encoded value. Otherwise, a regular LDAP \
modify operation will be used to update the value of a specified \
password attribute.
INFO_PWMOD_TOOL_DESCRIPTION_3=The new password to set for the user may be \
specified in one of several ways. It may be directly provided on the \
command line, read from a specified file, interactively prompted from the \
user, or automatically generated by this tool. If the new password is not \
specified using any of those methods, and if the password is to be updated \
using the password modify extended operation, then the new password field \
of the request will be left blank to indicate that the server should \
generate a new password for the user and include it in the response to the \
client. If no new password is specified and some other password change \
method is selected, then the tool will exit with an error.
INFO_PWMOD_TOOL_DESCRIPTION_4=The current password for the user may also be \
specified. This is optional, although some servers may require a user to \
provide their current password when setting a new one. If a current \
password is provided (whether given as a command-line argument, read from a \
specified file, or interactively requested from the user), and if a \
regular LDAP modify operation is used to change the password, then the \
resulting modify request will include a delete of the current value and an \
add of the new value. If no current password is provided, then the modify \
request will replace any existing password(s) with the new value.
INFO_PWMOD_ARG_GROUP_USER_IDENTITY=User Identity Arguments
INFO_PWMOD_ARG_GROUP_NEW_PASSWORD=New Password Arguments
INFO_PWMOD_ARG_GROUP_CURRENT_PASSWORD=Current Password Arguments
INFO_PWMOD_ARG_GROUP_BIND_CONTROL=Bind Control Arguments
INFO_PWMOD_ARG_GROUP_UPDATE_CONTROL=Update Control Arguments
INFO_PWMOD_ARG_GROUP_OTHER=Other Arguments
INFO_PWMOD_ARG_PLACEHOLDER_DN_OR_AUTHZID='{'dnOrAuthzID'}'
INFO_PWMOD_ARG_DESC_USER_IDENTITY=The identity for the user whose password \
should be changed. This may be a DN, or it may be an authorization \
identity in either the form ''dn:'' followed by a user DN or ''u:'' \
followed by a username. If neither this argument nor the \
--provideBindDNAsUserIdentity argument is provided, then the current \
authorization identity for the underlying connection will be assumed.
INFO_PWMOD_ARG_DESC_PROVIDE_BIND_DN_AS_USER_IDENTITY=Explicitly provide the \
bind DN as the value of the user identity field in the password modify \
extended request, rather than omitting that field. This argument only \
applies when changing passwords using the password modify extended \
operation, although the bind DN may be used as the target entry DN for \
modify requests if no alternate user identity is specified.
INFO_PWMOD_ARG_PLACEHOLDER_ATTRIBUTE_NAME='{'attributeName'}'
INFO_PWMOD_ARG_DESC_USERNAME_ATTRIBUTE=The name of the attribute that will be \
used to search for the user to update if the user identity is provided as a \
username rather than a DN, and if the password is to be updated with an \
LDAP modify operation rather than the password modify extended operation. \
This argument will be ignored if the authorization identity is provided as a \
DN or if password will be changed using the password modify extended \
operation. If this is not provided, then a default value of ''uid'' will \
be used for non-Active Directory servers, and default values of \
''samAccountName'' and ''userPrincipalName'' will be used for Active \
Directory. This argument may be provided multiple times to specify \
multiple user ID attributes, in which case the search will construct an OR \
filter to search across each of those attributes. The resulting search \
must match exactly one entry for the password change attempt to proceed.
INFO_PWMOD_ARG_DESC_SEARCH_BASE_DN=The base DN to use when searching for the \
user to update. This will be ignored if the user identity is provided as \
a DN or if the password will be changed using the password modify extended \
operation. If this is not provided, the null DN will be used as the \
default search base DN.
INFO_PWMOD_ARG_PLACEHOLDER_PASSWORD='{'password'}'
INFO_PWMOD_ARG_DESC_NEW_PASSWORD=The new password to set for the target \
user.
INFO_PWMOD_ARG_DESC_NEW_PASSWORD_FILE=The path to a file containing the new \
password to set for the target user. If this argument is provided, then \
the file must exist, and it must contain exactly one line with only the \
desired new password.
INFO_PWMOD_ARG_DESC_PROMPT_FOR_NEW_PASSWORD=Interactively prompt for the new \
password to set for the target user.
INFO_PWMOD_ARG_DESC_GENERATE_CLIENT_SIDE_NEW_PASSWORD=Have this tool generate \
the new password for the target user. If this argument is provided, then \
the new password will be displayed before sending the request to the server.
INFO_PWMOD_ARG_PLACEHOLDER_LENGTH='{'length'}'
INFO_PWMOD_ARG_DESC_GENERATED_PASSWORD_LENGTH=The number of characters to \
include in the generated client-side password. If this is not provided, \
then a default length of twelve characters will be used.
INFO_PWMOD_ARG_PLACEHOLDER_CHARS='{'chars'}'
INFO_PWMOD_ARG_DESC_GENERATED_PASSWORD_CHARACTER_SET=A set of characters that \
may be included in the generated client-side password. This may be \
provided multiple times to specify multiple character sets, in which case \
the generated password will include at least one character from each of \
the sets. If this is not provided, then the generated password will be a \
mix of lowercase ASCII letters, uppercase ASCII letters, ASCII digits, and \
a selected set of ASCII symbols.
INFO_PWMOD_ARG_DESC_CURRENT_PASSWORD=The current password to provide when \
setting the new password.
INFO_PWMOD_ARG_DESC_CURRENT_PASSWORD_FILE=The path to a file containing the \
current password to provide when setting the new password. If this is \
provided, then the file must exist and it must contain exactly one line \
with only the user''s current password.
INFO_PWMOD_ARG_DESC_PROMPT_FOR_CURRENT_PASSWORD=Interactively prompt for the \
user''s current password.
INFO_PWMOD_ARG_DESC_BIND_CONTROL=Include the specified control in the bind \
request used to authenticate to the server. This may be provided multiple \
times to specify multiple bind request controls.
INFO_PWMOD_ARG_DESC_USE_AUTHZ_ID_CONTROL=Include the authorization identity \
request control in the bind request to indicate that the server should \
return the authorization identity that resulted from the bind.
INFO_PWMOD_ARG_DESC_USE_PW_POLICY_CONTROL_ON_BIND=Include the password \
policy request control (as described in draft-behera-ldap-password-policy) \
in the bind request used to authenticate to the server.
INFO_PWMOD_ARG_DESC_GET_AUTHZ_ENTRY_ATTRIBUTE=Include the \
UnboundID-proprietary get authorization entry request control in the bind \
request to indicate that the bind response should include the entry for \
the authenticated user with the specified attribute. This argument may be \
provided multiple times to specify that multiple attributes from the \
user entry should be included.
INFO_PWMOD_ARG_DESC_GET_USER_RESOURCE_LIMITS=Include the \
UnboundID-proprietary get user resource limits request control in the bind \
request to indicate that the server should return information about \
resource limits (e.g., size limit, time limit, idle time limit, etc.) \
imposed for the user.
INFO_PWMOD_ARG_DESC_UPDATE_CONTROL=Include the specified control in the \
request used to update the user''s password. This may be provided multiple \
times to specify multiple update controls.
INFO_PWMOD_ARG_DESC_USE_PW_POLICY_CONTROL_ON_UPDATE=Include the password \
policy request control (as described in draft-behera-ldap-password-policy) \
in the request used to update the user''s password.
INFO_PWMOD_ARG_DESC_NO_OPERATION=Include the LDAP no-operation request \
control (as described in draft-zeilenga-ldap-noop) to indicate that the \
server should validate that the password change would likely succeed, but \
that the user''s password should not actually be changed.
INFO_PWMOD_ARG_PLACEHOLDER_NAME_VALUE='{'name=value'}'
INFO_PWMOD_ARG_DESC_PASSWORD_UPDATE_BEHAVIOR=Include the \
UnboundID-proprietary password update behavior request control in the \
request used to update the password to specify settings that the server \
should use when updating the password. Values of this argument must be in \
the form ''name=value'', where the property name can be any one of the \
following: is-self-change, allow-pre-encoded-password, \
skip-password-validation, ignore-password-history, \
ignore-minimum-password-age, password-storage-scheme, and \
must-change-password. The value for each property should be either \
''true'' or ''false'', with the exception of the storage-scheme property, \
whose value should be the name of the desired password storage scheme to \
use to encode the new password. This argument can be provided multiple \
times to specify multiple password update behaviors.
INFO_PWMOD_ARG_DESC_GET_PW_VALIDATION_DETAILS=Include the \
UnboundID-proprietary get password validation details request control in \
the request used to update the password. The corresponding response \
control will include information about the requirements that the server \
will impose for the target user and whether the provided new password \
satisfies each of those constraints.
INFO_PWMOD_ARG_DESC_RETIRE_CURRENT_PASSWORD=Include the UnboundID-proprietary \
retire password request control in the request used to update the \
password. This will indicate that the server should continue to allow the \
user to authenticate with their former password (in addition to the \
new password) for a brief period of time.
INFO_PWMOD_ARG_DESC_PURGE_CURRENT_PASSWORD=Indicate the UnboundID-proprietary \
purge password request control in the request used to update the password. \
This will indicate that the server should completely remove the former \
password from the user''s entry, even if the server would have otherwise \
retired the former password for a brief period of time.
INFO_PWMOD_ARG_DESC_ASSURED_REPLICATION=Include the UnboundID-proprietary \
assured replication request control to indicate that the update response \
should be delayed until the change has been sufficiently replicated to \
other servers.
INFO_PWMOD_ARG_PLACEHOLDER_LEVEL='{'level'}'
INFO_PWMOD_ARG_DESC_ASSURED_REPLICATION_LOCAL_LEVEL=The local assurance level \
to use in the assured replication request control. If provided, the value \
should be one of ''none'' (to indicate that the update response should not \
be delayed for replication to local servers), ''received-any-server'' (to \
indicate that the update response should be delayed until the change has \
been received by, but not necessarily applied on, at least one other local \
server), or ''processed-all-servers'' (to indicate that the update response \
should be delayed until the change has been applied in all available local \
servers). If this is not specified, then the server will select an \
appropriate local assurance level.
INFO_PWMOD_ARG_DESC_ASSURED_REPLICATION_REMOTE_LEVEL=The remote assurance \
level to use in the assured replication request control. The value should \
be one of ''none'' (to indicate that the update response should not be \
delayed for replication to remote servers), \
''received-any-remote-location'' (to indicate that the update response \
should be delayed until the change has been received by, but not \
necessarily applied on, at least one server in at least one remote \
location), ''received-all-remote-locations'' (to indicate that the update \
response should be delayed until the change has been received by, but not \
necessarily applied on, at least one server in every remote location ), or \
''processed-all-remote-servers'' (to indicate that the update response \
should be delayed until the change has been applied by all available remote \
servers in all locations). If this is not specified, then the server will \
select an appropriate remote assurance level.
INFO_PWMOD_ARG_PLACEHOLDER_TIMEOUT='{'timeout'}'
INFO_PWMOD_ARG_DESC_ASSURED_REPLICATION_TIMEOUT=The timeout to use for \
assured replication processing. If provided, the value should be in the \
form of an integer followed by a time unit that is one of ''nanosecond'', \
''microsecond'', ''millisecond'', ''second'', ''minute'', ''hour'', ''day'', \
or ''week'' (or one of their plurals or abbreviations). For example, \
values of ''500 milliseconds'', ''500 ms'', and ''500ms'' all specify a \
timeout of 500 milliseconds. If this is not specified, then the server \
will select an appropriate timeout.
INFO_PWMOD_ARG_PLACEHOLDER_PURPOSE='{'purpose'}'
INFO_PWMOD_ARG_DESC_OPERATION_PURPOSE=Include the UnboundID-proprietary \
operation purpose request control in the request sent to update the target \
user''s password to provide additional information about the purpose for \
the request.
INFO_PWMOD_ARG_DESC_PASSWORD_ATTRIBUTE=The name of the attribute containing \
the password to update. This will only be used if the password will be \
updated with a regular LDAP modify operation (as opposed to the password \
modify extended operation), and if it is not specified, then a default of \
userPassword will be used.
INFO_PWMOD_ARG_PLACEHOLDER_CHANGE_METHOD=\
'{'password-modify-extended-operation|ldap-modify|active-directory'}'
INFO_PWMOD_ARG_DESC_PASSWORD_CHANGE_METHOD=The method to use to set the \
password. Allowed values are ''password-modify-extended-operation'' (for \
the password modify extended operation as described in RFC 3062), \
''ldap-modify'' (for a regular LDAP modify operation targeting the \
specified password attribute), or ''active-directory'' (for an Active \
Directory-specific password change mechanism). If this is not specified, \
then the tool will attempt to automatically determine the appropriate method.
INFO_PWMOD_ARG_DESC_FOLLOW_REFERRALS=Automatically attempt to follow any \
referrals received when processing requests.
INFO_PWMOD_ARG_DESC_USE_ADMIN_SESSION=Use an administrative session to \
process the bind and update operations using a dedicated pool of worker \
threads. This may be useful when trying to update the server when all \
normal worker threads are busy processing other requests.
INFO_PWMOD_ARG_DESC_VERBOSE=Provide verbose output about the processing that \
the tool performs.
INFO_PWMOD_ARG_DESC_SCRIPT_FRIENDLY=Generate output in a script-friendly \
format.
ERR_PWMOD_CHAR_SET_EMPTY=The ''{0}'' argument does not allow empty values.
ERR_PWMOD_ERROR_GETTING_ROOT_DSE=An error occurred while attempting to \
retrieve the server root DSE to determine the type of password update to \
perform (result code {0}, error message {1}). Use the {2} argument to \
specify the appropriate mechanism to use when changing the password.
ERR_PWMOD_CANNOT_RETRIEVE_ROOT_DSE=The search to retrieve the server root \
DSE did not return an entry, which may be the result of insufficient \
access rights to view that entry. Use the {0} argument to specify the \
appropriate mechanism to use when changing the password.
INFO_PWMOD_SELECTING_PW_MOD_EXTOP_METHOD=The server root DSE advertises \
support for the password modify extended operation. Selecting that method \
for the password update.
INFO_PWMOD_SELECTING_AD_METHOD_CONTROL_COUNT=The server root DSE reports that \
it supports {0,number,0} supported controls below Microsoft''s base OID of \
''{1}''. Assuming that it''s an Active Directory instance and selecting an \
Active Directory-specific method for the password update.
INFO_PWMOD_SELECTING_AD_METHOD_AD_VERSION=The server root DSE reports a \
vendor version of ''{0}''. Selecting an Active Directory-specific method \
for the password update.
INFO_PWMOD_DEFAULTING_TO_LDAP_MOD=The server root DSE does not claim to \
support the password modify extended operation, and it does not appear to \
be an Active Directory instance. Selecting a regular LDAP modify operation \
for the password update.
INFO_PWMOD_EXTOP_RESULT_HEADER=# Password Modify Extended Result:
INFO_PWMOD_EXTOP_SUCCESSFUL=Successfully changed the password using a \
password modify extended operation.
INFO_PWMOD_SERVER_GENERATED_PW=The server generated a new password of ''{0}''.
INFO_PWMOD_EXTOP_NO_OP=The password was not actually updated because the \
password modify extended request included the no-operation request control, \
but the server reported that the operation would have likely succeeded if \
that control had not been provided.
ERR_PWMOD_EXTOP_FAILED=The password modify extended operation failed with \
result code {0} and diagnostic message {1}
ERR_PWMOD_EXTOP_ERROR=An error occurred while attempting to send the password \
modify extended request to the server or read its response. The result \
code was {0} and the diagnostic message was {1}
ERR_PWMOD_EXTOP_NO_VALID_REFERRAL_URLS=Unable to process referral result {0} \
obtained in response to a password modify extended operation because none \
of the referral URLs could be parsed as valid LDAP URLs.
ERR_PWMOD_TOO_MANY_REFERRALS=Too many referrals were encountered while \
attempting to process the change using a password modify extended operation.
ERR_PWMOD_FOLLOW_REFERRAL_FAILED=Unable to follow a referral encountered \
while attempting to process the change using a password modify extended \
operation. The first error encountered during processing had a result code \
of {0} and a diagnostic message of {1}
ERR_PWMOD_NO_NEW_PW_FOR_MODIFY=No new password was specified for the user. \
While this is acceptable when using the password modify extended operation \
(because the server may generate a password on behalf of the client), it \
is not allowed when the password will be updated with a regular LDAP modify \
operation. Use one of the {0}, {1}, {2}, or {3} arguments to specify the \
new password to use.
INFO_PWMOD_MODIFY_RESULT_HEADER=# Modify Result:
INFO_PWMOD_MODIFY_SUCCESSFUL=Successfully changed the password using an LDAP \
modify operation.
INFO_PWMOD_MODIFY_NO_OP=The password was not actually updated because the \
modify request included the no-operation request control, but the server \
reported that the operation would have likely succeeded if that control had \
not been provided.
ERR_PWMOD_MODIFY_FAILED=The modify operation failed with result code {0} and \
diagnostic message {1}
INFO_PWMOD_USING_USER_IDENTITY_FROM_DN_FOR_EXTOP=Using bind DN value ''{0}'' \
as the user identity for the password modify extended request.
INFO_PWMOD_OMITTING_USER_IDENTITY_FROM_EXTOP=Omitting the user identity from \
the password modify extended request.
ERR_PWMOD_CANNOT_DETERMINE_USER_IDENTITY=ERROR: No user identity was \
provided, and either no authentication credentials were provided or it was \
not possible to infer determine the identity of the authenticated \
connection. Use the ''{0}'' argument to specify the identity of the user \
whose password should be updated.
ERR_PWMOD_USER_IDENTITY_EMPTY_USERNAME=ERROR: The user identity for the \
password update was determined to be ''u:'', which contains an empty \
username. Use the ''{0}'' argument to specify the identity of the user \
whose password should be updated. The user identity may be provided as a \
non-empty DN (optionally preceded by ''dn:'') or a non-empty username \
(which must be preceded by ''u:'').
ERR_PWMOD_USER_IDENTITY_NOT_VALID_DN=ERROR: The DN of the target user for \
the password update was determined to be ''{0}'', but this cannot be parsed \
as a valid distinguished name. Use the ''{1}'' argument to specify the \
user identity, either as a valid, non-empty DN (optionally preceded by \
''dn:'') or a non-empty username (which must be preceded by ''u:'').
ERR_PWMOD_USER_IDENTITY_EMPTY_DN=ERROR: The DN of the target user for the \
password update was determined to be the null DN (that is, the DN of the \
root DSE entry). This suggests that either an empty user identity was \
explicitly specified, that the empty user identity was inferred because \
no authentication credentials were provided, or that anonymous \
authentication was performed. Use the ''{0}'' argument to specify the \
user identity, either as a valid, non-empty DN (optionally preceded by \
''dn:'') or a non-empty username (which must be preceded by ''u:'').
INFO_PWMOD_USER_IDENTITY_DN_FOR_MOD=Using DN ''{0}'' as the user identity for \
the modify operation that will be used to update the password.
INFO_PWMOD_ISSUING_SEARCH_FOR_USER=Issuing search request {0} to determine \
the entry DN that corresponds to username ''{1}''.
ERR_PWMOD_SEARCH_FOR_USER_NO_MATCHES=Unable to determine the DN of the entry \
for the user with username ''{0}'' because no matching entries were found.
ERR_PWMOD_SEARCH_FOR_USER_MULTIPLE_MATCHES=Unable to determine the DN of the \
entry for the user with username ''{0}'' because multiple matching entries \
were found. The username must uniquely identify the target user.
ERR_PWMOD_SEARCH_FOR_USER_FAILED=Unable to determine the DN of the entry for \
the user with username ''{0}'' because the search to find that entry failed \
with result code {1} and diagnostic message {2}
ERR_PWMOD_CANNOT_READ_CURRENT_PW_FILE=An error occurred while attempting to \
read the current password from file ''{0}'': {1}
INFO_PWMOD_PROMPT_CURRENT_PW=Enter the current password for the user:
ERR_PWMOD_PW_EMPTY=ERROR: The password must not be empty.
ERR_PWMOD_CANNOT_PROMPT_FOR_CURRENT_PW=An error occurred while attempting to \
prompt for the current password: {0}
ERR_PWMOD_CANNOT_READ_NEW_PW_FILE=An error occurred while attempting to read \
the new password from file ''{0}'': {1}
INFO_PWMOD_PROMPT_NEW_PW=Enter the new password for the user:
INFO_PWMOD_CONFIRM_NEW_PW=Confirm the new password:
ERR_PWMOD_NEW_PW_MISMATCH=ERROR: The provided passwords do not match.
ERR_PWMOD_CANNOT_PROMPT_FOR_NEW_PW=An error occurred while attempting to \
prompt for the new password: {0}
INFO_PWMOD_CLIENT_SIDE_GEN_PW=The {0} tool generated a new password of \
''{1}''.
INFO_PWMOD_EXAMPLE_1=Perform a self password change as the user with a \
username of ''jdoe'', with both the current and new passwords obtained from \
interactive prompting. The tool will automatically determine the best \
method to use to change the password.
INFO_PWMOD_EXAMPLE_2=Use a regular LDAP modify operation to perform an \
administrative reset of the password for user \
''uid=jdoe,ou=People,dc=example,dc=com''. The tool will generate a new \
password for the user.
INFO_LDAPCOMPARE_TOOL_DESCRIPTION_1=Perform compare operations in an LDAP \
directory server. Compare operations may be used to efficiently determine \
whether a specified entry has a given value.
INFO_LDAPCOMPARE_TOOL_DESCRIPTION_2=The exit code for this tool will indicate \
whether processing was successful or unsuccessful, and to provide a basic \
indication of the reason for unsuccessful attempts. By default, it will \
use an exit code of zero (which corresponds to the LDAP ''success'' result) \
if all compare operations completed with a result code of either ''compare \
false'' or ''compare true'' (integer values 5 and 6, respectively), but if \
the --useCompareResultCodeAsExitCode argument is provided, only one \
compare assertion is performed, and it yields an exit code of ''compare \
false'' or ''compare true'', then the numeric value for that result code \
will be used as the exit code. If any error occurs during processing, then \
the exit code will be a nonzero value that reflects the first error result \
that was encountered.
INFO_LDAPCOMPARE_TOOL_DESCRIPTION_3=The attribute type and assertion value \
to use for the compare operations will typically be provided as the first \
unnamed trailing argument provided on the command line. It should be \
formatted with the name or OID of the target attribute type followed by a \
single colon and the string representation of the assertion value. \
Alternatively, the attribute name or OID may be followed by two colons and \
the base64-encoded representation of the assertion value, or it may be \
followed by a colon and a less-than symbol to indicate that the assertion \
value should be read from a file (in which case the exact bytes of the \
file, including line breaks, will be used as the assertion value).
INFO_LDAPCOMPARE_TOOL_DESCRIPTION_4=The DNs of the entries to compare may \
either be provided on the command line as additional unnamed trailing \
arguments after the provided attribute-value assertion, or they may be \
read from a file whose path is provided using the --dnFile argument.
INFO_LDAPCOMPARE_TOOL_DESCRIPTION_5=If the attribute-value assertion is \
provided on the command line as an unnamed trailing argument, then the same \
assertion will be performed for all operations. If multiple types of \
assertions should be performed, then you may use the --assertionFile \
argument to specify the path to a file containing both attribute-value \
assertions and entry DNs.
INFO_LDAPCOMPARE_TRAILING_ARGS_PLACEHOLDER=\
[attribute:value|attribute::base64Value|attribute: