16.10 Command Line Utility of MFA Agent

The utility mfa-agent-cli can be used to change the configuration parameters of MFA agent.

16.10.1 Syntax

mfa-agent-cli command [options]

mfa-agent-cli --help

mfa-agent-cli mfa-agent [--enableServiceDiscovery=<true or false> | --clientCertPath=<certificate path> | --clientCertKeyPath=<certificate key file path> | --logLevel=<error/warn/info/debug> | --logFilePath=<path> | --logTimeStampFormat=<format>]

mfa-agent-cli mfa-server [--AddMfaServerHost=<MFA server address> | --RemoveMfaServerHost=<MFA server address>]

mfa-agent-cli print-config

16.10.2 MFA Agent Commands and Options

mfa-agent

--enableServiceDiscovery=<true or false>

If set to true, MFA agent automatically discovers the MFA servers available in the eDirectory tree. By default, this value is true.

--clientCertPath=<certificate path>

Path of the client certificate file used by MFA agent. By default, this is configured to use the eDirectory certificate.

--clientCertKeyPath=<certificate key file path>

Path of the client certificate private key used by MFA agent. By default, this is configured to use the eDirectory certificate private key.

---logLevel=<error/warn/info/debug>

Configures the log level. Default log level is info.

--logFilePath=<path>

Log file path of MFA agent. By default, the log file path is /var/opt/novell/log/oes/mfaagent-<date>.log.

--logTimeStampFormat=<format>]

Time stamp format in log message. By default, the time format is YYYY-MM-DD HH:mm:ss.

mfa-server

These configurations are used only when the enableServiceDiscovery is false.

--AddMfaServerHost=<MFA server address>

Adds the IP address or host name of the server to the list of MFA servers. Any number of MFA servers can be added to the list.

--RemoveMfaServerHost=<MFA server address>

Removes the server from the list of MFA servers.

print-config

Prints the configuration parameters of the MFA agent.