test

Sun OpenSSO Enterprise 8.0 Administration Reference

Realm and Policy Management

The following subcommands execute operations for managing realms and policies in OpenSSO Enterprise.

add-svc-attrs

Add service attribute values in a realm.

Syntax

ssoadm add-svc-attrs --options [--global-options]

Options

--realm, -e

The name of the realm.

--servicename, -s

The name of the service.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

[--attributevalues, -a]

The attribute values. For example, homeaddress=here.

[--datafile, -D]

Name of file that contains attributes and corresponding values as in attribute-name=attribute-value. Enter one attribute and value per line.

add-svc-realm

Add a service to a realm.

Syntax

ssoadm add-svc-realm --options [--global-options]

Options

--realm, -e

The name of the realm.

--servicename, -s

The name of the service.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

[--attributevalues, -a]

The attribute values. For example, homeaddress=here.

[--datafile, -D]

Name of file that contains attributes and corresponding values as in attribute-name=attribute-value. Enter one attribute and value per line.

create-policies

Create policies in a realm.

Syntax

ssoadm create-policies --options [--global-options]

Options

--realm, -e

The name of the realm.

--xmlfile, -X

The filename that contains the policy XML definition.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

create-realm

Create a realm.

Syntax

ssoadm create-realm --options [--global-options]

Options

--realm, -e

The name of the realm to be created.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

delete-policies

Delete policies from a realm.

Syntax

ssoadm delete-policies --options [--global-options]

Options

--realm, -e

The name of the realm to which the policy belongs.

--policynames, -p

The names of the policies to be deleted.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

delete-realm

Delete a realm.

Syntax

ssoadm delete-realm --options [--global-options]

Options

--realm, -e

The name of the realm.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

[--recursive, -r]

Deletes the descendent realms recursively.

delete-realm-attr

Delete an attribute from a realm.

Syntax

ssoadm delete-realm-attr --options [--global-options]

Options

--realm, -e

The name of the realm.

--servicename, -s

The name of the service.

--attributename, -a

The name of the attribute to be removed.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

get-realm

Get the realm property values.

Syntax

ssoadm get-realm --options [--global-options]

Options

--realm, -e

The name of the realm.

--servicename, -s

The name of the service.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

get-realm-svc-attrs

Get the realm's service attribute values.

Syntax

ssoadm get-realm-svc-attrs --options [--global-options]

Options

--realm, -e

The name of the realm.

--servicename, -s

The name of the service.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

list-policies

List the policy definitions in a realm.

Syntax

ssoadm list-policies --options [--global-options]

Options

--realm, -e

The name of the realm.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

[--policynames, -p]

The names of the policy. This can be used as a wildcard. All policy definitions in the realm will be returned.

[--outfile, -o]

The filename where the policy definition will be written. The definitions will be printed in standard output.

list-realm-assignable-svcs

List the realm's assignable services.

Syntax

ssoadm list-realm-assignable-svcs --options [--global-options]

Options

--realm, -e

The name of the realm.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

list-realms

List the realms by name.

Syntax

ssoadm list-realms --options [--global-options]

Options

--realm, -e

The name of the realm.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

[--filter, -x]

Filter by a pattern.

[--recursive, -r]

Search recursively.

remove-svc-attrs

Remove a realm's service attribute values.

Syntax

ssoadm remove-svc-attrs --options [--global-options]

Options

--realm, -e

The name of the realm.

--servicename, -s

The name of the service.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

[--attributevalues, -a]

The attribute values to be removed. For example, homeaddress=here.

[--datafile, -D]

The filename that contains the attribute values to be removed, configured as in attribute-name=attribute-value. Enter one attribute and value per line.

remove-svc-realm

Remove a service from a realm.

Syntax

ssoadm remove-svc-realm --options [--global-options]

Options

--realm, -e

The name of the realm.

--servicename, -s

The name of the service to be removed.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

set-realm-attrs

Set a realm's attribute values.

Syntax

ssoadm set-realm-attrs --options [--global-options]

Options

--realm, -e

The name of the realm.

--servicename, -s

The name of the service.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

[--append, -p]

Set this flag to append the values to existing ones.

[--attributevalues, -a]

The attribute values. For example, homeaddress=here.

[--datafile, -D]

Name of file that contains attributes and corresponding values as in attribute-name=attribute-value. Enter one attribute and value per line.

set-svc-attrs

Set the realm's service attribute values.

Syntax

ssoadm set-svc-attrs --options [--global-options]

Options

--realm, -e

The name of the realm.

--servicename, -s

The name of the service.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

[--attributevalues, -a]

The attribute values. For example, homeaddress=here.

[--datafile, -D]

Name of file that contains attributes and corresponding values as in attribute-name=attribute-value. Enter one attribute and value per line.

show-auth-modules

Show the supported authentication modules in the system.

Syntax

ssoadm show-auth-modules --options [--global-options]

Options

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

show-data-types

Show the supported data types in the system.

Syntax

ssoadm show-data-types --options [--global-options]

Options

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

show-realm-svcs

Show the services in a realm.

Syntax

ssoadm show-realm-svcs --options [--global-options]

Options

--realm, -e

The name of the realm.

--adminid, -u

The administrator ID running the command.

--password-file, -f

The filename that contains the password of the administrator.

[--mandatory, -y]

Include mandatory services.