Command Reference
tpusradd
—Adds a new principal on the system.
tpusradd [-u
UID
] [-g
GID
] [-c
client_name
]
usrname
Invoking tpusradd
adds a new principal (user or domain) entry to the BEA Tuxedo security data files. This information is used for per-user authentication with the AUTHSVR(5) server.
Before you can run this command successfully, you must:
tmloadcf(1)
.TUXCONFIG
environment variable to point to your TUXCONFIG
file. SECURITY
to USER_AUTH
, ACL
, or MANDATORY_ACL
.tpusradd
must be run on the configuration MASTER
if the application is not active; if active, this command can run on any active node.
The system file entries created with this command have a limit of 512 characters per line. Specifying long arguments to several options may exceed this limit.
The following options are available.
The user identification number. UID
must be a positive decimal integer below 128K. UID
must be unique within the list of existing identifiers for the application. UID
defaults to the next available (unique) identifier greater than 0.
An existing group's integer identifier or character-string name. This option defines the new user's group membership It defaults to the "other" group (identifier 0).
A string of printable characters that specifies the client name associated with the user. If specified, it generally describes the role of the associated user, and provides a further qualifier on the user entry. It may not contain a colon (:
) or a newline (\n
). If not specified, the default is the wildcard `*
' which will authenticate successfully for any client name specified.
The administrator is prompted for an initial password to be associated with the user.
See AUTHSVR(5) for further information about per-user authentication and configuring administrator permissions.
This command is available on any platform on which the BEA Tuxedo server environment is supported.
The tpusradd
command exits with a return code of 0
upon successful completion.
The following sequence of command invocations shows the construction of a simple user file.
$ # 1. Add usrname foo with cltname bar and UID 100
$ tpusradd -u 100 -c bar foo
$ # 2. Add usrname foo with tpsysadm cltname and no UID
$ tpusradd -c tpsysadm foo
The following table shows the user entry (indicated by the numbers shown above) used to authenticate various requests for access to the application and the associated UID and GID. N/A
indicates that the request is disallowed because there is no entry in the user file against which a match can be attempted.
Usrname Cltname Password Entry Uid Gid
------- ------- -------------- --- ---
"foo" "bar" 2 100 0
"foo" "" 1 1 0
"foo" "tpsysadm" 3 0 8192
"guest" "tpsysadm" N/A N/A N/A
The following is an example "SERVERS" section entry for an instance of AUTHSVR
that works with the user file generated above.
AUTHSVR SRVGRP=G SRVID=1 RESTART=Y GRACE=0 MAXGEN=2 CLOPT="-A"
tpgrpadd(1)
, tpgrpdel(1)
, tpgrpmod(1)
, tpusrdel(1)
, tpusrmod(1)
, AUTHSVR(5)