Sun Java System Portal Server 7.2 Command-Line Reference

Chapter 23 Delegation psadmin Subcommands

This chapter list the following subcommands:

list-delegations

The list-delegations subcommand lists all the current delegation assignments.

Long-Named Format

psadmin list-delegations --adminuser uid [--passwordfile passwordFile] [--output output_file] [--debug]

Short-Named Format

psadmin list-delegations -u uid [-f passwordFile] [-o output_file] [--debug]

Options

These are the list of options available for the list-delegations subcommand. The following option is required:

[--adminuser | -u] uid

Specifies the distinguished name (DN) or the user identification name (uid) of the administrator.

The following three options are optional:

[--passwordfile | -f] passwordFile

Specifies the administrator password in the password file. When --passwordfile option is specified, the password file should contain the password without any other text. If this option is not specified, the password will be prompted.

[--output | -o] output_file

Specifies a file for output.

--debug

This flag is used for debugging purpose only. Set this flag to true to see exceptions that caused the error.

Example

The following command lists delegation assignments of Portal resource of the portal, portal1 to the user d.

./psadmin list-delegations -u amadmin [-f passwordFile] ----resources Portal:portal1 --delegatedadmin "uid=d,ou=People,o=daorg,o=EnterpriseSample,dc=india,dc=sun,dc=com"

assign-delegations

The assign-delegations subcommand delegates the administration of the specified Portal Server resources to a user.

Long-Named Format

psadmin assign-delegations --adminuser uid [--passwordfile passwordFile] --resources resources --delegatedadmin delegated_admin [--dn desktopDN] [--debug]

Short-Named Format

psadmin assign-delegations -u uid [-f passwordFile] --resources resources --delegatedadmin delegated_admin [-d desktopDN] [--debug]

Options

These are the list of options available for the assign-delegations subcommand. The following three options are required:

[--adminuser | -u] uid

Specifies the distinguished name (DN) or the user identification name (uid) of the administrator.

--resources resources

A list of resources being delegated. A resource has the form resource:portalID, if it is a portal centric resource (any one of the Portal, Desktop, Consumer, Producer, Subscriptions, CommunityManager, UBT, Logging, and Monitoring). It has the form resource, if it is a domain centric resource (any one of the PortalDomain, SearchServer, SRA, and SSOAdapter). If a resource is not in the pre-defined list of resources, the above values are specified. Otherwise, it will be ignored.

--delegatedadmin delegated_admin

The DN of a subject that administration of the resources is delegated to. This can be a user, role, organization, or realm DN.

The following three options are optional:

[--passwordfile | -f] passwordFile

Specifies the administrator password in the password file. When --passwordfile option is specified, the password file should contain the password without any other text. If this option is not specified, the password will be prompted.

[--dn | -d] desktopDN

Specifies the DN of the subject (user, role, organization, or realm) where administration of its desktop is being delegated. If this option is not specified when resources contain Desktop|portalID, desktop administration for all DNs will be delegated. This option is only valid when the resources being delegated contain Desktop|portalID.

--debug

This flag is used for debugging purpose only. Set this flag to true to see exceptions that caused the error.

Example

The following command assigns Portal resource of the portal, portal1 to the user d.

./psadmin assign-delegations -u amadmin [-f passwordFile] ----resources Portal:portal1 --delegatedadmin "uid=d,ou=People,o=daorg,o=EnterpriseSample,dc=india,dc=sun,dc=com"

For portal centric services, use the ./psadmin assign-delegations -u amadmin -f ps_password --resources '"Desktop:portal1" "Consumer:portal1"' --delegatedadmin "o=daorg,o=EnterpriseSample,dc=india,dc=sun,dc=com" command.

For domain centric services, use the ./psadmin assign-delegations -u amadmin -f ps_password --resources '"SearchServer" "SRA"' --delegatedadmin "o=daorg,o=EnterpriseSample,dc=india,dc=sun,dc=com" command.

unassign-delegation

The unassign-delegation subcommand removes the administration privilege of a resource from a delegated administrator.

Long-Named Format

psadmin unassign-delegation --adminuser uid [--passwordfile passwordFile] --resource resource --delegatedadmin delegated_admin [--dn desktopDN] [--debug]

Short-Named Format

psadmin unassign-delegation -u uid [-f passwordFile] --resource resource --delegatedadmin delegated_admin [-d desktopDN] [--debug]

Options

These are the list of options available for the unassign-delegation subcommand. The following three options are required:

[--adminuser | -u] uid

Specifies the distinguished name (DN) or the user identification name (uid) of the administrator.

--resource resource

A resource where delegation of its administration to a user is being removed. A resource has the form resource:portalID, if it is a portal centric resource (any one of the Portal, Desktop, Consumer, Producer, Subscriptions, CommunityManager, UBT, Logging, and Monitoring). It has the form resource, if it is a domain centric resource (any one of the PortalDomain, SearchServer, SRA, and SSOAdapter). If a resource is not in the pre-defined list of resources, the above values are specified. Otherwise, it will be ignored.

--delegatedadmin delegated_admin

The DN of a subject whose administration privilege of the resource is being removed. This can be a user, role, organization, or realm DN.

The following three options are optional:

[--passwordfile | -f] passwordFile

Specifies the administrator password in the password file. When --passwordfile option is specified, the password file should contain the password without any other text. If this option is not specified, the password will be prompted.

[--dn | -d] desktopDN

Specifies the DN of the subject (user, role, organization, or realm) where administration privilege of its desktop is being removed from the delegated administrator. This option is only valid when the resource is Desktop|portalID.

--debug

This flag is used for debugging purpose only. Set this flag to true to see exceptions that caused the error.

Example

The following command removes the administration privileges of Portal resource of the portal, portal1 to the user d.

./psadmin unassign-delegation -u amadmin [-f passwordFile] ----resources PortalDomain --delegatedadmin "uid=d,ou=People,o=daorg,o=EnterpriseSample,dc=india,dc=sun,dc=com"