WIMManagementCommands command group for the AdminTask object
You can use the Jython or Jacl scripting languages to configure security with the wsadmin tool. The commands and parameters in the WIMManagementCommands group can be used to create and manage groups, members, and users in the virtual member manager.
The WIMManagementCommands command group for the AdminTask object includes the following commands:
- createGroup
- createUser
- deleteGroup
- deleteUser
- duplicateMembershipOfGroup
- duplicateMembershipOfUser
- getGroup
- getMembershipOfGroup
- getMembershipOfUser
- getMembersOfGroup
- getUser
- removeMemberFromGroup
- searchGroups
- searchUsers
- updateGroup
- updateUser
createGroup
The createGroup command creates a new group in the virtual member manager. After the command completes, the new group will appear in the repository. For LDAP, a group must contain a member. The memberUniqueName parameter is optional in this case. If you set the memberUniqueName parameter to the unique name of a group or a user, the group or user will be added as a member of the group.
Parameters and return values
- -cn
- Specifies the common name for the group to create. This parameter maps to the cn property in virtual member manager. (String, required)
- -description
- Specifies additional information about the group to create. This parameter maps to the description property in a virtual member manager object. (String, optional)
- -parent
- Specifies the repository in which you want to create the group. This parameter maps to the parent property in the virtual member manager. (String, optional)
- -memberUniqueName
- Unique name value for the user or group to add to the new group. This parameter maps to the uniqueName property in the virtual member manager. (String, optional)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask createGroup {-cn groupA -description a group of admins}
- Use Jython string:
AdminTask.createGroup ('[-cn groupA -description a group of admins]')
- Use Jython list:
AdminTask.createGroup (['-cn', 'groupA', '-description', 'a group of admins'])
Interactive mode example usage:
- Use Jacl:
$AdminTask createGroup {-interactive}
- Use Jython string:
AdminTask.createGroup ('[-interactive]')
- Use Jython list:
AdminTask.createGroup (['-interactive'])
createUser
The createUser command creates a new user in the default repository or a repository that the parent command parameter specifies. This command creates a person entity and a login account entity in the virtual member manager.
Parameters and return values
- -uid
- Unique ID for the user to create. Virtual member manager then creates a uniqueId value and a uniqueName value for the user. This parameter maps to the uid property in the virutal member manager. (String, required)
- -password
- Password for the user. This parameter maps to the password property in the virtual member manager. (String, required)
- -confirmPassword
- Password again to validate how it was entered for the password parameter. This parameter maps to the password property in virtual member manager. (String, optional)
- -cn
- Specifes the first name or given name of the user. This parameter maps to the cn property in virutal member manager. (String, optional)
- -surname
- Last name or family name of the user. This parameter maps to the sn property in virtual member manager. (String, optional)
- -ibm-primaryEmail
- Specifies the e-mail address of the user. This parameter maps to the ibm-PrimaryEmail property in the virtual member manager. (String, optional)
- -parent
- Specifies the repository in which you want to create the user. This parameter maps to the parent property in the virtual member manager. (String, optional)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask createUser {-uid 123 -password tempPass -confirmPassword tempPass -cn Jane -surname Doe -ibm-primaryEmail janedoe@acme.com}
- Use Jython string:
AdminTask.createUser ('[-uid 123 -password tempPass -confirmPassword tempPass -cn Jane -surname Doe -ibm-primaryEmail janedoe@acme.com]')
- Use Jython list:
AdminTask.createUser (['-uid', '123', '-password', 'tempPass', '-confirmPassword', 'tempPass', '-cn', 'Jane', '-surname', 'Doe', '-ibm-primaryEmail', 'janedoe@acme.com'])
Interactive mode example usage:
- Use Jacl:
$AdminTask createUser {-interactive}
- Use Jython string:
AdminTask.createUser ('[-interactive]')
- Use Jython list:
AdminTask.createUser (['-interactive'])
deleteGroup
The deleteGroup command deletes a group in the virtual member manager. You cannot use this command to delete descendants. When this command completes, the group will be deleted from the repository.
Parameters and return values
- -uniqueName
- Unique name value for the group to delete. This parameter maps to the uniqueName property in virtual member manager. (String, required)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask deleteGroup {-uniqueName cn=operators,cn=users,dc=yourco,dc=com}
- Use Jython string:
AdminTask.deleteGroup ('[-uniqueName cn=operators,cn=users,dc=yourco,dc=com]')
- Use Jython list:
AdminTask.deleteGroup (['-uniqueName', 'cn=operators,cn=users,dc=yourco,dc=com'])
Interactive mode example usage:
- Use Jacl:
$AdminTask deleteGroup {-interactive}
- Use Jython string:
AdminTask.deleteGroup ('[-interactive]')
- Use Jython list:
AdminTask.deleteGroup (['-interactive'])
deleteUser
The deleteUser command deletes a user from the virtual member manager. This includes a person object and an account object in the non-merged repositories.
Parameters and return values
- -uniqueName
- Unique name value for the user to delete. This parameter maps to the uniqueName property in virtual member manager. (String, required)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask deleteUser {-uniqueName uid=dmeyers,cn=users,dc=yourco,dc=com}
- Use Jython string:
AdminTask.deleteUser ('[-uniqueName uid=dmeyers,cn=users,dc=yourco,dc=com]')
- Use Jython list:
AdminTask.deleteUser (['-uniqueName', 'uid=dmeyers,cn=users,dc=yourco,dc=com'])
Interactive mode example usage:
- Use Jacl:
$AdminTask deleteUser {-interactive}
- Use Jython string:
AdminTask.deleteUser ('[-interactive]')
- Use Jython list:
AdminTask.deleteUser (['-interactive'])
duplicateMembershipOfGroup
Use the duplicateMembershipOfGroup command to make a one group a member of all of the same groups as another group. For example, group A is in group B and group C. To add group D to the same groups as group A, use the duplicateMembershipOfGroup command.
Parameters and return values
- -copyToName
- Specifies the name of the group to which you want to add the memberships of the group specified in the copyFromName parameter. (String, required)
- -copyFromName
- Specifies the name of the group from which you want to copy the group memberships for another group to use. (String, required)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask duplicateMembershipOfGroup {-copyToName cn=operators,cn=groups,dc=yourco,dc=com -copyFromName cn=admins,cn=groups,dc=yourco,dc=com}
- Use Jython string:
AdminTask.duplicateMembershipOfGroup ('[-copyToName cn=operators,cn=groups,dc=yourco,dc=com -copyFromName cn=admins,cn=groups,dc=yourco,dc=com]')
- Use Jython list:
AdminTask.duplicateMembershipOfGroup (['-copyToName', 'cn=operators,cn=groups,dc=yourco,dc=com', '-copyFromName', 'cn=admins,cn=groups,dc=yourco,dc=com'])
Interactive mode example usage:
- Use Jacl:
$AdminTask duplicateMembershipOfGroup {-interactive}
- Use Jython string:
AdminTask.duplicateMembershipOfGroup ('[-interactive]')
- Use Jython list:
AdminTask.duplicateMembershipOfGroup (['-interactive'])
duplicateMembershipOfUser
Use the duplicateMembershipOfUser command to make a one user a member of all of the same groups as another user. For example, user 1 is in group B and group C. To add user 2 to the same groups as user 1, use the duplicateMembershipOfUser command.
Parameters and return values
- -copyToName
- Specifies the name of the user to which you want to add the memberships of the user specified in the copyFromName parameter. (String, required)
- -copyFromName
- Specifies the name of the user from which you want to copy the group memberships for another user to use. (String, required)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask duplicateMembershipOfUser {-copyToName uid=meyersd,cn=users,dc=yourco,dc=com -copyFromName uid=jhart,cn=users,dc=yourco,dc=com}
- Use Jython string:
AdminTask.duplicateMembershipOfUser ('[-copyToName uid=meyersd,cn=users,dc=yourco,dc=com -copyFromName uid=jhart,cn=users,dc=yourco,dc=com]')
- Use Jython list:
AdminTask.duplicateMembershipOfUser (['-copyToName', 'uid=meyersd,cn=users,dc=yourco,dc=com', '-copyFromName', 'uid=jhart,cn=users,dc=yourco,dc=com'])
Interactive mode example usage:
- Use Jacl:
$AdminTask duplicateMembershipOfUser {-interactive}
- Use Jython string:
AdminTask.duplicateMembershipOfUser ('[-interactive]')
- Use Jython list:
AdminTask.duplicateMembershipOfUser (['-interactive'])
getGroup
The getGroup command retrieves the common name and description of a group.
Parameters and return values
- -uniqueName
- Unique name value for the group to view. This parameter maps to the uniqueName property in virtual member manager. (String, required)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask getGroup {-uniqueName cn=operators,cn=groups,dc=yourco,dc=com}
- Use Jython string:
AdminTask.getGroup ('[-uniqueName cn=operators,cn=groups,dc=yourco,dc=com]')
- Use Jython list:
AdminTask.getGroup (['-uniqueName', 'cn=operators,cn=groups,dc=yourco,dc=com'])
Interactive mode example usage:
- Use Jacl:
$AdminTask getGroup {-interactive}
- Use Jython string:
AdminTask.getGroup ('[-interactive]')
- Use Jython list:
AdminTask.getGroup (['-interactive'])
getMembershipOfGroup
The getMembershipOfGroup command retrieves the groups of which a group is a member.
Parameters and return values
- -uniqueName
- Unique name value for the group whose group memberships you want to view. This parameter maps to the uniqueName property in virtual member manager. (String, required)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask getMebmershipOfGroup {-uniqueName uid=dmeyers,cn=users,dc=yourco,dc=com}
- Use Jython string:
AdminTask.getMebmershipOfGroup ('[-uniqueName uid=dmeyers,cn=users,dc=yourco,dc=com]')
- Use Jython list:
AdminTask.getMebmershipOfGroup (['-uniqueName', 'uid=dmeyers,cn=users,dc=yourco,dc=com'])
Interactive mode example usage:
- Use Jacl:
$AdminTask getMembershipOfGroup {-interactive}
- Use Jython string:
AdminTask.getMembershipOfGroup ('[-interactive]')
- Use Jython list:
AdminTask.getMembershipOfGroup (['-interactive'])
getMembershipOfUser
The getMembershipOfUser command retrieves the groups of which a user is a member.
Parameters and return values
- -uniqueName
- Unique name value for the user whose group memberships you want to view. This parameter maps to the uniqueName property in virtual member manager. (String, required)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask getMebmershipOfUser {-uniqueName uid=dmeyers,cn=users,dc=yourco,dc=com}
- Use Jython string:
AdminTask.getMebmershipOfUser ('[-uniqueName uid=dmeyers,cn=users,dc=yourco,dc=com]')
- Use Jython list:
AdminTask.getMebmershipOfUser (['-uniqueName', 'uid=dmeyers,cn=users,dc=yourco,dc=com'])
Interactive mode example usage:
- Use Jacl:
$AdminTask getMembershipOfUser {-interactive}
- Use Jython string:
AdminTask.getMembershipOfUser ('[-interactive]')
- Use Jython list:
AdminTask.getMembershipOfUser (['-interactive'])
getMembersOfGroup
The getMembersOfGroup command retrieves the members of a group.
Parameters and return values
- -uniqueName
- Unique name value for the group whose members you want to view. This parameter maps to the uniqueName property in virtual member manager. (String, required)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask getMembersOfGroup {-uniqueName cn=operators,cn=groups,dc=yourco,dc=com}
- Use Jython string:
AdminTask.getMembersOfGroup ['(-uniqueName cn=operators,cn=groups,dc=yourco,dc=com]')
- Use Jython list:
AdminTask.getMembersOfGroup [('-uniqueName', 'cn=operators,cn=groups,dc=yourco,dc=com'])
Interactive mode example usage:
- Use Jacl:
$AdminTask getMembersOfGroup {-interactive}
- Use Jython string:
AdminTask.getMembersOfGroup ('[-interactive]')
- Use Jython list:
AdminTask.getMembersOfGroup (['-interactive'])
getUser
The getUser command retrieves information about a user in the virtual member manager.
Parameters and return values
- -uniqueName
- Unique name value for the user to view. This parameter maps to the uniqueName property in the virtual member manager. (String, required)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask getUser {-userName uid=dmeyers,cn=users,dc=yourco,dc=com}
- Use Jython string:
AdminTask.getUser ('[-userName uid=dmeyers,cn=users,dc=yourco,dc=com]')
- Use Jython list:
AdminTask.getUser (['-userName', 'uid=dmeyers,cn=users,dc=yourco,dc=com'])
Interactive mode example usage:
- Use Jacl:
$AdminTask getUser {-interactive}
- Use Jython string:
AdminTask.getUser ('[-interactive]')
- Use Jython list:
AdminTask.getUser (['-interactive'])
removeMemberFromGroup
The removeMemberFromGroup command removes a user or a group from a group.
Parameters and return values
- -memberUniqueName
- Unique name value for the user or group to remove from the specified group. This parameter maps to the uniqueName property in virtual member manager. (String, required)
- -groupUniqueName
- Unique name value for the group from which you want to remove the user or group specified with the memberUniqueName paramter. This parameter maps to the uniqueName property in virtual member manager. (String, required)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask removeMemberFromGroup {-memberUniqueName uid=meyersd,cn=users,dc=yourco,dc=com -groupUniqueName cn=admins,cn-groups,dc=yourco,dc=com}
- Use Jython string:
AdminTask.removeMemberFromGroup ('[-memberUniqueName uid=meyersd,cn=users,dc=yourco,dc=com -groupUniqueName cn=admins,cn-groups,dc=yourco,dc=com]')
- Use Jython list:
AdminTask.removeMemberFromGroup (['-memberUniqueName', 'uid=meyersd,cn=users,dc=yourco,dc=com', '-groupUniqueName', 'cn=admins,cn-groups,dc=yourco,dc=com'])
Interactive mode example usage:
- Use Jacl:
$AdminTask removeMemberFromGroup {-interactive}
- Use Jython string:
AdminTask.removeMemberFromGroup ('[-interactive]')
- Use Jython list:
AdminTask.removeMemberFromGroup (['-interactive'])
searchGroups
Use the searchGroups command to find groups in the virtual member manager that match criteria that you provide. For example, you can use the searchGroups command to find all of the groups with a common name that begins with IBM. You can search for any virtual member manager property because the command is generic.
Parameters and return values
- -cn
- The first name or given name of the user. This parameter maps to the cn property in the virtual member manager. Set this parameter or the description parameter, but not both. (String, optional)
- -description
- Specifies information about the group. This parameter maps to the description entity in a virtual member manager object. Set this parameter or the cn parameter, but not both. (String, optional)
- -timeLimit
- Specifies the maximum amount of time in milliseconds that the search can run. The default value is no time limit. (String, optional)
- -countLimit
- Specifies the maximum number of results that you want returned from the search. By default, all groups found in the search are returned. (String, optional)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask searchGroups {cn *IBM*}
- Use Jython string:
AdminTask.searchGroups('[cn *IBM*]')
- Use Jython list:
AdminTask.searchGroups(['cn', '*IBM*'])
Interactive mode example usage:
- Use Jacl:
$AdminTask searchGroups {-interactive}
- Use Jython string:
AdminTask.searchGroups ('[-interactive]')
- Use Jython list:
AdminTask.searchGroups (['-interactive'])
searchUsers
Use the searchUsers command to find users in the virtual member manager that match criteria that you provide. For example, you can use the searchUsers command to find all of the telephone numbers that contain 919. You can search for any virtual member manager property because the command is generic.
Parameters and return values
- -principalName
- Principal name oft he user that is used as the logon ID for the user in the system. This parameter maps to the principalName property in virtual member manager. You must specify only one of the following parameters: principalName, uid, cn, sn, or ibm-primaryEmail. (String, optional)
- -uid
- Unique ID value for the user for whom you want to search. This parameter maps to the uid property in virtual member manage. You must specify only one of the following parameters: principalName, uid, cn, sn, or ibm-primaryEmail. (String, optional)
- -cn
- First name or given name of the user. This parameter maps to the cn property in virtual member manager. You must specify only one of the following parameters: principalName, uid, cn, sn, or ibm-primaryEmail. (String, optional)
- -sn
- Last name or family name of the user. This parameter maps to the sn property in virtual member manager. You must specify only one of the following parameters: principalName, uid, cn, sn, or ibm-primaryEmail. (String, optional)
- -ibm-primaryEmail
- Specifies the email address of the user. This parameter maps to the ibm-PrimaryEmail property in the virtual member manager. You must specify only one of the following parameters: principalName, uid, cn, sn, or ibm-primaryEmail. (String, optional)
- -timeLimit
- Specifies the maximum amount of time in milliseconds that the search can run. The default is not time limit. (String, optional)
- -countLimit
- Specifies the maximum number of results that you want returned from the search. By default, all users found int he search are returned. (String, optional)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask searchUsers {-principalName */IBM/US*}
- Use Jython string:
AdminTask.searchUsers ('[-principalName */IBM/US*]')
- Use Jython list:
AdminTask.searchUsers (['-principalName', '*/IBM/US*'])
Interactive mode example usage:
- Use Jacl:
$AdminTask searchUsers {-interactive}
- Use Jython string:
AdminTask.searchUsers ('[-interactive]')
- Use Jython list:
AdminTask.searchUsers (['-interactive'])
updateGroup
The updateGroup command updates the common name or the description of a group.
Parameters and return values
- -uniqueName
- Unique name value for the group for which you want to modify the properties. This parameter maps to the uniqueName property in virtual member manager. (String, required)
- -cn
- Specifies the new common name used for the group. This parameter maps to the cn property in virtual member manager. (String, optional)
- -description
- Specifies the new information about the group. This parameter maps to the description entity in a virtual member manager object. (String, optional)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask updateGroup {-uniqueName cn=operators,cn=groups,dc=yourco,dc=com -cn groupA}
- Use Jython string:
AdminTask.updateGroup ('[-uniqueName cn=operators,cn=groups,dc=yourco,dc=com -cn groupA]')
- Use Jython list:
AdminTask.updateGroup (['-uniqueName', 'cn=operators,cn=groups,dc=yourco,dc=com', '-cn', 'groupA'])
Interactive mode example usage:
- Use Jacl:
$AdminTask updateGroup {-interactive}
- Use Jython string:
AdminTask.updateGroup ('[-interactive]')
- Use Jython list:
AdminTask.updateGroup (['-interactive'])
updateUser
The updateUser command updates the following properties: uniqueName, uid, password, cn, sn, or ibm-primaryEmail.
Parameters and return values
- -uniqueName
- Unique name value for the user for which you want to modify the properties. This parameter maps to the uniqueName property in virtual member manager. (String, required)
- -uid
- Specifies the new unique ID value for the user. This parameter maps to the uid property in virtual member manager. (String, optional)
- -password
- Specifies the new password for the user. This parameter maps to the password property in virtual member manager. (String, optional)
- -confirmPassword
- Password again to validate how it was entered on the password parameter. This parameter maps to the password property in virtual member manager. (String, optional)
- -cn
- Specifies the new first name or given name of the user. This parameter maps to the cn property in virtual member manager. (String, optional)
- -surname
- Specifies the new last name or family name of the user. This parameter maps to the sn property in virtual member manager. (String, optional)
- -ibm-primaryEmail
- Specifies the new e-mail address of the user. This parameter maps to the mail property in virtual member manager. (String, optional)
Examples
Batch mode example usage:
- Use Jacl:
$AdminTask updateUser {-uniqueName uid=dmeyers,cn=users,dc=yourco,dc=com -uid 123}
- Use Jython string:
AdminTask.updateUser ('[-uniqueName uid=dmeyers,cn=users,dc=yourco,dc=com -uid 123]')
- Use Jython list:
AdminTask.updateUser (['-uniqueName', 'uid=dmeyers,cn=users,dc=yourco,dc=com', '-uid', '123'])
Interactive mode example usage:
- Use Jacl:
$AdminTask updateUser {-interactive}
- Use Jython string:
AdminTask.updateUser ('[-interactive]')
- Use Jython list:
AdminTask.updateUser (['-interactive'])
Related tasks
Use the AdminTask object for scripted administration
Related Reference
Commands for the AdminTask object
Reference topic