commadmin domain purge (Sun Java System Delegated Administrator 6.4 Administration Guide)

Sun Java System Delegated Administrator 6.4 Administration Guide

commadmin domain purge

The commadmin domain purge command permanently removes all entries or service of entries that have been marked for removal. This can include domains, users, groups, and resources.

As part of periodic maintenance operations, use the commadmin domain purge command to remove all entries that have been deleted for a time period that is longer than the specified grace period.

You can perform a purge at any time by invoking the command manually.

When you invoke the command, the directory is searched and a list of domains is created whose entries include domains that have been marked for deletion longer than the specified grace period. The default value for the grace period is set to 5 days.

If the -d* option is specified, all domains are searched for users and domains that are marked as deleted. Users that are marked as deleted will be purged from their domain, but the domain will not be purged unless it is also marked as deleted. If a domain is marked as deleted, it will be purged along with all users within that domain.

After a service has been marked as deleted, a utility that removes resources such as mailboxes or calendars must be run before the service can be purged from the directory. For mail services, the program is called msuserpurge. Refer to the Sun Java System Messaging Server Administration Reference for information about the msuserpurge utility. For calendar services, the program is csclean. Refer to the Sun Java System Calendar Server Administration Guide for information about the csclean utility.

Note –

The commadmin domain purge command must be run by the Top-Level Administrator.

To remove users, groups, and Calendar resources from a domain

This procedure permanently removes users, groups, and Calendar resources from a domain. The domain itself remains intact in the LDAP directory. Only the LDAP entries selected for deletion are removed.

Mark the users, groups, and resources as deleted.

For example, to mark selected entries as deleted in the florizel.com domain:
commadmin user delete -D chris -w bolton -d florizel.com \ -n sesta.com -i deletedusers
commadmin group delete -D chris -w bolton -d florizel.com \ -n sesta.com -i deletedgroups
commadmin resource delete -D chris -w bolton -d florizel.com \ -n sesta.com -i deletedresources
In the preceding examples, deletedusers, deletedgroups, and deletedresources are input files listing the entries marked for deletion.

You also can use the Delegated Administrator console to delete entries:
1. Navigate to the specified organization.
2. Click the Users tab (if it is not already displayed), select the users to be deleted, and click Delete.
3. Click the Groups tab, select the groups to be deleted, and click Delete.
4. Click the Resources tab, select the resources to be deleted, and click Delete.

Remove resources from the selected users, groups, and calendars in the domain.

A resource can be a mailbox or a calendar.

For mail services, run the msuserpurge utility.

Refer to the Sun Java System Messaging Server Administration Reference for information about the msuserpurge utility.

For calendar services, run the csclean utility.

Refer to the Sun Java System Calendar Server Administration Guide for information about the csclean utility.

Permanently remove the selected entries from the domain by invoking the commadmin domain purge command.

For example, to remove selected users, groups, and resources from the florizel.com domain:
commadmin domain purge -D chris -w bolton -d florizel.com -n sesta.com
In the preceding command, the florizel.com domain remains intact. Only the entries specified in the deletedusers, deletedgroups, and deletedresources input files are removed.

To remove services from a domain

This procedure permanently removes mail and calendar services from a domain and from each user, group, and resource in the domain. The domain itself, including its subordinate LDAP entries, remains intact in the directory.

Mark the service(s) in the domain as deleted by running the commadmin domain delete command.

For example, to mark mail and calendar services as deleted in the florizel.com domain:
commadmin domain delete -D chris -w bolton -d florizel.com -n sesta.com \ -S mail,cal

Remove resources from all users, groups, and resources in the domain.

A resource can be a mailbox or a calendar.

For mail services, run the msuserpurge utility.

Refer to the Sun Java System Messaging Server Administration Reference for information about the msuserpurge utility.

For calendar services, run the csclean utility.

Refer to the Sun Java System Calendar Server Administration Guide for information about the csclean utility.

Note –
If the mailbox or calendar of any user in the domain is not removed, the service cannot be purged from the domain. For example, for mail service, be sure that the grace period has been reached and that the msuserpurge utility has been run on all mail message stores encompassed by the domain.

Permanently remove the service(s) from the domain by invoking the commadmin domain purge command.

For example, to remove mail and calendar services from the florizel.com domain:
commadmin domain purge -D chris -w bolton -d florizel.com -n sesta.com \ -S mail,cal

To permanently remove an entire domain

This procedure permanently removes a domain from the directory. All user, group, and resource entries in the domain are also removed from the directory.

Mark the domain as deleted by running the commadmin domain delete command.

For example, to mark the florizel.com domain as deleted:
commadmin domain delete -D chris -w bolton -d florizel.com -n sesta.com
You also can use the Delegated Administrator console to mark the domain for deletion by selecting the organization on the Organizations page and clicking Delete.

Remove resources from all users, groups, and resources in the domain.

A resource can be a mailbox or a calendar.

For mail services, run the msuserpurge utility.

Refer to the Sun Java System Messaging Server Administration Reference for information about the msuserpurge utility.

For calendar services, run the csclean utility.

Refer to the Sun Java System Calendar Server Administration Guide for information about the csclean utility.

Note –
If the mailbox or calendar of any user in the domain is not removed, the domain cannot be removed. For example, for mail service, be sure that the grace period has been reached and that the msuserpurge utility has been run on all mail message stores encompassed by the domain.

Permanently remove the domain by invoking the commadmin domain purge command.

For example, to remove the florizel.com domain:
commadmin domain purge -D chris -w bolton -d florizel.com -n sesta.com

Syntax

commadmin domain purge -D login -n domain -w password -d domain [-g grace] [-h]
   [-?] [-i inputfile] [-p AM port] [-s] [-S service] [-v] [-V] [-X AM host]

Options

The following options are mandatory:

Option	Description
`-D` `login`	The user ID of the Top-Level Administrator.
`-n` `domain`	Domain of the Top-Level Administrator.
`-w` `password`	Password of the Top-Level Administrator.
`-d` `domain`	Purge specified domain. The * operator (`-d*`) may be used to search for a pattern.

The following options are non-mandatory:

Option	Description
`-g` `grace`	Delay period (grace period) in days before the domain is purged. Domains marked for deletion for fewer than `grace` days will not be purged. For example, if you use `-g 7`, all entries that have been marked for deletion for 7 days and more are purged, but entries marked for deletion for 6 days and fewer are not purged. A 0 indicates purge immediately. The default value is 5 days. The default value cannot be changed permanently. You can change the grace period only by using the `-g` grace option in the `commadmin domain purge`command.
`-h`, `-?`	Prints command usage syntax.
`-i` `inputfile`	Reads the command information from a file instead of the command line.
`-p` `AM port`	Specifies an alternate TCP port where the Access Manager is listening. If not specified, the default `AM port` is used, or Port 80 is used if no default was configured at install time.
`-S` `service`	Removes service related object classes and attributes from the domain. If the domain contains users and resources it removes the service specific data from the directory for these users and resources. The list of services is separated by the comma (,) delimiter. The valid `service` values are `mail` and `cal.` These values are case-insensitive.
`-s`	Use SSL (Secure Socket Layer) to connect to the Access Manager.
`-v`	Enable debugging output.
`-V`	Prints information about the utility and its version.
`-X` `AM host`	Specifies the host on which the Access Manager is running. If not specified, the default `AM host` is used, or the localhost if no default was configured at install time.

Example

In the following example, the siroe.com domain is purged and all entries within the domain are also removed:

commadmin domain purge -D chris -d siroe.com -n sesta.com -w bolton