Exit Print View

Oracle Secure Global Desktop Administration Guide for Version 4.6

Document Information

Preface

1.  Networking and Security

2.  User Authentication

3.  Publishing Applications to Users

4.  Configuring Applications

5.  Client Device Support

6.  SGD Client and Webtop

7.  SGD Servers, Arrays, and Load Balancing

A.  Global Settings and Caches

B.  Secure Global Desktop Server Settings

C.  User Profiles, Applications, and Application Servers

D.  Commands

The tarantella Command

Syntax

Description

Examples

The tarantella archive Command

Syntax

Description

Examples

The tarantella array Command

Syntax

Description

Examples

tarantella array add_backup_primary

Syntax

Description

Examples

tarantella array clean

Syntax

Description

Examples

tarantella array detach

Syntax

Description

Examples

tarantella array edit_backup_primary

Syntax

Description

Examples

tarantella array join

Syntax

Description

Examples

tarantella array list

Syntax

Examples

tarantella array list_backup_primaries

Syntax

Description

Examples

tarantella array make_primary

Syntax

Description

Examples

tarantella array remove_backup_primary

Syntax

Description

Examples

The tarantella cache Command

Syntax

Description

Examples

The tarantella config Command

Syntax

Description

Examples

tarantella config edit

Syntax

Description

Examples

tarantella config list

Syntax

Description

Examples

The tarantella emulatorsession Command

Syntax

Description

Examples

tarantella emulatorsession list

Syntax

Description

Examples

tarantella emulatorsession info

Syntax

Description

Examples

tarantella emulatorsession shadow

Syntax

Description

Examples

tarantella emulatorsession suspend

Syntax

Description

Examples

tarantella emulatorsession end

Syntax

Description

Examples

The tarantella help Command

Syntax

Description

Examples

The tarantella object Command

Syntax

Description

Examples

tarantella object add_host

Syntax

Description

Examples

tarantella object add_link

Syntax

Description

Examples

tarantella object add_mapping

Syntax

Description

Examples

tarantella object add_member

Syntax

Description

Examples

tarantella object delete

Syntax

Description

Examples

tarantella object edit

Syntax

Description

Examples

tarantella object list_attributes

Syntax

Description

Examples

tarantella object list_contents

Syntax

Description

Examples

tarantella object new_3270app

Syntax

Description

Examples

tarantella object new_5250app

Syntax

Description

Examples

tarantella object new_charapp

Syntax

Description

Examples

tarantella object new_container

Syntax

Description

Examples

tarantella object new_dc

Syntax

Description

Examples

tarantella object new_doc

Syntax

Description

Examples

tarantella object new_dynamicapp

Syntax

Description

Examples

tarantella object new_group

Syntax

Description

Examples

tarantella object new_host

Syntax

Description

Examples

tarantella object new_org

Syntax

Description

Examples

tarantella object new_orgunit

Syntax

Description

Examples

tarantella object new_person

Syntax

Description

Examples

tarantella object new_windowsapp

Syntax

Description

Examples

tarantella object new_xapp

Syntax

Description

Examples

tarantella object remove_host

Syntax

Description

Examples

tarantella object remove_link

Syntax

Description

Examples

tarantella object remove_mapping

Syntax

Description

Examples

tarantella object remove_member

Syntax

Description

Examples

tarantella object rename

Syntax

Description

Examples

tarantella object script

Syntax

Description

Examples

The tarantella passcache Command

Syntax

Description

Examples

tarantella passcache delete

Syntax

Description

Examples

tarantella passcache edit

Syntax

Description

Examples

tarantella passcache list

Syntax

Description

Examples

tarantella passcache new

Syntax

Description

Examples

The tarantella print Command

Syntax

Description

Examples

tarantella print cancel

Syntax

Description

Examples

tarantella print list

Syntax

Description

Examples

tarantella print move

Syntax

Description

Examples

tarantella print pause

Syntax

Description

Examples

tarantella print resume

Syntax

Description

Examples

tarantella print start

Syntax

Description

Examples

tarantella print status

Syntax

Description

Examples

tarantella print stop

Syntax

Description

Examples

The tarantella query Command

Syntax

Description

Examples

tarantella query audit

Syntax

Description

Using a Filter

Examples

tarantella query billing

Syntax

Description

Examples

tarantella query errlog

Syntax

Description

Examples

tarantella query uptime

Syntax

Description

Examples

The tarantella restart Command

Syntax

Description

Examples

tarantella restart sgd

Syntax

Description

Examples

tarantella restart webserver

Syntax

Description

Examples

The tarantella role Command

Syntax

Description

Examples

tarantella role add_link

Syntax

Description

Examples

tarantella role add_member

Syntax

Description

Examples

tarantella role list

Syntax

Description

Examples

tarantella role list_links

Syntax

Description

Examples

tarantella role list_members

Syntax

Description

Examples

tarantella role remove_link

Syntax

Description

Examples

tarantella role remove_member

Syntax

Description

Examples

The tarantella security Command

Syntax

Description

Examples

tarantella security certinfo

Syntax

Description

Examples

tarantella security certrequest

Syntax

Description

Examples

tarantella security certuse

Syntax

Description

Examples

tarantella security customca

Syntax

Description

Examples

tarantella security decryptkey

Syntax

Description

Examples

tarantella security disable

Syntax

Description

Examples

tarantella security enable

Syntax

Description

Examples

tarantella security fingerprint

Syntax

Description

Examples

tarantella security peerca

Syntax

Description

Examples

tarantella security selfsign

Syntax

Description

Examples

tarantella security start

Syntax

Description

Examples

tarantella security stop

Syntax

Description

Examples

The tarantella service Command

Syntax

Description

Examples

tarantella service delete

Syntax

Description

Examples

tarantella service edit

Syntax

Description

Examples

tarantella service list

Syntax

Description

Examples

tarantella service new

Syntax

Description

Examples

The tarantella setup Command

Syntax

Description

Examples

The tarantella start Command

Syntax

Description

Examples

tarantella start cdm

Syntax

Description

Examples

tarantella start sgd

Syntax

Description

Examples

tarantella start webserver

Syntax

Description

Examples

The tarantella status Command

Syntax

Description

Examples

The tarantella stop Command

Syntax

Description

Examples

tarantella stop cdm

Syntax

Description

Examples

tarantella stop sgd

Syntax

Description

Examples

tarantella stop webserver

Syntax

Description

Examples

The tarantella tokencache Command

Syntax

Description

Examples

tarantella tokencache delete

Syntax

Description

Examples

tarantella tokencache list

Syntax

Description

Examples

The tarantella tscal Command

Syntax

Description

Examples

tarantella tscal free

Syntax

Description

Examples

tarantella tscal list

Syntax

Description

Examples

tarantella tscal return

Syntax

Description

Examples

The tarantella uninstall Command

Syntax

Description

Examples

The tarantella version Command

Syntax

Description

Examples

The tarantella webserver Command

Syntax

Description

Examples

tarantella webserver add_trusted_user

Syntax

Description

Examples

tarantella webserver delete_trusted_user

Syntax

Description

Examples

tarantella webserver list_trusted_users

Syntax

Description

Examples

The tarantella webtopsession Command

Syntax

Description

Examples

tarantella webtopsession list

Syntax

Description

Examples

tarantella webtopsession logout

Syntax

Description

Examples

E.  Login Scripts

F.  Third-Party Legal Notices

Glossary

Index

The tarantella passcache Command

This command manipulates the application server password cache. SGD Administrators can create, modify, delete, and examine entries.

Syntax

tarantella passcache new | edit | list | delete

Description

The following table shows the available subcommands for this command.

Subcommand
Description
More Information
new
Creates entries in the password cache.
edit
Modifies existing entries in the password cache.
list
Lists the contents of the password cache.
delete
Deletes entries from the password cache.

Note - All commands include a --help option. You can use tarantella passcache command --help to get help on a specific command.


Examples

The following example creates a password cache entry for the SGD user Indigo Jones, on the application server represented by the application server object prague.

$ tarantella passcache new \
--person "o=Indigo Insurance/cn=Indigo Jones" \
--resource "o=appservers/cn=prague" \
--resuser indigo --respass rainbow

The following example lists entries in the password cache for the SGD user Indigo Jones.

$ tarantella passcache list \
--person "o=Indigo Insurance/cn=Indigo Jones" 

tarantella passcache delete

Deletes entries in the application server password cache.


Note - You can also use this command to delete the decision to always use a smart card to authenticate to an application server.


Syntax
tarantella passcache delete { [--person pobj | --anon | --ldap ]
                              [ --resource resource ]
                            } | --file file
Description

The following table shows the available options for this command.

Option
Description
--person
Specifies the name of the user profile object to delete the password cache entry for.
--anon
Removes the password cache entry for all anonymous users.
--ldap
Deletes the password cache entry for a service object.
--resource
Specifies the name of the application server, Microsoft Windows domain, or service object that the password cache entry applies to.

The name can be one of the following:

  • An application server object, for example "o=appservers/cn=paris".

  • A DNS name, for example ".../_dns/paris.indigo-insurance.com".

  • A Windows domain, for example ".../_wns/indigo.dom".

  • ".../_array" to mean the array. This is used when caching the password used to log in to SGD. See Password Cache Usage.

  • A service object name. See Using Service Objects.

--file
Specifies a file containing password cache entries to delete.

If neither --person, --anon, nor --ldap is specified, all password cache entries for the specified resource are deleted.

If --resource is not specified, all the password cache entries for the person, or anonymous user, are deleted.


Note - Make sure you quote any object names containing spaces, for example, "o=Indigo Insurance".


Examples

The following example deletes all password cache entries for the user Indigo Jones.

$ tarantella passcache delete \
--person "o=Indigo Insurance/cn=Indigo Jones"

The following example deletes all password cache entries for anonymous users on the application server prague.indigo-insurance.com.

$ tarantella passcache delete \
--anon --resource .../_dns/prague.indigo-insurance.com

The following example deletes the password cache entry for the east service object.

$ tarantella passcache delete \
--ldap --resource east

tarantella passcache edit

Edits entries in the application server password cache.

Syntax
tarantella passcache edit {
                            { --person pobj | --anon | --ldap }
                              --resource resource
                              --resuser resuser
                            [ --respass respass ]
                          } | --file file
Description

The following table shows the available options for this command.

Option
Description
--person
Specifies the name of the user profile object to edit the password cache entry for.
--anon
Edits a password cache entry for anonymous users.
--ldap
Edits the password cache entry for a service object.
--resource
Specifies the name of the application server, Microsoft Windows domain, or service object that the password cache entry applies to.

The name can be one of the following:

  • An application server object, for example "o=appservers/cn=paris".

  • A DNS name, for example ".../_dns/paris.indigo-insurance.com".

  • A Windows domain, for example ".../_wns/indigo.dom".

  • ".../_array" to mean the array. This is used when caching the password used to log in to SGD. See Password Cache Usage.

  • A service object name. See Using Service Objects.

--resuser
Identifies the user name for the resource.
--respass
Specifies the password associated with --resuser.

If you omit this option, you are prompted for the password.

--file
Specifies a file containing password cache entries to edit.

Note - Make sure you quote any object names containing spaces, for example, "o=Indigo Insurance".


Examples

The following example edits the password cache entry for the SGD user Indigo Jones, on the application server represented by the application server object prague.

$ tarantella passcache edit \
--person "o=Indigo Insurance/cn=Indigo Jones" \
--resource "o=appservers/cn=prague" \
--resuser indigo --respass rainbow

The following example edits the password cache entry for anonymous users on the application server paris.indigo-insurance.com.

$ tarantella passcache edit \
--anon --resource .../_dns/paris.indigo-insurance.com

The following example creates a password cache entry for the mainldap service object, which is an LDAP service object.

$ tarantella passcache edit \
--ldap --resource mainldap \
--resuser cn=sgd-user,cn=Users,dc=example,dc=com \
--respass rainbow

The following example edits the password cache entry for the east service object, which is an Active Directory service object.

$ tarantella passcache edit \
--ldap --resource east \
--resuser admin@east.example.com --respass rainbow

tarantella passcache list

Lists entries in the application server password cache.

Syntax
tarantella passcache list { [ --person pobj | --anon | --ldap ]
                            [ --resource resource ]
                            [ --resuser resuser ]
                            [ --format text | xml ]
                          } | --file file
Description

The following table shows the available options for this command.

Option
Description
--person
Specifies the name of the user profile object to list the password cache entry for.
--anon
Lists password cache entries for anonymous users.
--ldap
List the password cache entry for a service object.
--resource
Specifies the name of the application server, Microsoft Windows domain, or service object to list.

The name can be one of the following:

  • An application server object, for example "o=appservers/cn=paris".

  • A DNS name, for example ".../_dns/paris.indigo-insurance.com".

  • A Windows domain, for example ".../_wns/indigo.dom".

  • ".../_array" to mean the array. This is used when caching the password used to log in to SGD. See Password Cache Usage.

  • A service object name. See Using Service Objects.

--resuser
Lists password cache entries for a particular user name.
--format
Specifies the output format. The default setting is text.
--file
Specifies a file containing password cache entries to list.

If you omit all arguments, or just specify --format, all entries in the password cache are displayed.


Note - Make sure you quote any object names containing spaces, for example, "o=Indigo Insurance".


Examples

The following example lists entries in the password cache for the SGD user Indigo Jones.

$ tarantella passcache list \
--person "o=Indigo Insurance/cn=Indigo Jones"

The following example lists all entries in the password cache.

$ tarantella passcache list

The following example lists the password cache entry for the east service object.

$ tarantella passcache list \
--ldap --resource east

tarantella passcache new

Syntax
tarantella passcache new {
                         { --person pobj | --anon | --ldap }
                           --resource resource 
                           --resuser resuser 
                         [ --respass respass ]
                         } | --file file
Description

Adds entries to the application server password cache.

The following table shows available options for this command.

Option
Description
--person
Specifies the name of the user profile object to create a password cache entry for.
--anon
Creates a password cache entry for anonymous users.
--ldap
Creates a password cache entry for a service object.
--resource
Specifies the name of the application server, Microsoft Windows domain, or service object that the password cache entry applies to.

The name can be one of the following:

  • An application server object, for example "o=appservers/cn=paris".

  • A DNS name, for example ".../_dns/paris.indigo-insurance.com".

  • A Windows domain, for example ".../_wns/indigo.dom".

  • ".../_array" to mean the array. This is used when caching the password used to log in to SGD. See Password Cache Usage.

  • A service object name. See Using Service Objects.

--resuser
Identifies the user name for the resource.
--respass
Specifies the password associated with --resuser.

If you omit this option, you are prompted for the password.

--file
Specifies a file containing entries to add to the password cache.

Note - Make sure you quote any object names containing spaces, for example, "o=Indigo Insurance".


Examples

The following example creates a password cache entry for the SGD user Indigo Jones, on the application server represented by the application server object prague.

$ tarantella passcache new \
--person "o=Indigo Insurance/cn=Indigo Jones" \
--resource "o=appservers/cn=prague" \
--resuser indigo --respass rainbow

The following example creates a password cache entry for anonymous users on the application server paris.indigo-insurance.com, prompting for the password.

$ tarantella passcache new --anon --resuser \
--resource .../_dns/paris.indigo-insurance.com

The following example creates a password cache entry for the mainldap service object which is an LDAP service object.

$ tarantella passcache new \
--ldap --resource mainldap \
--resuser cn=sgd-user,cn=Users,dc=example,dc=com \
--respass rainbow

The following example creates a password cache entry for the east service object which is an Active Directory service object.

$ tarantella passcache new \
--ldap --resource east \
--resuser admin@example.com --respass rainbow