IdMgrRepositoryConfig

Overview addIdMgrLDAPAttr addIdMgrLDAPAttrNotSupported addIdMgrLDAPBackupServer addIdMgrLDAPEntityType addIdMgrLDAPEntityTypeRDNAttr addIdMgrLDAPExternalIdAttr addIdMgrLDAPGroupDynamicMemberAttr addIdMgrLDAPGroupMemberAttr addIdMgrLDAPServer addIdMgrRepositoryBaseEntry createIdMgrCustomRepository createIdMgrDBRepository createIdMgrFileRepository createIdMgrLDAPRepository deleteIdMgrLDAPAttr deleteIdMgrLDAPAttrNotSupported deleteIdMgrLDAPEntityType deleteIdMgrLDAPEntityTypeRDNAttr deleteIdMgrLDAPExternalIdAttr deleteIdMgrLDAPGroupConfig deleteIdMgrLDAPGroupMemberAttr deleteIdMgrLDAPGroupDynamicMemberAttr deleteIdMgrLDAPServer deleteIdMgrRepository deleteIdMgrRepositoryBaseEntry getIdMgrLDAPAttrCache getIdMgrLDAPContextPool getIdMgrLDAPEntityType getIdMgrLDAPEntityTypeRDNAttr getIdMgrLDAPGroupConfig getIdMgrLDAPGroupDynamicMemberAttrs getIdMgrLDAPGroupMemberAttrs getIdMgrLDAPSearchResultCache

getIdMgrLDAPServer getIdMgrRepository listIdMgrLDAPAttrs listIdMgrLDAPAttrsNotSupported listIdMgrCustomProperties listIdMgrLDAPBackupServers listIdMgrLDAPEntityTypes listIdMgrLDAPExternalIdAttrs listIdMgrLDAPServers listIdMgrRepositories listIdMgrRepositoryBaseEntries listIdMgrSupportedDBTypes listIdMgrSupportedMessageDigestAlgorithms listIdMgrSupportedLDAPServerTypes removeIdMgrLDAPBackupServer setIdMgrCustomProperty setIdMgrLDAPAttrCache setIdMgrLDAPContextPool setIdMgrLDAPGroupConfig setIdMgrLDAPSearchResultCache setIdMgrEntryMappingRepository setIdMgrPropertyExtensionRepository updateIdMgrDBRepository updateIdMgrFileRepository updateIdMgrLDAPAttrCache updateIdMgrLDAPContextPool updateIdMgrLDAPEntityType updateIdMgrLDAPGroupDynamicMemberAttr updateIdMgrLDAPGroupMemberAttr updateIdMgrLDAPRepository updateIdMgrLDAPSearchResultCache updateIdMgrLDAPServer updateIdMgrRepository updateIdMgrRepositoryBaseEntry

Overview

The commands in the IdMgrRepositoryConfig group can be used to manage the virtual member manager and LDAP directory properties.

addIdMgrLDAPAttr

Add an LDAP attribute configuration to the LDAP repository configuration.

Target object: None

Required

-id	Unique ID of the repository. (String, required)
-name	Name of the LDAP attribute used in the repository LDAP adapter. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-propertyName	Name of the corresponding federated repository property. (String, optional) We cannot add an LDAP attribute configuration for the federated repository properties, principalName and realm. If we define multiple login properties, the first login property is programmatically mapped to the federated repositories principalName property. For example, if we set uid;mail as the login properties, the LDAP attribute uid value is mapped to the federated repositories principalName property. If we define multiple login properties, after login, the first login property is returned as the value of the principalName property. For example, if you pass joe@yourco.com as the principalName value and the login properties are configured as uid;mail, the principalName is returned as joe.
-entityTypes	Entity type which applies the attribute mapping. (String, optional)
-syntax	Syntax of the LDAP attribute. The default is string. For example, the syntax of the unicodePwd LDAP attribute is octetString. (String, optional)
-defaultValue	Default value of the LDAP attribute. If not specified when creating an entity which this LDAP attribute applies to, the system adds the attribute using this default value. (String, optional)
-defaultAttr	Default LDAP attribute. If not specified when creating an entity which this LDAP attribute applies to, the system uses this value of the default attribute. For example, the following configuration defines a samAccountName LDAP attribute with the cn default attribute: <config:attributes name="samAccountName" defaultAttribute="cn">         <config:entityTypes>Group</config:entityTypes> </config:attributes> In this example, when we create the Group entity, the samAccountName LDAP attribute with the same value as the cn attribute is added to the corresponding LDAP entry. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask addIdMgrLDAPAttr {-id id_name -name unicode_password -syntax octet_string}
• Jython string: AdminTask.addIdMgrLDAPAttr ('[-id id_name -name unicode_password -syntax octet_string]')
• Jython list: AdminTask.addIdMgrLDAPAttr (['-id', 'id_name', '-name', 'unicode_password', '-syntax', 'octet_string'])

Interactive mode example usage:

• Jacl: $AdminTask addIdMgrLDAPAttr {-interactive}
• Jython: AdminTask.addIdMgrLDAPAttr('-interactive')

addIdMgrLDAPAttrNotSupported

Add a configuration for a federated repository property that the specified LDAP repository does not support.

Required

-id	Unique ID of the repository. (String, required)
-propertyName	Name of the federated repository property. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-entityTypes	Specify one or more entity types. Use the semicolon (;) as the delimiter to specify multiple entity types. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask addIdMgrLDAPAttrNotSupported {-id id_name -propertyName property_name}
• Jython string: AdminTask.addIdMgrLDAPAttrNotSupported ('[-id id_name -propertyName property_name]')
• Jython list: AdminTask.addIdMgrLDAPAttrNotSupported (['-id', 'id_name', '-propertyName', 'property_name'])

Interactive mode example usage:

• Jacl: $AdminTask addIdMgrLDAPAttrNotSupported {-interactive}
• Jython: AdminTask.addIdMgrLDAPAttrNotSupported('-interactive')

addIdMgrLDAPBackupServer

Set a backup LDAP server in the configuration.

Required

-id	Unique ID of the repository. (String, required)
-primary_host	Primary host of the LDAP server. (String, required)
-host	Host name for the LDAP server. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-port	Port number for the LDAP server. (Integer, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask addIdMgrLDAPBackupServer {-id id_name -primary_host host_name1 -host host_name2 -port port_number}
• Jython string: AdminTask.addIdMgrLDAPBackupServer ('[-id id_name -primary_host host_name1 -host host_name2 -port port_number]')
• Jython list: AdminTask.addIdMgrLDAPBackupServer (['-id', 'id_name', '-primary_host', 'host_name1', '-host', 'host_name2', '-port', 'port_number'])

Interactive mode example usage:

• Jacl: $AdminTask addIdMgrLDAPBackupServer {-interactive}
• Jython: AdminTask.addIdMgrLDAPBackupServer('-interactive')

addIdMgrLDAPEntityType

Add an LDAP entity type definition.

Required

-id	The ID of the repository. (String, required)
-name	The name of the entity type. (String, required)
-objectClasses	One or more object classes for the entity type. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-searchFilter	The search filter to use to search the entity type. (String, optional)
-objectClassesForCreate	The object class to use when an entity type is created. If the value of this parameter is the same as the objectClass parameter, we do not need to specify this parameter. (String, optional)
-searchBases	The search base or bases to use while searching the entity type. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask addIdMgrLDAPEntityType {-id id_name -name name_value -objectClasses object_class}
• Jython string: AdminTask.addIdMgrLDAPEntityType ('[-id id_name -name name_value -objectClasses object_class]')
• Jython list: AdminTask.addIdMgrLDAPEntityType (['-id', 'id_name', '-name', 'name_value', '-objectClasses', 'object_class'])

Interactive mode example usage:

• Jacl: $AdminTask addIdMgrLDAPEntityType {-interactive}
• Jython string: AdminTask.addIdMgrLDAPEntityType ('[-interactive]')
• Jython list: AdminTask.addIdMgrLDAPEntityType (['-interactive'])

addIdMgrLDAPEntityTypeRDNAttr

Add RDN attribute configuration to an LDAP entity type definition.

Required

-id	The ID of the repository. (String, required)
-entityTypeName	The name of the entity type. (String, required)
-name	The attribute name used to build the relative distinguished name (RDN) for the entity type. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-objectClass	The object class to use for the entity type for the relative distinguished name (RDN) attribute name specified. Use this parameter to map one entity type to multiple structural object classes. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask addIdMgrLDAPEntityTypeRDNAttr {-id id_name -entityTypeName entity_type -name name_value}
• Jython string:
  AdminTask.addIdMgrLDAPEntityTypeRDNAttr ('[-id id_name -entityTypeName entity_type -name name_value]')

• Jython list: AdminTask.addIdMgrLDAPEntityTypeRDNAttr (['-id', 'id_name', '-entityTypeName', 'entity_type', '-name', 'name_value'])

Interactive mode example usage:

• Jacl: $AdminTask addIdMgrLDAPEntityTypeRDNAttr {-interactive}
• Jython string:
  AdminTask.addIdMgrLDAPEntityTypeRDNAttr ('[-interactive]')

• Jython list: AdminTask.addIdMgrLDAPEntityTypeRDNAttr (['-interactive'])

addIdMgrLDAPExternalIdAttr

Add a configuration for an LDAP attribute used as an external ID in the specified LDAP repository.

Target object: None

Required

-id	Unique ID of the repository. (String, required)
-name	Name of the external ID attribute of the LDAP repository. (String, required) Important: Specify distinguishedName as value to indicate that the distinguished name (DN) of the entity is used as the external ID.

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-entityTypes	Specify one or more entity types. Use a semicolon (;) as the delimiter to specify multiple entity types. (String, optional)
-syntax	Syntax of the LDAP attribute. The default is string. For example, the syntax of the unicodePwd LDAP attribute is octetString. (String, optional)
-wimGenerate	Use this parameter to indicate whether the federated repository generates the value of the LDAP attribute. The default is false. (Boolean, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask addIdMgrLDAPExternalIdAttr {-id id_name -name unicodePwd -syntax octetString}
• Jython string: AdminTask.addIdMgrLDAPExternalIdAttr ('[-id id_name -name unicode_password -syntax octet_string]')
• Jython list: AdminTask.addIdMgrLDAPExternalIdAttr (['-id', 'id_name', '-name', 'unicode_password', '-syntax', 'octet_string'])

Interactive mode example usage:

• Jacl: $AdminTask addIdMgrLDAPExternalIdAttr {-interactive}
• Jython: AdminTask.addIdMgrLDAPExternalIdAttr('-interactive')

addIdMgrLDAPGroupDynamicMemberAttr

Add a dynamic member attribute configuration to an LDAP group configuration.

Required

-id	The ID of the repository. (String, required)
-name	The name of the LDAP attribute used as the group member attribute. For example, member or uniqueMember. (String, required)
-objectClass	The group object class containing the member attribute. For example, groupOfNames or groupOfUniqueNames. If we do not define this parameter, the member attribute applies to all group object classes. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask addIdMgrLDAPGroupDynamicMemberAttr {-id id_name -name name_value -objectClass object_class}
• Jython string: AdminTask.addIdMgrLDAPGroupDynamicMemberAttr ('[-id id_name -name name_value -objectClass object_class]')
• Jython list: AdminTask.addIdMgrLDAPGroupDynamicMemberAttr (['-id', 'id_name', '-name', 'name_value', '-objectClass', 'object_class'])

Interactive mode example usage:

• Jacl: $AdminTask addIdMgrLDAPGroupDynamicMemberAttr {-interactive}
• Jython string: AdminTask.addIdMgrLDAPGroupDynamicMemberAttr ('[-interactive]')
• Jython list: AdminTask.addIdMgrLDAPGroupDynamicMemberAttr (['-interactive'])

addIdMgrLDAPGroupMemberAttr

Add a member attribute configuration to an LDAP group configuration.

Required

-id	The ID of the repository. (String, required)
-name	The name of the LDAP attribute used as the group member attribute. For example, member or uniqueMember. (String, required)
-scope	The scope of the member attribute. The valid values for this parameter include the following: direct - The member attribute only contains direct members, therefore, this value refers to the member directly contained by the group and not contained through the nested group. For example, if Group1 contains Group2 and Group2 contains User1, then Group2 is a direct member of Group1 but User1 is not a direct member of Group1. Both member and uniqueMember are direct member attributes. nested - The member attribute containing the direct members and the nested members.

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-dummyMember	Indicates that if we create a group without specifying a member, a dummy member will be filled in to avoid creating an exception about missing a mandatory attribute. (String, optional)
-objectClass	The group object class containing the member attribute. For example, groupOfNames or groupOfUniqueNames. If we do not define this parameter, the member attribute applies to all group object classes. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask addIdMgrLDAPGroupMemberAttr {-id id_name -name name_value}
• Jython string: AdminTask.addIdMgrLDAPGroupMemberAttr ('[-id id_name -name name_value]')
• Jython list: AdminTask.addIdMgrLDAPGroupMemberAttr (['-id', 'id_name', '-name', 'name_value'])

Interactive mode example usage:

• Jacl: $AdminTask addIdMgrLDAPGroupMemberAttr {-interactive}
• Jython string: AdminTask.addIdMgrLDAPGroupMemberAttr ('[-interactive]')
• Jython list: AdminTask.addIdMgrLDAPGroupMemberAttr (['-interactive'])

addIdMgrLDAPServer

Add an LDAP server to the LDAP repository ID specified.

(ZOS) If the value of the sslEnabled parameter is set to true, the addIdMgrLDAPServer command operation will fail while trying to validate the connection. To workaround this problem...

1. Start WebSphere Application Server.
2. Start the wsadmin tool without specifying the -conntype none option.

Required

-id	The ID of the repository. (String, required)
-host	The host name for the primary LDAP server. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-port	The port number for the LDAP server. (Integer, optional)
-bindDN	The binding distinguished name for the LDAP server. (String, optional)
-bindPassword	The binding password. (String, optional)
-authentication	Indicates the authentication method to use. The default is simple. Valid values include: none or strong. (String, optional)
-referal	The LDAP referral. The default is ignore. Valid values include: follow, throw, or false. (String, optional)
-derefAliases	Controls how aliases are dereferenced. The default is always. Valid values include: never - never deference aliases finding - deferences aliases only during name resolution searching - deferences aliases only after name resolution (String, optional)
-sslEnabled	Indicates to enable SSL or not. The default is false. (Boolean, optional)
-connectionPool	The connection pool. The default is false. (Boolean, optional)
-connectTimeout	The connection timeout in seconds. The default is 20. (Integer, optional) Restriction: Due to a current JNDI limitation, the maximum connection timeout is 20 seconds. Even if we specify a value greater than 20 seconds, the connection still times out at 20 seconds.
-ldapServerType	The type of LDAP server being used. The default is IDS51. (String, optional)	Specify one of the following valid values: IDS ZOSDS DOMINO NDS SUNONE AD ADAM CUSTOM
-sslConfiguration	The SSL configuration. (String, optional)
-certificateMapMode	Specifies whether to map X.509 certificates into a LDAP directory by exact distinguished name or by certificate filter. The default is EXACT_DN. To use the certificate filter for the mapping, specify FILTERDESCRIPTORMODE. (String, optional)
-certificateFilter	If certificateMapMode has the value FILTERDESCRIPTORMODE, then this property specifies the LDAP filter which maps attributes in the client certificate to entries in LDAP. See section Certificate filter in the topic, LDAP repository configuration settings. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask addIdMgrLDAPServer {-id id_name -host myhost.ibm.com}
• Jython string: AdminTask.addIdMgrLDAPServer ('[-id id_name -host myhost.ibm.com]')
• Jython list: AdminTask.addIdMgrLDAPServer (['-id', 'id_name', '-host', 'myhost.ibm.com'])

Interactive mode example usage:

• Jacl: $AdminTask addIdMgrLDAPServer {-interactive}
• Jython string: AdminTask.addIdMgrLDAPServer ('[-interactive]')
• Jython list: AdminTask.addIdMgrLDAPServer (['-interactive'])

addIdMgrRepositoryBaseEntry

Add a base entry to the specified repository.

Required

-id	The ID of the repository. (String, required)
-name	The distinguished name of a base entry. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-nameInRepository	The distinguished name in the repository that uniquely identifies the base entry name. (String, optional) The values specified for both name and nameInRepository parameters must be the same for a database repository.

Examples

Batch mode example usage:

• Jacl: $AdminTask addIdMgrRepositoryBaseEntry {-id id_name -name name_value}
• Jython string: AdminTask.addIdMgrRepositoryBaseEntry ('[-id id_name -name name_value]')
• Jython list: AdminTask.addIdMgrRepositoryBaseEntry (['-id', 'id_name', '-name', 'name_value'])

Interactive mode example usage:

• Jacl: $AdminTask addIdMgrRepositoryBaseEntry {-interactive}
• Jython string: AdminTask.addIdMgrRepositoryBaseEntry ('[-interactive]')
• Jython list: AdminTask.addIdMgrRepositoryBaseEntry (['-interactive'])

createIdMgrCustomRepository

Create a custom repository configuration.

Required

-id	The ID of the repository. (String, required)
-adapterClassName	The implementation class name for the repository adapter. (String, required)

Examples

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Batch mode example usage:

• Jacl: $AdminTask createIdMgrCustomRepository {-id id_name -adapterClassName adapter_class_name}
• Jython string: AdminTask.createIdMgrCustomRepository('-id id_name -adapterClassName adapter_class_name')
• Jython list: AdminTask.createIdMgrCustomRepository(['-id', 'id_name', '-adapterClassName', 'adapter_class_name'])

Interactive mode example usage:

• Jacl: $AdminTask createIdMgrCustomRepository {-interactive}
• Jython: AdminTask.createIdMgrCustomRepository('-interactive')

createIdMgrDBRepository

Create a database repository configuration.

Required

-id	The ID of the repository. (String, required)
-dataSourceName	The name of the data source. The default is jdbc/wimDS. (String, required)
-databaseType	The type of the database. The default is DB2. (String, required)
-dbURL	The URL of the database. (String, required)
-dbAdminId	The database administrator ID. (String, required if database type is not Apache Derby.)
-dbAdminPassword	The database administrator password. (String, required if database type is not Apache Derby.)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-adapterClassName	The default is com.ibm.ws.wim.adapter.db.DBAdapter. (String, optional)
-JDBCDriverClass	The JDBC driver class name. (String, optional)
-supportSorting	Indicates if sorting is supported or not. The default is false. (Boolean, optional)
-supportTransactions	Indicates if transactions are supported or not. The default is false. (Boolean, optional)
-isExtIdUnique	Specifies if the external ID is unique. Default is true. (Boolean, optional)
-supportExternalName	Indicates if external names are supported or not. The default is false. (Boolean, optional)
-supportAsyncMode	Indicates if the adapter supports async mode or not. The default is false. (Boolean, optional)
-readOnly	Indicates if this is a read only repository. The default is false. (Boolean, optional)
-entityRetrievalLimit	Indicates the value of the retrieval limit on database entries. The default is 200. (Integer, optional)
-saltLength	The salt length in bits. The default is 12. (Integer, optional)
-encryptionKey	The default is rZ15ws0ely9yHk3zCs3sTMv/ho8fY17s. (String, optional)
-dbSchema	The database schema of the database repository to configure. The schema should exist in the database. The default is the default schema of the database according to the database type. Typically, the default schema is the namespace of the current database user. (String, optional).
(ZOS) -dbSchema	(ZOS) The database schema of the database repository to configure. The default is the default schema of the database according to the database type. Typically, the default schema is the namespace of the current database user. (String, optional).
(ZOS) -tablespacePrefix	(ZOS) The tablespace prefix. The maximum length allowed for this string is 3 characters. The value of tablespacePrefix parameter is required when using the dbSchema parameter. It is specific to DB2 for z/OS and will be ignored for any other database type. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask createIdMgrDBRepository {-id id_name -dataSourceName datasource_name -databaseType database_type}
• Jython string: AdminTask.createIdMgrDBRepository ('[-id id_name -dataSourceName datasource_name -databaseType database_type]')
• Jython list: AdminTask.createIdMgrDBRepository (['-id', 'id_name', '-dataSourceName', 'datasource_name', '-databaseType', 'database_type'])

Interactive mode example usage:

• Jacl: $AdminTask createIdMgrDBRepository {-interactive}
• Jython string: AdminTask.createIdMgrDBRepository ('[-interactive]')
• Jython list: AdminTask.createIdMgrDBRepository (['-interactive'])

createIdMgrFileRepository

Create a file repository configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-messageDigest Algorithm	The message digest algorithm that will be used for hashing the password. The default is SHA-1. Valid values include the following: SHA-1, SHA-384, or SHA-512.(String, optional)
-adapterClassName	The default is com.ibm.ws.wim.adapter.file.was.FileAdapter. (String, optional)
-supportPaging	Indicates if paging is supported or not. The default is false. (Boolean, optional)
-supportSorting	Indicates if sorting is supported or not. The default is false. (Boolean, optional)
-supportTransactions	Indicates if transaction is supported or not. The default is false. (Boolean, optional)
-isExtIdUnique	Specifies if the external ID is unique or not. Default is true. (Boolean, optional)
-supportAsyncMode	Indicates if the adapter supports async mode or not. The default is false. (Boolean, optional)
-supportExternalName	Indicates if external names are supported or not. The default is false. (Boolean, optional)
-baseDirectory	The base directory where the fill will be created in order to store the data. The default is to be dynamically built during run time using user.install.root and cell name. (String, optional)
-fileName	The file name of the repository. The default is fileRegistry.xml. (String, optional)
-saltLength	The salt length of the randomly generated salt for password hashing. The default is 12. (Integer, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask createIdMgrFileRepository {-id id_name -messageDigestAlgorithm algorithm_value}
• Jython string: AdminTask.createIdMgrFileRepository ('[-id id_name -messageDigestAlgorithm algorithm_value]')
• Jython list: AdminTask.createIdMgrFileRepository (['-id', 'id_name', '-messageDigestAlgorithm', 'algorithm_value'])

Interactive mode example usage:

• Jacl: $AdminTask createIdMgrFileRepository {-interactive}
• Jython string: AdminTask.createIdMgrFileRepository ('[-interactive]')
• Jython list: AdminTask.createIdMgrFileRepository (['-interactive'])

createIdMgrLDAPRepository

Create an LDAP repository configuration.

Required

-id	The unique identifier for the repository. (String, required)
-ldapServerType	The type of LDAP server being used used. The default is IDS51. (String, required)	Specify one of the following valid values: IDS ZOSDS DOMINO NDS SUNONE AD ADAM CUSTOM

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-adapterClassName	The default is com.ibm.ws.wim.adapter.ldap.LdapAdapter. (String, optional)
-supportSorting	Indicates if sorting is supported or not. The default is false. (Boolean, optional)
-supportPaging	Indicates if paging is supported or not. The default is false. (Boolean, optional)
-supportTransactions	Indicates if transactions are supported or not. The default is false. (Boolean, optional)
-isExtIdUnique	Specifies if the external ID is unique. Default is true. (Boolean, optional)
-supportAsyncMode	Indicates if the adapter supports async mode or not. The default is false. (Boolean, optional)
-supportExternalName	Indicates if external names are supported or not. The default is false. (Boolean, optional)
-certificateMapMode	Specifies whether to map X.509 certificates into a LDAP directory by exact distinguished name or by certificate filter. The default is exactdn. To use the certificate filter for the mapping, specify the value as certificatefilter. (String, optional)
-certificateFilter	If the certificateMapMode parameter has the value certificatefilter, then this property specifies the LDAP filter that maps attributes in the client certificate to entries in LDAP. (String, optional)
-loginProperties	Indicates the property name used for login. (String, optional) If we define multiple login properties, the first login property is programmatically mapped to the federated repositories principalName property. For example, if we set uid;mail as the login properties, the LDAP attribute uid value is mapped to the federated repositories principalName property. If we define multiple login properties, after login, the first login property is returned as the value of the principalName property. For example, if you pass joe@yourco.com as the principalName value and the login properties are configured as uid;mail, the principalName is returned as joe.
-sslConfiguration	The SSL configuration. (String, optional)
-translateRDN	Indicates to translate RDN or not. The default is false. (Boolean, optional)
-searchTimeLimit	The value of search time limit. (Integer, optional)
-searchCountLimit	The value of search count limit. (Integer, optional)
-searchPageSize	The value of search page size. (Integer, optional)
-returnToPrimaryServer	(Integer, optional)
-primaryServerQueryTimeInterval	(Integer, optional)
-default	If true, the default values will be set for the remaining configuration properties of the LDAP repository. (Boolean, optional)
-supportChangeLog	This parameter indicates whether the repository supports change tracking. Valid values for this parameter are none or native. The default is none. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask createIdMgrLDAPRepository {-id id_name -ldapServerType LDAP_server_type}
• Jython string: AdminTask.createIdMgrLDAPRepository ('[-id id_name -ldapServerType LDAP_server_type]')
• Jython list: AdminTask.createIdMgrLDAPRepository (['-id', 'id_name', '-ldapServerType', 'LDAP_server_type'])

Interactive mode example usage:

• Jacl: $AdminTask createIdMgrLDAPRepository {-interactive}
• Jython string: AdminTask.createIdMgrLDAPRepository ('[-interactive]')
• Jython list: AdminTask.createIdMgrLDAPRepository (['-interactive'])

deleteIdMgrLDAPAttr

Delete the LDAP attribute configuration data for a specific entity type from the LDAP repository of interest.

Target object: None

Required

-id

Unique ID of the repository. (String, required) The deleteIdMgrLDAPAttr command also requires the name of either the LDAP attribute or federated repository property. Specify a value for either the -name or -propertyName parameter that is described in the next section. However, do not specify both parameters. Although the -name or -propertyName parameters are designated as optional parameters, an error occurs if we do not specify one of the parameters or if we specify both parameters.

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-name	Name of the LDAP attribute used in the repository LDAP adapter. (String, required)
-entityTypes	Entity type which applies the attribute mapping. (String, optional)
-propertyName	Name of the corresponding federated repository property. (String optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPAttr {-id id_name -name unicode_password}
• Jython string: AdminTask.deleteIdMgrLDAPAttr ('[-id id_name -name unicode_password]')
• Jython list: AdminTask.deleteIdMgrLDAPAttr (['-id', 'id_name', '-name', 'unicode_password'])

Interactive mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPAttr {-interactive}
• Jython: AdminTask.deleteIdMgrLDAPAttr('-interactive')

deleteIdMgrLDAPAttrNotSupported

Delete the configuration for a federated repository property that the specified LDAP repository does not support.

Target object: None

Required

-id	Unique ID of the repository. (String, required)
-propertyName	Name of the federated repository property. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

-entityTypes

Specify one or more entity types. Use the semicolon (;) as the delimiter to specify multiple entity types. If not specified, the deleteIdMgrLDAPAttrNotSupported command deletes all the configuration data of the specified attribute. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPAttrNotSupported {-id id_name -propertyName property_name}
• Jython string: AdminTask.deleteIdMgrLDAPAttrNotSupported ('[-id id_name -propertyName property_name]')
• Jython list: AdminTask.deleteIdMgrLDAPAttrNotSupported (['-id', 'id_name', '-propertyName', 'property_name'])

Interactive mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPAttrNotSupported {-interactive}
• Jython: AdminTask.deleteIdMgrLDAPAttrNotSupported('-interactive')

deleteIdMgrLDAPEntityType

Delete the LDAP entity type configuration data for a specified entity type for a specific LDAP repository.

Parameters and return values

-id	The ID of the repository. (String, required)
-name	The name of the entity type. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPEntityType {-id id_name -name name_value}
• Jython string: AdminTask.deleteIdMgrLDAPEntityType ('[-id id_name -name name_value]')
• Jython list: AdminTask.deleteIdMgrLDAPEntityType (['-id', 'id_name', '-name', 'name_value'])

Interactive mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPEntityType {-interactive}
• Jython string: AdminTask.deleteIdMgrLDAPEntityType ('[-interactive]')
• Jython list: AdminTask.deleteIdMgrLDAPEntityType (['-interactive'])

deleteIdMgrLDAPEntityTypeRDNAttr

Delete the relative distinguished name (RDN) attribute configuration from an LDAP entity type configuration.

Required

-id	The ID of the repository. (String, required)
-entityTypeName	The name of the entity type. (String, required)
-name	The attribute name used to build the relative distinguished name (RDN) for the entity type. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPEntityTypeRDNAttr {-id id_name -name name_value -entityTypeName entity_type}
• Jython string: AdminTask.deleteIdMgrLDAPEntityTypeRDNAttr ('[-id id_name -name name_value -entityTypeName entity_type]')
• Jython list: AdminTask.deleteIdMgrLDAPEntityTypeRDNAttr (['-id', 'id_name', '-name', 'name_value', '-entityTypeName', 'entity_type'])

Interactive mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPEntityTypeRDNAttr {-interactive}
• Jython string: AdminTask.deleteIdMgrLDAPEntityTypeRDNAttr ('[-interactive]')
• Jython list: AdminTask.deleteIdMgrLDAPEntityTypeRDNAttr (['-interactive'])

deleteIdMgrLDAPExternalIdAttr

Delete the configuration for an LDAP attribute used as an external ID in the specified LDAP repository.

Target object: None

Required

-id	Unique ID of the repository. (String, required)
-name	Name of the external ID attribute of the LDAP repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

-entityTypes

Specify one or more entity types. Use a semicolon (;) as the delimiter to specify multiple entity types. If not specified, the deleteIdMgrLDAPExternalIdAttr command deletes all the configuration data of the specified attribute. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPExternalIdAttr {-id id_name -name unicode_password}
• Jython string: AdminTask.deleteIdMgrLDAPExternalIdAttr ('[-id id_name -name unicode_password]')
• Jython list: AdminTask.deleteIdMgrLDAPExternalIdAttr (['-id', 'id_name', '-name', 'unicode_password'])

Interactive mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPExternalIdAttr {-interactive}
• Jython string: AdminTask.deleteIdMgrLDAPExternalIdAttr ('-interactive')

deleteIdMgrLDAPGroupConfig

Delete the LDAP group configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPGroupConfig {-id id_name}
• Jython string: AdminTask.deleteIdMgrLDAPGroupConfig ('[-id id_name]')
• Jython list: AdminTask.deleteIdMgrLDAPGroupConfig (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPGroupConfig {-interactive}
• Jython string: AdminTask.deleteIdMgrLDAPGroupConfig ('[-interactive]')
• Jython list: AdminTask.deleteIdMgrLDAPGroupConfig (['-interactive'])

deleteIdMgrLDAPGroupMemberAttr

Delete a member attribute configuration from an LDAP group configuration.

Required

-id	The ID of the repository. (String, required)
-name	The name of the LDAP attribute used as the group member attribute, for example, member or uniqueMember. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPGroupMemberAttr {-id id_name -name attr_name}
• Jython string: AdminTask.deleteIdMgrLDAPGroupMemberAttr ('[-id id_name -name attr_name]')
• Jython list: AdminTask.deleteIdMgrLDAPGroupMemberAttr (['-id', 'id_name', '-name', 'attr_name'])

Interactive mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPGroupMemberAttr {-interactive}
• Jython string: AdminTask.deleteIdMgrLDAPGroupMemberAttr ('[-interactive]')
• Jython list: AdminTask.deleteIdMgrLDAPGroupMemberAttr (['-interactive'])

deleteIdMgrLDAPGroupDynamicMemberAttr

Delete a dynamic member attribute configuration from an LDAP group configuration.

Required

-id	The ID of the repository. (String, required)
-name	The name of the LDAP attribute used as the group member attribute. For example, memberURL. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPGroupDynamicMemberAttr {-id id_name -name name_value}
• Jython string: AdminTask.deleteIdMgrLDAPGroupDynamicMemberAttr ('[-id id_name -name name_value]')
• Jython list: AdminTask.deleteIdMgrLDAPGroupDynamicMemberAttr (['-id', 'id_name', '-name', 'name_value'])

Interactive mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPGroupDynamicMemberAttr {-interactive}
• Jython string: AdminTask.deleteIdMgrLDAPGroupDynamicMemberAttr ('[-interactive]')
• Jython list: AdminTask.deleteIdMgrLDAPGroupDynamicMemberAttr (['-interactive'])

deleteIdMgrLDAPServer

Delete the configuration for the LDAP server specified from the LDAP repository ID specified.

Required

-id	The ID of the repository. (String, required)
-host	The host name for the primary LDAP server. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPServer {-id id_name -host myhost.ibm.com}
• Jython string: AdminTask.deleteIdMgrLDAPServer ('[-id id_name -host myhost.ibm.com]')
• Jython list: AdminTask.deleteIdMgrLDAPServer (['-id', 'id_name', '-host', 'myhost.ibm.com'])

Interactive mode example usage:

• Jacl: $AdminTask deleteIdMgrLDAPServer {-interactive}
• Jython string: AdminTask.deleteIdMgrLDAPServer ('[-interactive]')
• Jython list: AdminTask.deleteIdMgrLDAPServer (['-interactive'])

deleteIdMgrRepository

Delete a repository specified.

Required

-id	The ID of the repository. Valid values include existing repository IDs. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask deleteIdMgrRepository {-id id_name}
• Jython string: AdminTask.deleteIdMgrRepository ('[-id id_name]')
• Jython list: AdminTask.deleteIdMgrRepository (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask deleteIdMgrRepository {-interactive}
• Jython string: AdminTask.deleteIdMgrRepository ('[-interactive]')
• Jython list: AdminTask.deleteIdMgrRepository (['-interactive'])

deleteIdMgrRepositoryBaseEntry

Delete a base entry from the specified repository.

Required

-id	The ID of the repository. (String, required)
-name	The distinguished name of a base entry. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask deleteIdMgrRepositoryBaseEntry {-id id_name -name name_value}
• Jython string: AdminTask.deleteIdMgrRepositoryBaseEntry ('[-id id_name -name name_value]')
• Jython list: AdminTask.deleteIdMgrRepositoryBaseEntry (['-id', 'id_name', '-name', 'name_value'])

Interactive mode example usage:

• Jacl: $AdminTask deleteIdMgrRepositoryBaseEntry {-interactive}
• Jython string: AdminTask.deleteIdMgrRepositoryBaseEntry ('[-interactive]')
• Jython list: AdminTask.deleteIdMgrRepositoryBaseEntry (['-interactive'])

getIdMgrLDAPAttrCache

Return the LDAP attribute cache configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask getIdMgrLDAPAttrCache {-id id_name}
• Jython string: AdminTask.getIdMgrLDAPAttrCache ('[-id id_name]')
• Jython list: AdminTask.getIdMgrLDAPAttrCache (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask getIdMgrLDAPAttrCache {-interactive}
• Jython string: AdminTask.getIdMgrLDAPAttrCache ('[-interactive]')
• Jython list: AdminTask.getIdMgrLDAPAttrCache (['-interactive'])

getIdMgrLDAPContextPool

Return the LDAP context pool configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask getIdMgrLDAPContextPool {-id id_name}
• Jython string: AdminTask.getIdMgrLDAPContextPool ('[-id id_name]')
• Jython list: AdminTask.getIdMgrLDAPContextPool (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask getIdMgrLDAPContextPool {-interactive}
• Jython string: AdminTask.getIdMgrLDAPContextPool ('[-interactive]')
• Jython list: AdminTask.getIdMgrLDAPContextPool (['-interactive'])

getIdMgrLDAPEntityType

Return the LDAP entity type configuration data.

Required

-id	The ID of the repository. (String, required)
-name	The name of the entity type. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask getIdMgrLDAPEntityType {-id id_name -name name_value}
• Jython string: AdminTask.getIdMgrLDAPEntityType ('[-id id_name -name name_value]')
• Jython list: AdminTask.getIdMgrLDAPEntityType (['-id', 'id_name', '-name', 'name_value'])

Interactive mode example usage:

• Jacl: $AdminTask getIdMgrLDAPEntityType {-interactive}
• Jython string: AdminTask.getIdMgrLDAPEntityType ('[-interactive]')
• Jython list: AdminTask.getIdMgrLDAPEntityType (['-interactive'])

getIdMgrLDAPEntityTypeRDNAttr

Return the relative distinguished name (RDN) attribute configuration for an LDAP entity type definition.

Required

-id	The ID of the repository. (String, required)
-entityTypeName	The name of the entity name. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask getIdMgrLDAPEntityTypeRDNAttr {-id id_name -entityTypeName name_value}
• Jython string: AdminTask.getIdMgrLDAPEntityTypeRDNAttr ('[-id id_name -entityTypeName name_value]')
• Jython list: AdminTask.getIdMgrLDAPEntityTypeRDNAttr (['-id', 'id_name', '-entityTypeName', 'name_value'])

Interactive mode example usage:

• Jacl: $AdminTask getIdMgrLDAPEntityTypeRDNAttr {-interactive}
• Jython string: AdminTask.getIdMgrLDAPEntityTypeRDNAttr ('[-interactive]')
• Jython list: AdminTask.getIdMgrLDAPEntityTypeRDNAttr (['-interactive'])

getIdMgrLDAPGroupConfig

Return the LDAP group configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask getIdMgrLDAPGroupConfig {-id id_name}
• Jython string: AdminTask.getIdMgrLDAPGroupConfig ('[-id id_name]')
• Jython list: AdminTask.getIdMgrLDAPGroupConfig (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask getIdMgrLDAPGroupConfig {-interactive}
• Jython string: AdminTask.getIdMgrLDAPGroupConfig ('[-interactive]')
• Jython list: AdminTask.getIdMgrLDAPGroupConfig (['-interactive'])

getIdMgrLDAPGroupDynamicMemberAttrs

Return the dynamic member attribute configuration from the LDAP group configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask getIdMgrLDAPGroupDynamicMemberAttrs {-id id_name}
• Jython string: AdminTask.getIdMgrLDAPGroupDynamicMemberAttrs ('[-id id_name]')
• Jython list: AdminTask.getIdMgrLDAPGroupDynamicMemberAttrs (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask getIdMgrLDAPGroupDynamicMemberAttrs {-interactive}
• Jython string: AdminTask.getIdMgrLDAPGroupDynamicMemberAttrs ('[-interactive]')
• Jython list: AdminTask.getIdMgrLDAPGroupDynamicMemberAttrs (['-interactive'])

getIdMgrLDAPGroupMemberAttrs

Return the member attribute configuration for the LDAP group configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask getIdMgrLDAPGroup MemberAttrs {-id id_name}
• Jython string: AdminTask.getIdMgrLDAPGroup MemberAttrs ('[-id id_name]')
• Jython list: AdminTask.getIdMgrLDAPGroup MemberAttrs (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask getIdMgrLDAPGroupMemberAttrs {-interactive}
• Jython string: AdminTask.getIdMgrLDAPGroupMemberAttrs ('[-interactive]')
• Jython list: AdminTask.getIdMgrLDAPGroupMemberAttrs (['-interactive'])

getIdMgrLDAPSearchResultCache

Return the LDAP search result cache configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask getIdMgrLDAPSearchResultCache {-id id_name}
• Jython string: AdminTask.getIdMgrLDAPSearchResultCache ('[-id id_name]')
• Jython list: AdminTask.getIdMgrLDAPSearchResultCache (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask getIdMgrLDAPSearchResultCache {-interactive}
• Jython string: AdminTask.getIdMgrLDAPSearchResultCache ('[-interactive]')
• Jython list: AdminTask.getIdMgrLDAPSearchResultCache (['-interactive'])

getIdMgrLDAPServer

Return the configuration for the LDAP server specified for the LDAP repository ID specified.

Required

-id	The ID of the repository. (String, required)
-host	The host name for the primary LDAP server. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask getIdMgrLDAPServer {-id id_name -host myhost.ibm.com}
• Jython string: AdminTask.getIdMgrLDAPServer ('[-id id_name -host myhost.ibm.com]')
• Jython list: AdminTask.getIdMgrLDAPServer (['-id', 'id_name', '-host', 'myhost.ibm.com'])

Interactive mode example usage:

• Jacl: $AdminTask getIdMgrLDAPServer {-interactive}
• Jython string: AdminTask.getIdMgrLDAPServer ('[-interactive]')
• Jython list: AdminTask.getIdMgrLDAPServer (['-interactive'])

getIdMgrRepository

Return the configuration of the specified repository.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask getIdMgrRepository {-id id_name}
• Jython string: AdminTask.getIdMgrRepository ('[-id id_name]')
• Jython list: AdminTask.getIdMgrRepository (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask getIdMgrRepository {-interactive}
• Jython string: AdminTask.getIdMgrRepository ('[-interactive]')
• Jython list: AdminTask.getIdMgrRepository (['-interactive'])

listIdMgrLDAPAttrs

List the name of each configured attributes for the LDAP repository of interest.

Required

-id	Specify the unique ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Return value.

The command returns a list of HashMaps containing parameters of the addIdMgrLDAPAttr command as keys. For the entityTypes parameter, which is multivalued, the value of the key is a string that is delimited by a semicolon (;). The return value includes an additional key called entityTypesList. The value of the entityTypesList key is a List object.

Examples

Batch mode example usage:

• Jacl: $AdminTask listIdMgrLDAPAttrs {-id id_value}
• Jython string: AdminTask.listIdMgrLDAPAttrs ('[-id id_value]')
• Jython list: AdminTask.listIdMgrLDAPAttrs (['-id', 'id_value'])

Interactive mode example usage:

• Jacl: $AdminTask listIdMgrLDAPAttrs {-interactive}
• Jython: AdminTask.listIdMgrLDAPAttrs('-interactive')

listIdMgrLDAPAttrsNotSupported

List the details of all configured federated repository properties that the specified LDAP repository does not support.

Target object: None

Required

-id	Unique ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Return value.

The command returns a List of HashMaps containing parameters of the addIdMgrLDAPAttrNotSupported command as keys. For multivalued parameters such as entityTypes, the value of the key is a List object.

Examples

Batch mode example usage:

• Jacl: $AdminTask listIdMgrLDAPAttrsNotSupported {-id id_name}
• Jython string: AdminTask.listIdMgrLDAPAttrsNotSupported ('[-id id_name]')
• Jython list: AdminTask.listIdMgrLDAPAttrsNotSupported (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask listIdMgrLDAPAttrsNotSupported ('[-interactive]')
• Jython: AdminTask.listIdMgrLDAPAttrsNotSupported ('-interactive')

listIdMgrCustomProperties

Return a list of custom properties for the repository specified.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask listIdMgrCustomProperties {-id id_value}
• Jython string: AdminTask.listIdMgrCustomProperties ('[-id id_value]')
• Jython list: AdminTask.listIdMgrCustomProperties (['-id', 'id_value'])

Interactive mode example usage:

• Jacl: $AdminTask listIdMgrCustomProperties {-interactive}
• Jython string: AdminTask.listIdMgrCustomProperties ('[-interactive]')
• Jython list: AdminTask.listIdMgrCustomProperties (['-interactive'])

listIdMgrLDAPBackupServers

Return a list of the backup LDAP server or servers.

Required parameters and return values

-id	The ID of the repository. (String, required)
-primary_host	The host name for the primary LDAP server. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask listIdMgrLDAPBackupServer {-id id_value -primary_host host_name}
• Jython string: AdminTask.listIdMgrLDAPBackupServer ('[-id id_value -primary_host host_name]')
• Jython list: AdminTask.listIdMgrLDAPBackupServer (['-id', 'id_value', '-primary_host', 'host_name'])

Interactive mode example usage:

• Jacl: $AdminTask listIdMgrLDAPBackupServer {-interactive}
• Jython string: AdminTask.listIdMgrLDAPBackupServer ('[-interactive]')
• Jython list: AdminTask.listIdMgrLDAPBackupServer (['-interactive'])

listIdMgrLDAPEntityTypes

List the name of all of the configured LDAP entity type definitions.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask listIdMgrLDAPEntityTypes {-id id_value}
• Jython string: AdminTask.listIdMgrLDAPEntityTypes ('[-id id_value]')
• Jython list: AdminTask.listIdMgrLDAPEntityTypes (['-id', 'id_value'])

Interactive mode example usage:

• Jacl: $AdminTask listIdMgrLDAPEntityTypes {-interactive}
• Jython string: AdminTask.listIdMgrLDAPEntityTypes ('[-interactive]')
• Jython list: AdminTask.listIdMgrLDAPEntityTypes (['-interactive'])

listIdMgrLDAPExternalIdAttrs

List the details of all LDAP attributes used as an external ID in the specified LDAP repository.

Target object: None

Required

-id	Unique ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Return value.

The command returns a List of HashMaps containing parameters of the addIdMgrLDAPExternalIdAttr command as keys. For multivalued parameters such as entityTypes, the value of the key is a List object.

Examples

Batch mode example usage:

• Jacl: $AdminTask listIdMgrLDAPExternalIdAttrs {-id id_name}
• Jython string: AdminTask.listIdMgrLDAPExternalIdAttrs ('[-id id_name]')
• Jython list: AdminTask.listIdMgrLDAPExternalIdAttrs (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask listIdMgrLDAPExternalIdAttrs ('[-interactive]')
• Jython string: AdminTask.listIdMgrLDAPExternalIdAttrs('-interactive')

listIdMgrLDAPServers

List all of the configured primary LDAP servers.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask listIdMgrLDAPServers {-id id_value}
• Jython string: AdminTask.listIdMgrLDAPServers ('[-id id_value]')
• Jython list: AdminTask.listIdMgrLDAPServers (['-id', 'id_value'])

Interactive mode example usage:

• Jacl: $AdminTask listIdMgrLDAPServers {-interactive}
• Jython string: AdminTask.listIdMgrLDAPServers ('[-interactive]')
• Jython list: AdminTask.listIdMgrLDAPServers (['-interactive'])

listIdMgrRepositories

List names and types of all configured repositories.

Required parameters and return values None.

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

• Returns: A hash map with key as the name of the repository and value as another hash map that includes the following keys:
  • repositoryType - The type of repository. For example, File, LDAP, DB, and so on.
  • specificRepositoryType - The specific type of repository. For example, LDAP, IDS51, NDS, and so on.
  • host - The host name where the repository resides. For File, it is LocalHost and for DB it is dataSourceName.

  This command will not return the Property Extension and Entry Mapping repository data.

Examples

Batch mode example usage:

• Jacl: $AdminTask listIdMgrRepositories
• Jython string: AdminTask.listIdMgrRepositories()
• Jython list: AdminTask.listIdMgrRepositories()

Interactive mode example usage:

• Jacl: $AdminTask listIdMgrRepositories {-interactive}
• Jython string: AdminTask.listIdMgrRepositories ('[-interactive]')
• Jython list: AdminTask.listIdMgrRepositories (['-interactive'])

listIdMgrRepositoryBaseEntries

List the base entries for a specified repository.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask listIdMgrRepositoryBaseEntries {-id id_value}
• Jython string: AdminTask.listIdMgrRepositoryBaseEntries ('[-id id_value]')
• Jython list: AdminTask.listIdMgrRepositoryBaseEntries (['-id', 'id_value'])

Interactive mode example usage:

• Jacl: $AdminTask listIdMgrRepositoryBaseEntries {-interactive}
• Jython string: AdminTask.listIdMgrRepositoryBaseEntries ('[-interactive]')
• Jython list: AdminTask.listIdMgrRepositoryBaseEntries (['-interactive'])

listIdMgrSupportedDBTypes

Return a list of supported database types.

Required

None.

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask listIdMgrSupportedDBTypes
• Jython string: AdminTask.listIdMgrSupportedDBTypes()
• Jython list: AdminTask.listIdMgrSupportedDBTypes()

Interactive mode example usage:

• Jacl: $AdminTask listIdMgrSupportedDBTypes {-interactive}
• Jython string: AdminTask.listIdMgrSupportedDBTypes ('[-interactive]')
• Jython list: AdminTask.listIdMgrSupportedDBTypes (['-interactive'])

listIdMgrSupportedMessageDigestAlgorithms

Return a list of supported message digest algorithms.

None.

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask listIdMgrSupportedMessageDigestAlgorithms
• Jython string: AdminTask.listIdMgrSupportedMessageDigestAlgorithms()
• Jython list: AdminTask.listIdMgrSupportedMessageDigestAlgorithms()

Interactive mode example usage:

• Jacl: $AdminTask listIdMgrSupportedMessageDigestAlgorithms {-interactive}
• Jython string: AdminTask.listIdMgrSupportedMessageDigestAlgorithms ('[-interactive]')
• Jython list: AdminTask.listIdMgrSupportedMessageDigestAlgorithms (['-interactive'])

listIdMgrSupportedLDAPServerTypes

Return a list of supported LDAP server types.

Required

None.

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask listIdMgrSupportedLDAPServerTypes
• Jython string: AdminTask.listIdMgrSupportedLDAPServerTypes()
• Jython list: AdminTask.listIdMgrSupportedLDAPServerTypes()

Interactive mode example usage:

• Jacl: $AdminTask listIdMgrSupportedLDAPServerTypes {-interactive}
• Jython string: AdminTask.listIdMgrSupportedLDAPServerTypes ('[-interactive]')
• Jython list: AdminTask.listIdMgrSupportedLDAPServerTypes (['-interactive'])

removeIdMgrLDAPBackupServer

Remove the backup LDAP server or servers.

Required

-id	The ID of the repository. (String, required)
-primary_host	The host name for the primary LDAP server. (String, required)
-host	The name of the backup host name. Use a asterisk (*) to remove all backup servers. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-port	The port number of the LDAP server. (Integer, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask removeIdMgrLDAPBackupServer {-id id_value -primary_host myprimaryhost.ibm.com -host myhost.ibm.com}
• Jython string: AdminTask.removeIdMgrLDAPBackupServer ('[-id id_value -primary_host myprimaryhost.ibm.com -host myhost.ibm.com]')
• Jython list: AdminTask.removeIdMgrLDAPBackupServer (['-id', 'id_value', '-primary_host', 'myprimaryhost.ibm.com', '-host', 'myhost.ibm.com'])

Interactive mode example usage:

• Jacl: $AdminTask removeIdMgrLDAPBackupServer {-interactive}
• Jython string: AdminTask.removeIdMgrLDAPBackupServer ('[-interactive]')
• Jython list: AdminTask.removeIdMgrLDAPBackupServer (['-interactive'])

setIdMgrCustomProperty

Set, Add or delete a custom property to a repository configuration. If a value is not specified, or if there is an empty string, the property is deleted from the repository configuration. If a name does not exist it is added if a value is specified. If the name is "*" then all of the custom properties are deleted.

Required

-id	The unique identifier of the repository. Valid values include the existing repository IDs. (String, required)
-name	The name of the additional property for the repository that are not defined OOTB.(String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-value	The value of a property for the repository. If this parameter is an empty string, the property is deleted from the repository configuration. If this parameter is not an empty string, and a name does not exist, it is added. If a name is an empty string, all of the custom properties are deleted. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask setIdMgrCustomProperty {-id id_value -name name_value -value value}
• Jython string: AdminTask.setIdMgrCustomProperty ('[-id id_value -name name_value -value value]')
• Jython list: AdminTask.setIdMgrCustomProperty (['-id', 'id_value', '-name', 'name_value', '-value', 'value'])

Interactive mode example usage:

• Jacl: $AdminTask setIdMgrCustomProperty {-interactive}
• Jython string: AdminTask.setIdMgrCustomProperty ('[-interactive]')
• Jython list: AdminTask.setIdMgrCustomProperty (['-interactive'])

setIdMgrLDAPAttrCache

Configure the LDAP attribute cache configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-cachesDiskOffLoad	(String, optional)
-enabled	Indicates to enable attribute caching. Default is true. (Boolean, optional)
-cacheSize	The maximum size of the attribute cache defined by the number of attribute objects that are permitted in the attribute cache. The minimum value of this parameter is 100. The default is 4000. (Integer, optional)
-cacheTimeOut	The amount of time in seconds before the cached entries located in the attributes cache can be not valid. The minimum value of this parameter is 0. The attribute objects that are cached will remain in the attributes cache until the virtual member manager changes the attribute objects. The default is 1200. (Integer, optional)
-attributeSizeLimit	An integer that represents the maximum number of attribute object values that can cache in the attributes cache. Some attributes, for example, the member attribute, contain many values. The attributeSizeLimit parameter prevents the attributes cache to cache large attributes. The default is 2000. (Integer, optional)
-serverTTLAttribute	The name of the ttl attribute supported by the LDAP server. The attributes cache uses the value of this attribute to determine when the cached entries in the attributes cache will time out. The ttl attribute contains the time, in seconds, any information from the entry should be kept by a client before it is considered stale and a new copy is fetched. A value of 0 implies that the object will not be cached. For more information about this attribute, go to: http://www.ietf.org/proceedings/98aug/I-D/draft-ietf-asid-ldap-cache-01.txt. The ttl attribute is not supported by all LDAP servers. If this attribute is supported by an LDAP server, we can set the value of the serverTTLAttribute parameter to the name of the ttl attribute in order to allow the value of the ttyl attribute to determine when cached entries will time out. The time out value for different entries in attributes cache can be different. For example, if the value of the serverTTLAttribute parameter is ttl and the attributes cache retrieves attributes of a user from an LDAP server, it will also retrieve the value of the ttl attribute of this user. If the value is 200, the WMM uses this value to set the time out for the attributes of the user in the attributes cache instead of using the value of cacheTimeout. We can set different ttl attribute values for different users. (String, optional)
-cacheDistPolicy	The distribution policy for the dynamic cache in a cluster environment. The valid values are none (for NOT_SHARED), push (for SHARED_PUSH), and push_pull (for SHARED_PUSH_PULL) and the default value is none. The value of this parameter is read during the adapter startup process and the cache policy is set accordingly. (String, optional)

• Returns: None

Examples

Batch mode example usage:

• Jacl: $AdminTask setIdMgrLDAPAttrCache {-id id_name}
• Jython string: AdminTask.setIdMgrLDAPAttrCache ('[-id id_name]')
• Jython list: AdminTask.setIdMgrLDAPAttrCache (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask setIdMgrLDAPAttrCache {-interactive}
• Jython string: AdminTask.setIdMgrLDAPAttrCache ('[-interactive]')
• Jython list: AdminTask.setIdMgrLDAPAttrCache (['-interactive'])

setIdMgrLDAPContextPool

Set up the LDAP context pool configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-enabled	By default, the context pool is enabled. If we set this parameter to false, the context pool is disabled. When the context pool is disabled, new context instances will be created for each request. Default is true. (Boolean, optional)
-initPoolSize	The number of context instances that the virtual member manager LDAP adapter creates when it creates the pool. The valid range for this parameter is 1 to 50. The default is 1. (Integer, optional)
-maxPoolSize	The maximum number of context instances that the context pool will maintain. Context instances in use and those that are idle contribute to this number. When the pool size reaches this number, new context instances cannot be created for new requests. The new request is blocked until a context instance is released by another request or is removed. The request checks periodically if there are context instances available in the pool according to the amount of time specified using the poolWaitTime parameter. The minimum value for this parameter is 0. There is no maximum value. Setting value to 0 means that there is no maximum size and a request for a pooled context instance will use an existing pooled idle context instance or a newly created pooled context instance. The default is 0. (Integer, optional)
-prefPoolSize	The preferred number of context instances that the context pool will maintain. Context instances in use and those that are idle contribute to this number. When there is a request for the use of a pooled context instance and the pool size is less than the preferred size, the context pool creates and uses a new pooled context instance regardless of whether an idle connection is available. When a request finishes with a pooled context instance and the pool size is greater than the preferred size, the context pool closes and removes the pooled context instance from the pool. The valid range for this parameter is from 0 to 100. Setting value to 0 means that there is no preferred size and a request for a pooled context instance results in a newly created context instance only if no idle ones are available. The default is 3. (Integer, optional)
-poolTimeOut	An integer that represents the number of seconds an idle context instance might remain in the pool without being closed and removed from the pool. When a context instance is requested from the pool, if this context already exists in the pool for more than the time defined by poolTimeout, this connection is closed no matter whether this context instance is stale or active. A new context instance is created and put back to the pool after it has been released from the request. The minimum value for this parameter is 0. There is no maximum value. Setting value to 0 means that the context instances in the pool remain until they are staled. The context pool catches the communication exception and recreates a new context instance. The default is 0. (Integer, optional)
-poolWaitTime	The time interval in milliseconds that the request waits until the context pool rechecks if there are idle context instances available in the pool when the number of context instances reaches the maximum pool size. If no idle context instance, the request will continue waiting for the same period of time until next checking. The minimum value for the poolWaitout parameter is 0. There is no maximum value. A value of 0 for this parameter means that the context pool will not check if idle context exists. The request will be notified when a context instance releases from other requests. The default is 3000. (Integer, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask setIdMgrLDAPContextPool {-id id_name}
• Jython string: AdminTask.setIdMgrLDAPContextPool ('[-id id_name]')
• Jython list: AdminTask.setIdMgrLDAPContextPool (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask setIdMgrLDAPContextPool {-interactive}
• Jython string: AdminTask.setIdMgrLDAPContextPool ('[-interactive]')
• Jython list: AdminTask.setIdMgrLDAPContextPool (['-interactive'])

setIdMgrLDAPGroupConfig

Set up the LDAP group configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-updateGroupMembership	Updates the group membership if the member is deleted or renamed. Some LDAP servers, for example, Domino server, do not clean up the membership of the user when a user is deleted or renamed. If we choose these LDAP server types in the ldapServerType property, the value of this parameter is set to true. Use this parameter to change the value. The default is false. (Boolean, optional)
-name	The name of the membership attribute. For example, memberOf in an active directory server and ibm-allGroups in IDS. (String, optional)
-scope	The scope of the membership attribute. The following are the possible values for this parameter: direct - The membership attribute only contains direct groups. Direct groups contain the member and are not contained through a nested group. For example, if group1 contains group2, group2 contains user1, then group2 is a direct group of user1, but group1 is not a direct group of user1. nested - The membership attribute contains both direct groups and nested groups. all - The membership attribute contains direct groups, nested groups, and dynamic members. The default is direct. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask setIdMgrLDAPGroupConfig {-id id_name}
• Jython string: AdminTask.setIdMgrLDAPGroupConfig ('[-id id_name]')
• Jython list: AdminTask.setIdMgrLDAPGroupConfig (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask setIdMgrLDAPGroupConfig {-interactive}
• Jython string: AdminTask.setIdMgrLDAPGroupConfig ('[-interactive]')
• Jython list: AdminTask.setIdMgrLDAPGroupConfig (['-interactive'])

setIdMgrLDAPSearchResultCache

Set up the LDAP search result cache configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-cachesDiskOffLoad	Loads the attributes caches and the search results onto hard disk. By default, when the number of cache entries reaches the maximum size of the cache, cache entries are evicted to allow new entries to enter the caches. If we enable this parameter, the evicted cache entries will be copied to disk for future access. The default is false. (Boolean, optional)
-enabled	Enable the search results cache. Default is true. (Boolean, optional)
-cacheSize	The maximum size of the search results cache. The number of naming enumeration objects that can be put into the search results cache. The minimum value of this parameter is 100. The default is 2000. (Integer, optional)
-cacheTimeOut	The amount of time in seconds before the cached entries in the search results cache can be not valid. The minimum value for this parameter is 0. A value of 0 means that the cached naming enumeration objects will stay in the search results cache until there are configuration changes. The default is 600. (Integer, optional)
-searchResultSizeLimit	The maximum number of entries contained in the naming enumeration object that can be cached in the search results cache.For example, if the results from a search contains 2000 users, the search results will not cache in the search results cache if the value of the of this property is set to 1000. The default is 1000. (Integer, optional)
-cacheDistPolicy	The distribution policy for the dynamic cache in a cluster environment. The valid values are none (for NOT_SHARED), push (for SHARED_PUSH), and push_pull (for SHARED_PUSH_PULL) and the default value is none. The value of this parameter is read during the adapter startup process and the cache policy is set accordingly. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask setIdMgrLDAPSearchResultCache {-id id_name}
• Jython string: AdminTask.setIdMgrLDAPSearchResultCache ('[-id id_name]')
• Jython list: AdminTask.setIdMgrLDAPSearchResultCache (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask setIdMgrLDAPSearchResultCache {-interactive}
• Jython string: AdminTask.setIdMgrLDAPSearchResultCache ('[-interactive]')
• Jython list: AdminTask.setIdMgrLDAPSearchResultCache (['-interactive'])

setIdMgrEntryMappingRepository

Set or update an entry mapping repository configuration.

Required

-dataSourceName	The name of the data source. The default is jdbc/wimDS. The parameter is required if the property extension is not set. The parameter is not required if the command is used to update the existing configuration. (String)
-databaseType	The type of the database. The default is DB2. The parameter is required if the property extension is not set. The parameter is not required if the command is used to update the existing configuration. (String)
-dbURL	The URL of the database. The parameter is required if the property extension is not set. The parameter is not required if the command is used to update the existing configuration. (String)
-dbAdminId	The database administrator ID. (String, required if database type is not Apache Derby.)
-dbAdminPassword	The database administrator password. (String, required if database type is not Apache Derby.)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-JDBCDriverClass	The JDBC driver class name. (String, optional)
-dbSchema	The database schema of the database repository to configure. The schema should exist in the database. The default is the default schema of the database according to the database type. Typically, the default schema is the namespace of the current database user. (String, optional).
(ZOS) -dbSchema	(ZOS) The database schema of the database repository to configure. The default is the default schema of the database according to the database type. Typically, the default schema is the namespace of the current database user. (String, optional).
(ZOS) -tablespacePrefix	(ZOS) The tablespace prefix. The maximum length allowed for this string is 3 characters. The value of tablespacePrefix parameter is required when using the dbSchema parameter. It is specific to DB2 for z/OS and will be ignored for any other database type. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask setIdMgrEntryMappingRepository {-dbAdminId database_administrator_ID -dbAdminPassword database_administrator_password}
• Jython string: AdminTask.setIdMgrEntryMappingRepository ('[-dbAdminId database_administrator_ID -dbAdminPassword database_administrator_password]')
• Jython list: AdminTask.setIdMgrEntryMappingRepository (['-dbAdminId', 'database_administrator_ID', '-dbAdminPassword', 'database_administrator_password'])

Interactive mode example usage:

• Jacl: $AdminTask setIdMgrEntryMappingRepository {-interactive}
• Jython string: AdminTask.setIdMgrEntryMappingRepository ('[-interactive]')
• Jython list: AdminTask.setIdMgrEntryMappingRepository (['-interactive'])

setIdMgrPropertyExtensionRepository

Set or update the property extension repository configuration.

Important: The application server cannot validate the data source when we run this command in the local mode.

Required

-dataSourceName	The name of the data source. The default is jdbc/wimDS. The parameter is required if the property extension is not set. The parameter is not required if the command is used to update the existing configuration. (String)
-databaseType	The type of the database. The default is DB2. The parameter is required if the property extension is not set. The parameter is not required if the command is used to update the existing configuration. (String)
-dbURL	The URL of the database. The parameter is required if the property extension is not set. The parameter is not required if the command is used to update the existing configuration. (String)
-dbAdminId	The database administrator ID. (String, required if database type is not Apache Derby.)
-dbAdminPassword	The database administrator password. (String, required if database type is not Apache Derby.)
-entityRetrievalLimit	The limit for the retrieval of entities. (Integer, required)
-JDBCDriverClass	The JDBC driver class name. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-dbSchema	The database schema of the database repository to configure. The schema should exist in the database. The default is the default schema of the database according to the database type. Typically, the default schema is the namespace of the current database user. (String, optional).
(ZOS) -dbSchema	(ZOS) The database schema of the database repository to configure. The default is the default schema of the database according to the database type. Typically, the default schema is the namespace of the current database user. (String, optional).
(ZOS) -tablespacePrefix	(ZOS) The tablespace prefix. The maximum length allowed for this string is 3 characters. The value of tablespacePrefix parameter is required when using the dbSchema parameter. It is specific to DB2 for z/OS and will be ignored for any other database type. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask setIdMgrPropertyExtensionRepository {-entityRetrievalLimit limit_value -JDBCDriverClass class_name}
• Jython string: AdminTask.setIdMgrPropertyExtensionRepository ('[-entityRetrievalLimit limit_value -JDBCDriverClass class_name]')
• Jython list: AdminTask.setIdMgrPropertyExtensionRepository (['-entityRetrievalLimit', 'limit_value', '-JDBCDriverClass', 'class_name'])

Interactive mode example usage:

• Jacl: $AdminTask setIdMgrPropertyExtensionRepository {-interactive}
• Jython string: AdminTask.setIdMgrPropertyExtensionRepository ('[-interactive]')
• Jython list: AdminTask.setIdMgrPropertyExtensionRepository (['-interactive'])

updateIdMgrDBRepository

Update the configuration for the database repository specified.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-dataSourceName	The name of the data source. The default is jdbc/wimDS. (String, optional)
-databaseType	The type of the database. The default is DB2. (String, optional)
-dbURL	The URL of the database. (String, optional)
-dbAdminId	The database administrator ID. (String, optional)
-dbAdminPassword	The database administrator password. (String, optional)
-entityRetrievalLimit	Indicates the value of the retrieval limit on database entries. The default is 200. (Integer, optional)
-JDBCDriverClass	The JDBC driver class name. (String, optional)
-saltLength	The salt length in bits. The default is 12. (Integer, optional)
-encryptionKey	The default is rZ15ws0ely9yHk3zCs3sTMv/ho8fY17s. (String, optional)
-dbSchema	The database schema of the database repository to configure. The schema should exist in the database. The default is the default schema of the database according to the database type. Typically, the default schema is the namespace of the current database user. (String, optional).
(ZOS) -dbSchema	(ZOS) The database schema of the database repository to configure. The default is the default schema of the database according to the database type. Typically, the default schema is the namespace of the current database user. (String, optional).
(ZOS) -tablespacePrefix	(ZOS) The tablespace prefix. The maximum length allowed for this string is 3 characters. The value of tablespacePrefix parameter is required when using the dbSchema parameter. It is specific to DB2 for z/OS and will be ignored for any other database type. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask updateIdMgrDBRepository {-id id_name}
• Jython string: AdminTask.updateIdMgrDBRepository ('[-id id_name]')
• Jython list: AdminTask.updateIdMgrDBRepository (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask updateIdMgrDBRepository {-interactive}
• Jython string: AdminTask.updateIdMgrDBRepository ('[-interactive]')
• Jython list: AdminTask.updateIdMgrDBRepository (['-interactive'])

updateIdMgrFileRepository

Updates the configuration for the file repository specified. To update other properties of the file repository use the updateIdMgrRepository command.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-messageDigest Algorithm	The message digest algorithm that will be used for hashing the password. The default is SHA-1. Valid values include the following: SHA-1, SHA-384, or SHA-512.(String, optional)
-baseDirectory	The base directory where the fill will be created in order to store the data. The default is to be dynamically built during run time using user.install.root and cell name. (String, optional)
-fileName	The file name of the repository. The default is fileRegistry.xml. (String, optional)
-saltLength	The salt length of the randomly generated salt for password hashing. The default is 12. (Integer, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask updateIdMgrFileRepository {-id id_name}
• Jython string: AdminTask.updateIdMgrFileRepository ('[-id id_name]')
• Jython list: AdminTask.updateIdMgrFileRepository (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask updateIdMgrFileRepository {-interactive}
• Jython string: AdminTask.updateIdMgrFileRepository ('[-interactive]')
• Jython list: AdminTask.updateIdMgrFileRepository (['-interactive'])

updateIdMgrLDAPAttrCache

Updates the LDAP attribute cache configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-cachesDiskOffLoad	(String, optional)
-enabled	Indicates to enable attribute caching. Default is true. (Boolean, optional)
-cacheSize	The maximum size of the attribute cache defined by the number of attribute objects that are permitted in the attribute cache. The minimum value of this parameter is 100. The default is 4000. (Integer, optional)
-cacheTimeOut	The amount of time in seconds before the cached entries located in the attributes cache can be not valid. The minimum value of this parameter is 0. The attribute objects that are cached will remain in the attributes cache until the virtual member manager changes the attribute objects. The default is 1200. (Integer, optional)
-attributeSizeLimit	An integer that represents the maximum number of attribute object values that can cache in the attributes cache. Some attributes, for example, the member attribute, contain many values. The attributeSizeLimit parameter prevents the attributes cache to cache large attributes. The default is 2000. (Integer, optional)
-serverTTLAttribute	The name of the ttl attribute supported by the LDAP server. The attributes cache uses the value of this attribute to determine when the cached entries in the attributes cache will time out. The ttl attribute contains the time, in seconds, any information from the entry should be kept by a client before it is considered stale and a new copy is fetched. A value of 0 implies that the object will not be cached. For more information about this attribute, go to: http://www.ietf.org/proceedings/98aug/I-D/draft-ietf-asid-ldap-cache-01.txt. The ttl attribute is not supported by all LDAP servers. If this attribute is supported by an LDAP server, we can set the value of the serverTTLAttribute parameter to the name of the ttl attribute in order to allow the value of the ttyl attribute to determine when cached entries will time out. The time out value for different entries in attributes cache can be different.
-cacheDistPolicy	The distribution policy for the dynamic cache in a cluster environment. The valid values are none (for NOT_SHARED), push (for SHARED_PUSH), and push_pull (for SHARED_PUSH_PULL) and the default value is none. The value of this parameter is read during the adapter startup process and the cache policy is set accordingly. (String, optional)

For example, if the value of the serverTTLAttribute parameter is ttl and the attributes cache retrieves attributes of a user from an LDAP server, it will also retrieve the value of the ttl attribute of this user. If the value is 200, the WMM uses this value to set the time out for the attributes of the user in the attributes cache instead of using the value of cacheTimeout. We can set different ttl attribute values for different users. (String, optional)

• Returns: None

Examples

Batch mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPAttrCache {-id id_name}
• Jython string: AdminTask.updateIdMgrLDAPAttrCache ('[-id id_name]')
• Jython list: AdminTask.updateIdMgrLDAPAttrCache (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPAttrCache {-interactive}
• Jython string: AdminTask.updateIdMgrLDAPAttrCache ('[-interactive]')
• Jython list: AdminTask.updateIdMgrLDAPAttrCache (['-interactive'])

updateIdMgrLDAPContextPool

Updates the LDAP context pool configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-enabled	By default, the context pool is enabled. If we set value to false, the context pool is disabled which means that a new context instance will be created for each request. Default is true. (Boolean, optional)
-initPoolSize	The number of context instances that the virtual member manager LDAP adapter creates when it creates the pool. The valid range for this parameter is 1 to 50. The default is 1. (Integer, optional)
-maxPoolSize	The maximum number of context instances that can be maintained concurrently by the context pool. Both in-use and idle context instances contribute to this number. When the pool size reaches this number, new context instances cannot created for new request. The new request is blocked until a context instance is released by another request or is removed. The request checks periodically if there are context instances available in the pool according to the value defined for the poolWaitTime parameter. The minimum value of the maxPoolSize parameter is 0. There is no maximum value. A maximum pool size of 0 means that there is no maximum size and that a request for a pooled context instance will use an existing pooled idle context instance or a newly created pooled context instance. The default is 0. (Integer, optional)
-prefPoolSize	The preferred number of context instances that the Context Pool should maintain. Both in-use and idle context instances contribute to this number. When there is a request for the use of a pooled context instance and the pool size is less than the preferred size, Context Pool will create and use a new pooled context instance regardless of whether an idle connection is available. When a request is finished with a pooled context instance and the pool size is greater than the preferred size, the Context Pool will close and remove the pooled context instance from the pool. The valid range of the prefPoolSize parameter is 0 to 100. A preferred pool size of 0 means that there is no preferred size: A request for a pooled context instance will result in a newly created context instance only if no idle ones are available. The default is 3. (Integer, optional)
-poolTimeOut	An integer that represents the number of seconds an idle context instance may remain in the pool without being closed and removed from the pool. When a context instance is requested from the pool, if this context already exists in the pool for more than the time defined by poolTimeout, this connection will be closed no matter this context instance is stale or active. A new context instance will be created and put back to the pool after it has been released from the request.The minimum value of poolTimeout is 0. There is no maximum value.A poolTimeout of 0 means that the context instances in the pool will remain in the pool until they are staled. In this case, Context Pool will catch the communication exception and recreate a new context instance. The default is 0. (Integer, optional)
-poolWaitTime	The time interval (in milliseconds) that the request will wait until the Context Pool checks again if there are idle context instance available in the pool when the number of context instances reaches the maximum pool size. If there is still no idle context instance, the request will continue waiting for the same period of time until next checking. The minimum value of poolWaitout is 0. There is no maximum value. A poolWaitTime of 0 means the Context Pool will not check if there are idle context. Instead, the request will be notified when there is a context instance is released from other requests. The default is 3000. (Integer, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPContextPool {-id id_name}
• Jython string: AdminTask.updateIdMgrLDAPContextPool ('[-id id_name]')
• Jython list: AdminTask.updateIdMgrLDAPContextPool (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPContextPool {-interactive}
• Jython string: AdminTask.updateIdMgrLDAPContextPool ('[-interactive]')
• Jython list: AdminTask.updateIdMgrLDAPContextPool (['-interactive'])

updateIdMgrLDAPEntityType

Update an existing LDAP entity type definition to LDAP repository configuration. Use this command to add more values to multi-valued parameters. If the property already exists, the value of the property will be replaced. If the property does not exist, it will be added.

Required

-id	The ID of the repository. (String, required)
-name	The name of the entity type. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-searchFilter	The search filter to use to search the entity type. (String, optional)
-objectClasses	One or more object classes for the entity type. (String, optional)
-objectClassesForCreate	The object class that will be when creating an entity type object. We do not have to specify the value of this parameter if it is the same as the value of the objectClasses parameter. (String, optional)
-searchBases	The search base or bases to use while searching the entity type. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPEntityType {-id id_name -name name_value}
• Jython string: AdminTask.updateIdMgrLDAPEntityType ('[-id id_name -name name_value]')
• Jython list: AdminTask.updateIdMgrLDAPEntityType (['-id', 'id_name', '-name', 'name_value'])

Interactive mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPEntityType {-interactive}
• Jython string: AdminTask.updateIdMgrLDAPEntityType ('[-interactive]')
• Jython list: AdminTask.updateIdMgrLDAPEntityType (['-interactive'])

updateIdMgrLDAPGroupDynamicMemberAttr

Update a dynamic member attribute configuration to an LDAP group configuration.

Required

-id	The ID of the repository. (String, required)
-name	The name of the LDAP attribute used as the group member attribute. For example, memberURL. (String, required)
-objectClass	The group object class containing the dynamic member attribute. For example groupOfURLs. If we do not define this parameter, the dynamic member attribute will apply to all group object classes. (String, required)

Optional

-securityDomainName

Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPGroupDynamicMemberAttr {-id id_name -name name_value -objectClass groupOfURLs}
• Jython string: AdminTask.updateIdMgrLDAPGroupDynamicMemberAttr ('[-id id_name -name name_value -objectClass groupOfURLs]')
• Jython list: AdminTask.updateIdMgrLDAPGroupDynamicMemberAttr (['-id', 'id_name', '-name', 'name_value', '-objectClass', 'groupOfURLs'])

Interactive mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPGroupDynamicMemberAttr {-interactive}
• Jython string: AdminTask.updateIdMgrLDAPGroupDynamicMemberAttr ('[-interactive]')
• Jython list: AdminTask.updateIdMgrLDAPGroupDynamicMemberAttr (['-interactive'])

updateIdMgrLDAPGroupMemberAttr

Update a member attribute configuration of an LDAP group configuration.

Required

-id	The ID of the repository. (String, required)
-name	The name of the LDAP attribute used as the group member attribute. For example, member or uniqueMember. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-objectClass	The group object class containing the member attribute. For example, groupOfNames or groupOfUniqueNames. If we do not define this parameter, the member attribute applies to all group object classes. (String, optional)
-scope	The scope of the member attribute. The following are the valid values: direct - The member attribute only contains direct members whereby the member is directly contained by the group and not contained in a nested group. For example, if group1 contains group2, group2 contains user1, then group2 is a direct member of group1 but user1 is not a direct member of group1. Both member and uniqueMember are direct member attributes. nested - The member attribute contains both direct members and nested members.
-dummyMember	When we create a group without specifying a member, a dummy member will be filled in automatically to avoid receiving an exception that indicates that there is a mandatory attribute missing. (String, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPGroupMemberAttr {-id id_name -name name_value}
• Jython string: AdminTask.updateIdMgrLDAPGroupMemberAttr ('[-id id_name -name name_value]')
• Jython list: AdminTask.updateIdMgrLDAPGroupMemberAttr (['-id', 'id_name', '-name', 'name_value'])

Interactive mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPGroupMemberAttr {-interactive}
• Jython string: AdminTask.updateIdMgrLDAPGroupMemberAttr ('[-interactive]')
• Jython list: AdminTask.updateIdMgrLDAPGroupMemberAttr (['-interactive'])

updateIdMgrLDAPRepository

Update an LDAP repository configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-ldapServerType	The type of LDAP server being used used. The default is IDS51. (String, optional)	Specify one of the following valid values: IDS ZOSDS DOMINO NDS SUNONE AD ADAM CUSTOM
-adapterClassName	The default is com.ibm.ws.wim.adapter.ldap.LdapAdapter. (String, optional)
-certificateMapMode	Specifies whether to map X.509 certificates into a LDAP directory by exact distinguished name or by certificate filter. The default is exactdn. To use the certificate filter for the mapping, specify certificatefilter. (String, optional)
-certificateFilter	If certificateMapMode has the value certificatefilter, then this property specifies the LDAP filter which maps attributes in the client certificate to entries in LDAP. (String, optional)
-isExtIdUnique	Specifies if the external ID is unique. Default is true. (Boolean, optional)
-loginProperties	Indicates the property name used for login. (String, optional) If we define multiple login properties, the first login property is programmatically mapped to the federated repositories principalName property. For example, if we set uid;mail as the login properties, the LDAP attribute uid value is mapped to the federated repositories principalName property. If we define multiple login properties, after login, the first login property is returned as the value of the principalName property. For example, if you pass joe@yourco.com as the principalName value and the login properties are configured as uid;mail, the principalName is returned as joe.
-primaryServerQueryTimeInterval	Indicates the polling interval for testing the primary server availability. The value of this parameter is specified in minutes. The default is 15. (Integer, optional)
-returnToPrimaryServer	Indicates to return to the primary LDAP server when it is available. Default is true. (Boolean, optional)
-searchCountLimit	The value of search count limit. (Integer, optional)
-searchPageSize	The value of search page size. (Integer, optional)
-searchTimeLimit	The value of search time limit. (Integer, optional)
-sslConfiguration	The SSL configuration. (String, optional)
-supportAsyncMode	Indicates if the async mode is supported or not. The default is false. (Boolean, optional)
-supportChangeLog	This parameter indicates whether the repository supports change tracking. Valid values for this parameter are none or native. The default is none. (String, optional)
-supportSorting	Indicates if sorting is supported or not. The default is false. (Boolean, optional)
-supportPaging	Indicates if paging is supported or not. The default is false. (Boolean, optional)
-supportTransactions	Indicates if transactions are supported or not. The default is false. (Boolean, optional)
-supportExternalName	Indicates if external names are supported or not. The default is false. (Boolean, optional)
-translateRDN	Indicates to translate RDN or not. The default is false. (Boolean, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPRepository {-id id_name}
• Jython string: AdminTask.updateIdMgrLDAPRepository ('[-id id_name]')
• Jython list: AdminTask.updateIdMgrLDAPRepository (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPRepository {-interactive}
• Jython string: AdminTask.updateIdMgrLDAPRepository ('[-interactive]')
• Jython list: AdminTask.updateIdMgrLDAPRepository (['-interactive'])

updateIdMgrLDAPSearchResultCache

Update the LDAP search result cache configuration.

Required parameters

-id	The ID of the repository. (String, required)

Optional parameters

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-cachesDiskOffLoad	Loads the attributes caches and the search results onto hard disk. By default, when the number of cache entries reaches the maximum size of the cache, cache entries are evicted to allow new entries to enter the caches. If we enable this parameter, the evicted cache entries will be copied to disk for future access. The default is false. (Boolean, optional)
-enabled	Enable the search results cache. Default is true. (Boolean, optional)
-cacheSize	The maximum size of the search results cache. The number of naming enumeration objects that can be put into the search results cache. The minimum value of this parameter is 100. The default is 2000. (Integer, optional)
-cacheTimeOut	The amount of time in seconds before the cached entries in the search results cache can be not valid. The minimum value for this parameter is 0. A value of 0 means that the cached naming enumeration objects will stay in the search results cache until there are configuration changes. The default is 600. (Integer, optional)
-searchResultSizeLimit	The maximum number of entries contained in the naming enumeration object that can be cached in the search results cache.For example, if the results from a search contains 2000 users, the search results will not cache in the search results cache if the value of the of this property is set to 1000. The default is 1000. (Integer, optional)
-cacheDistPolicy	The distribution policy for the dynamic cache in a cluster environment. The valid values are none (for NOT_SHARED), push (for SHARED_PUSH), and push_pull (for SHARED_PUSH_PULL) and the default value is none. The value of this parameter is read during the adapter startup process and the cache policy is set accordingly. (String, optional)

updateIdMgrLDAPServer

Update an LDAP server configuration for the LDAP repository ID specified.

Required parameters and return values

-id	The ID of the repository. (String, required)
-host	The host name for the LDAP server containing the properties to modify. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-port	The port number for the LDAP server. (Integer, optional)
-authentication	Indicates the authentication method to use. The default is simple. Valid values include: none or strong. (String, optional)
-bindDN	The binding domain name for the LDAP server. (String, optional)
-bindPassword	The binding password. The password is encrypted before it is stored.(String, optional)
-certificateMapMode	Specifies whether to map X.509 certificates into a LDAP directory by exact distinguished name or by certificate filter. The default is exactdn. To use the certificate filter for the mapping, specify certificatefilter. (String, optional)
-certificateFilter	If certificateMapMode has the value certificatefilter, then this property specifies the LDAP filter which maps attributes in the client certificate to entries in LDAP. (String, optional)
-connectTimeout	The connection timeout measured in seconds. (Integer, optional) Restriction: Due to a current JNDI limitation, the maximum connection timeout is 20 seconds. Even if we specify a value greater than 20 seconds, the connection still times out at 20 seconds.
-connectionPool	The connection pool. The default is false. (Boolean, optional)
-derefAliases	Controls how aliases are dereferenced. The default is always. Valid values include: never - never deference aliases finding - deferences aliases only during name resolution searching - deferences aliases only after name resolution (String, optional)
-ldapServerType	The type of LDAP server being used. The default is IDS51. (String, optional)	Specify one of the following valid values: IDS ZOSDS DOMINO NDS SUNONE AD ADAM CUSTOM
-primary_host	The host name for the primary LDAP server. (String, optional)
-referal	The LDAP referral. The default is ignore. Valid values include: follow, throw, or false. (String, optional)
-sslConfiguration	The SSL configuration. (String, optional)
-sslEnabled	Indicates to enable SSL or not. The default is false. (Boolean, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPServer {-id id_name -host myhost.ibm.com}
• Jython string: AdminTask.updateIdMgrLDAPServer ('[-id id_name -host myhost.ibm.com]')
• Jython list: AdminTask.updateIdMgrLDAPServer (['-id', 'id_name', '-host', 'myhost.ibm.com'])

Interactive mode example usage:

• Jacl: $AdminTask updateIdMgrLDAPServer {-interactive}
• Jython string: AdminTask.updateIdMgrLDAPServer ('[-interactive]')
• Jython list: AdminTask.updateIdMgrLDAPServer (['-interactive'])

updateIdMgrRepository

Update the common repository configuration.

Required

-id	The ID of the repository. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-adapterClassName	The implementation class name for the repository adapter. (String, optional)
-EntityTypesNot AllowCreate	The name of the entity type that should not be created in this repository. (String, optional)
-EntityTypesNotAllowUpdate	The name of the entity type that should not be updated in this repository. (String, optional)
-EntityTypesNotAllowRead	The name of the entity type that should not be read from this repository. (String, optional)
-EntityTypesNotAllowDelete	The name of the entity type that should not be deleted from this repository. (String, optional)
-isExtIdUnique	Specifies if the external ID is unique or not. (Boolean, optional)
-loginProperties	Indicates the property name used for login. (String, optional)
-readOnly	Indicates if this is a read only repository. The default is false. (Boolean, optional)
-repositoriesForGroups	The repository ID where group data is stored. (String, optional)
-supportAsyncMode	Indicates if the adapter supports async mode or not. The default is false. (Boolean, optional)
-supportChangeLog	This parameter indicates whether the repository supports change tracking. Valid values for this parameter are none or native. The default is none. (String, optional)
-supportPaging	Indicates if the repository supports paging or not. (Boolean, optional)
-supportSorting	Indicates if the repository supports sorting or not. (Boolean, optional)
-supportTransactions	Indicates if the repository supports transaction or not. (Boolean, optional)
-supportedExternalName	Indicates if the repository supports external names or not. (Boolean, optional)

Examples

Batch mode example usage:

• Jacl: $AdminTask updateIdMgrRepository {-id id_name}
• Jython string: AdminTask.updateIdMgrRepository ('[-id id_name]')
• Jython list: AdminTask.updateIdMgrRepository (['-id', 'id_name'])

Interactive mode example usage:

• Jacl: $AdminTask updateIdMgrRepository {-interactive}
• Jython string: AdminTask.updateIdMgrRepository ('[-interactive]')
• Jython list: AdminTask.updateIdMgrRepository (['-interactive'])

updateIdMgrRepositoryBaseEntry

Update a base entry to the specified repository.

Required

-id	The ID of the repository. (String, required)
-name	The distinguished name of a base entry. (String, required)

Optional

-securityDomainName	Name that uniquely identifies the security domain. If not specified, the command uses the global federated repository. (String, optional)
-nameInRepository	The distinguished name in the repository that uniquely identifies the base entry name. (String, optional) The values specified for both name and nameInRepository parameters must be the same for a database repository.

Examples

Batch mode example usage:

• Jacl: $AdminTask updateIdMgrRepositoryBaseEntry {-id id_name name name_value}
• Jython string: AdminTask.updateIdMgrRepositoryBaseEntry ('[-id id_name name name_value]')
• Jython list: AdminTask.updateIdMgrRepositoryBaseEntry (['-id', 'id_name', 'name', 'name_value'])

Interactive mode example usage:

• Jacl: $AdminTask updateIdMgrRepositoryBaseEntry {-interactive}
• Jython string: AdminTask.updateIdMgrRepositoryBaseEntry ('[-interactive]')
• Jython list: AdminTask.updateIdMgrRepositoryBaseEntry (['-interactive'])

wsadmin AdminTask

Commands for the AdminTask object