Network Deployment (Distributed operating systems), v8.0 > Reference > Commands (wsadmin scripting)
IdMgrRealmConfig command group
Use the Jython or Jacl scripting languages to configure federated repositories realms. The commands and parameters in the IdMgrRealmConfig group can be used to create and manage your realm configuration.
The IdMgrRealmConfig command group includes the following commands:
- addIdMgrRealmBaseEntry
- createIdMgrRealm
- deleteIdMgrRealm
- deleteIdMgrRealmBaseEntry
- getIdMgrDefaultRealm
- getIdMgrRepositoriesForRealm
- getIdMgrRealm
- listIdMgrRealms
- listIdMgrRealmBaseEntries
- listIdMgrRealmURAttrMappings
- renameIdMgrRealm
- setIdMgrDefaultRealm
- setIdMgrRealmURAttrMapping
- updateIdMgrRealm
addIdMgrRealmBaseEntry
Add a base entry to a specific realm configuration and link the realm with the repository.
Required parameters
-name
Name of the realm. (String, required)
-baseEntry
Name of the base entry. (String, optional)
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional)
Batch example:
### Jacl
$AdminTask addIdMgrRealmBaseEntry {-name defaultWIMFileBasedRealm -baseEntry o=sampleFileRepository}
- Jython string:
AdminTask.addIdMgrRealmBaseEntry ('[-name defaultWIMFileBasedRealm -baseEntry o=sampleFileRepository]')
- Use Jython list:
AdminTask.addIdMgrRealmBaseEntry (['-name', 'defaultWIMFileBasedRealm', '-baseEntry', 'o=sampleFileRepository'])
Interactive example...
### Jacl
$AdminTask addIdMgrRealmBaseEntry {-interactive}
- Jython string:
AdminTask.addIdMgrRealmBaseEntry ('[-interactive]')
- Use Jython list:
AdminTask.addIdMgrRealmBaseEntry (['-interactive'])
createIdMgrRealm
Create a realm configuration.
Required parameters
-name
Name of the realm. (String, required)
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional)
-securityUse
Specifies a string that indicates if this virtual realm will be used in security now, later, or never. The default value is active. Additional values includes: inactive and nonSelectable. (String, optional)
-delimiter
Delimiter used for this realm. The default value is /. (String, optional)
-allowOperationIfReposDown
Whether the system allows a repository operation such as get or search to complete successfully, even if repositories in the realm are down. The default value is false. (Boolean, optional) Even if this parameter is specified, all repositories must be available when you start the server, or the federated repositories will not function properly. Examples
Batch example...
### Jacl
$AdminTask createIdMgrRealm {-name realm1 -allowOperationIfReposDown true}
- Jython string:
AdminTask.createIdMgrRealm ('[-name realm1 -allowOperationIfReposDown true]')
- Use Jython list:
AdminTask.createIdMgrRealm (['-name', 'realm1', '-allowOperationIfReposDown', 'true'])
Interactive example...
### Jacl
$AdminTask createIdMgrRealm {-interactive}
- Jython string:
AdminTask.createIdMgrRealm ('[-interactive]')
- Use Jython list:
AdminTask.createIdMgrRealm (['-interactive'])
deleteIdMgrRealm
Delete the realm configuration specified.
Required parameters
-name
The realm name. (String, required)
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional) Examples
Batch example...
### Jacl
$AdminTask deleteIdMgrRealm {-name realm1}
- Jython string:
AdminTask.deleteIdMgrRealm ('[-name realm1]')
- Use Jython list:
AdminTask.deleteIdMgrRealm (['-name', 'realm1'])
Interactive example...
### Jacl
$AdminTask deleteIdMgrRealm {-interactive}
- Jython string:
AdminTask.deleteIdMgrRealm ('[-interactive]')
- Use Jython list:
AdminTask.deleteIdMgrRealm (['-interactive'])
deleteIdMgrRealmBaseEntry
Delete a base entry from a realm configuration specified.
The realm must always contain at least one base entry, thus you cannot remove every entry.
Required parameters
-name
Name of the realm. (String, required)
-baseEntry
Name of a base entry. (String, required)
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional) Examples
Batch example...
### Jacl
$AdminTask deleteIdMgrRealmBaseEntry {-name realm1 -baseEntry entry1}
- Jython string:
AdminTask.deleteIdMgrRealmBaseEntry ('[-name realm1 -baseEntry entry1]')
- Use Jython list:
AdminTask.deleteIdMgrRealmBaseEntry (['-name', 'realm1', '-baseEntry', 'entry1'])
Interactive example...
### Jacl
$AdminTask deleteIdMgrRealmBaseEntry {-interactive}
- Jython string:
AdminTask.deleteIdMgrRealmBaseEntry ('[-interactive]')
- Use Jython list:
AdminTask.deleteIdMgrRealmBaseEntry (['-interactive'])
getIdMgrDefaultRealm
Return the default realm name.
Required parameters None.
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional) Examples
Batch example...
### Jacl
$AdminTask getIdMgrDefaultRealm
- Jython string:
AdminTask.getIdMgrDefaultRealm()
- Use Jython list:
AdminTask.getIdMgrDefaultRealm()
Interactive example...
### Jacl
$AdminTask getIdMgrDefaultRealm {-interactive}
- Jython string:
AdminTask.getIdMgrDefaultRealm ('[-interactive]')
- Use Jython list:
AdminTask.getIdMgrDefaultRealm (['-interactive'])
getIdMgrRepositoriesForRealm
Return repository specific details for the repositories configured for a specified realm.
Required parameters
-name
Name of the realm. (String, required)
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional) Examples
Batch example...
### Jacl
$AdminTask getIdMgrRepositoriesForRealm {-name realm1}
- Jython string:
AdminTask.getIdMgrRepositoriesForRealm ('[-name realm1]')
- Use Jython list:
AdminTask.getIdMgrRepositoriesForRealm (['-name', 'realm1'])
Interactive example...
### Jacl
$AdminTask getIdMgrRepositoriesForRealm {-interactive}
- Jython string:
AdminTask.getIdMgrRepositoriesForRealm ('[-interactive]')
- Use Jython list:
AdminTask.getIdMgrRepositoriesForRealm (['-interactive'])
getIdMgrRealm
Return the configuration parameters for the realm specified.
Required parameters
-name
Name of the realm. (String, required)
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional) Examples
Batch example...
### Jacl
$AdminTask getIdMgrRealm {-name realm1}
- Jython string:
AdminTask.getIdMgrRealm ('[-name realm1]')
- Use Jython list:
AdminTask.getIdMgrRealm (['-name', 'realm1'])
Interactive example...
### Jacl
$AdminTask getIdMgrRealm {-interactive}
- Jython string:
AdminTask.getIdMgrRealm ('[-interactive]')
- Use Jython list:
AdminTask.getIdMgrRealm (['-interactive'])
listIdMgrRealms
Return all of the names of the configured realms.
Required parameters None.
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional) Examples
Batch example...
### Jacl
$AdminTask listIdMgrRealms
- Jython string:
AdminTask.listIdMgrRealms()
- Use Jython list:
AdminTask.listIdMgrRealms()
Interactive example...
### Jacl
$AdminTask listIdMgrRealms {-interactive}
- Jython string:
AdminTask.listIdMgrRealms ('[-interactive]')
- Use Jython list:
AdminTask.listIdMgrRealms (['-interactive'])
listIdMgrRealmBaseEntries
Return all of the names of the configured realms.
Required parameters
-name
Name of the realm. (String, required)
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional) Examples
Batch example...
### Jacl
$AdminTask listIdMgrRealmBaseEntries {-name realm1}
- Jython string:
AdminTask.listIdMgrRealmBaseEntries ('[-name realm1]')
- Use Jython list:
AdminTask.listIdMgrRealmBaseEntries (['-name', 'realm1'])
Interactive example...
### Jacl
$AdminTask listIdMgrRealmBaseEntries {-interactive}
- Jython string:
AdminTask.listIdMgrRealmBaseEntries ('[-interactive]')
- Use Jython list:
AdminTask.listIdMgrRealmBaseEntries (['-interactive'])
listIdMgrRealmURAttrMappings
List the mappings between the user or group attributes for a user registry and the federated repository properties of a specified realm.
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional)
-name
Use this parameter to specify a valid realm name for which you want to list the mapping. If you do not specify the -name parameter, the listIdMgrRealmURAttrMappings command returns the mapping of the default realm in the federated repository.
(String, optional)
Return valuesThe listIdMgrRealmURAttrMappings command returns a HashMap that contains the following structure:
- The key is the user registry attribute name (URAttrName parameter).
- The value is another HashMap that contains the propertyForInput and propertyForOutput as keys and the corresponding mapping as the values.
The following example shows a sample output. The example is broken into multiple lines for illustration purposes only.
{userDisplayName={propertyForInput=principalName, propertyForOutput=principalName}, userSecurityName={propertyForInput=principalName, propertyForOutput=principalName}, uniqueUserId={propertyForInput=uniqueName, propertyForOutput=uniqueName}, uniqueGroupId={propertyForInput=uniqueName, propertyForOutput=uniqueName}, groupSecurityName={propertyForInput=cn, propertyForOutput=cn}, groupDisplayName={propertyForInput=cn, propertyForOutput=cn}}
Batch example...:
### Jacl
$AdminTask listIdMgrRealmURAttrMappings
### Jython string
AdminTask.listIdMgrRealmURAttrMappings()
Jython list:
AdminTask.listIdMgrRealmURAttrMappings()
Interactive example...
### Jacl
$AdminTask listIdMgrRealmURAttrMappings {-interactive}
### Jython string
AdminTask.listIdMgrRealmURAttrMappings ('[-interactive]')
Jython list:
AdminTask.listIdMgrRealmURAttrMappings (['-interactive'])
renameIdMgrRealm
Eename the name of the realm specified.
Renaming the federated repositories realm name does not update the realm name stored in the security.xml file.
Required parameters
-name
Name of the realm. (String, required)
-newName
New name of the realm. (String, required)
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional) Examples
Batch example...
### Jacl
$AdminTask renameIdMgrRealm {-name realm1 -newName
realm2
}
- Jython string:
AdminTask.renameIdMgrRealm ('[-name realm1 -newName
realm2
]')
- Use Jython list:
AdminTask.renameIdMgrRealm (['-name', 'realm1', ' -newName
', ' realm2
'])
Interactive example...
### Jacl
$AdminTask renameIdMgrRealm {-interactive}
- Jython string:
AdminTask.renameIdMgrRealm ('[-interactive]')
- Use Jython list:
AdminTask.renameIdMgrRealm (['-interactive'])
setIdMgrDefaultRealm
Sets the default realm name.
Required parameters
-name
Name of the realm used as a default realm when the caller does not specify any in context. (String, required)
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional) Examples
Batch example...
### Jacl
$AdminTask setIdMgrDefaultRealm {-name realm1}
- Jython string:
AdminTask.setIdMgrDefaultRealm ('[-name realm1]')
- Use Jython list:
AdminTask.setIdMgrDefaultRealm (['-name', 'realm1'])
Interactive example...
### Jacl
$AdminTask setIdMgrDefaultRealm {-interactive}
- Jython string:
AdminTask.setIdMgrDefaultRealm ('[-interactive]')
setIdMgrRealmURAttrMapping
Set or modify the mapping of the user or group attribute for a user registry to a federated repository property of a specified realm.
The setIdMgrRealmURAttrMapping command is available in both connected and local modes. If you run the setIdMgrRealmURAttrMapping command in connected mode, the realm attribute mapping changes take effect after you restart the server.
Target object None
Required parameters
-URAttrName
Name of the user or group attribute in a user registry to map. The following case-sensitive values are valid for the URAttrName parameter:
If you run the setIdMgrRealmURAttrMapping command multiple times for the same user registry attribute name, it overwrites the previous value.
- uniqueUserId
- userSecurityName
- userDisplayName
- uniqueGroupId
- groupSecurityName
- groupDisplayName
(String, required)
-propertyForInput
Name of the federated repository property that maps to the specified user registry attribute (URAttrName parameter) when it is an input parameter for the user registry interface. (String, required)
-propertyForOutput
Name of the federated repository property that maps to the specified user registry attribute (URAttrName parameter) when it is an output parameter (return value) for the user registry interface. (String, required) In most cases, the propertyForInput and propertyForInput would be the same.
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional)
-name
Use this parameter to specify a valid realm name for which you want to set or modify the mapping. If you do not specify the name parameter, the setIdMgrRealmURAttrMapping command uses the default realm in the federated repository. (String, optional) Examples
Batch example...
### Jacl
$AdminTask setIdMgrRealmURAttrMapping {-URAttrName unique_user_ID -propertyForInput unique_name -propertyForOutput unique_name}
### Jython string
AdminTask.setIdMgrRealmURAttrMapping ('[-URAttrName unique_user_ID -propertyForInput unique_name -propertyForOutput unique_name]')
Jython list:
AdminTask.setIdMgrRealmURAttrMapping (['-URAttrName', 'unique_user_ID', '-propertyForInput', 'unique_name', '-propertyForOutput', 'unique_name'])
Interactive example...
### Jacl
$AdminTask setIdMgrRealmURAttrMapping {-interactive}
### Jython string
AdminTask.setIdMgrRealmURAttrMapping ('[-interactive]')
Jython list:
AdminTask.setIdMgrRealmURAttrMapping (['-interactive'])
updateIdMgrRealm
Update the configuration for a realm that you specify.
Required parameters
-name
Name of the realm. (String, required)
Optional parameters
-securityDomainName
Name that uniquely identifies the security domain. If not specified, uses the global federated repository. (String, optional)
-securityUse
Specifies a string that indicates if this realm will be used in security now, later, or never. The default value is active. Additional values includes: inactive and nonSelectable. (String, optional)
-delimiter
specifies the delimiter used for this realm. The default value is /. (String, optional)
-allowOperationIfReposDown
Whether the system allows a repository operation such as get or search to complete successfully, even if repositories in the realm are down. (Boolean, optional) Even if this parameter is specified, all repositories must be available when you start the server, or the virtual member manager might not function properly. Examples
Batch example...
### Jacl
$AdminTask updateIdMgrRealm {-name realm1}
- Jython string:
AdminTask.updateIdMgrRealm ('[-name realm1]')
- Use Jython list:
AdminTask.updateIdMgrRealm (['-name', 'realm1'])
Interactive example...
### Jacl
$AdminTask updateIdMgrRealm {-interactive}
- Jython string:
AdminTask.updateIdMgrRealm ('[-interactive]')
- Use Jython list:
AdminTask.updateIdMgrRealm (['-interactive'])
Use the wsadmin scripting AdminTask object for scripted administration
Related
Commands using wsadmin.sh
IdMgrRepositoryConfig command group
IdMgrConfig command group