SnDSTool.exe is aimed to operate on the storage of the Centralized Management (further CM) objects:
- clean storage from data on unused security tokens not assigned to a user;
- obtain data on Security domains;
- select the "Trust Windows password authentication on the next system login" check box for a specified user (for Advanced password-based authentication mode).
If the Network Protection subsystem is installed, the tool configures the necessary settings for user password synchronization with the data from the authentication server.
SnDSTool [-lds [port]] [-ssl]
If the parameter -lds is given, it is necessary to input the LDS Server name and the DN of the LDS main Security domain,
otherwise the program will try to read these parameters from the register.
In this case the port number can be not specified (by default it is 50002 and if SSL is implemented - 50003).
It is possible to skip this key then the connection will be set to the current AD Domain Controller.
If the -ssl key is given, SSL protocol will be used during the LDAP connection.
Commands:
-duei - removal of all security tokens not assigned to a user.
(For this command such parameters as server and domainDN are required).
-pds - print all Security domains.
-pwd - select the "Trust Windows password authentication on the next system login" check box for a specified domain user.
If the Network Protection subsystem is installed, the tool configures the necessary settings for user password synchronization with the data from the authentication server:
-rpwd -u Domain\User - anAdmName -p AdmPasswd, where:
Domain\User - full domain user name;
AdmName - LDS administrator name;
AdmPasswd - LDS administrator password.
-h or-? - Help on utility call.
Examples:
- Removal of data on unused security tokens in the current Security domain.
SnDSTool.exe -duei
- Removal of data on unused security tokens in Security domain, parameters of connection with which are stored in the system register.
SnDSTool.exe -lds -duei
- Output of data on all Security domains:
SnDSTool.exe -lds -pds
- Output of data on all Security domains where Security Server with the name LdsSrv is located.
SnDSTool.exe -lds LdsSrv -pds
- Setting of the check box "Trust Windows password authentication on the next system login" for a specified domain user.
If the Network Protection subsystem is installed, the tool configures the necessary settings
for user password synchronization with the data from the authentication server:
SnDSTool.exe -rpwd -u Domain\User -a AdmName -p AdmPasswd