# Quoted and unquoted properties dsconfig create-client-connection-policy \ --policy-name "Restrictive Client Connection Policy" \ --set "description:Restrictive Client Connection Policy" \ --set enabled:true --set evaluation-order-index:1000 \ --set "connection-criteria:User.0 Connection Criteria" \ --set maximum-concurrent-connections:2 \ --set "maximum-connection-duration:1 s" \ --set "maximum-idle-connection-duration:1 s" \ --set maximum-operation-count-per-connection:1000 # dsconfig keyword is optional create-client-connection-policy \ --policy-name "Another Client Connection Policy" \ --set enabled:true --set evaluation-order-index:100 \ --set 'connection-criteria:User.1 Connection Criteria' \ # Property without value --reset maximum-concurrent-connections # Unquoted property, quoted property value dsconfig set-access-control-handler-prop \ --add global-aci:'(target="ldap:///cn=config")(targetattr="*")(version 3.0; acl "Allow access to the config tree by cn=admin,c=us"; allow(all) groupdn="ldap:///cn=directory administrators,ou=groups,c=us";)' \ --add global-aci:'(target="ldap:///cn=monitor")(targetattr="*")(version 3.0; acl "Allow access to the monitor tree by cn=admin,c=us"; allow(all) groupdn="ldap:///cn=directory administrators,ou=groups,c=us";)' \ --remove global-aci:'(target="ldap:///cn=alerts")(targetattr="*")(version 3.0; acl "Allow access to the alerts tree by cn=admin,c=us"; allow(all) groupdn="ldap:///cn=directory administrators,ou=groups,c=us";)' # No continuation dsconfig delete-log-publisher --publisher-name "File-Based Error Logger"