Chapter 16 Portal Server Secure Remote Access Subcommands

This chapter describes the following commands:

• psadmin create-sra-instance

• psadmin list-sra-instances

• psadmin delete-sra-instance

• psadmin start-sra-instance

• psadmin stop-sra-instance

• psadmin change-loguser-password

• psadmin sra-watchdog

• psadmin get-attribute

• psadmin list-attributes

• psadmin set-attribute

• psadmin switch-sra-status

• psadmin provision-sra

psadmin create-sra-instance

Description

Creates a Gateway, Netlet Proxy or Rewriter Proxy instance.

Syntax

Long Format

create-sra-instance --adminuser uid --passwordfile password-filename --type instance-type --hostname [instance-hostname] --sraconfig sra-config-filename

Short Format

create-sra-instance -u uid -f password-filename -t instance-type [-h instance-hostname] -S sra-config-filename

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or user ID.

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--type | -t] instance-type

Specifies the type of the SRA instance. Enter: gateway, nlproxy, or rwproxy.

[--sraconfig | -S] sra-config-filename

Specifies the file name of the configuration file.

The following options are not required:

[--hostname | -h] instance-hostname

Specifies the host name where the instance is located.

psadmin list-sra-instances

Description

Lists all instances of Gateway, Netlet Proxy, and Rewriter Proxy.

Syntax

Long Format

psadmin list-sra-instances --adminuser uid --passwordfile password-filename --type instance-type [--hostname instance-hostname]

Short Format

psadmin list-sra-instances -u uid -f password-filename -t instance-type [-h instance-hostname]

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or user ID.

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--type | -t] instance-type

Specifies the type of Secure Remote Access instance. Enter: gateway, nlproxy, or rwproxy.

The following option is not required:

[--hostname | -h] instance-hostname

Specifies the host name where the instance is located.

psadmin delete-sra-instance

Description

Removes a Gateway, Netlet Proxy, or Rewriter Proxy instance.

Syntax

Long Format

psadmin delete-sra-instance --adminuser uid --passwordfile password-filename --name sra-instance-name --type instance-type --hostname instance-hostname

Short Format

psadmin delete-sra-instance -u uid -f password-filename -N sra-instance-name -t instance-type -h instance-hostname

Options

The following options are required:

[--adminuser | -u]uid

Specifies the administrator's distinguished name (dn) or user ID.

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--type | -t]instance-type

Specifies the type of the Secure Remote Access instance. Enter: gateway, nlproxy, or rwproxy.

[--name | -N]sra-instance-name

Lists the instance names for Gateway, Netlet Proxy and Rewriter Proxy.

The following options are not required:

[--hostname | -h] instance-hostname

Specifies the hostname where the instance is located.

psadmin start-sra-instance

Description

Starts a Gateway, Netlet Proxy, or Rewriter Proxy instance.

Syntax

Long Format

psadmin start-sra-instance --adminuser uid --passwordfile password-filename --name sra-instance-name --type instance-type --hostname instance-hostname

Short Format

psadmin start-sra-instance -u uid -f password-filename -N sra-instance-name -t instance-type -h instance-hostname

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or user ID.

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--type | -t]instance-type

Specifies the type of the SRA instance. Enter: gateway, nlproxy, or rwproxy.

[--name | -N]sra-instance-name

Lists the instance names for Gateway, Netlet Proxy and Rewriter Proxy.

The following options are not required:

[--hostname | -h]instance-hostname

Specifies the hostname where the instance is located.

psadmin stop-sra-instance

Description

Stops a Gateway, Netlet Proxy, or Rewriter Proxy instance.

Syntax

Long Format

stop-sra-instance --adminuser uid --passwordfile password-filename --name sra-instance-name --type instance-type --hostname instance-hostname

Short Format

stop-sra-instance -u uid -f password-filename -N sra-instance-name -t instance-type -h instance-hostname

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or user ID.

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--type | -t] instance-type

Specifies the type of Secure Remote Access instance. Enter: gateway, nlproxy, or rwproxy.

[--name | -N] sra-instance-name

Lists the instance names for Gateway, Netlet Proxy and Rewriter Proxy.

The following options are not required:

[--hostname | -h] instance-hostname

Specifies the hostname where the instance is located.

psadmin change-loguser-password

Description

Changes the Gateway logging user password.

Syntax

Long Format

psadmin change-loguser-password --adminuser uid --passwordfile password-filename --newpasswordfile new-password-filename --name sra-instance-name [--hostname instance-hostname]

Short Format

psadmin change-loguser-password -u uid -f password-filename -F new-password-filename -N sra-instance-name -h [instance-hostname]

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or user ID.

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

--newpasswordfile | -F] new-password-filename

Specifies the new name for the password file.

The following options are not required:

[--hostname | -h] instance-hostname

Specifies the hostname where the instance is located.

[--name | -N] sra-instance-name

Specifies the gateway's instance name.

psadmin sra-watchdog

Description

Configures watchdog for the Gateway, Netlet, Netfile, Proxylet, and Accesslist.

Syntax

Long Format

psadmin sra-watchdog --adminuser uid --passwordfile password-filename --type instance-type [--hostname instance-hostname ]on|off

Short Format

psadmin sra-watchdog -u uid -f password-filename -t instance-type [-h instance-hostname] on|off

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or user ID.

[-passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

[--type | -t] instance-type

Specifies the type of the SRA instance. Enter: gateway, nlproxy, or rwproxy.

The following options are not required:

[--hostname | -h] instance-hostname

Specifies the hostname where the instance is located.

The following operand is available:

on|off

Specifies to switch watchdog on or off for the particular instance.

psadmin switch-sra-status

Description

Toggle the status of Secure Remote Access of the Portal domain between ON and OFF.

Syntax

Long Format

psadmin switch-sra-status --adminuser uid --passwordfile passwordfile [--hostname hostname --output output_file ] on | off

Short Format

psadmin switch-sra-status -u uid -f passwordfile [-h hostname o output_file] on | off

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or user ID.

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

The following are the optional options:

[--hostname | -h] instance-hostname

Specifies the hostname where the instance is located.

[--output | o] output_file]

Specifies a file for output.

The following operand is available:

on|off

Specifies to switch ON or OFF. That is the sra status of the portal domain.

psadmin provision-sra

Description

For portal and psconsole to be accessed through gateway, the related URLs must be added to the Non-Authenticated URLs of the gateway profile and certain entries should be added to the Map URIs to Rulesets of the gateway profile. Also portal url should be added to the URLs to which User Session Cookie is forwarded. Cookie management should be enabled if psconsole is to be accessed through the gateway. The psadmin provision-sra command provides a simpler way to perform these steps. It uses the abstraction provided by the framework in terms of portal-Id and instance-Id for generating the URLs.

Syntax

Long Format

psadmin provision-sra --adminuser admin_user [--passwordfile password_file] [--debug] [--portal portal_id] [--loadbalancer-url protocol://loadbalancer_host:loadbalancer_port/portaluri] [--instance instance_id] [--console] [--console-url protocol://console_host:console_port/psconsoleuri] --gateway-profile gateway_profile --enable|--disable

Short Format

psadmin provision-sra -u admin_user -f password_file [--debug] [-p portal_id] [--loadbalancer-url protocol://loadbalancer_host:loadbalancer_port/portaluri] [-i instance_id] [--console] [--console-url protocol://console_host:console_port/psconsoleuri] --gateway-profile gateway_profile --enable|--disable

Options

The following options are required:

[--adminuser | -u] uid

Specifies the administrator's distinguished name (dn) or user ID.

[--passwordfile | -f] password-filename

Specifies the administrator's password in the password file.

--gateway-profile

Specifies the SRA profile name.

The following options are optional:

[--portal | -p] portal_id

Specifies the identifier of the Portal that this command is operated on.

[--loadbalancer-url] protocol://loadbalancer_host:loadbalancer_port/portaluri

Specify the URL of the load balancer if portal is being accessed through a load balancer.

[--instance | -i] instance-name

Specifies the identifier of the Portal Server Instance.

--console

Specifies whether the psconsole related URLs should be added to the Non-Authenticated URLs of the psconsole.

--console-url protocol://console_host:console_port/psconsoleuri

Access URL of psconsole. If --console-url is not specified and the --console option is present, then /psconsole will be used as the console URI.

--debug

This flag is used for debugging purpose only, set this flag to true to see exceptions that caused the error. (false)

--enable

For enabling sra access for portal and/or psconsole.

--disable

For disabling sra access for portal and/or psconsole

psadmin get-attribute

Description

Gets an attribute for a Portal Server Secure Remote Access component: Gateway, Netlet, Netfile, Proxylet, or Accesslist. If the component is gateway, use the --gateway-profile gateway-profile-filename option to specify the name to obtain the value of the attribute.

psadmin list-attributes

Description

Lists all attributes for a Portal Server Secure Remote Access component: Gateway, Netlet, Netfile, Proxylet, or Accesslist. If the component is gateway, use the --gateway-profile gateway-profile-filename option to specify the name to obtain the value of the attribute.

psadmin set-attribute

Description

Sets an attribute value for a Portal Server Secure Remote Access component: Gateway, Netlet, Netfile, Proxylet, or Accesslist. If the component is gateway, use the --gateway-profile gateway-profile-filename option to specify the name to obtain the value of the attribute.