WebLogic Server Command-Line Interface Reference

e-docs > WebLogic Server > Administration Guide > WebLogic Server Command-Line Interface Reference

Administration Guide

WebLogic Server Command-Line Interface Reference

The following sections discuss the WebLogic Server command-line interface syntax, and describe each WebLogic Server administration, connection pool administration, and MBean management command:

To deploy J2EE modules on a WebLogic Server instance, use the weblogic.Deployer command-line utility. See "Deployment Tools and Procedures" in Deploying WebLogic Server Applications.

About the Command-Line Interface

As an alternative to the Administration Console, WebLogic Server offers a command-line interface to its administration tools, as well as to many configuration and run-time MBean properties.

Use the command-line interface if:

You want to create scripts for administration and management efficiency.
You cannot access the Administration Console through a browser.
You prefer using the command-line interface over a graphical user interface.

Before You Begin

Before you use the weblogic.Admin utility, set up your environment as follows:

Install and configure the WebLogic Server software, as described in the WebLogic Server Installation Guide
Add WebLogic Server classes to the CLASSPATH environment variable. See Setting the Classpath.
If you want the weblogic.Admin utility to use a listen port that is reserved for administration traffic, you must configure a domain-wide administration port as described in "Configuring a Domain-Wide Administration Port.

Using WebLogic Server Administration Commands

This section presents the syntax and required arguments for using WebLogic Server administration commands. The commands are not case-sensitive.

Syntax

java weblogic.Admin [-url URL] 
   [ { -username username [-password password] } |
     { [-userconfigfile config-file] [-userkeyfile admin-key] } 
   ]
   COMMAND arguments

Connection and User Credentials Arguments

When you invoke most weblogic.Admin commands, you specify the arguments in Table 13-1 to connect to a WebLogic Server instance and to specify the user credentials of a WebLogic Server user who has permission to invoke the command.

Table 13-1 Conection and User Credentials Arguments

Argument	Definition
-url URL	Specifies one of the following: The listen address of the domain's Administration Server. In most cases, we recommend that you use this URL because it runs the command within the security context of the Administration Server. The listen address of the WebLogic Server that is the target of the command. Use this URL if you cannot access the Administration Server and you want to target a Managed Server. The format is hostname:port. The default is localhost:7001. Note: If you want to specify an administration port, make sure your system administrator has set up an administration port for all server instances in the domain as described in "Configuring a Domain-Wide Administration Port" in the Creating and Configuring WebLogic Server Domains guide.
-username username	Username that has permission to invoke the command you specify. If you do not specify this argument, weblogic.Admin uses a user-configuration file and key file. For information about permissions for system administration tasks, refer to Protecting System Administration Operations.
-password password	The password that is associated with the username. If you specify -username username but do not specify the -password argument, weblogic.Admin prompts you for a password. If WL_HOME\server\bin is specified in the PATH environment variable, weblogic.Admin uses a set of WebLogic Server libraries that prevent the password from being echoed to standard out. For information on setting environment variables, see Setting the Classpath.
-userconfigfile config-file	Specifies the name and location of a user-configuration file, which contains an encrypted username and password. The encrypted username must have permission to invoke the command you specify. If you do not specify -userconfigfile config-file, weblogic.Admin searches for a user-configuration file at the default path name. (See STOREUSERCONFIG.)
-userkeyfile admin-key	Specifies the name and location of the key file that is associated with the user-configuration file you specify. When you create a user-configuration file, the STOREUSERCONFIG command uses a key file to encrypt the username and password. Only the key file that encrypts a user-configuration file can decrypt the username and password. If you do not specify -userkeyfile admin-key, weblogic.Admin searches for a key file at the default path name. (See STOREUSERCONFIG.)

Note: The exit code for all commands is 1 if the Administration client cannot connect to the server.

Summary of User Credentials Arguments

Table 13-1 describes the alternatives that the weblogic.Admin utility provides for passing usernames and passwords to a server instance.

In a development environment in which security is not a top priority, you can use the -username and -password arguments when invoking the weblogic.Admin utility directly on the command line or in scripts. With these arguments, the username and password are not encrypted. If you store the values in a script, the user credentials can be used by anyone who has read access to the script.

In an environment in which security is a top priority, create user-configuration files and key files. A user-configuration file contains encrypted user credentials that can be decrypted only by a single key file. You can include the -userconfigfile config-file and -userkeyfile admin-key arguments in scripts without exposing the plain text user credentials to those with read privileges for the script. For information about creating a user-configuration and key file, see STOREUSERCONFIG.

The following list summarizes the order of precedence for the weblogic.Admin user-credentials arguments:

If you specify -username username -password password, the utility passes the unencrypted values to the server instance you specify in the -url argument.

These arguments take precedence over the { -userconfigfile config-file -userkeyfile admin-key } arguments. If you specify both { -username username -password password } and { -userconfigfile config-file -userkeyfile admin-key }, the weblogic.Admin utility uses the { -username username -password password } arguments and ignores the user-configuration and key file arguments.
If you specify -username username, the utility prompts for a password. Then it passes the unencrypted values to the server instance you specify in the -url argument.

This argument also takes precedence over the { -userconfigfile config-file -userkeyfile admin-key } arguments.
If you specify { -userconfigfile config-file -userkeyfile admin-key } and do not specify { -username username [-password password]}, the utility passes the values that are encrypted in config-file to the server instance you specify in the -url argument.
If you specify neither { -username username [-password password] } nor { -userconfigfile config-file -userkeyfile admin-key }, the utility searches for a user-configuration file and key file at the default path names. The default path names vary depending on the JVM and the operating system. See Configuring the Default Path Name.

Examples of Providing User Credentials

The following command specifies the username weblogic and password weblogic directly on the command line:
java weblogic.Admin -username weblogic -password weblogic COMMAND

The following command uses a user-configuration file and key file that are located at the default pathname:
java weblogic.Admin COMMAND

See Configuring the Default Path Name.

The following command uses a user-configuration file named c:\wlUser1-WebLogicConfig.properties and a key file named e:\secure\myKey:
java -userconfigfile c:\wlUser1-WebLogicConfig.properties
-userkeyfile e:\secure\myKey COMMAND

WebLogic Server Administration Command Reference

The following sections provide information about the WebLogic server administration commands.

Table B-1 presents an overview of WebLogic Server administration commands. The following sections describe command syntax and arguments, and provide an example for each command.

Table B-1 WebLogic Server Administration Commands Overview

Task	Command	Description
Cancel shutting down a WebLogic Server	CANCEL_SHUTDOWN	(Deprecated) Cancels the SHUTDOWN command for the WebLogic Server that is specified in the URL.
Connect to WebLogic Server	CONNECT	Makes the specified number of connections to the WebLogic Server and returns two numbers representing the total time for each round trip and the average amount of time (in milliseconds) that each connection is maintained.
Force shutdown of a WebLogic Server	FORCESHUTDOWN	Immediately terminates a WebLogic Server process.
Determine the current state of a server	GETSTATE	Returns the current state of the WebLogic Server.
Get Help for one or more commands	HELP	Provides syntax and usage information for all WebLogic Server commands (by default) or for a single command if a command value is specified on the HELP command line.
View WebLogic Server licenses	LICENSES	Lists the licenses for all the WebLogic Server instances installed on a specific server.
List JNDI naming tree node bindings	LIST	Lists the bindings of a node in the JNDI naming tree.
Lock WebLogic Server	LOCK	(Deprecated) Locks a WebLogic Server against non-privileged logins. Any subsequent login attempt initiates a security exception which may contain an optional string message.
Migrate Services	MIGRATE	Migrates a JMS service or a JTA service to a targeted server within the cluster. See
Verify WebLogic Server listening ports	PING	Sends a message to verify that a WebLogic Server is listening on a port, and is ready to accept WebLogic client requests.
Move a server from the STANDBY state to RUNNING	RESUME	Makes a server available to receive requests from external clients.
Viewing server log files	SERVERLOG	Displays the server log file generated on a specific server.
Shut down a WebLogic Server	SHUTDOWN	Shuts down a WebLogic Server.
Start a remote managed WebLogic Server	START	Uses a configured Node Manager to start a Managed Server in the RUNNING state.
Start a remote managed WebLogic Server and place it in the STANDBY state	STARTINSTANDBY	Uses a configured Node Manager to start a Managed Server and place it in the STANDBY state.
Encrypt user credentials in a file	STOREUSERCONFIG	Creates an encrypted user-configuration file and its associated key file. You can pass the encrypted values to a server instance instead of entering a username and password on the command line.
View threads	THREAD_DUMP	Provides a real-time snapshot of the WebLogic Server threads that are currently running.
Unlock a WebLogic Server	UNLOCK	(Deprecated) Unlocks the specified WebLogic Server after a LOCK operation.
View WebLogic Server version	VERSION	Displays the version of the WebLogic Server software that is running on the machine specified by the value of URL.

Note: The exit code for all commands is 1 if the Administration client cannot connect to the server.

CANCEL_SHUTDOWN

(Deprecated) The CANCEL_SHUTDOWN command cancels the SHUTDOWN command for a specified WebLogic Server.

When you use the SHUT_DOWN command, you can specify a delay (in seconds). An administrator may cancel the shutdown command during the delay period. Be aware that the SHUTDOWN command disables logins, and they remain disabled even after cancelling the shutdown. Use the UNLOCK command to re-enable logins.

See SHUTDOWN and UNLOCK.

This command is deprecated because the ability to specify a delay in the SHUTDOWN command is also deprecated. Instead of specifying a delay in the SHUTDOWN command, you can now set attributes to control how a server shuts down. For more information, refer to "Setting the Timeout Period for Forced Shutdown Operations" in the Administration Console Online Help.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] CANCEL_SHUTDOWN

Example

In the following example, a system user named weblogic with a password of weblogic requests to cancel the shutdown of the WebLogic Server listening on port 7001 on machine localhost:

java weblogic.Admin -url t3://localhost:7001 -username weblogic 
   -password weblogic CANCEL_SHUTDOWN

CONNECT

Makes the specified number of connections to the WebLogic Server and returns two numbers representing the total time for each round trip and the average amount of time (in milliseconds) that each connection is maintained.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] CONNECT count

Argument	Definition
count	Number of connections to be made.

Example

In the following example, a user with the name adminuser and the password gumby1234 runs the CONNECT command to establish 25 connections to a server named localhost and return information about those connections:

java weblogic.Admin -url localhost:7001 -username adminuser
   -password gumby1234 CONNECT 25

FORCESHUTDOWN

Immediately terminates a server process.

When you issue this command, the server notifies all applications and subsystems to drop all current work and release all resources. A forceful shutdown could result in rolled back transactions and session loss for some clients. You can shut down a server forcefully from any state.

If you use this command for a Managed Server and it fails to respond, and if you started the server with the Node Manager, the Node Manager kills the server process.

For information on performing this task from the Administration Console, refer to Forcing Shutdown of a Server in the Administration Console Online Help.

This command is affected by the timeout period for LifeCycle operations. For more information, refer to Timeout Period for LifeCycle Operations in the WebLogic Administration Guide and Setting the Timeout Period for LifeCycle Operations in the Administration Console Online Help.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] FORCESHUTDOWN [targetserver]

Argument	Definition
targetserver	Optional. The name of the server to shut down. If you do not specify a value, the command shuts down the server that you specified in the -url argument.

Example

In the following example, a user with the username adminuser and password gumby1234 forces a server named MyServer to shut down via the Administration Server:

java weblogic.Admin -url myAdminServer:7001 -username adminuser 
-password gumby1234 FORCESHUTDOWN MyServer

In the following example, the Administration Server is not available. The same user logs on to a Managed Server's host machine and issues the following command:

java weblogic.Admin -url localhost:7001 -username adminuser 
-password gumby1234 FORCESHUTDOWN

GETSTATE

Returns the current state of a server.

For more information about server states, refer to The Server Lifecycle.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] GETSTATE targetserver

Argument	Definition
targetserver	Optional. The name of the server to shut down. If you do not specify a value, the command returns the state of the server that you specified in the -url argument.

Example

In the following example, a user with the adminuser username and password gumby1234 attempts to determine the state of a server named MyServer via the Administration Server:

java weblogic.Admin -url myAdminServer:7001 -username adminuser
-password gumby1234 GETSTATE MyServer

HELP

Provides syntax and usage information for all WebLogic Server commands (by default) or for a single command if a command value is specified on the HELP command line.

Syntax

java weblogic.Admin HELP [COMMAND]

Example

In the following example, information about using the PING command is requested:

java weblogic.Admin HELP PING

The HELP command returns the following to stdout:

Usage: weblogic.Admin [-url url] -username username 
   [-password password] <COMMAND> <ARGUMENTS>

         PING <count> <bytes>

LICENSES

Lists the licenses for all WebLogic Server instances installed on the specified server.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] LICENSES

Example

In the following example, an administrator using the default username (installadministrator) and default password (installadministrator) requests the license information for a WebLogic Server running on port 7001 of machine localhost:

java weblogic.Admin -url localhost:7001 -username installadministrator 
   -password installadministrator LICENSES

LIST

Lists the bindings of a node in the JNDI naming tree.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] LIST context

Argument	Definition
context	Required. The JNDI context for lookup, for example, weblogic, weblogic.ejb, javax.

Example

In this example, user adminuser, who has a password of gumby1234, requests a list of the node bindings in weblogic.ejb:

java weblogic.Admin -url localhost:7001 -username adminuser -password gumby1234 LIST weblogic.ejb

LOCK

(Deprecated) Locks a WebLogic Server against non-privileged logins. Any subsequent login attempt initiates a security exception which may contain an optional string message.

Note: This command is privileged. It requires the password for the WebLogic Server administrative user.

Instead of using the LOCK command, start a server in the STANDBY state. In this state, a server instance responds only to administrative requests over the domain-wide administration port. For more information, refer to STARTINSTANDBY.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] LOCK "string_message"

Argument	Definition
"string_message"	Optional. Message, in double quotes, to be supplied in the security exception that is thrown if a non-privileged user attempts to log in while the WebLogic Server is locked.

Example

In the following example, a WebLogic Server is locked.

java weblogic.Admin -url localhost:7001 -username adminuser
   -password gumby1234 
   LOCK "Sorry, WebLogic Server is temporarily out of service."

Any application that subsequently tries to log into the locked server with a non-privileged username and password receives the specified message: Sorry, WebLogic Server is temporarily out of service.

MIGRATE

Migrates a JMS service or a JTA Transaction Recovery service to a targeted server within a server cluster.

Syntax

To migrate JMS resources:

java weblogic.Admin [Connection and User Credentials Arguments]
  MIGRATE -migratabletarget "serverName (migratable)"
  -destination serverName [-sourcedown] [-destinationdown]

To migrate JTA resources:

java weblogic.Admin [-url URL] 
  -username username [-password password]
  MIGRATE -jta -migratabletarget serverName
  -destination serverName [-sourcedown] [-destinationdown]

Argument	Definition
{-url [protocol://]listen-address:listen-port}	Specify the listen address and listen port of the Administration Server. If you specify a secure listen port, you must also specify a secure protocol. If you do not specify a value, the command assumes t3://localhost:7001.
-jta	Specifies that the migration is a migration of JTA services. If you do not specify this argument, the MIGRATE command migrates JMS services.
-migratabletarget	Names the server from which the service will migrate. The syntax for the server name varies depending on the type of service you are migrating: For JMS, specify "servername (migratable)" For example, "myserver (migratable)" For JTA, specify servername For example, myserver
-destination	Names the server to which the service will migrate.
-sourcedown	Specifies that the source server is down. This switch should be used very carefully. If the source server is not in fact down, but only unavailable because of network problems, the service will be activated on the destination server without being removed from the source server, resulting in two simultaneous running versions of the same service, which could cause corruption of the transaction log or of JMS messages.
-destinationdown	Specifies that the destination server is down. A JMS service migrated to a non-running server will be lost. When migrating the JTA Transaction Recovery Service to a non-running server, the target server will assume recovery services when it is started.

Examples

In the following example, a JMS service is migrated from myserver2 to myserver3.

java weblogic.Admin -url AdminHost:7001 -username adminuser
   -password gumby1234 MIGRATE 
   -migratabletarget "myserver2 (migratable)" 
   -destination myserver3

In the following example, a JTA Transaction Recovery service is migrated from myserver2 to myserver3.

java weblogic.Admin -url AdminHost:7001 -username adminuser
   -password gumby1234 MIGRATE -jta 
   -migratabletarget myserver2 -destination myserver3 -sourcedown

PING

Sends a message to verify that a WebLogic Server is listening on a port, and is ready to accept WebLogic client requests.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] PING [round_trips] [message_length]

Argument	Definition
round_trips	Optional. Number of pings.
message_length	Optional. Size of the packet to be sent in each ping. Requests for pings with packets larger than 10 MB throw exceptions.

Example

In the following example, the command checks a WebLogic Server running on port 7001 of machine localhost ten (10) times.

java weblogic.Admin -url localhost:7001 -username adminuser 
   -password gumby1234 PING 10

RESUME

Moves a server from the STANDBY state to the RUNNING state.

For information on performing this task from the Administration Console, refer to Resuming a Server in the Administration Console Online Help. For more information about server states, refer to The Server Lifecycle.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] RESUME [targetserver]

Argument	Definition
targetserver	Optional. The name of the server to shut down. If you do not specify a value, the command resumes the server that you specified in the -url argument.

Example

In the following example, a user with the adminuser username and password gumby1234 attempts to resume a server named MyServer via the Administration Server:

java weblogic.Admin -url myAdminServer:7001 -username adminuser
-password gumby1234 RESUME MyServer

SERVERLOG

Displays the log file generated on a specific server.

If you do not specify a URL, the server log for the Administration Server is displayed by default.
If you specify a server URL, you can retrieve a log for a non-Administration Server.
If you omit the starttime and endtime arguments, a running display of the entire server log is started.

Syntax

java.weblogic.Admin [Connection and User Credentials Arguments] SERVERLOG [[starttime]|[endtime]]

Argument	Definition
starttime	Optional. Earliest time at which messages are to be displayed. If not specified, messages display starts, by default, when the SERVERLOG command is executed. The date format is yyyy/mm/dd. Time is indicated using a 24-hour clock. The start date and time are entered inside quotation marks, in the following format: "yyyy/mm/dd hh:mm"
endtime	Optional. Latest time at which messages are to be displayed. If not specified, the default is the time at which the SERVERLOG command is executed. The date format is yyyy/mm/dd. Time is indicated using a 24-hour clock. The end date and time are entered inside quotation marks, in the following format: "yyyy/mm/dd hh:mm"

Example

In the following example, a request is made for a running display of the log for the server listening on port 7001 on machine localhost.

java weblogic.Admin -url localhost:7001 -username adminuser 
-password gumby1234 SERVERLOG "2001/12/01 14:00" "2001/12/01 16:00"

The request specifies that the running display should begin at 2:00 p.m. on December 1, 2001, and end at 4:00 p.m. on December 1, 2001.

SHUTDOWN

Shuts down the specified WebLogic Server.

When you issue this command, the server invokes any shutdown classes that you have configured. It then notifies all applications and subsystems to stop receiving new requests from external clients and to complete all current work. You can shut down a server gracefully only from the RUNNING or STANDBY states.

In release 6.x, this command included an option to specify a number of seconds to wait before starting the shutdown process. This option is now deprecated. To support this deprecated option, this command must assume that any numerical value that you supply in the field immediately after the SHUTDOWN command is intended to express seconds. You cannot use this command to gracefully shut down a server whose name is made up entirely of numbers. Instead, you must use the Administration Console. For information, refer to Shutting Down a Server in the Administration Console Online Help.

Instead of specifying a delay in the SHUTDOWN command, you can now set attributes to control how a server shuts down. For more information, refer to Timeout Period for LifeCycle Operations in the WebLogic Administration Guide and Setting the Timeout Period for LifeCycle Operations in the Administration Console Online Help.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] SHUTDOWN [targetserver]

(Deprecated) java weblogic.Admin [-url URL] -username username 
   [-password password] SHUTDOWN 
   [seconds ]  ["lockMessage"] ]

Argument	Definition
targetserver	The name of the server to shut down. If you do not specify a value, the command shuts down the server that you specified in the -url argument.
seconds	(Deprecated) Optional. Number of seconds allowed to elapse between the invoking of this command and the shutdown of the server.
"lockMessage"	(Deprecated) Optional. Message, in double quotes, to be supplied in the message that is sent if a user tries to log in while the WebLogic Server is locked.

Argument

Definition

targetserver

The name of the server to shut down.

If you do not specify a value, the command shuts down the server that you specified in the -url argument.

seconds

(Deprecated) Optional. Number of seconds allowed to elapse between the invoking of this command and the shutdown of the server.

"lockMessage"

(Deprecated) Optional. Message, in double quotes, to be supplied in the message that is sent if a user tries to log in while the WebLogic Server is locked.

Example

In the following example, a user with the adminuser username and password gumby1234 shuts down a server named MyServer via the Administration Server:

java weblogic.Admin -url MyAdminServer:7001 -username adminuser 
-password gumby1234 SHUTDOWN MyServer

START

Starts a remote Managed Server using Node Manager.

This command requires the following environment:

The domain's Administration Server must be running.
The Node Manager must be running on the Managed Server's host machine.
The Managed Server's startup items and Node Manager settings must be set up as described in Managing Server Availability with Node Manager.

For information on performing this task from the Administration Console, refer to Starting a Server in the Administration Console Online Help.

Note: In the Administration Console, the Servers—>General tab includes a Startup Mode field that you use to specify the state in which a server starts. However, this setting only applies if you start a server from the local host using the weblogic.Server command. The Node Manager, and therefore the weblogic.Admin START command, does not use the value that you specify. For example, even if you specify STANDBY as the value for the Startup Mode, if you issue the weblogic.Admin START command, the server will start in the RUNNING state.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] 
   START targetserver

Argument	Definition
-url URL	Must specify the listen address of the domain's Administration Server. The default is localhost:7001.
targetserver	The name of the Managed Server to start in a RUNNING state.

Argument

Definition

-url URL

Must specify the listen address of the domain's Administration Server.

The default is localhost:7001.

targetserver

The name of the Managed Server to start in a RUNNING state.

Example

In the following example, a user with the adminuser username and password gumby1234 attempts to start a server named MyServer via the Administration Server:

java weblogic.Admin -url myAdminServer:7001 -username adminuser 
-password gumby1234 START MyServer

STARTINSTANDBY

Starts a remote Managed Server using Node Manager and places it in a STANDBY state. In this state, a server is not accessible to requests from external clients.

This command requires the following environment:

The domain's Administration Server must be running.
The Node Manager must be running on the Managed Server's host machine.
The Managed Server's startup items and Node Manager settings must be set up as described in Managing Server Availability with Node Manager.
The domain must be configured to use a domain-wide administration port as described in Configuring a Domain-Wide Administration Port.

Note: In the Administration Console, the Servers—>General tab includes a Startup Mode field that you use to specify the state in which a server starts. However, this setting only applies if you start a server from the local host using the weblogic.Server command. The Node Manager, and therefore the weblogic.Admin STARTINSTANDBY command, does not use the value that you specify. For example, even if you specify RUNNING as the value for the Startup Mode, if you issue the weblogic.Admin STARTINSTANDBY command, the server will start in the STANDBY state.

For information on performing this task from the Administration Console, refer to Starting a Server in the STANDBY State in the Administration Console Online Help. For more information about server states, refer to The Server Lifecycle.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] STARTINSTANDBY [targetserver]

Argument	Definition
-url	Must specify the domain's Administration Server. The default is localhost:7001.
targetserver	Optional. The name of the WebLogic Server to start in the STANDBY state. If you do not specify a value, the command starts the server that you specified in the -url argument.

Argument

Definition

-url

Must specify the domain's Administration Server.

The default is localhost:7001.

targetserver

Optional. The name of the WebLogic Server to start in the STANDBY state. If you do not specify a value, the command starts the server that you specified in the -url argument.

Example

In the following example, a user with the adminuser username and password gumby1234 attempts to start a server named MyServer via the Administration Server:

java weblogic.Admin -url myAdminServer:7001 -username adminuser
-password gumby1234 STARTINSTANDBY MyServer

STOREUSERCONFIG

Creates a user-configuration file and an associated key file. The user-configuration file contains an encrypted username and password. The key file contains a secret key that is used to encrypt and decrypt the username and password.

When you use other weblogic.Admin or weblogic.Deployer commands, you can specify the user-configuration file and key file instead of entering an unencrypted username and password on the command line or including unencrypted credentials in scripts. See Summary of User Credentials Arguments.

Only the key file that originally encrypted the username and password can decyrpt the values. If you lose the key file, you must create a new user-configuration and key file pair.

Caution: You must ensure that only authorized users can access the key file. Any user who accesses a valid user-configuration and key file pair gains the privileges of the encrypted username. To secure access to the key file, you can store the key file in a directory that provides read and write access only to authorized users, such as WebLogic Server administrators. Alternatively, you can write the key file to a removable medium, such as a floppy or CD, and lock the medium in a drawer when it is not being used.

Unlike other weblogic.Admin commands, the STOREUSERCONFIG command does not connect to a WebLogic Server instance. The data encryption and file creation are accomplished by the JVM in which the STOREUSERCONFIG command runs. Because it does not connect to a WebLogic Server instance, the command cannot verify that the username and password are valid WebLogic Server credentials.

Syntax

java weblogic.Admin 
  -username username [-password password]
  [ -userconfigfile config-file ] [ -userkeyfile keyfile ]
  STOREUSERCONFIG

Argument	Definition
-userconfigfile config-file	Specifies a file pathname at which the STOREUSERCONFIG command creates a user-configuration file. The pathname can be absolute or relative to the directory from which you enter the command. If a file already exists at the specified pathname, the command overwrites the file with a new file that contains the newly encrypted username and password. If you do not specify this option, STOREUSERCONFIG does the following: To determine the directory in which to create the user-configuration file, it uses the JVM user-home directory. The default value varies depending on the SDK and type of operating system. See Configuring the Default Path Name. To determine the file name, it prepends your operating-system username to the string -WebLogicConfig.properties. For example, username-WebLogicConfig.properties. You can use Java options to specify a different username. See Configuring the Default Path Name.
-userkeyfile keyfile	Specifies a file pathname at which the STOREUSERCONFIG command creates a key file. The pathname can be absolute or relative to the directory from which you enter the command. If a file already exists at the specified pathname, STOREUSERCONFIG uses the existing key file to encrypt the new user-configuration file. If you do not specify this option, STOREUSERCONFIG does the following: To determine the directory in which to create the key file, it uses the JVM user-home directory. The default value varies depending on the SDK and type of operating system. See Configuring the Default Path Name. To determine the file name, it prepends your operating-system username to the string -WebLogicKey.properties. For example, username-WebLogicKey.properties. You can use Java options to specify a different username. See Configuring the Default Path Name.
-username username [-password password ]	Specifies the username and password to encrypt. The STOREUSERCONFIG command does not verify that the username and password are valid WebLogic Server user credentials. If you omit the -password password argument, STOREUSERCONFIG prompts you to enter a password.

Argument

Definition

-userconfigfile config-file

Specifies a file pathname at which the STOREUSERCONFIG command creates a user-configuration file. The pathname can be absolute or relative to the directory from which you enter the command.

If a file already exists at the specified pathname, the command overwrites the file with a new file that contains the newly encrypted username and password.

If you do not specify this option, STOREUSERCONFIG does the following:

To determine the directory in which to create the user-configuration file, it uses the JVM user-home directory. The default value varies depending on the SDK and type of operating system. See Configuring the Default Path Name.

To determine the file name, it prepends your operating-system username to the string -WebLogicConfig.properties. For example, username-WebLogicConfig.properties. You can use Java options to specify a different username. See Configuring the Default Path Name.

-userkeyfile keyfile

Specifies a file pathname at which the STOREUSERCONFIG command creates a key file. The pathname can be absolute or relative to the directory from which you enter the command.

If a file already exists at the specified pathname, STOREUSERCONFIG uses the existing key file to encrypt the new user-configuration file.

If you do not specify this option, STOREUSERCONFIG does the following:

To determine the directory in which to create the key file, it uses the JVM user-home directory. The default value varies depending on the SDK and type of operating system. See Configuring the Default Path Name.

To determine the file name, it prepends your operating-system username to the string -WebLogicKey.properties. For example, username-WebLogicKey.properties. You can use Java options to specify a different username. See Configuring the Default Path Name.

-username username [-password password ]

Specifies the username and password to encrypt. The STOREUSERCONFIG command does not verify that the username and password are valid WebLogic Server user credentials.

If you omit the -password password argument, STOREUSERCONFIG prompts you to enter a password.

Configuring the Default Path Name

If you do not specify the location in which to create and use a user-configuration file and key file, the weblogic.Admin and weblogic.Deployer utilities supply the following default values:

user-home-directory\username-WebLogicConfig.properties
user-home-directory\username-WebLogicKey.properties

Where user-home-directory is the home directory of the operating-system user account as determined by the JVM, and username is your operating-system username.

The value of the home directory varies depending on the SDK and type of operating system. For example, on UNIX, the home directory is usually "~username." On Windows, the home directory is usually "C:\Documents and Settings\username".

You can use the following Java options to specify values for user-home-directory and username:

-Duser.home=pathname specifies the value of user-home-directory
-Duser.name=usernanme specifies the value of username.

For example, the following command configures the user-home directory to be c:\myHome and the user name to be wlAdmin. The command will search for the following user-configuration file and user key file:
c:\myHome\wlAdmin-WebLogicConfig.properties
c:\myHome\wlAdmin-WebLogicKey.properties

java -Duser.home=c:\myHome -Duser.name=wlAdmin
weblogic.Admin COMMAND

Creating User-Configuration and Key Files

To create user-configuration and key files:

Use the -username username and -password password arguments to specify the username and password to be encrypted.
Specify the name and location of the user-configuration and key files by doing one of the following:
- Use the -userconfigfile config-file and -userkeyfile key-file arguments:
  java weblogic.Admin -username username -password password
  -userconfigfile config-file -userkeyfile key-file
  STOREUSERCONFIG
- Use the default behavior to create files named
  user-home-directory\username-WebLogicConfig.properties and
  user-home-directory\username-WebLogicKey.properties:
  java weblogic.Admin -username username -password password
  STOREUSERCONFIG
- Use the -Duser.home=directory and -Duser.name=username Java options to create files named
  directory\username-WebLogicConfig.properties and
  directory\username-WebLogicKey.properties:
  java -Duser.home=directory -Duser.name=username
  weblogic.Admin -username username -password password
  STOREUSERCONFIG

You can change the name and location of a user-configuration file or a key file after you create them, as long as you use the two files as a pair.

Using a Single Key File for Multiple User-Configuration Files

To use one key file to encrypt multiple user-configuration files:

Create an initial user-configuration file and key file pair.

For example, enter the following command:

java weblogic.Admin -username username -password password
-userconfigfile c:\AdminConfig -userkeyfile e:\myKeyFile
STOREUSERCONFIG
When you create an additional user-configuration file, specify the existing key file.

For example, enter the following command:

java weblogic.Admin -username username -password password
-userconfigfile c:\anotherConfigFile -userkeyfile e:\myKeyFile
STOREUSERCONFIG

Examples

In the following example, a user who is logged in to a UNIX operating system as joe encrypts the username wlAdmin and password wlPass:

java weblogic.Admin -username wlAdmin -password wlPass
STOREUSERCONFIG

The command determines whether a key file named ~joe/joe-WebLogicKey.properties exists. If such a file does not exist, it prompts the user to select y to confirm creating a key file. If the command succeeds, it creates two files:
~joe\joe-WebLogicConfig.properties
~joe\joe-WebLogicKey.properties

The file joe-WebLogicConfig.properties contains an encrypted version of the strings wlAdmin and wlPass. Any command that uses the ~joe\joe-WebLogicConfig.properties file must specify the ~joe\joe-WebLogicKey.properties key file.

In the following example, the user joe is a System Administrator who wants to create a user-configuration file for an operating-system account named pat. For the sake of convenience, joe wants to create the user-configuration file in pat's home directory, which will simplify the syntax of the weblogic.Admin commands that pat invokes. For added security, only one key file exists at joe's organization, and it is located on a removable hard drive.

To create a user configuration file in pat's home directory that is encrypted and decrypted by a key file name e:\myKeyFile:

java -Duser.name=pat -Duser.home="C:\Documents and Settings\pat" weblogic.Admin -username wlOperatorPat -password wlOperator1 -userkeyfile e:\myKeyFile
STOREUSERCONFIG

A user who logs in to pat's account can use the following syntax to invoke weblogic.Admin commands:
java weblogic.Admin -userkeyfile e:\myKeyFile COMMAND

For information on using user-configuration and key files, see Summary of User Credentials Arguments.

THREAD_DUMP

Prints a snapshot of the WebLogic Server threads that are currently running for a specific server instance. The server instance prints the snapshot to its standard out.

Note: The THREAD_DUMP command is supported only on Sun JVM and JRockit.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] THREAD_DUMP

Example

The following example causes a server instance that is running on a host named ManagedHost to print a thread dump to standard out:

java weblogic.Admin -url ManagedHost:8001 -username weblogic 
-password weblogic THREAD_DUMP

If the command succeeds, the command itself returns the following:

Thread Dump is available in the command window that is running the server.

The server instance prints a thread dump to its standard out, which, by default, is the shell (command prompt) within which the server instance is running.

UNLOCK

(Deprecated) Unlocks the specified WebLogic Server after a LOCK operation.

This command is deprecated because the LOCK command is deprecated. Instead of LOCK and UNLOCK, use STARTINSTANDY and RESUME. For more information, refer to RESUME.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] UNLOCK

Argument	Definition
username	Required. A valid administrative username must be supplied to use this command.
password	Required. A valid administrative password must be supplied to use this command.

Example

In the following example, an administrator named adminuser with a password of gumby1234 requests the unlocking of the WebLogic Server listening on port 7001 on machine localhost:

java weblogic.Admin -url localhost:7001 -username adminuser 
   -password gumby1234 UNLOCK

VERSION

Displays the version of the WebLogic Server software that is running on the machine specified by the value of URL.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] VERSION

Example

In the following example, a user requests the version of the WebLogic Server running on port 7001 on machine localhost:

java weblogic.Admin -url localhost:7001 -username installadministrator 
   -password installadministrator VERSION

Note: In this example, the default value of both the username and password arguments, installadministrator, is used.

WebLogic Server Connection Pools Administration Command Reference

Table B-2 presents an overview of WebLogic Server administration commands for connection pools. The following sections describe command syntax and arguments, and provide an example for each command.

For additional information about connection pools see Programming WebLogic JDBC and Managing JDBC Connectivity in the Administration Guide.

Table B-2 WebLogic Server Administration Commands Overview—Connection Pools

Task	Command	Description
Create a Dynamic Connection Pool	CREATE_POOL	Allows creation of connection pool while WebLogic Server is running. Note that dynamically created connection pools cannot be used with DataSources or TxDataSources.
Destroy a Connection Pool	DESTROY_POOL	Connections are closed and removed from the pool and the pool dies when it has no remaining connections.
Disable a Connection Pool	DISABLE_POOL	You can temporarily disable a connection pool, preventing any clients from obtaining a connection from the pool.
Enable a Connection Pool	ENABLE_POOL	When a pool is enabled after it has been disabled, the JDBC connection states for each in-use connection are exactly as they were when the connection pool was disabled; clients can continue JDBC operations exactly where they left off.
Determine if a Connection Pool Exists	EXISTS_POOL	Tests whether a connection pool with a specified name exists in the WebLogic Server. You can use this command to determine whether a dynamic connection pool has already been created or to ensure that you select a unique name for a dynamic connection pool you want to create.
Resets a Connection Pool	RESET_POOL	Closes and reopens all allocated connections in a connection pool. This may be necessary after the DBMS has been restarted, for example. Often when one connection in a connection pool has failed, all of the connections in the pool are bad.

CREATE_POOL

Allows creation of connection pool while WebLogic Server is running. For more information, see Creating a Connection Pool Dynamically in Programming WebLogic JDBC.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] CREATE_POOL poolName  aclName=aclX,
   props=myProps,initialCapacity=1,maxCapacity=1,
   capacityIncrement=1,allowShrinking=true,shrinkPeriodMins=15,
   driver=myDriver,url=myURL

Argument	Definition
poolName	Required. Unique name of pool.
aclName	Required. Identifies the different access lists within fileRealm.properties in the server config directory. Paired name must be dynaPool.
props	Database connection properties; typically in the format "database login name; database password; server network id".
initialCapacity	Initial number of connections in a pool. If this property is defined and a positive number > 0, WebLogic Server creates these connections at boot time. Default is 1; cannot exceed maxCapacity.
maxCapacity	Maximum number of connections allowed in the pool. Default is 1; if defined, maxCapacity should be =>1.
capacityIncrement	Number of connections that can be added at one time. Default = 1.
allowShrinking	Indicates whether or not the pool can shrink when connections are detected to not be in use. Default = true.
shrinkPeriodMins	Required. Interval between shrinking. Units in minutes. Minimum = 1.If allowShrinking = True, then default = 15 minutes.
driver	Required. Name of JDBC driver. Only local (non-XA) drivers can participate.
url	Required. URL of the JDBC driver.
testConnsOnReserve	Indicates reserved test connections. Default = False.
testConnsOnRelease	Indicates test connections when they are released. Default = False.
testTableName	Database table used when testing connections; must be present for tests to succeed. Required if either testConnOnReserve or testConOnRelease are defined.
refreshPeriod	Sets the connection refresh interval. Every unused connection will be tested using TestTableName. Connections that do not pass the test will be closed and reopened in an attempt to reestablish a valid physical database connection. If TestTableName is not set then the test will not be performed.
loginDelaySecs	The number of seconds to delay before creating each physical database connection. This delay takes place both during initial pool creation and during the lifetime of the pool whenever a physical database connection is created. Some database servers cannot handle multiple requests for connections in rapid succession. This property allows you to build in a small delay to let the database server catch up. This delay takes place both during initial pool creation and during the lifetime of the pool whenever a physical database connection is created.

Example

In the following example, a user with the name weblogic and the password weblogic runs the CREATE_POOL command to create a dynamic connection pool:

java weblogic.Admin -url localhost:7001 -username weblogic
   -password weblogic CREATE_POOL MyPool

java weblogic.Admin -url t3://forest:7901 -username weblogic
   -password weblogic CREATE_POOL dynapool6 "aclName=someAcl,
   allowShrinking=true,shrinkPeriodMins=10,
   url=jdbc:weblogic:oracle,driver=weblogic.jdbc.oci.Driver,
    initialCapacity=2,maxCapacity=8,
    props=user=SCOTT;password=tiger;server=bay816"

DESTROY_POOL

Connections are closed and removed from the pool and the pool dies when it has no remaining connections.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] DESTROY_POOL poolName [true|false]

Argument	Definition
poolName	Required. Unique name of pool.
false (soft shutdown)	Soft shutdown waits for connections to be returned to the pool before closing them.
true (default—hard shutdown)	Hard shutdown kills all connections immediately. Clients using connections from the pool get exceptions if they attempt to use a connection after a hard shutdown.

Argument

Definition

poolName

Required. Unique name of pool.

false

(soft shutdown)

Soft shutdown waits for connections to be returned to the pool before closing them.

true

(default—hard shutdown)

Hard shutdown kills all connections immediately. Clients using connections from the pool get exceptions if they attempt to use a connection after a hard shutdown.

Example

In the following example, a user with the name adminuser and the password gumby1234 runs the DESTROY_POOL command temporarily freeze the active pool connections:

java weblogic.Admin -url localhost:7001 -username adminuser
   -password gumby1234 DESTROY_POOL MyPool false

DISABLE_POOL

You can temporarily disable a connection pool, preventing any clients from obtaining a connection from the pool.

You have to options for disabling a pool. 1) Freezing the connections in a pool that you later plan to enable, and 2) destroy the connections.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] DISABLE_POOL poolName [true|false]

Argument	Definition
poolName	Name of the connection pool
false (disables and suspends)	Disables the connection pool, and suspends clients that currently have a connection. Attempts to communicate with the database server throw an exception. Clients can, however, close their connections while the connection pool is disabled; the connections are then returned to the pool and cannot be reserved by another client until the pool is enabled.
true (default—disables and destroys)	Disables the connection pool, and destroys the client's JDBC connection to the pool. Any transaction on the connection is rolled back and the connection is returned to the connection pool.

Argument

Definition

poolName

Name of the connection pool

false

(disables and suspends)

Disables the connection pool, and suspends clients that currently have a connection. Attempts to communicate with the database server throw an exception. Clients can, however, close their connections while the connection pool is disabled; the connections are then returned to the pool and cannot be reserved by another client until the pool is enabled.

true

(default—disables and destroys)

Disables the connection pool, and destroys the client's JDBC connection to the pool. Any transaction on the connection is rolled back and the connection is returned to the connection pool.

Example

In the following example, a user with the name adminuser and the password gumby1234 runs the DISABLE_POOL command to freeze a connection that is to be enabled later:

java weblogic.Admin -url localhost:7001 -username adminuser
   -password gumby1234 DISABLE_POOL MyPool false

ENABLE_POOL

When a pool is enabled, the JDBC connection states for each in-use connection are exactly as they were when the connection pool was disabled; clients can continue JDBC operations exactly where they left off.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] ENABLE_POOL poolName

Argument	Definition
poolName	Name of the connection pool.

Example

In the following example, a user with the name adminuser and the password gumby1234 runs the ENABLE_POOL command to reestablish connections that have been disabled (frozen):

java weblogic.Admin -url localhost:7001 -username adminuser
   -password gumby1234 ENABLE_POOL MyPool

EXISTS_POOL

Tests whether a connection pool with a specified name exists in the WebLogic Server. You can use this method to determine whether a dynamic connection pool has already been created or to ensure that you select a unique name for a dynamic connection pool you want to create.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] EXISTS_POOL poolName

Argument	Definition
poolName	Name of connection pool.

Example

In the following example, a user with the name adminuser and the password gumby1234 runs the EXISTS_POOL command to determine wether or not a pool with a specific name exists:

java weblogic.Admin -url localhost:7001 -username adminuser
   -password gumby1234 EXISTS_POOL MyPool

RESET_POOL

This command resets the connections in a registered connection pool.

This is a privileged command. You must supply the username and password for the WebLogic Server administrative user to use this command. You must know the name of the connection pool, which is an entry in the config.xml file.

Syntax

 java weblogic.Admin [Connection and User Credentials Arguments] RESET_POOL poolName

Argument	Definition
URL	The URL of the WebLogic Server host and port number of the TCP port at which WebLogic is listening for client requests; use "t3://host:port."
username	Required. A valid administrative username must be supplied to use this command.
password	Required. A valid administrative password must be supplied to use this command.
poolName	Name of a connection pool as it is registered in the WebLogic Server's config.xml file.

Example

This command refreshes the connection pool registered as "demoPool" for the WebLogic Server instance listening on port 7001 of the host xyz.com.

 java weblogic.Admin -url t3://xyz.com:7001 -username system
   -password gumby RESET_POOL demoPool

MBean Management Command Reference

Table B-3 presents an overview of the MBean management commands. The following sections describe command syntax and arguments, and provide an example for each command.

Table B-3 MBean Management Command Overview

Task	Command(s)	Description
Create Administration MBeans	CREATE	Creates an Administration MBean. Returns OK to stdout when successful. This command cannot be used for Runtime MBeans and we recommend that you do not use it to create Local Configuration MBeans.
Delete MBeans	DELETE	Deletes an MBean. Returns OK in stdout when successful.
View MBean properties (attributes)	GET	Displays properties of MBeans.
Invoke MBean operations	INVOKE	Invokes management operations that an MBean exposes for its underlying resource.
Set property values for Administration MBeans or Local Configuration MBeans	SET	Sets the specified property values for the named MBean. Returns OK on stdout when successful. This command cannot be used for Runtime MBeans.

Specifying MBean Types

All of the MBean management commands can accept a -type argument, which causes the command to operate on all MBeans that are an instance of a type that you specify. An MBean's type refers to the interface class of which the MBean is an instance. All WebLogic Server MBeans are an instance of one of the interface classes defined in the weblogic.management.configuration or weblogic.management.runtime packages. For configuration MBeans, type also refers to whether an instance is an Administration MBean or a Local Configuration MBean. For a complete list of all WebLogic Server MBean interface classes, refer to the WebLogic Server Javadoc for the weblogic.management.configuration or weblogic.management.runtime packages.

To determine the value that you provide for the -type argument, do the following:

Find the MBean's interface class and remove the MBean suffix from the class name. For an MBean that is an instance of the weblogic.management.runtime.JDBCConnectionPoolRuntimeMBean, use JDBCConnectionPoolRuntime.
For a Local Configuration MBean, append Config to the name. For example, for a Local Configuration MBean that is an instance of the weblogic.management.configuration.JDBCConnectionPoolMBean interface class, use JDBCConnectionPoolConfig. For the corresponding Administration MBean instance, use JDBCConnectionPool.

Specifying Servers

All of the MBean management commands include a -url argument that you use to specify the WebLogic Server instance that hosts the MBean.

To work with Administration MBeans, you must use the -url argument to specify the Administration Server. To work with Local Configuration MBeans or Runtime MBeans, you must use the -url argument to specify the WebLogic Server instance that hosts the MBeans.

If all of the following conditions are true, you can use weblogic.Admin to access any MBean in the entire domain:

Your Administration Server listens on port 7001
You issue the weblogic.Admin command from the Administration Server
You omit the -url argument

For example, if all of the above conditions are true, then you can determine the state of all servers in the domain by issuing the following command:

java weblogic.Admin -username weblogic -password weblogic GET -type ServerRuntime -property State

CREATE

Creates an instance of a WebLogic Server Administration MBean. Returns OK to stdout when successful. This command cannot be used for Runtime MBeans and we recommend that you do not use it to create Local Configuration MBeans.

When you use this command to create an Administration MBean instance, WebLogic Server populates the MBean with default values and saves the MBean's configuration in the domain's config.xml file. WebLogic Server does not create the corresponding Local Configuration MBean replica until you restart the server instance that hosts the underlying managed resource. For example, if you create a JDBCConnectionPool Administration MBean to manage a JDBC connection pool on a Managed Server named MyServer, you must restart MyServer so that it can create its local replica of the JDBCConnectionPool Administration MBean that you created. For more information on MBean replication and the lifecycle of MBeans, refer to "MBeans for Configuring Managed Resources" in the Programming WebLogic Management Services with JMX guide.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] CREATE -name name -type mbean_type 
   [-domain domain_name]

java weblogic.Admin [-url URL] -username username 
   [-password password] CREATE -mbean mbean_name

Argument	Definition
URL	The WebLogic Server instance that is the target of the command. For more information, refer to Specifying Servers.
name	The name you choose for the MBean that you are creating.
mbean_type	The type of MBean that you are creating. For more information, refer to Specifying MBean Types.
mbean_name	Fully qualified object name of an MBean in the WebLogicObjectName format. For example: "domain:Type=type,Name=name" For more information, refer to the Javadoc for WebLogicObjectName.
domain_name	Name of the domain in which you want to create the MBean instance. If domain_name is not specified, the command assumes the domain to which the target server belongs.

Example

The following example uses the -name and -type arguments to create a JDBCConnectionPool Administration MBean named MyPool on an Administration Server:

java weblogic.Admin -url AdminHost:7001 -username weblogic 
   -password weblogic CREATE -name MyPool -type JDBCConnectionPool

If the command succeeds, it prints the following to standard out:

The following example uses the -mbean argument and WebLogicObjectName conventions to create a JDBCConnectionPool Administration MBean named MyPool on an Administration Server:

java weblogic.Admin -url AdminHost:7001 -username weblogic
   -password weblogic 
    CREATE -mbean "MyDomain:Type=JDBCConnectionPool,Name=MyPool"

DELETE

Deletes an MBean. If you delete an Administration MBean, WebLogic Server removes the corresponding entry from the domain's config.xml file. Returns OK in stdout when successful.

Note: When you delete an Administration MBean, a WebLogic Server instance does not delete the corresponding Configuration MBean until you restart the server instance.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments]
 {-type mbean_type|-mbean mbean_name}

Arguments

Definition

URL

The WebLogic Server instance that is the target of the command. For more information, refer to Specifying Servers.

mbean_type

Deletes all MBeans of the specified type. For more information, refer to Specifying MBean Types.

mbean_name

Fully qualified object name of an MBean in the WebLogicObjectName format. For example:
"domain:Type=type,Name=name"

For more information, refer to the Javadoc for WebLogicObjectName.

Example

The following example deletes the JDBCConnectionPool Administration MBean named MyPool:

java weblogic.Admin -url AdminHost:7001 -username weblogic 
 -password weblogic DELETE -mbean
 MyDomain:Name=MyPool,Type=JDBCConnectionPool

If the command succeeds, it prints the following to standard out:

The following example deletes the JDBCConnectionPool Local Configuration MBean named MyPool on a server instance named MyServer:

java weblogic.Admin -url ManagedHost:8001 -username weblogic
-password weblogic DELETE -mbean
MyDomain:Location=MyServer,Name=MyPool,
Type=JDBCConnectionPoolConfig

The following example deletes all JDBCConnectionPool Local Configuration MBeans for all server instances in the domain:

java weblogic.Admin -adminurl AdminHost:7001 -username weblogic 
   -password weblogic DELETE -type JDBCConnectionPoolConfig

The following example deletes all JDBCConnectionPool Local Configuration MBeans for a Managed Server that runs on a computer named ManagedHost:

java weblogic.Admin -url ManagedHost:8001 -username weblogic 
 -password weblogic DELETE -type JDBCConnectionPoolConfig

GET

Displays MBean properties (attributes) and JMX object names (in the WebLogicObjectName format).

The output of the command is as follows:

{MBeanName object-name {property1 value} {property2 value}. . .} {MBeanName object-name {property1 value} {property2 value} . . .}
. . .

Note that the properties and values are expressed as name-value pairs, each of which is returned within curly brackets. This format facilitates parsing of the output by a script.

If -pretty is specified, each property-value pair is displayed on a new line and curly brackets are not used to separate the pairs:

MBeanName: object-name
property1: value
property2: value
.
.
.
MBeanName: object-name
property1: value
abbribute2: value

Syntax

java weblogic.Admin [Connection and User Credentials Arguments]
 GET [-pretty] {-type mbean_type|-mbean mbean_name} 
   [-property property1] [-property property2]...

Argument	Definition
URL	The WebLogic Server instance that is the target of the command. For more information, refer to Specifying Servers.
mbean_type	Returns information for all MBeans of the specified type. For more information, refer to Specifying MBean Types.
mbean_name	Fully qualified object name of an MBean in the WebLogicObjectName format: "domain:Type=type,Location:location,Name=name" For more information, refer to the Javadoc for WebLogicObjectName.
pretty	Places property-value pairs on separate lines.
property	The name of the MBean property (attribute) or properties to be listed. Note: If property is not specified using this argument, all properties are displayed.

Example

The following example displays all properties of the JDBCConnectionPool Administration MBean for a connection pool named MyPool. Note that the command must connect to the Administration Server to retrieve information from an Administration MBean:

java weblogic.Admin -url AdminHost:7001 -username weblogic 
 -password weblogic GET -pretty -mbean
 MyDomain:Name=MyPool,Type=JDBCConnectionPool

If the command succeeds, it returns output similar to the following truncated example:

---------------------------
MBeanName: "MyDomain:Name=MyPool,Type=JDBCConnectionPool"
        ACLName:
        CachingDisabled: true
        CapacityIncrement: 1
        ConnLeakProfilingEnabled: false
        ConnectionCreationRetryFrequencySeconds: 0
        ConnectionReserveTimeoutSeconds: 10
...

The following example displays all instances of all JDBCConnectionPoolRuntime MBeans for all servers in the domain.

java weblogic.Admin -adminurl AdminHost:7001 -username weblogic
-password weblogic GET -pretty -type JDBCConnectionPoolRuntime

The following example displays all instances of all JDBCConnectionPoolRuntime MBeans that have been deployed on the server instance that listens on ManagedHost:8001:

java weblogic.Admin -url ManagedHost:8001 -username weblogic
-password weblogic GET -pretty -type JDBCConnectionPoolRuntime

INVOKE

Invokes a management operation for one or more MBeans. For WebLogic Server MBeans, you usually use this command to invoke operations other than the getAttribute and setAttribute that most WebLogic Server MBeans provide.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments] INVOKE {-type mbean_type|-mbean mbean_name} -method 
   methodname [argument . . .]

Arguments	Definition
URL	The WebLogic Server instance that is the target of the command. For more information, refer to Specifying Servers.
mbean_type	Invokes the operation on all MBeans of a specific type. For more information, refer to Specifying MBean Types.
mbean_name	Fully qualified object name of an MBean, in the WebLogicObjectName format: "domain:Type=type,Location=location,Name=name" For more information refer to the Javadoc for WebLogicObjectName.
methodname	Name of the method to be invoked.
argument	Arguments to be passed to the method call. When the argument is a String array, the arguments must be passed in the following format: "String1;String2;. . . "

Example

The following example enables a JDBC connection pool by invoking the enable method of the JDBCConnectionPoolRuntime MBean:

java weblogic.Admin -url AdminHost:7001 -username weblogic 
 -password weblogic INVOKE
 -mbean MyDomain:Location=MyServer,Name=MyPool,
  ServerRuntime=MyServer,Type=JDBCConnectionPoolRuntime 
 -method enable

If the command succeeds, it returns the following:

{MBeanName="MyDomain:Location=MyServer,Name=MyPool,ServerRuntime=
MyServer,Type=JDBCConnectionPoolRuntime"}

Ok

The following example enables all JDBC connection pools in the domain by invoking the enable method of all the JDBCConnectionPoolRuntime MBeans:

java weblogic.Admin -adminurl AdminHost:7001 -username weblogic 
 -password weblogic INVOKE
 -type JDBCConnectionPoolRuntime -method enable

SET

Sets the specified property (attribute) values for a configuration MBean. Returns OK on stdout when successful. This command cannot be used for runtime MBeans.

If you use this command for an Administration MBean, the new values are saved to the config.xml file or the security realm, depending on where the new values have been defined.

Syntax

java weblogic.Admin [Connection and User Credentials Arguments]
 SET {-type mbean_type|-mbean mbean_name}
   -property property1 property1_value 
   [-property property2 property2_value] . . .

Argument	Definition
URL	The WebLogic Server instance that is the target of the command. For more information, refer to Specifying Servers.
mbean_type	Sets the properties for all MBeans of a specific type. For more information, refer to Specifying MBean Types.
mbean_name	Fully qualified object name of an MBean in the WebLogicObjectName format. For example: "domain:Type=type,Name=name" For more information, refer to the Javadoc for WebLogicObjectName.
property	The name of the property to be set.
property _value	The value to be set. Some properties require you to specify the name of a WebLogic Server MBean. In this case, specify the fully qualified object name of an MBean in the WebLogicObjectName format. For example: "domain:Type=type,Name=name" For more information, refer to the Javadoc for WebLogicObjectName. When the property value is an MBean array, separate each MBean object name by a semicolon and surround the entire property value list with quotes: "domain:Name=name,Type=type;domain:Name=name,Type=type" When the property value is a String array, separate each string by a semicolon and surround the entire property value list with quotes: "String1;String2;. . . " When the property value is a String or String array, you can set the value to null by using either of the following: -property property-name "" -property property-name For example, both -property ListenAddress "" and -property ListenAddress set the listen address to null. If the property value contains spaces, surround the value with quotes: "-Da=1 -Db=3" For example: SET -type ServerStart -property Arguments "-Da=1 -Db=3" When setting the properties for a JDBC Connection Pool, you must pass the arguments in the following format: "user:username;password:password;server:servername"

Example

The following example sets to 64 the StdoutSeverityLevel property of the local configuration instance of the ServerMBean for a server named MyServer:

java weblogic.Admin -url http://ManagedHost:8001
-username weblogic -password weblogic
SET -mbean
MyDomain:Location=MyServer,Name=MyServer,Type=ServerConfig
-property StdoutSeverityLevel 64

If the command succeeds, the server instance writes a log message similar to the following:

The command prints Ok to standard out.

The following example sets to 64 the StdoutSeverityLevel property for all administration instances of ServerMBean in the current domain:

java weblogic.Admin -url http://AdminHost:7001
-username weblogic -password weblogic
SET -type Server -property StdoutSeverityLevel 64

Example: Targeting a JDBC Connection Pool

The following example targets a JDBC connection pool named MyPool to a server named MS1:

To determine the object name of the MS1 WebLogic Server instance, enter the following command:

java weblogic.Admin -url http://AdminHost:7001
-username weblogic -password weblogic
GET -type Server

Because the -url argument specifies the Administration Server, the command returns a Server Administration MBean for all server instances in the domain. The output includes the object name for ServerMBean that represents MS1:

MBeanName: "examples:Name=MS1,Type=Server"
AcceptBacklog: 50
AdministrationPort: 0
AutoKillIfFailed: false
.
.
.
To determine the object name of the JDBC Connection Pool that you want to target, enter the following command:

java weblogic.Admin -url http://AdminHost:7001
-username weblogic -password weblogic
GET -type JDBCConnectionPool

The command returns a JDBCConnectionPool Administration MBean for all JDBC Connection Pools in the domain. The output includes the object name of the MyPool connection pool:

MBeanName: "examples:Name=MyPool,Type=JDBCConnectionPool"
ACLName:
CachingDisabled: true
CapacityIncrement: 1

.
.
.
To target MyPool to MS1, enter the following command:

java weblogic.Admin -url http://AdminHost:7001
-username weblogic -password weblogic
SET -mbean "examples:Name=MyPool,Type=JDBCConnectionPool"
-property Targets "examples:Name=MS1,Type=Server"

Because you must modify an Administration MBean (JDBCConnectionPoolMBean) to complete this task, the -url option must specify the domain's Administration Server. See "MBeans for Configuring Managed Resources" in Programming WebLogic Management Services with JMX.

Using weblogic.Admin Commands to Manage Users and Groups

In the WebLogic Security Service, an Authentication provider is the software component that proves the identity of users or system processes. An Authentication provider also remembers, transports, and makes that identity information available to various components of a system when needed. A security realm can use different types of Authentication providers to manage different sets of users and groups. See "Authentication Providers" in Developing Security Providers for WebLogic Server.

You can use the weblogic.Admin utility to invoke operations on the following types of Authentication providers:

The WebLogic Authentication provider, weblogic.management.security.authentication.AuthenticatorMBean.

By default, all security realms use this Authentication provider to manage users and groups.
The LDAP Authentication providers that extend weblogic.management.security.authentication.LDAPAuthenticatorMBean.
Custom Authentication providers that extend weblogic.security.spi.AuthenticationProvider and extend the optional
Authentication SSPI MBeans. See "SSPI MBean Quick Reference" in Developing Security Providers for WebLogic Server.

The following sections describe basic tasks for managing users and groups with the weblogic.Admin utility:

For information about additional tasks that the AuthenticationProvider and the optional MBeans support, refer to the Javadoc for the weblogic.management.security.authentication package.

Finding the Object Name for an AuthenticationProvider MBean

To invoke operations on an Authentication provider, you must specify the object name of the provider's AuthenticationProviderMBean.

The object name of the WebLogic Authentication provider is:
Security:Name=realmNameDefaultAuthenticator

where realmName is the name of a security realm. For example, Security:Name=myrealmDefaultAuthenticator.

The object name of the LDAP authentication providers is:
Security:Name=realmNameLDAPAuthenticator

BEA recommends that you follow a similar convention when you create your own Authentication providers:

Security:Name=realmNameAuthenticatorName

If you use the Administration Console to add an Authentication provider to the realm, your AuthenticationProviderMBean name will follow the recommended naming convention.

Creating a User

To create a user, invoke the UserEditorMBean.createUser method, which is extended by the security realm's AuthenticationProvider MBean. See the Javadoc for the createUser method.

The method requires three input parameters:

username password user-description

Separate the parameters with a space. If any parameter contains a space, surround it with quotes.

The following example invokes createUser on the WebLogic Authentication provider:

java weblogic.Admin -adminurl localhost:8001 -username weblogic -password weblogic invoke -mbean Security:Name=myrealmDefaultAuthenticator
-method createUser my-user1 mypassword "my user"

If the command succeeds, it prints OK to standard out.

Adding a User to a Group

To add a user to a group, invoke the GroupEditorMBean.addMemberToGroup method, which is extended by the security realm's AuthenticationProvider MBean. See the Javadoc for the addMemberToGroup method.

The method requires two input parameters:

groupname username

The following example invokes addMemberToGroup on the WebLogic Authentication provider:

java weblogic.Admin -adminurl localhost:8001 -username weblogic -password weblogic invoke -mbean Security:Name=myrealmDefaultAuthenticator
-method addMemberToGroup Administrators my-user1

If the command succeeds, it prints OK to standard out.

Verifying Whether a User is a Member of a Group

To verify whether a user is a member of a group, invoke the GroupEditorMBean.isMember method, which is extended by the security realm's AuthenticationProvider MBean. See the Javadoc for the isMember method.

The method requires three input parameters:

groupname username boolean

where boolean specifies whether the command searches within child groups. If you specify true, the command returns true if the member belongs to the group that you specify or to any of the groups contained within that group.

The following example invokes isMember on the WebLogic Authentication provider:

java weblogic.Admin -adminurl localhost:8001 -username weblogic -password weblogic invoke -mbean Security:Name=myrealmDefaultAuthenticator
-method isMember Administrators weblogic true

If the user is a member of the group, the command prints true to standard out.

Listing Groups to Which a User Belongs

To see a list of groups that contain a user or a group, invoke the MemberGroupListerMBean.listMemberGroups method, which is extended by the security realm's AuthenticationProvider MBean. See the Javadoc for the listMemberGroups method.

The method requires one input parameter:

memberUserOrGroupName

where memberUserOrGroupName specifies the name of an existing user or a group.

The following example invokes listMemberGroups on the WebLogic Authentication Provider:

java weblogic.Admin -adminurl localhost:8001 -username weblogic -password weblogic invoke -mbean Security:Name=myrealmDefaultAuthenticator
-method listMemberGroups my-user1

The method returns a cursor, which refers to a list of names. The weblogic.management.utils.NameLister.haveCurrent, getCurrentName, and advance methods iterate through the returned list and retrieve the name to which the current cursor position refers. See the Javadoc for the weblogic.management.utils.NameLister interface.

Limiting Group Membership Searching in an LDAP Server

Unlimited, recursive searches for group membership can take up considerable time and produce a performance bottleneck. To control the depth of group membership searches, you can set the value of GroupMembershipSearching on the WebLogic Authentication provider, LDAP Authentication providers, or any other Authentication provider that implements the AuthenticationProvider interface.

To limit group searches, set the value of GroupMembershipSearching on the WebLogic Authentication provider or LDAP Authentication providers to limited. The GroupMembershipSearching attribute has the following valid values:

unlimited limited

where limited specifies whether the command searches within one or more levels of a nested group hierarchy. If you specify a limited search, the MaxGroupMembershipSearchLevel attribute must be specified. The default is an unlimited search.

The MaxGroupMembershipSearchLevel attribute specifies how many levels of group membership to search. Valid values are 0 and positive integers, where 0 specifies that the command searches only within direct group memberships. A positive integer specifies the number of levels to search.

For example, when searching for membership in Group A, 0 indicates that only direct members of Group A will be found. If Group B is a member of Group A, the members of Group B will not be found by this search. If the attribute is set to 1, a search for membership in Group A will return direct members of Group A and any members of groups which are direct members of Group A. If Group B is a member of Group A, the members of Group B will also be found by this search. However, if Group C is a member of Group B, the members of Group C will not be found by this search.

See the Javadoc for GroupMembershipSearching and MaxGroupMembershipSearchLevel.

The following example gets the GroupMembershipSearching property on the WebLogic Authentication provider:

java weblogic.Admin -username xxxx -password yyyy -url t3://localhost:7001 get -mbean Security:Name=myrealmDefaultAuthenticator -pretty -property GroupMembershipSearching -commotype