The following subcommands execute operations for managing realms and policies in OpenSSO Enterprise.
Add service attribute values in a realm.
ssoadm add-svc-attrs --options [--global-options]
The name of the realm.
The name of the service.
The administrator ID running the command.
The filename that contains the password of the administrator.
The attribute values. For example, homeaddress=here.
Name of file that contains attributes and corresponding values as in attribute-name=attribute-value. Enter one attribute and value per line.
Add a service to a realm.
ssoadm add-svc-realm --options [--global-options]
The name of the realm.
The name of the service.
The administrator ID running the command.
The filename that contains the password of the administrator.
The attribute values. For example, homeaddress=here.
Name of file that contains attributes and corresponding values as in attribute-name=attribute-value. Enter one attribute and value per line.
Create policies in a realm.
ssoadm create-policies --options [--global-options]
The name of the realm.
The filename that contains the policy XML definition.
The administrator ID running the command.
The filename that contains the password of the administrator.
Create a realm.
ssoadm create-realm --options [--global-options]
The name of the realm to be created.
The administrator ID running the command.
The filename that contains the password of the administrator.
Delete policies from a realm.
ssoadm delete-policies --options [--global-options]
The name of the realm to which the policy belongs.
The names of the policies to be deleted.
The administrator ID running the command.
The filename that contains the password of the administrator.
Delete a realm.
ssoadm delete-realm --options [--global-options]
The name of the realm.
The administrator ID running the command.
The filename that contains the password of the administrator.
Deletes the descendent realms recursively.
Delete an attribute from a realm.
ssoadm delete-realm-attr --options [--global-options]
The name of the realm.
The name of the service.
The name of the attribute to be removed.
The administrator ID running the command.
The filename that contains the password of the administrator.
Get the realm property values.
ssoadm get-realm --options [--global-options]
The name of the realm.
The name of the service.
The administrator ID running the command.
The filename that contains the password of the administrator.
Get the realm's service attribute values.
ssoadm get-realm-svc-attrs --options [--global-options]
The name of the realm.
The name of the service.
The administrator ID running the command.
The filename that contains the password of the administrator.
List the policy definitions in a realm.
ssoadm list-policies --options [--global-options]
The name of the realm.
The administrator ID running the command.
The filename that contains the password of the administrator.
The names of the policy. This can be used as a wildcard. All policy definitions in the realm will be returned.
The filename where the policy definition will be written. The definitions will be printed in standard output.
List the realm's assignable services.
ssoadm list-realm-assignable-svcs --options [--global-options]
The name of the realm.
The administrator ID running the command.
The filename that contains the password of the administrator.
List the realms by name.
ssoadm list-realms --options [--global-options]
The name of the realm.
The administrator ID running the command.
The filename that contains the password of the administrator.
Filter by a pattern.
Search recursively.
Remove a realm's service attribute values.
ssoadm remove-svc-attrs --options [--global-options]
The name of the realm.
The name of the service.
The administrator ID running the command.
The filename that contains the password of the administrator.
The attribute values to be removed. For example, homeaddress=here.
The filename that contains the attribute values to be removed, configured as in attribute-name=attribute-value. Enter one attribute and value per line.
Remove a service from a realm.
ssoadm remove-svc-realm --options [--global-options]
The name of the realm.
The name of the service to be removed.
The administrator ID running the command.
The filename that contains the password of the administrator.
Set a realm's attribute values.
ssoadm set-realm-attrs --options [--global-options]
The name of the realm.
The name of the service.
The administrator ID running the command.
The filename that contains the password of the administrator.
Set this flag to append the values to existing ones.
The attribute values. For example, homeaddress=here.
Name of file that contains attributes and corresponding values as in attribute-name=attribute-value. Enter one attribute and value per line.
Set the realm's service attribute values.
ssoadm set-svc-attrs --options [--global-options]
The name of the realm.
The name of the service.
The administrator ID running the command.
The filename that contains the password of the administrator.
The attribute values. For example, homeaddress=here.
Name of file that contains attributes and corresponding values as in attribute-name=attribute-value. Enter one attribute and value per line.
Show the supported authentication modules in the system.
ssoadm show-auth-modules --options [--global-options]
The administrator ID running the command.
The filename that contains the password of the administrator.
Show the supported data types in the system.
ssoadm show-data-types --options [--global-options]
The administrator ID running the command.
The filename that contains the password of the administrator.
Show the services in a realm.
ssoadm show-realm-svcs --options [--global-options]
The name of the realm.
The administrator ID running the command.
The filename that contains the password of the administrator.
Include mandatory services.