Create an authorization rule with pdadmin

We can create an authorization rule with the pdadmin utility.

To create an authorization rule with the pdadmin utility, complete the following steps.

Steps

1. Log on to the domain as the domain administrator.
2. Use the authzrule create command.

Example

When providing rule text with the pdadmin utility, enclose the rule text in double quotation marks ("). Double quotation marks embedded within the rule text must be escaped with a backward slash (\) so they are ignored by the pdadmin utility. The XSL processor treats single and double quotation marks equally for defining text strings. They can be used interchangeably, but they must always be paired appropriately. For example:

pdadmin sec_master> authzrule create testrule1
"<xsl:if test='some_piece_of_ADI =\"any string\"'>!TRUE!</xsl:if>"

See the IBM Security Verify Access for Web: Command Reference.

Parent topic: Create an authorization rule