Chapter 15 Single Sign-On Adapter Sub Commands

This chapter describes the folllowing subcommands:

• psadmin list-ssoadapters

• psadmin create-ssoadapter-template

• psadmin get-ssoadapter-template

• psadmin delete-ssoadapter-template

• create-ssoadapter-config

• psadmin get-ssoadapter-config

• psadmin delete-ssoadapter-config

• psadmin create-ssoadapter-property

• psadmin get-ssoadapter-property

• psadmin set-ssoadapter-property

• psadmin delete-ssoadapter-property

• psadmin create-ssoadapter-authless

• psadmin get-ssoadapter-authless

• psadmin delete-ssoadapter-authless

psadmin list-ssoadapters

Description

Lists all templates and configurations for single sign-on (SSO) adapter

Syntax

Long Format

psadmin list-ssoadapters --adminuser uid --passwordfile password-filename [--templates] [--configs] [--dn dn]

Short Format

psadmin list-ssoadapters -u uid -f password-filename [-T] [-S] [-d dn]

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

The following options are optional:

[--templates | -T] uid

Lists templates only.

[--configs | -S] password-filename

Lists configurations only.

[--dn | -d] dn

The distinguished name from where the configuration will be picked in LDAP. It is to be used in conjunction with the flag [--configs | -S]. If unspecified, it defaults to global.

Example

Example for listing only configurations in a dn:

./psadmin list-ssoadapters -u amadmin -f ps_password -S -d uid=devauthlessanonymous,ou=People,o=DeveloperSample,dc=india,dc=sun,dc=com

psadmin create-ssoadapter-template

Description

Creates a new SSO adapter template

Syntax

Long Format

psadmin create-ssoadapter-template --adminuser uid --passwordfile password-filename --name template-name [--template existing-template]

Short Format

psadmin create-ssoadapter-template -u uid -f password-filename -N template-name [-M existing-template]

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--name | -N] template-name

Specifies the name of the new template.

The following option is optional:

[--template | -M] exisiting-template

Specifies which template provides the pattern for the new template.

Example

Example for creating a template:

./psadmin create-ssoadapter-template -u amadmin -f ps-password -N test-template

psadmin get-ssoadapter-template

Description

Displays the details of the specified SSO adapter template

Syntax

Long Format

psadmin get-ssoadapter-template --adminuser uid --passwordfile password-filename --template template-name

Short Format

psadmin get-ssoadapter-template -u uid -f password-filename -M template-name

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[--passwordfile |-f] password-filename

Specifies the administrator's password in the password file.

[--template | -M] template-name

Specifies which SSO adapter template to display.

Example

Example for getting a template:

./psadmin get-ssoadapter-template -u amadmin -f ps-password -M test-template

psadmin delete-ssoadapter-template

Description

Removes the specified SSO adapter template

Syntax

Long Format

psadmin delete-ssoadapter-template --adminuser uid --passwordfile password-filename --template template-name

Short Format

psadmin delete-ssoadapter-template -u uid -f password-filename -M template-name

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--template | -M] template-name

Specifies the name of the template to be removed.

Example

Example for deleting a template:

./psadmin delete-ssoadapter-template -u amadmin -f ps-password -M test-template

create-ssoadapter-config

Description

Creates an SSO adapter configuration

Syntax

Long Format

psadmin create-ssoadapter-config --adminuser uid --passwordfile password-filename --name configuration-name --template existing-template [--dn dn]

Short Format

psadmin create-ssoadapter-config -u uid -f password-filename -N configuration-name -M existing-template [-d dn]

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--name | -N] configuration-name

Specifies the name of the new configuration.

[--template | -M] existing-template

Specifies which template provides the pattern for the new configuration.

The following option is optional:

[-dn | -d] dn

The distinguished name where the configuration is created in LDAP. Default is global.

Example

Example for creating a configuration in a dn:

./psadmin create-ssoadapter-config -u amadmin -f ps-password -N test-config -M test-template -d uid=test-user,ou=People,o=DeveloperSample,dc=india,dc=sun,dc=com

psadmin get-ssoadapter-config

Description

Displays the details of the specified SSO adapter configuration

Syntax

Long Format

psadmin create-ssoadapter-config --adminuser uid --passwordfile password-filename --config configuration-name [-dn dn]

Short Format

psadmin create-ssoadapter-config -u uid -f password-filename -G configuration-name [-d dn]

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--config | -G] configuration-name

Specifies which SSO adapter configuration to display.

The following option is optional:

[--dn | -d] dn

The distinguished name where the configuration is created in LDAP. Default is global.

Example

Example for getting a configuration's details in a dn:

./psadmin get-ssoadapter-config -u amadmin -f ps-password -G test-config -d uid=test-user,ou=People,o=DeveloperSample,dc=india,dc=sun,dc=com

psadmin delete-ssoadapter-config

Description

Removes the specified SSO adapter configuration

Syntax

Long Format

psadmin delete-ssoadapter-config --adminuser uid --passwordfile password-filename --config configuration-name [-dn dn]

Short Format

psadmin delete-ssoadapter-config -u uid -f password-filename -G configuration-name [-d dn]

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--config | -G] configuration-name

Specifies which SSO adapter configuration to remove.

The following option is optional:

[--dn | -d] dn

The distinguished name where the configuration is created in LDAP. Default is global.

Example

Example for deleting a configuration in a dn:

./psadmin delete-ssoadapter-config -u amadmin -f ps-password -G test-config -d uid=test-user,ou=People,o=DeveloperSample,dc=india,dc=sun,dc=com

psadmin create-ssoadapter-property

Description

Creates an SSO adapter property of either the admin or user type.

Syntax

Long Format

psadmin create-ssoadapter-property --adminuser uid --passwordfile password-filename --template template-name --type [admin | user] --name property-name [--value property-value] [--encrypt]

Short Format

psadmin create-ssoadapter-property -u uid -f password-filename -M template-name -t [admin | user] -N property-name [-e property-value] [-Y]

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--template | -M] template-name

Specifies which SSO adapter template the new property is assigned to.

[--type | -t] [admin | user]

Specifies the type of the new property.

[--name | -N] property-name

Specifies the name of the new property.

The following options are optional:

[--value | -e] property-value

Specifies the value of the property. This option is used only while creating an admin type property

[--encrypt | -Y]

Specifies whether the property value will be stored in encrypt form.

Example

Example for creating a property in a template:

./psadmin create-ssoadapter-property -u amadmin -f ps-password -M test-template -N test-property -e test-value -t admin

psadmin get-ssoadapter-property

Description

Displays information about the specified SSO adapter property

Syntax

Long Format

psadmin get-ssoadapter-property --adminuser uid --passwordfile password-filename [--template template-name | --config configuration-name] [-dn dn] -name property-name

Short Format

psadmin get-ssoadapter-property -u uid --f password-filename [-M template-name | -G configuration-name] [-d dn] -N property-name

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--template | -M] | [--config | -G] template-name | configuration-name

Specifies the name of the template, if the property type is admin. Specifies the name of the configuration if the property type is user.

[-name | -N] property-name

Specifies which admin property to display.

The following option is optional:

[--dn | -d] dn

Specifies the distinguished name where the configuration is picked from LDAP. Used in conjunction with [--config | -G]. Default is global.

Example

Example for getting a property of configuration in a dn:

./psadmin get-ssoadapter-property -u amadmin -f ps-password -G test-config -N test-property -d uid=test-user,ou=People,o=DeveloperSample,dc=india,dc=sun,dc=com

psadmin set-ssoadapter-property

Description

Defines the value and type of the specified SSO adapter property

Syntax

Long Format

psadmin set-ssoadapter-property --adminuser uid --passwordfile password-filename [--template template-name | --config configuration-name] [-dn dn] --name property-name [--type [-admin | -user]] [--value property-value] [--encrypt | --decrypt]

Short Format

psadmin set-ssoadapter-property -u uid -f password-filename [-M template-name | -G configuration-name] [-d dn] -N property-name [-t [-admin | -user]] [-e property-value] [-Y | -D]

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--template | -M] | [--config | -G] template-name | configuration-name

Specifies the name of the template, if the property type is admin. Specifies the name of the configuration if the property type is user.

[--name | -N] property-name

Specifies the property's name.

The following options are optional:

[--type | -t [ admin | user]

Changes the property's type to new setting.

[--value | -e] property-value

Specifies the property's value.

[-dn | -d] dn

Specifies the distinguished name where the configuration is picked from LDAP. Used in conjunction with [--config | -G]. Default is global.

[--encrypt | -Y] | [--decrypt | -D]

Specifies whether to store the property value in encrypted or clear text form.

Example

Example for setting a property of a configuration in a dn:

./psadmin set-ssoadapter-property -u amadmin -f ps-password -G test-config -N test-property -e test-value -d uid=test-user,ou=People,o=DeveloperSample,dc=india,dc=sun,dc=com

psadmin delete-ssoadapter-property

Description

Deletes the specified SSO adapter property

Syntax

Long Format

psadmin delete-ssoadapter-property --adminuser uid --passwordfile password-filename --template template-name --name property-name

Short Format

psadmin delete-ssoadapter-property -u uid -f password-filename -M template-name -N property-name

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--template | -M] template-name

Specifies which SSO adapter template the property is assigned to.

[--name | -N] property-name

Specifies the name of the property to delete.

Example

Example for deleting property from a template:

./psadmin delete-ssoadapter-property -u amadmin -f ps-password -M test-template -N test-property

psadmin create-ssoadapter-authless

Description

Creates a single user distinguished name (dn) for accessing the Portal Server without authentication and adds it to the support list

Syntax

Long Format

psadmin create-ssoadapter-authless --adminuser uid --passwordfile password-filename --value authless-user-dn

Short Format

psadmin create-ssoadapter-authless -u uid -f password-filename -e authless-user-dn

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--value | -e] authless-user-dn

Specifies the name of the single user DN for enabling access to the SSO adapter service without authentication.

Example

Example for creating an authless dn:

./psadmin create-ssoadapter-authless -u amadmin -f ps-password -e test-dn

psadmin get-ssoadapter-authless

Description

Gets the specified single user distinguished name (dn) from the support list for accessing the Portal Server without authentication

Syntax

Long Format

get-ssoadapter-authless --adminuser uid --passwordfile password-filename

Short Format

get-ssoadapter-authless -u uid -f password-filename

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[-passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

Example

Example for getting all the authless dn:

./psadmin get-ssoadapter-authless -u amadmin -f ps-password

psadmin delete-ssoadapter-authless

Description

Removes the specified single user distinguished name (dn) from the support list for accessing the Portal Server without authentication

Syntax

Long Format

psadmin delete-ssoadapter-authless --adminuser uid --passwordfile password-filename --value authless-user-dn

Short Format

psadmin delete-ssoadapter-authless -u uid -f password-filename -e authless-user-dn

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or the user ID (uid).

[-passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--value | -e] authless-user-dn

Specifies which single user DN for enabling access to the SSO adapter service without authentication to remove.

Example

Example for deleting an authless dn:

./psadmin delete-ssoadapter-authless -u amadmin -f ps-password -e test-dn