user show

Displays the properties of the specified user.

This command requires authentication of administrator ID and password.

user show user_name

user show-dn dn

user show-groups user_name

Options

show user_name

Name of the user to display. The user must exist, or an error is displayed. Based on the Policy Server and WebSEAL configuration settings, the following information is displayed:

Last login: YYYY-mm-dd-HH:MM:SS
Last Password Change: YYYY-mm-dd-HH:MM:SS

The system displays the local time of the computer where pdadmin was run. For information about the last login and last password change configuration settings, see the Stanza Reference topics in the IBM Knowledge Center.

Examples of user names are dlucas, sec_master, and "Mary Jones".

show-dn dn

Displays the user specified by the identifier of the user in the user registry. The returned user is defined in the user registry, but it is not necessarily an ISAM user. Users that are not Security Verify Access users can be imported into ISAM by use of the user import command. The format for a distinguished name is like:

cn=Claude Wright,ou=Austin,o=Tivoli,c=us

Based on the Policy Server and WebSEAL configuration settings, the following information is displayed:

Last login: YYYY-mm-dd-HH:MM:SS
Last Password Change: YYYY-mm-dd-HH:MM:SS

The system displays the local time of the computer where pdadmin was run. For information about last login and last password change configuration settings, see the Stanza Reference topics in the IBM Knowledge Center.

show-groups user_name

Displays the groups in which the specified user is a member. The user must exist, or an error is displayed.

Examples of user names are dlucas, sec_master, and "Mary Jones".

Return codes

0

The command completed successfully.

1

The command failed. When a command fails, the pdadmin command provides a description of the error and an error status code in hexadecimal format (for example, 0x14c012f2). See "Error messages" in the IBM Knowledge Center. This reference provides a list of the ISAM error messages by decimal or hexadecimal codes.

Examples

• The following example displays the user account information for testuser:

  pdadmin sec_master> user show testuser

  The output is like:

  Login ID: testuser
  LDAP DN: cn=testuser,o=tivoli,c=us
  LDAP CN: test
  LDAP SN: test
  Description: a test user
  Is SecUser: yes
  Is GSO user: no
  Account valid: no
  Password valid: yes
  Last login: 1999-09-05-01:08:55
  Last Password Change: 1999-09-04-05:06:45

The following example displays the groups of which the specified user is a member:

pdadmin sec_master> user show-groups dlucas

The output is like:

sales
credit
engineering

The following example provides more information about the user when the registry identifier is specified:

pdadmin sec_master> user show-dn "cn=Diana Lucas,ou=Austin,o=Tivoli,c=US"

The output is like:

Login ID: dlucas
LDAP dn: cn=Diana Lucas,ou=Austin,o=Tivoli
Inc,c=US
LDAP cn: Diana Lucas
LDAP sn: Lucas
Description: Diana Lucas, Credit Dept HCUS
IS SecUser: true
IS GSO user: false
Account valid: true
Password valid: true
Last login: 1999-09-05-01:08:55
Last Password Change: 1999-09-04-05:06:45
Authentication mechanism: Default:LDAP

See also

user list

Parent topic: pdadmin commands