Examples: Displaying, Creating, Adding, Removing Proxy User Objects
Following are examples of displaying, creating, adding, and removing proxy user objects:
To display existing proxy user objects, while logged into the primary Screen:
admin% ssadm -r primary edit Initial edit> proxyuser print jdh "jdh" ENABLED SIMPLE AUTH_USER_NAME="jeff.hogg" BACKEND_USER_NAME="jeffh" DESCRIPTION="Jeff Hogg as self on Solaris" edit> proxyuser print proxyusers "proxyusers" ENABLED GROUP MEMBER_NAME="radius" MEMBER_NAME="jdh" DESCRIPTION="users allowed through FTP and telnet proxies" |
To create the above SIMPLE proxy user object, while logged into the primary Screen:
admin% ssadm -r primary edit Initial edit> proxyuser add jdh auth_user_name=jeff.hogg backend_user_name=jeffh description="Jeff Hogg as self on Solaris" edit> quit |
To create the above GROUP proxy user object, while logged into the primary Screen. First create the initial group with no members:
admin% ssadm -r primary edit Initial edit> proxyuser add proxyusers group description="users allowed through FTP and telnet proxies" |
The above empty group creation demonstrates a case where the GROUP type cannot be deduced from the other tags, since description= is a tag common to all proxy user object types.
To add the members of the example GROUP:
edit> proxyuser addmember proxyusers radius edit> proxyuser addmember proxyusers jdh |
Member names are stored in the order in which you add them to GROUP objects. The order is unimportant to authentication processing. This example also uses a SPECIAL object radius that is defined during initial installation.
In each of the above add operations, the items have been allowed to default to enabled.
Following are examples of displaying and removing proxy user objects.
To remove a member reference from a GROUP proxy user object, while logged into the primary Screen:
admin% ssadm -r primary edit Initial edit> proxyuser deletemember proxyusers radius edit> proxyuser print proxyusers "proxyusers" ENABLED GROUP MEMBER_NAME="jdh" DESCRIPTION="users allowed through FTP and telnet proxies" |
To display all proxy user objects, while logged into the primary Screen:
admin% ssadm -r primary edit Initial edit> proxyuser print "admin" ENABLED SIMPLE AUTH_USER_NAME="admin" DESCRIPTION="initial SunScreen administrator" "admin-group" ENABLED GROUP MEMBER_NAME="admin" DESCRIPTION="SunScreen administrators" "anonymous" ENABLED SIMPLE BACKEND_USER_NAME="anonymous" DESCRIPTION="unauthenticated user, for anonymous FTP, etc." "ftp" ENABLED SIMPLE BACKEND_USER_NAME="anonymous" DESCRIPTION="unauthenticated user, for anonymous FTP, etc." "jdh" ENABLED SIMPLE AUTH_USER_NAME="jeff.hogg" BACKEND_USER_NAME="jeffh" DESCRIPTION="Jeff Hogg as self on Solaris" "proxyusers" ENABLED GROUP MEMBER_NAME="radius" MEMBER_NAME="jdh" DESCRIPTION="users allowed through FTP and telnet proxies" "radius" ENABLED SIMPLE RADIUS DESCRIPTION="default, external, non-specific RADIUS proxy_user" "securid" ENABLED SIMPLE SECURID DESCRIPTION="default, external, non-specific SecurID proxy_user" |
To display the names of all proxy user objects, while logged into the primary Screen:
admin% ssadm -r primary edit Initial edit> proxyuser names,raw "admin" "admin-group" "anonymous" "ftp" "radius" "securid" "jdh" "proxyusers" |
- © 2010, Oracle Corporation and/or its affiliates