Chapter 7. Command-Line Scripts288• host, port, and binddn can be replaced with relevant values or *, or omitted altogether. If host is nullor *, the entry may apply to any host that does not have a dedicated entry in the file. If port is null or*, the port will default to the port stored in the current replication agreement. If binddn is null or *, itdefaults to cn=Directory Manager.• bindcert can be replaced with the full path to the certificate database, null, or *. If bindcert is omittedor replaced with *, the connection will be a simple bind.For example, the configuration file may appear as follows:#Configuration File for Monitoring Replication Via Admin Express[connection]*:*:*:mypassword[alias]M1 = host1.example.com:10011C1 = host4.example.com:10021C2 = host2.example.com:10022[color]0 = #ccffcc5 = #FFFFCC60 = #FFCCCCA shadow port can be set in the replication monitor configuration file. For example:host:port=shadowport:binddn:bindpwd:bindcertWhen the replication monitor finds a replication agreement that uses the specified port, it will use theshadow port to connect to retrieve statistics.7.3.12. pwdhash (Prints Encrypted Passwords)Prints the encrypted form of a password using one of the server's encryption algorithms. If a usercannot log in, use this script to compare the user's password to the password stored in the directory.Syntaxpwdhash [ -D config_directory ] [ -H ] [[ -s scheme ] | [ -c comparepwd ]] [ password ]OptionsOption Description-D config_directory Gives the full path to the configuration directory.-c password Gives the hashed password string to which tocompare the user's password.-s scheme Gives the scheme to hash the given password.-H Shows the help.Table 7.12. pwdhash OptionsFor more information on the different storage schemes, such as SSHA, SHA, CRYPT, and CLEAR, seethe Directory Server Administrator's Guide.
