This appendix provides command-line descriptions of individual commadmin commands in Oracle Communications Delegated Administrator.
The commadmin admin add command grants the Organization Administrators privileges to a user for a particular domain. Only a Top-Level Administrator or an ISP administrator can execute this command.
commadmin admin add -D login -l login -n domain password -d domain [-h] [-i inputfile ] [-p DA server port] [-X DA server host name] [-?] [-s] [-v] [-V]
Table E-1 displays the options that are mandatory:
Table E-1 commadmin admin add Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the Top-Level Administrator. |
-l login |
The user ID of the user to whom you want to grant organization administrative privileges. The user should be present in the directory and be a part of the domain specified by the -d option. |
-n domain |
The domain of the Top-Level Administrator. If not specified, the default domain stored in the cli-usrprefs.properties file is used. |
-d domain |
The domain to which you want to grant administrative privileges. If not specified, the domain specified by the -n option is used. |
Table E-2 displays the options that are non-mandatory:
Table E-2 commadmin admin add Non-Mandatory Options
Option | Description |
---|---|
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-p DA server port |
Use this option to specify an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-X DA server host name |
Specify the host on which Delegated Administrator is running. If not specified, the default DA server host name is used |
-h, -? |
Prints command usage syntax. |
-V |
Prints information about the command and its version. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-v |
Enables debugging output. |
The following grants Organization Administrator privileges to the user with the user ID admin1.
commadmin admin add -D chris -n example.com -l admin1 -d example.com
The following grants Organization Administrator privileges to the user with the user ID admin2 for the domain florizel.com.
commadmin admin add -D chris -l admin2 -n example.com -d example.com
The commadmin admin remove command removes the Organization Administrator privileges from an existing Organization Administrator. Only a Top-Level Administrator can execute this command.
To remove Organization Administrator privileges from multiple users, use the -i option.
commadmin admin remove -D login -l login -n domain -d domain name [-h] [-?] [-i] inputfile [-p] DA server port [-X] DA server host name [-s] [-v] [-V]
Table E-3 displays the options that are mandatory:
Table E-3 commadmin admin remove Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the Top-Level Administrator. |
-l login |
The user ID of the user whose administrator privileges need to be revoked. |
-n domain |
The domain of the Top-Level Administrator. |
-d domain name |
The domain to which administrator privileges are revoked. If -d is not specified, the domain specified by -n is used. |
Table E-4 displays the options that are non-mandatory:
Table E-4 commadmin admin remove Non-Mandatory Options
Option | Description |
---|---|
-h, -? |
Displays command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-p DA server port |
Use this option to specify an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-X DA server host name |
Specify the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-v |
Enables debugging output. |
-V |
Displays information about the command and its version. |
The following command removes Organization Administrator privileges from the administrator with user ID admin5:
commadmin admin remove -D chris -n example.com -l admin5 -d test.com
The commadmin admin search command searches and displays a specific or all Organization Administrators in a domain.
commadmin admin search -D login -n -domain [-l login] [-d domain]
Table E-5 displays the options that are mandatory:
Table E-5 commadmin admin search Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user with permission to execute this command. |
-n domain |
The domain of the user specified with the -D option. |
Table E-6 displays the options that are non-mandatory:
Table E-6 commadmin admin search Non-Mandatory Options
Option | Description |
---|---|
-l login |
The user ID of the Organization Administrator searched for. If -l is not specified or -l is specified with the wildcard operator (-l* or -l '*') all Organization Administrators of the domain are displayed. |
-d domain |
Searches for users who have Organization Administrator privileges for the specified domain. If -d is not specified, the domain specified by -n is used. |
To search for all Organization Administrators of the test.com domain:
commadmin admin search -D chris -n example.com -d test.com
This page provides general information about how to use the commadmin command. It includes the following topics:
The command line execution has three possible modes:
Execute with options specified in a file
commadmin object task -i inputfile
Analyzes inputfile and executes it. The input file should be in the format "Command File Format".
Immediate or shell execution
commadmin object task [options]
If all needed information is provided, the command will execute immediately.
Interactive
commadmin object task
The command contains some, but not all of the required options for command execution. The administrator is queried for the remainder of the options and attributes.
When an operation succeeds, the following message appears:
OK
If a failure occurs, the following message appears:
FAIL
message
Where message displays the error text.
The options can be specified within a file, using the -i option.
Within the file discussed in "Execution Modes", option names are separated from option values by white space. The option value begins with the first non-white space character and extends to the end-of-line character. Option sets are separated by blank lines.
The general syntax is:
option name [option value, if any] option name [option value, if any] ... option name [option value, if any] blank line option name [option value, if any] option name [option value, if any] ... option name [option value, if any]
The option value given in the command line becomes the default for each option set. Alternatively, these options can be specified for each option set. The value then overrides any default specified on the command line.
Following is an example of the format and syntax for the file specified by the -i option for the commadmin user create command.
l newuser1
F new
L user1
l newuser2
F new
L user2
l newuser3
F new
L user3
and so forth...
Table E-7 displays the options that are the mandatory options used for authenticating the administrator or the user.
Note:
Beginning with Communications Suite 7 Update 2, the -w password option is no longer used. Instead, the commadmin command has been made more secure by the removal of ability to specify the administrative password on the command line or to use a password file. All commadmin passwords must now be typed using a no-echo prompt.Table E-7 Mandatory Options for Administrator or User Authentication
Option | Description |
---|---|
-D userid |
User ID used to bind to the directory. |
-n domain |
The domain the administrator belongs to. (For more information, see the Note shown below this table.) |
Note:
Configuring Delegated Administrator for Directory Access Through Access Manager (Legacy Mode)This note applies only if you choose to access the directory using Access Manager in Legacy mode when you first configure Delegated Administrator after installation.
In this case, the Access Manager Host (-X), Access Manager Port (-p), and the default domain (-n) values are specified when you run the configuration program, config-commad, and store them in the cli-usrprefs.properties file.
If the -X, -p, and -n options are not specified at the time when a commadmin command is executed, their values are taken from Delegated Administrator property files.
The commadmin debug log command creates a Delegated Administrator server log file that contains error messages generated by the Delegated Administrator servlets installed on the web container. If the log file already exists, the new error messages are appended to the end of the existing file. If the log file does not exist, a new file is created.
This command sets the debug mode on Delegated Administrator. Debug mode is useful for analyzing problems that affect the Delegated Administrator Console and the Delegated Administrator Utility. For analyzing problems with the Delegated Administrator Utility (commadmin) client itself, use the -v option, and capture the command output.
commadmin debug log -D login -n domain -t [ on|off ] [ -f debug-log-file ] [-s]
Table E-8 displays the options that are mandatory:
Table E-8 commadmin debug log Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the Top-Level Administrator. |
-n domain |
The domain of the Top-Level Administrator. |
-t [on|off] |
Toggles between turning on the debug log and turning it off. The value on causes the server to start writing error messages to the log. The value off causes the server to stop writing error messages to the log. |
Table E-9 displays the options that is non-mandatory:
Table E-9 commadmin debug log Non-Mandatory Options
Option | Description |
---|---|
-f debug-log-file |
The full path where the log will be created, including the file name of the log. The path must be one of the following two directories: /tmp/ /var/tmp/ The debug-log-file can be any file name. If the -f option is not specified, the default value is /tmp/commcli.log. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
To create a new debug log, enter:
commadmin debug log -D paul -n example.com -t on -f /tmp/debug.log
To turn off logging, enter:
commadmin debug log -D paul -n example.com -t off
Note:
You do not have to specify the file name when you turn off the log.The commadmin domain create command creates a single domain in the LDAP directory. To create multiple domains, use the -i option.
commadmin domain create -D login -d domain name -n domain [-A [+] attributename:value] [-h] [-?] [-i inputfile] [-o organization RDN] [-p DA server port]
[-s] [-v] [-V] [-X DA server host name] [-S mail -H preferred mail host] [-S cal [-B backend calendar data server] [-C searchable domains]
[-g access control string] [-P propertyname[:value]] [-R right[:value]] [-T calendar time zone string] ] [-S im]
Table E-10 displays the options that are mandatory:
Table E-10 commadmin domain create Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the Top-Level Administrator. |
-d domain name |
DNS domain name of the domain that is being created. |
-n domain |
The domain of the Top-Level Administrator. |
Table E-11 displays the options that options are non-mandatory:
Table E-11 commadmin domain create Non-Mandatory Options
Option | Description |
---|---|
-A [+] attributename:value |
An attribute to modify. The attributename is defined in the LDAP schema and the value specified replaces any and all current values for this attribute in the directory. Repeat this option to modify multiple attributes at the same time, or to specify multiple values for the same attribute. A + before the attributename indicates adding the value to the current list of attributes. If the action value (+) is not specified, the default action is to add the existing value. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-o organization RDN |
Specifies the organization RDN for the domain. For example, o=example.example.com. If this option is not specified, the organization is created under the osisuffix, with o= the name of the domain, o=osiSuffix. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
-S service |
Specifies the service or services to be added to the domain. service can have the value of a single service or multiple services. The valid service values are mail, cal, and im. These values are case-insensitive. If the -S mail option is specified, then the -H option must be specified. Can be listed as a comma-separated list. For Example: -S mail,cal,im Delegated Administrator 7: -S im AM provisioning mode: A domain is created with the services mentioned, depending on the value of the particular service definition present in the configuration file of Access Manager. |
Table E-12 displays the options that, if the -S mail option is specified, are non-mandatory options that are allowed:
Table E-12 commadmin domain create Options Allowed if -S mail Specified
Option | Description |
---|---|
-H preferred mail host |
The preferred mail host for the domain. The host must be a fully qualified host name, for example, mailhost.example.com. This option is mandatory if the -S mail option is specified. |
Table E-13 displays the options that, if the -S cal option is specified, are the non-mandatory options that are allowed:
Table E-13 commadmin domain create Options Allowed if -S cal Specified
Option | Description |
---|---|
-B back-end calendar data server |
Specifies the default back-end host assigned to a user or resource in a domain. |
-C searchable domains |
Specifies the domains to be searched when looking for calendars or users. |
-g access control string |
Specifies the Access Control List (ACL) for a newly created user calendar. |
-P propertyname[:value] |
Sets values for multi-valued and bit oriented attributes. See "Attribute Values" for attributes, their descriptions and values. |
-R right[:value] |
Sets calendar domain attribute icsAllowRights. The attribute holds a bitmap value. See "Attribute Values" for a list of attributes, their value(s), and description(s). |
-T calendar time zone string |
Specifies the time zone ID used when importing files. See Calendar Time Zone Strings for a list of the valid time zone strings. |
To create a new domain with mail, calendar, and instant messaging services, enter:
commadmin domain create -D chris -d example.com -n example.com -S mail,cal,im -H mailhost.example.com
Note:
Product Version InformationCurrent Features: Features documented on this page were introduced in the following product release versions of Delegated Administrator 7:
Direct LDAP domain creation (no dependence on AM)
Support for IM service
The commadmin domain delete command marks a single hosted domain as deleted from the server. To mark multiple hosted domains as deleted, use the -i option.
When you mark a domain as deleted, all user and group entries in the domain are marked as deleted.
The "commadmin domain purge" command will permanently remove the domain.
To disable Organization Administrators usage of a service like calendar service or mail service, use the -S option. Here S is in uppercase.
commadmin domain delete -D login -d domain name -n domain [-h] [-?] [-i inputfile] [-p DA server port] [-s] [-S service] [-v] [-V] [-X DA server host name]
Table E-14 displays the options that are mandatory:
Table E-14 commadmin domain delete Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the Top-Level Administrator. |
-d domain name |
The DNS domain name that is being deleted. If -d is not specified, the domain specified by -n is used. |
-n domain |
The domain of the Top-Level Administrator. |
Table E-15 displays the options that are non-mandatory:
Table E-15 commadmin domain delete Non-Mandatory Options
Option | Description |
---|---|
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured during installation. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-S service |
Modifies the value of the specified service status attribute value to delete. Multiple services are separated by a comma. The valid service values are mail, and cal, and im. These values are case-insensitive. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
To delete an existing domain:
commadmin domain delete -D chris -d example.com -n example.com
To delete just the mail service from the florizel.com domain:
commadmin domain delete -D chris -d example.com -n example.com -S mail
The commadmin domain modify command modifies attributes of a single domain directory entry. To modify multiple domains, use the -i option.
commadmin domain modify -D login -d domain -n domain [-A [+|-]attributename:value] [-h] [?] [-i inputfile] [-p DA server port] [-s] [-v] [-V] [-X DA server host name] [-S mail -H preferred mailhost] [-S cal [-g access string] [-C cross domain search domains] [-B backend calendar data server] [-P [action] propertyname[:value]] [-R propertyname[:value]] [-T calendar time zone string]] [-S im]
Table E-16 displays the options that are mandatory:
Table E-16 commadmin domain modify Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the Top-Level Administrator. |
-d domain |
The DNS domain name to be modified. If -d is not specified, the domain specified by -n is used. |
-n domain |
The domain of the Top-Level Administrator. |
Table E-17 displays the options that are non-mandatory:
Table E-17 commadmin domain modify Non-Mandatory Options
Option | Description |
---|---|
-A [+ or -] attributename:value |
An attribute to modify. The attributename is defined in the LDAP schema and value replaces any and all current values for this attribute in the directory. Repeat this option to modify multiple attributes at the same time, or to specify multiple values for the same attribute. A + before the attributename indicates adding the value to the current list of attributes. A - indicates removing the value. If the - is used, it must be preceded by two backslashes if the command is specified on the command line. If the option is provided within an input file, one backslash must precede the - sign. If the action value (+ or -) is not specified, the default action is to replace the existing value. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
-S service |
Adds the specified service or services to the domain during modification. The valid service values are mail, and cal, and im. These values are case-insensitive. The services listed with the -S option are separated by a comma. If -S mail is specified, then the -H option must be specified. |
Table E-18 displays the options that, if the -S mail option is specified, are the non-mandatory options that are allowed:
Table E-18 commadmin domain modify Options Allowed if -S mail Specified
Option | Description |
---|---|
-H preferred mail host |
The preferred mail host for the domain. This option is mandatory if the -S mail option is specified. |
Table E-19 displays the options that, if the -S cal option is specified, are the non-mandatory options that are allowed:
Table E-19 commadmin domain modify Options Allowed if -S cal Specified
Option | Description |
---|---|
-B back-end calendar data server |
The default back-end host assigned to a user or resource in a domain. |
-C cross domain search domains |
Specifies the domains to be searched when looking for calendars or users. |
-g access string |
Specifies the Access Control List (ACL) for newly created user calendar. |
-P [action]propertyname[:value] |
Sets the values for multi-valued and bit oriented attributes. See the Attribute Values tables in Delegated Administrator System Administrator's Guide for the descriptions and values of propertyname. |
-T calendar time zone string |
Time zone ID used when importing files. See Calendar Time Zone Strings for a list of the valid time zone strings. |
-R propertyname[:value] |
Sets calendar domain attribute icsAllowRights. The attribute holds a bitmap value. See the Attribute Values tables in Delegated Administrator System Administrator's Guide for a list of property names, their value, and description. |
To modify an existing domain:
commadmin domain modify -D chris -n example.com -d example.com -A preferredmailhost:test.example.com
The commadmin domain purge command permanently removes all entries or service of entries that have been marked for removal. This can include domains, users, groups, and resources.
As part of periodic maintenance operations, use the commadmin domain purge command to remove all entries that have been deleted for a time period that is longer than the specified delay period (grace period).
You can perform a purge at any time by invoking the command in commadmin. There is no equivalent in Delegated Administrator Console.
If the -d* option is specified, all domains are searched for users and domains that are marked as deleted. Users that are marked as deleted will be purged from their domain, but the domain will not be purged unless it is also marked as deleted. If a domain is marked as deleted, it will be purged along with all users within that domain.
When you invoke the command, the directory is searched and a list of domains are created whose entries include domains that have been marked for deletion longer than the specified grace period. The default value for the grace period is set to 5 days.
After a service has been marked as deleted, a command that removes resources such as mailboxes or calendars must be run before the service can be purged from the directory:
For mail services, run the msuserpurge command.
For information about the command see Messaging Server Reference.
For calendar services, run the davadmin command for Calendar Server 7. Run the csclean command for Calendar Server 6.
For information about the davadmin command see Calendar Server System Administrator's Guide. For information about the csclean command see Calendar Server 6.3 Administration Reference.
Note:
The commadmin domain purge command must be run by the Top-Level Administrator.For more information about how to remove users and services from a domain, see Removing Users, Groups, and Services from a Domain.
commadmin domain purge -D login -n domain -d domain [-g grace] [-h] [-?] [-i inputfile] [-p DA server port] [-s] [-S service] [-v] [-V] [-X DA server host name]
Table E-20 displays the options that are mandatory:
Table E-20 commadmin domain purge Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the Top-Level Administrator. |
-n domain |
Domain of the Top-Level Administrator. |
-d domain |
Purge specified domain. The * operator (-d*) may be used to search for a pattern. |
Table E-21 displays the options that are non-mandatory:
Table E-21 commadmin domain purge Non-Mandatory Options
Option | Description |
---|---|
-g grace |
Delay period (grace period) in days before the domain is purged. Domains marked for deletion for fewer than grace days will not be purged. For example, if you use -g 7, all entries that have been marked for deletion for 7 days and more are purged, but entries marked for deletion for 6 days and fewer are not purged. A 0 indicates purge immediately. The default value is 5 days. The default value cannot be changed permanently. You can change the grace period only by using the -g grace option in the commadmin domain purge command. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-S service |
Removes service related object classes and attributes from the domain. If the domain contains users and resources it removes the service specific data from the directory for these users and resources. The list of services is separated by the comma (,) delimiter. The valid service values are mail, cal, and im. These values are case-insensitive. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
In the following example, the example.org domain is purged and all entries within the domain are also removed:
commadmin domain purge -D chris -d example.org -n example.com
The commadmin domain search command obtains all the directory properties associated with domains.
If no domain is specified with -d, all domains will be displayed.
To obtain all the directory properties for multiple domains, use the -i option.
When -S is specified in this command, only the domains having active specified services are displayed.
commadmin domain search -D login -n domain [-d domain] [-h] [-?] [-i inputfile] [-p DA server port] [-s] [-S service] [-t Search Template] [-v] [-V] [-X DA server host name]
Table E-22 displays the options that are mandatory:
Table E-22 commadmin domain search Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user with permission to execute this command. |
-n domain |
The domain of the user specified with the -D option. |
Table E-23 displays the options that are non-mandatory:
Table E-23 commadmin domain search Non-Mandatory Options
Option | Description |
---|---|
-d domain |
Search for this domain. If -d is not specified or -d* is specified, all domains are displayed. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-S service |
Specifies the services to be searched in the active domains. service can have the value of a single service or multiple services. The valid service values are mail, cal, and im. These values are case-insensitive. The list of services is separated by the comma (,) delimiter. For Example: -S mail,cal,im |
-t Search template |
Specifies the name of the search templates to be used instead of the default search templates. Only active domains are displayed after the search. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
The commadmin group create command adds a single group in the LDAP directory. To create multiple groups, use the -i option.
If a group is created without any members, by default, it is a static group.
Note:
Groups cannot contain both static and dynamic members.An email distribution list is one type of group. When a message is sent to the group address, Messaging Server sends the message to all members in the group.
commadmin group create -D login -G groupname -n domain [-A [+]attributename:value] [-d domain] [-f ldap-filter] [-h] [-?] [-i inputfile]
[-m internal-member] [-p DA server port] [-s] [-v] [-V] [-X DA server host name] [-S service [-H mailhost] [-E email] [-M external-member] [-o owner] [-r moderator]]
[-a true|false ] [-b true|false ] [-c group id] [-j DWPHost] [-q secondary owner] [-t time zone]
Table E-24 displays the options that are mandatory:
Table E-24 commadmin group create Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user who has permission to execute this command. |
-n domain |
The domain of the user specified by the -D option. |
-G groupname |
The name of the group (for example, mktg-list). |
Table E-25 displays the options that are non-mandatory:
Table E-25 commadmin group create Non-Mandatory Options
Option | Description |
---|---|
-A[+] attributename:value |
An attribute to modify. The attributename is defined in the LDAP schema and value replaces any and all current values for this attribute in the directory. Repeat this option to modify multiple attributes at the same time, or to specify multiple values for the same attribute. A + before the attributename indicates adding the value to the current list of attributes. |
-d domain |
The fully qualified domain name of the group (for example, example.com). The default is the local domain. If -d is not specified, the domain specified by -n is used. |
-f ldap-filter |
Creates dynamic groups. Setup the LDAP filter by specifying an attribute or a combination of attributes. Multiple -f commands can be specified to define many LDAP filters for members of a group. The LDAP filter should define members within the group's organization. Even if the LDAP filter specifies another organization, this value defaults to the group's organization. This constraint prevents members who belong to an outside organization from being added to the group. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-m internal-member |
User ID or mail: address of the internal members added to this group. To add more than one member, use multiple -m options. This option should be used to create static groups. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-v |
Enables debugging output. |
-V |
Prints information about the commands and its version. |
-S service |
Specifies the services to be added to the Group. service can have the value of a single service or multiple services. The valid service values are mail and cal. These values are case-insensitive. The list of services is separated by the comma (,) delimiter. For Example: -S mail,cal |
Table E-26 displays the options that are allowed:
Table E-26 commadmin group create Options Allowed if -S mail Specified
Option | Description |
---|---|
-o owner |
The group owner's email address. An owner is the individual responsible for the distribution list. (This option is also allowed, and is mandatory, when the -S cal option is specified.) |
-E email |
The email address of the group. (This option is also allowed when the -S cal option is specified.) |
-H mail host |
The mail host to which this group responds (for example, mailhost.example.com). The default is the local mail host. |
-M external-member |
Adds an external member to this group. The value of external-member is the user email address. To add more than one member, use multiple -M options. |
-r moderator |
The moderator's email address. |
Table E-27 displays the options that, if the -S cal option is specified, are mandatory:
Table E-27 commadmind group create Option Mandatory if -S cal specified
Option | Description |
---|---|
-o owner |
The group owner's email address. An owner is the individual responsible for the Calendar group's distribution list. The group owner must have Calendar service. (This option is also allowed when the -S mail option is specified.) |
Table E-28 displays the options that, if the -S cal option is specified, are the non-mandatory options that are allowed:
Table E-28 commadmin group create Options Allowed if -S cal specified
Option | Description |
---|---|
-a true|false |
Allows or disallows calendar appointments to be accepted automatically. true enables automatic acceptance of appointments. false disables automatic acceptance of appointments. |
-b true|false |
Allows or disallows calendar appointments to be double-booked, permitting more than one appointment at the same time. true enables double-booking of appointments. false disables double-booking of appointments. |
-c group id |
Specifies a group ID for the Calendar group. If this option is not specified, Delegated Administrator automatically supplies a group ID. |
-E email |
The email address of the group. This address is used to notify group members of Calendar events. (This option is also allowed when the -S cal option is specified.) |
-j DWPHost |
The DNS name of the back-end calendar server which hosts this Calendar group's calendar. This host is the Database Wire Protocol (DWP) server that stores the calendar and its data. If the DNS name of the back-end calendar server is not specified, the value stored in the {{ics.conf}} file of the server is used as the default value. |
-q secondary owner |
The secondary owner's email address. A secondary owner can manage the Calendar group's distribution list. To add more than one secondary owner, use multiple -q secondary owner options. All secondary owners must have Calendar service. |
-t time zone |
The time zone used to display the Calendar group's calendar in the calendar's user interface. See Calendar Time Zone Strings for a list of the valid time zone strings. |
To create a group testgroup in the domain example.com:
commadmin group create -D chris -n example.com -G testgrou -d example.com -m lorca@example.com -S mail,cal -M achiko@example.com -o achiko@example.com -c calgroup1
The commadmin group delete command marks a single group as deleted. To mark multiple groups as deleted, use the -i option.
To disable a group's usage of services such as Calendar Server or Messaging Server, use the -S option. Here S is in uppercase.
Note:
In order to permanently remove a group, you must run the following command: commadmin domain purge. See "commadmin domain purge" for details.commadmin group delete -D login -G groupname -n domain [-d domain] [-h] [-?] [-i inputfile] [-p DA server port] [-s] [-S service] [-v] [-V] [-X DA server host name]
Table E-29 displays the options that are mandatory:
Table E-29 commadmin group delete Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user who has permission to execute this command. |
-G groupname |
The name of the group to be marked as deleted. For example, mktg-list. |
-n domain |
The domain of the user specified by the -D option. |
Table E-30 displays the options that are non-mandatory:
Table E-30 commadmin group delete Non-Mandatory Option
Option | Description |
---|---|
-d domain |
The domain of the group. If -d is not specified, the domain specified by the -n option is used. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-S service |
Modifies the value of the specified service status attribute value to deleted. The services listed with the -S option are separated by a comma. The valid service values are mail and cal. These values are case-insensitive. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
The following example marks the group testgroup@example.com as deleted:
commadmin group delete -D chris -n example.com -G testgroup -d example.com
The following example marks the mail service for testgroup@example.com as deleted:
commadmin group delete -D chris -n example.com -G testgroup -d example.com -S mail
The commadmin group modify command changes the attributes of a single group that already exists in the LDAP directory. To change the attributes of multiple groups, use the -i option.
A mailing list is one type of group. When a message is sent to the group address, Messaging Server sends the message to all members in the group.
commadmin group modify -D login -G groupname -n domain [-A [+|-]attributename:value] [-d domain] [-f [action]ldap-filter] [-h] [-?] [-i inputfile]
[-m [+|-]internal-member] [-p DA server port] [-s] [-v] [-V] [-X DA server host name] [-S mail [-o owner] [-E email] [-H mailhost] [-M external-member] [-r moderator]
[-a true|false ] [-b true|false ] [-c group id] [-j DWPHost] [-q secondary owner] [-t time zone]
Table E-31 displays the options that are mandatory:
Table E-31 commadmin group modify Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user with permission to execute this command. |
-G groupname |
The name of the group to be modified. For example, mktg-list. |
-n domain |
The domain of the user specified by the -D option. |
Table E-32 displays the following non-mandatory options:
Table E-32 commadmin group modify Non-Mandatory Options
Option | Description |
---|---|
-A [+|-] attributename:value |
An attribute to modify. The attributename is defined in the LDAP schema and value replaces any and all current values for this attribute in the directory. Repeat this option to modify multiple attributes at the same time, or to specify multiple values for the same attribute. A + before the attributename indicates adding the value to the current list of attributes. A - indicates removing the value. If the - is used, it must be preceded by two backslashes or enclosed in quotes if the command is specified on the command line. If the option is provided within an input file, one backslash must precede the - sign. |
-d domain |
The domain of the group. If -d is not specified, the domain specified by the -n option is used. |
-f [action] ldap-filter |
Indicates whether a ldap filter is added to or removed from the group A + before the ldap-filter indicates that it is to be added to the existing filters. A - indicates removing the existing filter. Type -f- to remove all the filters. If the - is used, it must be preceded by two backslashes or enclosed in quotes if the command is specified on the command line. If action is not specified, by default the filter is added provided it is not already present. Otherwise an error message is displayed. The LDAP filter should define members within the group's organization. Even if the LDAP filter specifies another organization, this value defaults to the group's organization. This constraint prevents members who belong to an outside organization from being added to the group. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-m [action] internal-member |
Indicates whether to add or remove an internal member. An action value of: + adds the member to an existing list of internal members. - removes the member from an existing list of internal members. If the - is used, it must be preceded by two backslashes or enclosed in quotes if the command is specified on the command line. The value of internal--member is either a mail address or user ID. -m* removes all the internal members. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the local host if no default was configured at install time. |
-S service |
Specifies the services to be added to the group during modification. Before a service is added, Delegated Administrator validates whether the service already exists. If the service exists, an error message is displayed. service can have the value of a single service or multiple services. The valid service values are mail and cal. These values are case-insensitive. The list of services is separated by the comma (,) delimiter. For Example: -S mail,cal |
Table E-33 displays the options that, if the -S mail option is specified, are allowed:
Table E-33 commadmin group modify Options Allowed if -S mail Specified
Option | Description |
---|---|
-o owner |
The group owner's email address. An owner is the individual responsible for the distribution list. (This option is also allowed, and is mandatory, when the -S cal option is specified.) |
-E email |
The email address of the group. (This option is also allowed when the -S cal option is specified.) |
-H mail host |
The mail host to which this group responds (for example, mailhost.example.com). The default is the local mail host. |
-M external-member |
Adds an external member to this group. The value of external-member is the user's email address. To add more than one member, use multiple -M options. |
-r moderator |
The moderator's email address. |
Table E-34 displays the options that, if the -S cal option is specified, are the options that are mandatory:
Table E-34 commadmin group modify Options Mandatory if -S cal Specified
Option | Description |
---|---|
-o owner |
The group owner's email address. An owner is the individual responsible for the Calendar group's distribution list. The group owner must have Calendar service. (This option is also allowed when the -S mail option is specified.) |
Table E-35 displays the options that, if the -S cal option is specified, are the non-mandatory options that are allowed:
Table E-35 commadmin group modify Options Allowed if -S cal Specified
Option | Description |
---|---|
-a true|false |
Allows or disallows calendar appointments to be accepted automatically. true enables automatic acceptance of appointments. false disables automatic acceptance of appointments. |
-b true|false |
Allows or disallows calendar appointments to be double-booked, permitting more than one appointment at the same time. true enables double-booking of appointments. false disables double-booking of appointments. |
-c group id |
Specifies a group ID for the Calendar group. If this option is not specified, Delegated Administrator automatically supplies a group ID. |
-E email |
The email address of the group. This address is used to notify group members of Calendar events. (This option is also allowed when the -S cal option is specified.) |
-j DWPHost |
The DNS name of the back-end calendar server which hosts this Calendar group's calendar. This host is the Database Wire Protocol (DWP) server that stores the calendar and its data. If the DNS name of the back-end calendar server is not specified, the value stored in the {{ics.conf}} file of the server is used as the default value. |
-q secondary owner |
The secondary owner's email address. A secondary owner can manage the Calendar group's distribution list. To add more than one secondary owner, use multiple -q secondary owner options. All secondary owners must have Calendar service. |
-t time zone |
The time zone used to display the Calendar group's calendar in the calendar's user interface. See Calendar Time Zone Strings for a list of the valid time zone strings. |
To remove an internal member (jsmith) from the group testgroup within the domain example.com:
commadmin group modify -D chris -d example.com -G testgroup -n example.com -m jsmith
To add Calendar service to the group testgroup within the domain example.com:
commadmin group modify -D chris -d example.com -G testgroup -n example.com -S cal -o achiko@example.com -c calgroup1
The commadmin group search command obtains all the directory properties associated with a single group. To obtain all the directory properties for multiple groups, use the -i option.
commadmin group search -D login -n domain [-d domain] [-E string] [-G string] [-h] [-?] [-i inputfile] [-p DA server port] [-s] [-S service]
[-t search template] [-v] [-V] [-X DA server host name]
Table E-36 displays the options that are mandatory:
Table E-36 commadmin group search Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user with permission to execute this command. |
-n domain |
The domain of the user specified by the -D option. |
Table E-37 displays the options that are non-mandatory:
Table E-37 commadmin group search Non-Mandatory Options
Option | Description |
---|---|
-d, domain |
The domain of the group to be searched. If -d is not specified, all domains are searched. |
-E string |
Email address of the group. The wildcard operator (*) may be used within any part of string. |
-G string |
The name of the group to be searched. For example, mktg-list. If -G is not specified, all groups in the domain specified by -d are displayed. The wildcard operator (*) may be used within any part of string. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-p DA server port |
Specifies an alternate TCP port where the IS server is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-S service |
Specifies the service to be searched. The only valid value for service is mail. This value is case-insensitive. For Example: {{-S mail}}. Only groups with active services are displayed. |
-t Search Template |
Specifies the name of the search templates to be used instead of the default search templates. This is an entry in the directory that defines the filter for the search. Only active groups are searched for. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
To search for a group named developers under the example.com domain:
commadmin group search -D chris -n example.com -G developers -d example.com
The commadmin resource create command creates a directory entry for a resource.
See "Creating a Resource" for instructions on creating a resource.
commadmin resource create -D login -E email -n domain -u identifier -N name [-c calendar identifier] [-A [+]attributename:value]
[-C DWPHost] [-d domainname ] [-h] [-?] [-i inputfile] [-o owner] [-p DA server port] [-s] [-T time zone] [-u uid] [-v] [-V] [-X DA server host name]
Table E-38 displays the options that are mandatory:
Table E-38 commadmin resource create Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user with permission to execute this command. |
-E email |
Specifies the resource's email address. |
-n domain |
Domain of the user specified with the -D option. |
-u identifier |
Resource's unique identifier. This identifier value should be unique within the domain name space or within all the users and resources the calendar manages in the calendar mode. |
-N name |
Friendly name used to display the resource in the calendar GUI. |
-c calendar identifier |
Identifier for this resource's calendar. The identifier value should be unique throughout all the calendars managed by the Calendar Server. |
Table E-39 displays the options that are non-mandatory:
Table E-39 commadmin resource create Non-Mandatory Options
Option | Description |
---|---|
-A [+] attributename:value |
An attribute to modify. The attributename is defined in the LDAP schema and value replaces any and all current values for this attribute in the directory. Repeat this option to modify multiple attributes at the same time, or to specify multiple values for the same attribute. A + before the attributename indicates adding the value to the current list of attributes. |
-C DWPHost(Applies to Calendar Server 6) |
The DNS name of the back end calendar server which hosts this user's calendars. If the DNS name of the back-end calendar server is not specified, the value stored in the ics.conf file of the server is used as the default value. |
-d domain name |
Domain of the resource. If -d is not specified, the domain specified by -n is used. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-o owner |
Specifies the owner of the resource's calendar (user ID). The resource owner must be a user ID that resides in the domain of the resource. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-T time zone |
The time zone used to display the resource's calendar in the calendar's user interface. See Calendar Time Zone Strings for a list of the valid time zone strings. |
-u uid |
Specifies the resource's unique ID. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
To create a resource with name peter in the calendar cal.siroe.com under the domain example.com:
commadmin resource create -D chris -n example.com -w bolton -d example.com -u id -c calid -N peter -C cal.example.com
A resource consists of two data descriptions: a directory entry and a calendar in the Calendar Server database. The directory entry has an attribute, icsCalendar, whose value is the name of the calendar associated with the resource.
You can create a resource with the two data descriptions, using either of the following methods:
Use commadmin resource create to create a directory entry.
The calendar for the resource is created automatically when the resource is first invited to an event. The ics.conf parameter, resource.invite.autoprovision, determines whether a resource's calendar is created automatically when the resource is invited to an event. By default, the value of this parameter is set to Yes. To create the resource's calendar before any invitations are sent to the resource, use the cscal command.
Example:
Use commadmin resource create to create a directory entry:
commadmin resource create -D amadmin -n blink.example.com -X blink -p 5555 -d example.com -u resourceOne -N firstResource -c resourceOneCalendar
The directory entry is as follows:
dn: uid=resourceONE,ou=People,o=example,o=domainroot uid: resourceONE objectClass: icsCalendarResource objectClass: top cn: firstResource icsStatus: active icsCalendar: resourceOne
Use the csresource command by itself. The csresource command creates a directory entry and a calendar.
However, using csresource to create both the directory entry and the calendar is only recommended if the directory is in a Schema 1 environment and you are not using Access Manager.
You can now log in as any user and invite the resource to an event.
The commadmin resource delete command marks the resource as deleted.
Note:
To permanently remove the resource, run the "commadmin domain purge" command.commadmin resource delete -D login -u identifier -n domain [-d domainname] [-h] [-?] [-i inputfile] [-p DA server port] [-s] [-v] [-V] [-X DA server host name]
Table E-40 displays the options that are mandatory:
Table E-40 commadmin resource delete Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user with permission to execute this command. |
-n domain |
Domain of the user specified with the -D option. |
-u identifier |
Resource's unique identifier. |
Table E-41 displays the options that are non-mandatory:
Table E-41 commadmin resource delete Non-Mandatory Options
Option | Description |
---|---|
-d domainname |
Domain of the resource. If -d is not specified, the domain specified by -n is used. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specify the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
To mark a resource as deleted:
commadmin resource delete -D chris -n example.com -u bill023
The commadmin resource modify command modifies the resource.
commadmin resource modify -D login -n domain -u identifier [-A [+|-]attributename:value] [-d domainname ] [-h] [-?] [-i inputfile] [-N name] [-p DA server port] [-s] [-T time zone] [-v] [-V] [-X DA server host name]
Table E-42 displays the options that are mandatory:
Table E-42 commadmin resource modify Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user with permission to execute this command. |
-n domain |
Domain of the user specified with the -D option. |
-u identifier |
Resource's unique identifier. |
Table E-43 displays the options that are non-mandatory:
Table E-43 commadmin resource modify Non-Mandatory Options
Option | Description |
---|---|
-A [+ or -] attributename:value |
An attribute to modify. The attributename is defined in the LDAP schema and value replaces any and all current values for this attribute in the directory. Repeat this option to modify multiple attributes at the same time, or to specify multiple values for the same attribute. A + before the attributename indicates adding the value to the current list of attributes. A - indicates removing the value. If a - is used, it must be preceded by two backslashes if the command is specified on the command line. If the option is provided within an input file, one backslash must precede the - sign. |
-d domainname |
Domain of the resource. If -d is not specified, the domain specified by -n is used. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-N name |
Common name used to display the resource in the calendar user interface. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-T time zone |
The time zone used to display resource's calendar in the calendar GUI. See Calendar Time Zone Strings for a list of the valid time zone strings. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
To modify a resource with the unique identifier bill023 with a new common name bjones:
commadmin resource modify -D chris -n example.com -d test.com -u bill023 -N bjones
The commadmin resource search command searches for a resource.
commadmin resource search -D login -n domain [-d domain] [-h] [-?] [-i inputfile] [-N string] [-p DA server port] [-s] [-t Search Template]
[-u string] [-V] [-v] [-X DA server host name]
Table E-44 displays the options that are mandatory:
Table E-44 commadmin resource search Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user with the permission to execute this command. |
-n domain |
Domain of the user specified with the -D option. |
Table E-45 displays the options that are non-mandatory:
Table E-45 commadmin resource search Non-Mandatory Options
Option | Description |
---|---|
-d domain |
Domain of the resource. Search is performed only in the domain. If -d is not specified or -d* is specified, then all domains are searched. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-N string |
Enter the resource's common name. The wildcard operator (*) may be used within any part of string. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-t Search Template |
Specifies the name of the search templates to be used instead of the default search templates. This is an entry in the directory that defines the filter for the search. Only active resources are searched for. |
-u string |
The resource identifier specified must be unique for the domain name space or for all the users and resources the calendar manages. The wildcard operator (*) may be used within any part of string. If the identifier is not specified or -l* is specified all resources are displayed during the search. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specify the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
To search for a resource arabella in the domain example.com:
commadmin resource search -D serviceadmin -n example.com -d example.com -u arabella
The commadmin user create command creates a single user in the LDAP directory. To create multiple users, use the -i option.
Note:
Starting with Delegated Administrator for Oracle Communications Unified Communications Suite, the -S and -A (inetcos) options should not be used together for service modifications as the two provisioning models compete.commadmin user create -D login -F firstname -n domain -L lastname -l userid [-A [+]attributename:value] [-d domain] [-I initial]
[-h] [-?] [-i inputfile] [-p DA server port] [-s] [-v] [-V] [-X DA server host name] [-S mail [-E email] [-H mailhost]] [-S cal [-B DWPHost]
[-E email] [-k calid_type] [-J First Day of Week] [-T time zone]] [-S im]
Table E-46 displays the options that are mandatory:
Table E-46 commadmin user create Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user with permission to execute this command. |
-F first_name |
The user's first name; must be a single word without any spaces. |
-n domain |
The domain of the user specified with the -D option. |
-l user_id |
The user's login name. Values entered with this option are limited to printable ASCII characters. For mail users, the following additional restrictions apply:
|
-L last_name |
The user's last name. |
Table E-47 displays the options that are non-mandatory:
Table E-47 commadmin user create Non-Mandatory Options
Option | Description |
---|---|
-A[+] attributename:value |
An attribute to modify. The attributename is defined in the LDAP schema and value replaces any and all current values for this attribute in the directory. Repeat this option to modify multiple attributes at the same time, or to specify multiple values for the same attribute. A + before the attributename indicates adding the value to the current list of attributes. |
-d domain |
Domain of the user. If -d is not specified, the domain specified by -n is used. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-I initial |
User's middle initial. |
-h, -? |
Prints command usage syntax. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the directory. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
-S service |
Adds the specified service to the user during creation. service can have the value of a single service or multiple services. The valid service values are mail, cal, and im. These values are case-insensitive. The list of services is separated by the comma (,) delimiter. For Example: -S mail,cal,im |
Table E-48 displays the options that, if the -S mail option is specified, are the non-mandatory options that are allowed:
Table E-48 commadmin user create Options Allowed if -S mail Specified
Option | Description |
---|---|
-E email |
The email address of the user. |
-H mail host |
The mail host of the user. |
Table E-49 displays the options that, if the -S cal option is specified, are the non-mandatory options that are allowed:
Table E-49 commadmin user create Options Allowed if -S cal Specified
Option | Description |
---|---|
-B DWPHost |
DNS name of the back-end calendar that hosts the user's calendar. |
-E email |
The email address of the calendar user. |
-J First Day of Week |
First day of the week shown when the calendar is displayed in the calendar server user interface. The valid values are 0-6 (0 is Sunday, 1 is Monday, and so on). |
-k calid_type |
Specifies the type of calendar id that is created. The accepted values are legacy and hosted. If -k legacy is specified, only the calendar id is used (for example, jsmith). If -k hosted is specified, the calendar id plus domain is used (for example, jsmith@example.com). If the -k option is not specified, the default is to use the calendar id plus domain (hosted). You can set the value of the calendar id type that is created if the -k option is not specified. To do so, add the following parameter to the resource.properties file:
switch-caltype=value
where value is hosted or legacy. The resource.properties file is located in the following directory:
DelegatedAdmin_home/data/WEB-INF/classes/sun/comm/cli/server/servlet/resource.properties
|
-T time zone |
The time zone in which the user's calendar is displayed. See Calendar Time Zone Strings for a list of the valid time zone strings. |
To create a new user, smith, enter:
commadmin user create -D chris -n example.com -F smith -l john -L major -S mail -H mailhost.example.com
The commadmin user delete command marks a single user as deleted. To mark multiple users as deleted, use the -i option.
This command only marks a user as deleted; it does not remove the user entry from the directory.
No undelete command exists. However, you can use the ldapmodify command to change the status attribute of a user entry to active at any time before the purge grace period has expired and a purge is set to run against the entry.
The following steps summarize how to remove a user from the directory. For more information, see Removing Users, Groups, and Services from a Domain.
Mark the user as deleted by running the commadmin user delete command.
Remove resources from the user.
A resource can be a mailbox or a calendar.
For mail services, the command is called msuserpurge.
For calendar services, the program is csclean. Refer to Sun Java System Calendar Server System Administrator's Guide for information about the csclean command.
Permanently remove the user by invoking the commadmin domain purge command.
See "commadmin domain purge" for reference details.
commadmin user delete -D login -n domain -l login name [-d domain] [-h] [-?] [-i inputfile] [-p DA server port] [-s] [-S service] [-v] [-V]
[-X DA server host name]
Table E-50 displays the options that are mandatory:
Table E-50 commadmin user delete Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user with the permission to execute this command. |
-n domain |
The domain of the user specified with the -D option. |
-l userid |
The user ID of the user to be deleted. |
Table E-51 displays the options that are non-mandatory:
Table E-51 commadmin user delete Non-Mandatory Options
Option | Description |
---|---|
-d domain |
Domain of the user. If -d is not specified, the domain specified by -n is used. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the directory. |
-S service |
Specifies the services to be removed from the user. The user remains active, but only the specified services are deactivated. If -S is not specified, then the user is deleted. service can have the value of a single service or multiple services. The valid service values are mail, cal, and im. These values are case-insensitive. The list of services is separated by the comma (,) delimiter. For example: -S mail,cal,im |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
To mark an existing user as deleted:
commadmin user delete -D chris -n example.com -l smith
To delete the mail services only from user smith:
commadmin user delete -D chris -n example.com -l smith -S mail
The commadmin user modify command modifies attributes of a single user's directory entry. To modify multiple users, use the -i option.
commadmin user modify -D login -n domain -l userid [-A [+|-]attributename:value] [-d domain] [-h] [-?] [-i inputfile] [-p DA server port]
[-s] [-v] [-V] [-X DA server host name] [-S mail -H mailhost [-E email]] [-S cal [-B DWPHost] [-E email] [-k calid_type] [-J First Day of Week]
[-T time zone]] [-S im]
Table E-52 displays the options that are mandatory:
Table E-52 commadmin user modify Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user with permission to execute this command. |
-n domain |
Domain of the user specified with the -D option. |
-l userid |
User's login ID. |
Table E-53 displays the options that are non-mandatory:
Table E-53 commadmin user modify Non-Mandatory Options
Option | Description |
---|---|
-A [+ or -] attributename:value |
An attribute to modify. The attributename is defined in the LDAP schema and value replaces any and all current values for this attribute in the directory. You can repeat this option to modify multiple attributes at the same time, or to specify multiple values for the same attribute. A + before the attributename indicates adding the value to the current list of attributes. A - indicates removing the value. If the - is used, it must be preceded by two backslashes if the command is specified on the command line. If the option is provided within an input file, one backslash must precede the - sign. |
-d domain |
Domain of the user or group. If -d is not specified, the domain specified by -n is used. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-p DA server port |
Specifies an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the Delegated Administrator Server or to Access Manager. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
-S service |
Adds the specified services to the user after validating whether the user has the service specified with -S option. If the user already has the service an error message is displayed. services can have the value of a single service or multiple services. The valid service values are mail, cal, and im. These values are case-insensitive. The list of services is separated by the comma (,) delimiter. For example: -S mail,cal,im |
Table E-54 displays the options that, if the -S mail option is specified, are the non-mandatory options that are allowed:
Table E-54 commadmin user modify Options Allowed if -S mail Specified
Option | Description |
---|---|
-E email |
Specifies the email address of the user. |
-H mail host |
The mail host of the user. This option is mandatory if the -S mail option is specified. |
Table E-55 displays the options that, if the -S cal option is specified, are the non-mandatory options that are allowed:
Table E-55 commadmin user modify Options Allowed if -S cal Specified
Option | Description |
---|---|
-B DWPHost |
Specifies the DNS name of the back-end calendar server that hosts this user's calendars. Note: This attribute can only be added and cannot be modified if it already exists. |
-E email |
Specifies the email address for the calendar user. |
-J First Day of Week |
The first day of the week shown when the calendar is displayed in the calendar server user interface. The valid values are 0-6 (0 is Sunday, 1 is Monday, and so on). |
-k calid_type |
Specifies the type of calendar id that is created (when adding the calendar service). The accepted values are legacy and hosted. If -k legacy is specified, only the calendar id is used (for example, jsmith). If -k hosted is specified, the calendar id plus domain is used (for example, jsmith@example.com). If the -k option is not specified, the default is to use the calendar id plus domain (hosted). You can set the value of the calendar id type that is created if the -k option is not specified. To do so, add the following parameter to the resource.properties file:
switch-caltype=value
where value is hosted or legacy. The resource.properties file is located in the following directory: DelegatedAdmin_home/data/WEB-INF/classes/sun/comm/cli/server/servlet/resource.properties |
-T time zone |
The time zone in which the user's calendar is displayed. See Calendar Time Zone Strings for a list of the valid time zone strings. |
The following example adds a mail service for the user smith:
commadmin user modify -D chris -n example.com -l smith -A description:"new description" -S mail -H mail host.siroe.com
In this example, a mail forwarding address is added for user smith:
commadmin user modify -D chris -n example.com -l smith -A +mailforwardingaddress:tsmith@siroe.com
The commadmin user search command displays all provisioned directory properties associated with a single user. To obtain all the directory properties for multiple users, use the -i option. Only active users are displayed after a search.
commadmin user search -D login -n domain [-d domain] [-E string] [-F string] [-h] [-?] [-i inputfile] [-L string] [-l string]
[-p DA server port] [-s] [-S service] [-t Search Template] [-v] [-V] [-X DA server host name]
Table E-56 displays the options that are mandatory:
Table E-56 commadmin user search Mandatory Options
Option | Description |
---|---|
-D login |
The user ID of the user with permission to execute this command. |
-n domain |
The domain of the user specified with the -D option. |
Table E-57 displays the options that are non-mandatory:
Table E-57 commadmin user search Non-Mandatory Options
Option | Description |
---|---|
-d domain |
The domain of the user. The user is searched only in the specified domain. If -d is not specified, all domains are considered for the search. |
-E string |
Searches for user's mail address. The wildcard operator (*) may be used within any part of string. |
-F string |
Searches for user's first name. The wildcard operator (*) may be used within any part of string. |
-h, -? |
Prints command usage syntax. |
-i inputfile |
Reads the command information from a file instead of the command line. An option value specified in the input file overrides any value for the same option set in the command line. |
-L string |
Searches for user's last name. The wildcard operator (*) may be used within any part of string. |
-l string |
Searches for user's login name. The wildcard operator (*) may be used within any part of string. |
-p DA server port |
Use this option to specify an alternate TCP port where Delegated Administrator is listening. If not specified, the default DA server port is used, or Port 80 is used if no default was configured at install time. |
-s |
Use SSL (Secure Socket Layer) to connect to the directory. |
-S service |
Specifies the services to match in the user search. services can have the value of a single service or multiple services. The valid service values are mail, cal, im, and contacts. These values are case-insensitive. The list of services is separated by the comma (,) delimiter. For example: -S mail,cal,im,contacts |
-t Search template |
Specifies the name of the search templates to be used instead of the default search templates. This is an entry in the directory that defines the filter for the search. Only active users are searched for. |
-v |
Enables debugging output. |
-V |
Prints information about the command and its version. |
-X DA server host name |
Specifies the host on which Delegated Administrator is running. If not specified, the default DA server host name is used, or the localhost if no default was configured at install time. |
The following example searches for users in the example.com domain:
commadmin user search -D chris -d example.com -n example.com
Table E-58 shows who has permission to run the various commadmin commands.
Table E-58 Permission to Run commadmin Commands
Command | Description | Permission to Run* |
---|---|---|
commadmin admin add |
Grants Organization Administrator privileges to a user |
Top-Level Administrator |
commadmin admin remove |
Revokes Organization Administrator privileges from a user |
Top-Level Administrator |
commadmin search |
Searches and displays users who have Organization Administrator privileges |
Top-Level Administrator Organization Administrator |
commadmin debug log |
Creates a debug log |
Top-Level Administrator |
commadmin domain create |
Creates a domain |
Top-Level Administrator |
commadmin domain delete |
Deletes a domain |
Top-Level Administrator |
commadmin domain modify |
Modifies a domain |
Top-Level Administrator |
commadmin domain purge |
Purges a domain |
Top-Level Administrator |
commadmin domain search |
Searches for a domain |
Top-Level Administrator |
commadmin group create |
Creates a group |
Top-Level Administrator Organization Administrator |
commadmin group delete |
Deletes a group |
Top-Level Administrator Organization Administrator |
commadmin group modify |
Modifies a group |
Top-Level Administrator Organization Administrator |
commadmin group search |
Searches for a group |
Anyone |
commadmin resource create |
Creates a resource |
Top-Level Administrator Organization Administrator |
commadmin resource modify |
Modifies a resource |
Top-Level Administrator Organization Administrator |
commadmin resource delete |
Deletes a resource |
Top-Level Administrator Organization Administrator |
commadmin resource search |
Searches for a resource |
Anyone |
commadmin user create |
Creates a user |
Top-Level Administrator Organization Administrator |
commadmin user delete |
Deletes a user |
Top-Level Administrator Organization Administrator |
commadmin user search |
Searches for a user |
Anyone |
commadmin user modify |
Modifies a user |
Top-Level Administrator Organization Administrator |
Note:
Delegated Administrator does not support the Service Provide Administrator's use of the commadmin command.