Corporate Info  |  News  |  Solutions  |  Products  |  Partners  |  Services  |  Events  |  Download  |  How To Buy
	http://www.oracle.com/technology/documentation/index.html   |   Site Map   |   Search   |   PDF Files   |   Contact   |   Glossary
Tuxedo Doc Home   |   Reference   |   Topic List   |   Previous   |   Next   |   Contents

   BEA Tuxedo Command Reference

tpusradd - add a new principal on the system

tpusradd [-u UID ] [-g GID] [-c client_name] usrname

Invoking tpusradd adds a new principal (user or domain) entry to the BEA Tuxedo security data files. This information is used for per-user authentication with the AUTHSVR(5) server.

Before you can run this command successfully, you must:

• Configure the application, using either the graphical user interface or tmloadcf(1).

• Set the TUXCONFIG environment variable to point to your TUXCONFIG file.

• Set SECURITY to USER_AUTH, ACL, or MANDATORY_ACL.

tpusradd must be run on the configuration MASTER if the application is not active; if active, this command can run on any active node.

-u UID

The user identification number. UID must be a positive decimal integer below 128K. UID must be unique within the list of existing identifiers for the application. UID defaults to the next available (unique) identifier greater than 0.

-g GID

An existing group's integer identifier or character-string name. This option defines the new user's group membership It defaults to the "other" group (identifier 0).

-c client_name

A string of printable characters that specifies the client name associated with the user. If specified, it generally describes the role of the associated user, and provides a further qualifier on the user entry. It may not contain a colon (:) or a newline (\n). If not specified, the default is the wildcard `*' which will authenticate successfully for any client name specified.

usrname

A string of printable characters that specifies the new login name of the user. It may not contain a colon (:), pound sign (#), or a newline (\n). The user name must be unique within the list of existing users for the application.

See AUTHSVR(5) for further information about per-user authentication and configuring administrator permissions.

This command is available on any platform on which the BEA Tuxedo server environment is supported.

The tpusradd command exits with a return code of 0 upon successful completion.

The following sequence of command invocations shows the construction of a simple user file.

$ # 1. Add usrname foo with cltname bar and UID 100  
$ tpusradd -u 100 -c bar foo  
$ # 2. Add usrname foo with tpsysadm cltname and no UID  
$ tpusradd -c tpsysadm foo

The following table shows the user entry (indicated by the numbers shown above) used to authenticate various requests for access to the application and the associated UID and GID. N/A indicates that the request is disallowed because there is no entry in the user file against which a match can be attempted.

 Usrname Cltname Password Entry  Uid     Gid  
------- ------- --------------  ---     ---  
"foo"   "bar"         2         100     0 
"foo"   ""            1         1       0  
"foo"   "tpsysadm"    3         0       8192  
"guest" "tpsysadm"    N/A       N/A     N/A

The following is an example "SERVERS" section entry for an instance of AUTHSVR that works with the user file generated above.

AUTHSVR SRVGRP=G SRVID=1 RESTART=Y GRACE=0 MAXGEN=2 CLOPT="-A"

tpgrpadd(1), tpgrpdel(1), tpgrpmod(1), tpusrdel(1), tpusrmod(1), AUTHSVR(5)

Administering a BEA Tuxedo Application at Run Time