object show

Shows values for the protected object.

If the protected object name specified does not exist, default values are shown. To determine whether a protected object exists, use the object show command.

Requires authentication (administrator ID and password) to use.

object show object_name [attribute attribute_name]

The object show command shows values associated with the protected object. The object values shown can include:

These extended attributes can be attached directly to the object or inherited from protected objects in the hierarchy of this object.

When the attribute option is specified, the attribute_name value or values are shown if the attribute is attached to the protected object specified.

This command limits the output for POPs, ACLs, and authorization rules, which are based on the permissions of the user. A user must have the view (v) permission on the object to show it.

Options

Return codes

Examples

  • The following example displays the /object-test/child1 object and lists all attached and effective ACLs, POPs, AuthzRules, and extended attributes:
    pdadmin sec_master> object show /object-test/child1
    Displays information like:
    Name: /object-test/child1
    Description: Child 1
    Type: 12 (Leaf Object)
    Is Policy Attachable : Yes
    Extended Attributes:
    Attached ACL:
    Attached POP:
    Attached AuthzRule:
    
    Effective Extended Attributes:
    Protected Object Location: /object-test
    Name:test1
    Value(s): 1111
    Name:test2
    Value(s): abc
    2222
    second
    Effective ACL: default-root
    Effective POP:
    Effective AuthzRule:

  • The following example displays information about the test1 attribute that is listed for object/object-test/child1:
    pdadmin sec_master> object show /object-test/child1 attribute test1
    Because the test1 attribute is an extended attribute of the /object-test object, the command returns the following message:

    Could not perform the administration request
    Error: HPDAC0463E There are no extended attributes associated with the specified protected object or authorization policy object. (status 0x1005b1cf) To view the information about the test1 attribute of the /object-test object:

    pdadmin sec_master> object show /object-test attribute test1
    Displays information like:

      test1
      1111

  • The following example displays the /Management/test-object object, which lists any attached (myrule) and effective (myacl and mypop) policies:
    pdadmin sec_master> object show /Management/test-object
    Displays information like:
    Name: /Management/test-object/
    Description : Test object
    Type: 14 (Application Container Object)
    Is Policy Attachable: Yes
    Extended Attributes:
    Attached ACL: myacl
    Attached POP: mypop
    Attached AuthzRule: myrule
    
    Effective Extended Attributes:
    Effective ACL: myacl
    Effective POP: mypop
    Effective AuthzRule: myrule

  • Create a protected object and then performs an object show of that protected object. An object show is then performed for an object that has not been created. Then the object exists command is issued for both of these objects.
    pdadmin sec_master> object create /Management/new_object1" "0ispoly
    
    pdadmin sec_master> object show /Management/new_object1
    Name: /Management/new_object1
    Description:
    Type: 0 (Unknown)
    Is Policy Attachable: Yes
    Extended Attributes:
    Attached ACL:
    Attached POP:
    Attached AuthzRule:
    
    Effective Extended Attributes:
    Effective ACL: default-management
    Effective POP:
    Effective AuthzRule:
    
    pdadmin sec_master> object show /Management/not_there_object
    Name: /Management/not_there_object
    Description:
    Type: 0 (Unknown)
    Is Policy Attachable: Yes
    Extended Attributes:
    Attached ACL:
    Attached POP:
    Attached AuthzRule:
    
    Effective Extended Attributes:
    Effective ACL: default-management
    Effective POP:
    Effective AuthzRule:
    
    pdadmin sec_master> object exists /Management/new_object1
    Exists: Yes
    pdadmin sec_master> object exists /Management/not_there_object
    Exists: No

    See also

    object list
    object list
    object listandshow

    Parent topic: pdadmin commands