object access
Confirms Whether the specified access is permitted on the specified object. The access is determined based on the permissions of this user.
Requires authentication (administrator ID and password) to use.
object access object_name permissions
Options
- object_name
- Protected object, which is the fully qualified name of the object, including the object space within which it is located.
Examples of object names are:
- /Management/Groups/Travel
- /WebSEAL
- /Management
- permissions
- Permission or permissions to check. ISAM uses a set of default actions that cover a wide range of operations. Actions are represented by single alphabetic ASCII characters (a-z, A-Z). For example, a list of primary action tasks and associated permissions for the user sec_master, with WebSEAL as the web server, might include:
TTraverseBase cControlBase gDelegationBase mModifyGeneric dDeleteGeneric bBrowseBase sServer AdminGeneric vViewGeneric aAttachBase BBypass POPBase tTraceBase rReadWebSEAL xExecuteWebSEAL lList DirectoryWebSEAL NCreateBase WPasswordBase AAddBase RBypass AuthzRuleBase
Return codes
- 0
- The command completed successfully.
- 1
- The command failed. When a command fails, the pdadmin command provides a description of the error and an error status code in hexadecimal format (for example, 0x14c012f2). See "Error messages" in the IBM Knowledge Center. This reference provides a list of the ISAM error messages by decimal or hexadecimal codes.
Examples
- The following example confirms Whether the user who is running pdadmin has the Bypass POP (B) permission on the object named /Management:
pdadmin sec_master> object access /Management BThe output is like:Access: No
The following example confirms Whether the user who is running pdadmin has action Password (W) permission on the object named /Management/test-object: pdadmin sec_master> object access /Management/test-object WThe output is like:Access: Yes
See also
object listandshow
object showParent topic: pdadmin commands