Remove security domains using scripting


Use this topic to delete security domains from the configuration using wsadmin. Remove security domains that are not needed in the security configuration.

Users assigned to the administrator role can configure security domains. Verify that we have the appropriate admin role before configuring security domains. A security domain must exist in the configuration.

 

  1. Launch the wsadmin scripting tool using the Jython scripting language.

  2. Determine the security domain to delete. Use the listSecurityDomains to view a list of security domains in the configuration. Specify true for the optional -listDescription parameter to list the description for each security domain, as the following Jython example demonstrates:

    print AdminTask.listSecurityDomains('-listDescription true')

    The command returns the following example output:

    {{name myDomain}
    {description {security domain for admin applications}}}
    {{name domain2}
    {description {new domain for cell123}}}
    

  3. Verify that no resources are assigned to the security domain to delete. Use this step to manually remove resources from the security domain of interest. You do not need to complete this step if we want to delete the security domain and each assigned resource. Use the listResourcesInSecurityDomain command to view a list of resources that are mapped to the security domain of interest, as the following Jython example demonstrates:

    print AdminTask.listResourcesInSecurityDomain('-securityDomainName domain2')

    If the command returns the name of a resource, use the removeResourceFromSecurityDomain command to remove a resource from the security domain. For example, use the following Jython command to remove the Cell01 cell resource from the domain2 security domain:

    "AdminTask.removeResourceFromSecurityDomain('-securityDomainName domain2 -resourceName Cell=Cell01')"

  4. Delete the security domain from the configuration. Use the deleteSecurityDomain command to delete the security domain. If a resource associated with the domain was deleted from the system but the mapping was not removed form the domain, specify the optional -force parameter to remove the domain, as the following Jython example demonstrates:

    AdminTask.deleteSecurityDomain('-securityDomainName domain2 -force true')

  5. Save the configuration changes...

    AdminConfig.save()

 

Related tasks


Remove resources from security domains using scripting
Manage servers and nodes with scripting