7 Enterprise User Security Manager (EUSM) Command Reference
Enterprise User Security Manager (EUSM) is a command-line tool you can use to manage the Enterprise User Security (EUS) Configuration in the Oracle Internet Directory (OID) directory server.
The EUSM command-line tool sends data to and retrieves data from the Oracle Internet Directory (OID) directory server. You can use Oracle Enterprise Manager to administer enterprise users, enterprise domains, and enterprise roles stored in OID as described in Oracle Enterprise Manager. However, this becomes a cumbersome process if the entries are very large and the process cannot be automated. Hence, the use of this command-line tool becomes a requirement.
$ORACLE_HOME/bin
EUSM is a user friendly command-line tool. Entering eusm
on the shell and pressing Enter
or Return
, prints all the commands that are supported. Also entering eusm help <command>
or just eusm <command>
and pressing Enter
or Return
prints the signature of a particular command supported by EUSM. Note that you must enter eusm
in all lowercase characters.
Both EUSM commands and command-line options are not case sensitive.
Keystore, ldap user, and dbuser passwords can be prompted for by entering just the password options -K, -B, and -b on the command line, each by itself. Examples show this usage.
This chapter contains descriptions of the EUSM commands listed by their group. Each description contains the following parts:
Section | Description |
---|---|
Term |
Describes the function of each term. |
Syntax |
Shows how to enter the command and provides a brief description of the basic uses of the command. |
Options |
Describes the function of each clause and option appearing in the syntax. |
Usage Notes |
Provides additional information on uses of the command and on how the command works. |
Examples |
Gives examples of the command using SSL port connectivity and not using SSL port connectivity to OID and providing passwords in the command line and prompting for each password. |
7.1 About SSL Port Connectivity through EUSM to OID
To enhance security, use the SSL Port connectivity option (ldap_ssl_port=<OID ssl port>
) when connecting from Enterprise User Security Manager (EUSM) to Oracle Internet Directory (OID) directory server.
Using the SSL Port connectivity option (ldap_ssl_port=<OID ssl port>
) assumes the environment where the OID directory server is set up supports the SSL port.
-
The
ldap_ssl_port
option takes the ssl port of the directory server (OID) as input from the EUSM command line. -
The
keystore=<path to PKCS12 format of keystore>
file path parameter takes the path to the PKCS12 format of the keystore (for example,ewallet.p12
file) as input from the command line and the password is taken interactively with the option–K prompt for keystore password
.
Prerequisites
-
The client must have a keystore in PKCS12 format for example, ewallet.p12 file. This keystore file consists of a client private key certificate.
-
The inputs for the passwords of keystore should also be given by the client.
-
The client must have Java 2 SDK, v1.4 or any updated version that supports the current EUSM API.
7.2 Enterprise User Security Manager (EUSM) Command Summary
Group of Commands | Command | Description |
---|---|---|
Manage Enterprise Domains | listDomains | Lists the domains in the realm. |
Manage Enterprise Domains | createDomain | Creates a domain in the realm. |
Manage Enterprise Domains | deleteDomain | Deletes a domain from the realm. |
Manage Enterprise Domains | listDomainInfo | Lists the domain information. |
Manage Domain Administrators | addDomainAdmin | Adds a domain administrator. |
Manage Domain Administrators | listDomainAdmins | Lists the domain administrators. The domain is taken as one of the inputs. |
Manage Domain Administrators | removeDomainAdmin | Removes a domain administrator |
Manage Databases in an Existing Domain | addDatabase | Adds a database to the domain. |
Manage Databases in an Existing Domain | removeDatabase | Removes a database from the domain. |
Manage Database Administrators | addDBAdmin | Adds a database administrator. |
Manage Database Administrators | removeDBAdmin | Removes a database administrator. |
Manage Database Administrators | listDBAdmins | Lists the database administrators. |
Manage Database Administrators | listDBInfo | Lists the database information. |
Manage user-schema mappings | createMapping | Creates the user and shared schema mapping. |
Manage user-schema mappings | deleteMapping | Deletes a mapping. |
Manage user-schema mappings | listMappings | Lists the user and shared schema mappings. |
Enable or Disable Current User Database Links Usage in the Domain | setCulinkStatus | Enables or disables the current user database-link usage in the domain. |
Setting Authentication Types | setAuthTypes | Sets authentication types to be accepted for the users in the domain. |
Manage Enterprise Roles/Global Roles | createRole | Creates an enterprise role. |
Manage Enterprise Roles/Global Roles | deleteRole | Deletes an enterprise role. |
Manage Enterprise Roles/Global Roles | addGlobalRole | Adds a global role or administrative role to an enterprise role. |
Manage Enterprise Roles/Global Roles | removeGlobalRole | Removes a global role or administrative role from an enterprise role. |
Manage Enterprise Roles/Global Roles | grantRole | Grants an enterprise role. |
Manage Enterprise Roles/Global Roles | revokeRole | Revokes an enterprise role. |
Manage Enterprise Roles/Global Roles | listEnterpriseRoles | Lists the enterprise roles. |
Manage Enterprise Roles/Global Roles | listEnterpriseRolesOfUser | Lists the enterprise roles of a user. |
Manage Enterprise Roles/Global Roles | listEnterpriseRoleInfo | Lists enterprise role information. |
Manage Enterprise Roles/Global Roles | listGlobalRolesInDB | Lists the global roles in the database. |
Manage Enterprise Roles/Global Roles | listSharedSchemasInDB | Lists the shared schemas in the database. |
Manage Proxy Authentication | createProxyPerm | Creates a proxy permission object. |
Manage Proxy Authentication | deleteProxyPerm | Deletes a proxy permission object. |
Manage Proxy Authentication | addTargetUser | Adds a target database user to the proxy permission object. |
Manage Proxy Authentication | removeTargetUser | Removes a target database user from the proxy permission object. |
Manage Proxy Authentication | grantProxyPerm | Maps an enterprise user to the database user through the proxy permission object. |
Manage Proxy Authentication | revokeProxyPerm | Revokes a proxy permission object. |
Manage Proxy Authentication | listProxyPermissions | Lists the proxy permissions. Input is the domain name. |
Manage Proxy Authentication | listProxyPermissionsOfUser | Lists the proxy permissions for the user. Input is user distinguished name. |
Manage Proxy Authentication | listProxyPermissionInfo | Lists the proxy permission information. |
Manage Proxy Authentication | listTargetUsersInDB | Lists the target users in the database. |
Manage Database-OID Authentication Method | setDBOIDAuth | Sets the database-OID authentication method. |
Manage Database-OID Authentication Method | listDBOIDAuth | Lists the database-OID authentication method. |
Manage the list of the Password Accessible Domains | addToPwdAccessibleDomains | Adds a domain to the password accessible domains group in the realm. |
Manage the list of the Password Accessible Domains | removeFromPwdAccessibleDomains | Removes a domain from the password accessible domains group in the realm. |
Manage the list of the Password Accessible Domains | listPwdAccessibleDomains | Lists the password accessible domains in the realm. |
Display Realm Properties | listRealmCommonAttr | Lists the realm common attributes. |
App Context Namespace | createAppCtxNamespace | Adds a new namespace. |
App Context Namespace | listAppCtxNamespaces | Lists the namespaces. |
App Context Namespace | deleteAppCtxNamespace | Deletes a namespace. |
App Context Attribute | createAppCtxAttribute | Adds a new attribute. |
App Context Attribute | listAppCtxAttributes | Lists the attributes. |
App Context Attribute | deleteAppCtxAttribute | Deletes an attribute. |
App Context Attribute Value | createAppCtxAttributeValue | Adds a new attribute value. |
App Context Attribute Value | listAppCtxAttributeValues | Lists the attribute values. |
App Context Attribute Value | deleteAppCtxAttributeValue | Deletes an attribute value. |
Manage App Context Users | createAppCtxUsers | Adds a new user for an attribute value. |
Manage App Context Users | listAppCtxUsers | Lists all users for an attribute value. |
Manage App Context Users | deleteAppCtxUsers | Deletes a user from an attribute value. |
Help | help <command name> | Displays help for a command. |
Examples of EUSM Commands Use Options
-
proxy_permission=PROXY01
-
domain_name=test_domain
-
domain_name=OracleDefaultDomain — an enterprise domain
-
realm_dn=dc=yy, dc=company,dc=com
-
user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com
-
database_name=dbtest1
-
map_type=ENTRY — can be either ENTRY or SUBTREE
-
map_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com
-
mapping_name=MAPPING01
-
schema=test_user
-
status=ENABLED — can be either ENABLED or DISABLED
-
auth_type=SSL
-
enterprise_role=ent_connect — enterprise role
-
enterprise_role=ent_resource — global role
-
global_role=global_resource
-
global_role=global_connect
-
dbuser=system — a privileged user
-
dbuser_password=-b or just –b on the command line (prompts for dbuser password) — Database privileged user password
-
dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1
-
target_user=PROXY_TEST
-
namespace=ns1
-
attribute_name=attr1
-
attribute_value=val1
-
ldap_host=xxxxx.zz.company.com — name of the OID server
-
ldap_SSL_port=3131 — OID SSL (SASL) port used for OID connections; ports 3132 to 3141 or 13131 to 13141 can also be used
-
keystore=/etc/myapp/keyStore — path to PKCS12 format of keystore; keystore location is administrator defined
-
key_pass=-K or as just –K on the command line (prompts for keystore password) — Keystore password
-
ldap port =3060 — nonSSL (SASL) port used for OID connections; ports 3061 to 3070 or 13060 to 13070 can also be used
-
ldap_user_dn=cn=orcladmin — OID administrator name
-
ldap_user_password=-B or as just –B on the command line (prompts for OID user password) — OID administrator password
7.2.1 createDomain
Syntax
createDomain
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include creating a domain in the realm with and without SSL port connectivity to OID.
Example 7-1 Creating a Domain in the Realm with SSL Port Conectivity to OID
eusm createDomain domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-2 Creating a Domain in the Realm with non-SSL Port Conectivity to OID
eusm createDomain domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.2 deleteDomain
Syntax
deleteDomain
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_port=<OID non ssl port> |
OID non ssl port. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include deleting a domain in the realm with and without SSL port connectivity to OID.
Example 7-3 Deleting a Domain from the Realm with SSL Port Conectivity to OID
eusm deleteDomain domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-4 Deleting a Domain from the Realm with non-SSL Port Conectivity to OID
eusm deleteDomain domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.3 listDomains
Syntax
listDomains
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include listing the domains in the realm with and without SSL port connectivity to OID.
Example 7-5 Lists the domains in the realm with SSL Port Conectivity to OID
eusm listDomains realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-6 Lists the domains in the realm with non-SSL Port Conectivity to OID
eusm listDomains realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.4 listDomainInfo
Syntax
listDomainInfo
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include listing the domain information with and without SSL port connectivity to OID.
Example 7-7 Listing the Domain Information with SSL Port Conectivity to OID
eusm listDomainInfo domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-8 Listing the Domain Information with non-SSL Port Conectivity to OID
eusm listDomainInfo domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.5 addDomainAdmin
Syntax
addDomainAdmin
domain_name=<domain name>
realm_dn=<DN of the realm>
user_dn=<user DN>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
user_dn=<user DN> |
DN of the user. For example, the user to be added as database administrator in the command addDBAdmin. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include adding a domain administrator with and without SSL port connectivity to OID.
Example 7-9 Adding a Domain Administrator with SSL Port Conectivity to OID
eusm addDomainAdmin domain_name=test_domain user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com realm_dn=dc=yy, dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-10 Adding a Domain Administrator with non-SSL Port Conectivity to OID
eusm addDomainAdmin domain_name=test_domain user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com realm_dn=dc=yy, dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.6 removeDomainAdmin
Syntax
removeDomainAdmin
domain_name=<domain name>
realm_dn=<DN of the realm>
user_dn=<user DN>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
user_dn=<user DN> |
DN of the user. For example, the user to be removed as database administrator in the command removeDBAdmin. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include removing a domain administrator with and without SSL port connectivity to OID.
Example 7-11 Removing a Domain Administrator with SSL Port Conectivity to OID
eusm removeDomainAdmin domain_name=test_domain user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com realm_dn=dc=yy, dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-12 Removing a Domain Administrator with non-SSL Port Conectivity to OID
eusm removeDomainAdmin domain_name=test_domain user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com realm_dn=dc=yy, dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.7 listDomainAdmins
Syntax
listDomainAdmins
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
key_pass=-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
ldap_user_password=-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include listing domain administrators with and without SSL port connectivity to OID.
Example 7-13 Listing the Domain Administrators with SSL Port Conectivity to OID
eusm listDomainAdmins domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-14 Listing the Domain Administrators with non-SSL Port Conectivity to OID
eusm listDomainAdmins domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.8 addDatabase
Syntax
addDatabase
domain_name=<domain name>
realm_dn=<DN of the realm>
database_name=<Database name>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
database_name=<Database name> |
Database name. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include adding a database to the domain with and without SSL port connectivity to OID.
Example 7-15 Adding a Database to the Domain with SSL Port Conectivity to OID
eusm addDatabase domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-16 Adding a Database to the Domain with non-SSL Port Conectivity to OID
eusm addDatabase domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.9 removeDatabase
Syntax
removeDatabase
domain_name=<domain name>
realm_dn=<DN of the realm>
database_name=<Database name>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
database_name=<Database name> |
Database name. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include removing a database from the domain with and without SSL port connectivity to OID.
Example 7-17 Removing a Database from the Domain with SSL Port Conectivity to OID
eusm removeDatabase domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-18 Removing a Database from the Domain with non-SSL Port Conectivity to OID
eusm removeDatabase domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.10 addDBAdmin
Syntax
addDBAdmin
realm_dn=<DN of the realm>
database_name=<Database name>
user_dn=<Distinguished name of the user>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
realm_dn=<DN of the realm> |
DN of the realm. |
database_name=<Database name> |
Database name. |
user_dn=<user DN> |
DN of the user. For example, the user to be added as database administrator in the command addDBAdmin. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include adding a database administrator with and without SSL port connectivity to OID.
Example 7-19 Adding a Database Administrator with SSL Port Conectivity to OID
eusm addDBAdmin realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-20 Adding a Database Administrator with non-SSL Port Conectivity to OID
eusm addDBAdmin realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.11 listDBAdmins
Syntax
listDBAdmins
realm_dn=<DN of the realm>
database_name=<Database name>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
realm_dn=<DN of the realm> |
DN of the realm. |
database_name=<Database name> |
Database name. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include listing the database administrators with and without SSL port connectivity to OID.
Example 7-21 Listing the Database Administrators with SSL Port Conectivity to OID
eusm listDBAdmins realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-22 Listing the Database Administrators with non-SSL Port Conectivity to OID
eusm listDBAdmins realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.12 listDBInfo
Syntax
listDBInfo
realm_dn=<DN of the realm>
database_name=<Database name>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
realm_dn=<DN of the realm> |
DN of the realm. |
database_name=<Database name> |
Database name. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include listing the database information with and without SSL port connectivity to OID.
Example 7-23 Lists the Database Information with SSL Port Conectivity to OID
eusm listDBInfo realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-24 Lists the Database Information with non-SSL Port Conectivity to OID
eusm listDBInfo realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.13 removeDBAdmin
Syntax
removeDBAdmin
realm_dn=<DN of the realm>
database_name=<Database name>
user_dn=<Distinguished name of the user>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
realm_dn=<DN of the realm> |
DN of the realm. |
database_name=<Database name> |
Database name. |
user_dn=<user DN> |
DN of the user. For example, the user to be added as database administrator in the command addDBAdmin. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include removing a database administrator with and without SSL port connectivity to OID.
Example 7-25 Removing a Database Administrator with SSL Port Conectivity to OID
eusm removeDBAdmin realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-26 Removing a Database Administrator with non-SSL Port Conectivity to OID
eusm removeDBAdmin realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.14 createMapping
Syntax
createMapping
[domain_name=<domain name>]
[database_name=<database name>]
realm_dn=<DN of the realm>
map_type=<mapping type ENTRY/SUBTREE>
map_dn=<DN which is being mapped to schema>
schema=<database schema>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
[domain_name=<domain name>] |
Name of the domain. |
[database_name=<database name>] |
Database name. |
realm_dn=<DN of the realm> |
DN of the realm. |
map_type=<mapping type ENTRY/SUBTREE> |
Type of mapping ENTRY/SUBTREE. |
map_dn=<DN which is being mapped to schema> |
DN that is being mapped to the schema. |
schema=<database schema>
|
Database schema. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include creating the user or shared schema mapping with and without SSL port connectivity to OID.
Example 7-27 Creating the User or Shared Schema Mapping with SSL Port Conectivity to OID
eusm createMapping database_name=dbtest1 realm_dn=dc=yy,dc=company,dc=com map_type=ENTRY map_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com schema=test_user ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-28 Creating the User or Shared Schema Mapping with non-SSL Port Conectivity to OID
eusm createMapping database_name=dbtest1 realm_dn=dc=yy,dc=company,dc=com map_type=ENTRY map_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com schema=test_user ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.15 deleteMapping
Syntax
deleteMapping
[domain_name=<domain name>]
[database_name=<database name>]
realm_dn=<DN of the realm>
mapping_name=<Name of mapping>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
[domain_name=<domain name>] |
Name of the domain. |
[database_name=<database name>] |
Database name. |
realm_dn=<DN of the realm> |
DN of the realm. |
mapping_name=<Name of mapping> |
Name of the mapping. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include deleting the user or shared schema mapping with and without SSL port connectivity to OID.
Example 7-29 Deleting the User or Shared Schema Mapping with SSL Port Conectivity to OID
eusm deleteMapping database_name=dbtest1 realm_dn=dc=yy,dc=company,dc=com mapping_name=MAPPING01 ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-30 Deleting the User or Shared Schema Mapping with non-SSL Port Conectivity to OID
eusm deleteMapping database_name=dbtest1 realm_dn=dc=yy,dc=company,dc=com mapping_name=MAPPING01 ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.16 listMappings
Prerequisites
(Optional) List the prerequisites for executing the command in the following list:
-
Prerequisite #1
-
Prerequisite #2
Syntax
listMappings
[domain_name=<domain name>]
[database_name=<database name>]
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
[domain_name=<domain name>] |
Name of the domain. |
[database_name=<database name>] |
Database name. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include listing the user or shared schema mappings with and without SSL port connectivity to OID.
Example 7-31 Listing the User or Shared Schema Mappings with SSL Port Conectivity to OID
eusm listMappings database_name=dbtest1 realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-32 Listing the User or Shared Schema Mappings with non-SSL Port Conectivity to OID
eusm listMappings database_name=dbtest1 realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.17 setCulinkStatus
Syntax
setCulinkStatus
domain_name=<domain name>
realm_dn=<DN of the realm>
status=<ENABLED/DISABLED>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
status=<ENABLED/DISABLED> |
Whether the status is enabled or disabled. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include enabling the current user database-link usage in the domain with and without SSL port connectivity to OID.
Example 7-33 Enabling the Current User Database-link Usage in the Domain with SSL Port Conectivity to OID
eusm setCulinkStatus domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com status=ENABLED ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-34 Enabling the Current User Database-link Usage in the Domain with non-SSL Port Conectivity to OID
eusm setCulinkStatus domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com status=ENABLED ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.18 setAuthTypes
Syntax
setAuthTypes
domain_name=<domain name>
realm_dn=<DN of the realm>
auth_types=<Allowed User-DB authentication>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
auth_types=<Allowed User-DB authentication> |
Allowed user-database authentication types |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include setting the authentication type accepted for user in the domain with and without SSL port connectivity to OID.
Example 7-35 Setting the Authentication Types Accepted for the Users in the Domain with SSL Port Conectivity to OID
eusm setAuthTypes domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com auth_type=SSL ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-36 Setting the Authentication Types Accepted for the Users in the Domain with non-SSL Port Conectivity to OID
eusm setAuthTypes domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com auth_type=SSL ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.19 createRole
Syntax
createRole
enterprise_role=<Enterprise role name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
enterprise_role=<Enterprise role name> |
Name of the enterprise role. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Enterprise roles are access privileges assigned to enterprise users. Enterprise roles are a set of Oracle role-based authorizations across one or more databases in an enterprise domain. Enterprise roles are stored in the directory and contain one or more global roles.
SQL> create role global_connect identified globally;
SQL> create role global_resource identified globally;
SQL> grant connect to global_connect;
SQL> grant resource to global_resource;
Examples
Examples include creating an enterprise role in an enterprise domain in the realm with and without SSL port connectivity to OID.
Example 7-37 Creating a Role with SSL Port Conectivity to OID
eusm createRole enterprise_role=ent_connect domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-38 Creating a Role with non-SSL Port Conectivity to OID
eusm createRole enterprise_role=ent_connect domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.20 deleteRole
Syntax
deleteRole
enterprise_role=<Enterprise role name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
enterprise_role=<Enterprise role name> |
Name of the enterprise role. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Enterprise roles are access privileges assigned to enterprise users. Enterprise roles are a set of Oracle role-based authorizations across one or more databases in an enterprise domain. Enterprise roles are stored in the directory and contain one or more global roles.
SQL> create role global_connect identified globally;
SQL> create role global_resource identified globally;
SQL> grant connect to global_connect;
SQL> grant resource to global_resource;
Examples
Examples include deleting an enterprise role in an enterprise domain in the realm with and without SSL port connectivity to OID.
Example 7-39 Deleting a Role with SSL Port Conectivity to OID
eusm deleteRole enterprise_role=ent_connect domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-40 Deleting a Role with non-SSL Port Conectivity to OID
eusm deleteRole enterprise_role=ent_connect domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.21 addGlobalRole
Syntax
addGlobalRole
enterprise_role=<Enterprise role name>
domain_name=<domain name>
realm_dn=<DN of the realm>
database_name=<Database name>
global_role=<Global role name>
dbuser=<Database user name to connect>
[dbuser_password=]-b prompt for database user password
dbconnect_string=<Database connect string>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
enterprise_role=<Enterprise role name> |
Name of the enterprise role. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
database_name=<Database name> |
Database name. |
global_role=<Global role name> |
Global role or administrative role name. |
dbuser=<Database user name to connect> |
The database user name to connect. |
[dbuser_password=]-b prompt for database user passowrd |
Database user password taken interactively at the prompt. |
dbconnect_string=<Database connect string>
|
Database connect string |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Enterprise roles are access privileges assigned to enterprise users. Enterprise roles are a set of Oracle role-based authorizations across one or more databases in an enterprise domain. Enterprise roles are stored in the directory and contain one or more global roles.
global_role
for administrative role can be either SYSDBA
, SYSOPER
, SYSBACKUP
, SYSKM
, or SYSDG
. For example:SQL> create role global_connect identified globally;
SQL> create role global_resource identified globally;
SQL> grant connect to global_connect;
SQL> grant resource to global_resource;
Examples
Examples include adding a global role and an administrative role in an enterprise domain in the realm for a database user with and without SSL port connectivity to OID.
Example 7-41 Adding a Global Role with SSL Port Conectivity to OID
eusm addGlobalRole enterprise_role=ent_resource domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 global_role=global_resource dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1 ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-42 Adding an Administrative Role with SSL Port Conectivity to OID
eusm addGlobalRole enterprise_role=ent_resource domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 global_role=SYSDBA dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1 ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-43 Adding a Global Role with non-SSL Port Conectivity to OID
eusm addGlobalRole enterprise_role=ent_resource domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 global_role=global_resource dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1 ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
Example 7-44 Adding an Administrative Role with non-SSL Port Conectivity to OID
eusm addGlobalRole enterprise_role=ent_resource domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 global_role=SYSDBA dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1 ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.22 removeGlobalRole
Syntax
removeGlobalRole
enterprise_role=<Enterprise role name>
domain_name=<domain name>
realm_dn=<DN of the realm>
database_name=<Database name>
global_role=<Global role name >
dbuser=<Database user name to connect>
[dbuser_password=]-b prompt for database user password
dbconnect_string=<Database connect string>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
enterprise_role=<Enterprise role name> |
Name of the enterprise role. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
database_name=<Database name> |
Database name. |
global_role=<Global role name> |
Global role or administrative role name. |
dbuser=<Database user name to connect> |
The database user name to connect. |
[dbuser_password=]-b prompt for database user password> |
Database user password taken interactively at the prompt. |
dbconnect_string=<Database connect string>
|
Database connect string |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Enterprise roles are access privileges assigned to enterprise users. Enterprise roles are a set of Oracle role-based authorizations across one or more databases in an enterprise domain. Enterprise roles are stored in the directory and contain one or more global roles.
global_role
for administrative role can be either SYSDBA
, SYSOPER
, SYSBACKUP
, SYSKM
, or SYSDG
. For example:SQL> create role global_connect identified globally;
SQL> create role global_resource identified globally;
SQL> grant connect to global_connect;
SQL> grant resource to global_resource;
Examples
Examples include removing a global role and an administrative role in an enterprise domain in the realm from a database user with and without SSL port connectivity to OID.
Example 7-45 Removing a Global Role with SSL Port Conectivity to OID
eusm removeGlobalRole enterprise_role=ent_resource domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 global_role=global_connect dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1 ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-46 Removing an Administrative Role with SSL Port Conectivity to OID
eusm removeGlobalRole enterprise_role=ent_resource domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 global_role=SYSDBA dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1 ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-47 Removing a Global Role with non-SSL Port Conectivity to OID
eusm removeGlobalRole enterprise_role=ent_resource domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 global_role=global_connect dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1 ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
Example 7-48 Removing an Administrative Role with non-SSL Port Conectivity to OID
eusm removeGlobalRole enterprise_role=ent_resource domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 global_role=SYSDBA dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1 ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.23 grantRole
Syntax
grantRole
enterprise_role=<Enterprise role name>
domain_name=<domain name>
realm_dn=<DN of the realm>
[user_dn=<Distinguished name of user>]
[group_dn=<Distinguished name of group>]
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
enterprise_role=<Enterprise role name> |
Name of the enterprise role. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
[user_dn=<Distinguished name of user>] |
DN of the user. |
[group_dn=<Distinguished name of group>] |
DN of the group. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Enterprise roles are access privileges assigned to enterprise users. Enterprise roles are a set of Oracle role-based authorizations across one or more databases in an enterprise domain. Enterprise roles are stored in the directory and contain one or more global roles.
SQL> create role global_connect identified globally;
SQL> create role global_resource identified globally;
SQL> grant connect to global_connect;
SQL> grant resource to global_resource;
Examples
Examples include granting an enterprise role in an enterprise domain in the realm to a user with and without SSL port connectivity to OID.
Example 7-49 Granting a Role to a User with SSL Port Conectivity to OID
eusm grantRole enterprise_role=ent_connect domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-50 Granting a Role to a User with non-SSL Port Conectivity to OID
eusm grantRole enterprise_role=ent_connect domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.24 revokeRole
Syntax
revokeRole
enterprise_role=<Enterprise role name>
domain_name=<domain name>
realm_dn=<DN of the realm>
[user_dn=<Distinguished name of user>]
[group_dn=<Distinguished name of group>]
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
enterprise_role=<Enterprise role name> |
Name of the enterprise role. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
[user_dn=<Distinguished name of user>] |
DN of the user. |
[group_dn=<Distinguished name of group>] |
DN of the group. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass]=-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Enterprise roles are access privileges assigned to enterprise users. Enterprise roles are a set of Oracle role-based authorizations across one or more databases in an enterprise domain. Enterprise roles are stored in the directory and contain one or more global roles.
SQL> create role global_connect identified globally;
SQL> create role global_resource identified globally;
SQL> grant connect to global_connect;
SQL> grant resource to global_resource;
Examples
Examples include revoking an enterprise role in an enterprise domain in the realm from a user with and without SSL port connectivity to OID.
Example 7-51 Revoking a Role from a User with SSL Port Conectivity to OID
eusm revokeRole enterprise_role=ent_connect domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-52 Revoking a Role from a User with non-SSL Port Conectivity to OID
eusm revokeRole enterprise_role=ent_connect domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.25 listEnterpriseRoles
Syntax
listEnterpriseRoles
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Enterprise roles are access privileges assigned to enterprise users. Enterprise roles are a set of Oracle role-based authorizations across one or more databases in an enterprise domain. Enterprise roles are stored in the directory and contain one or more global roles.
SQL> create role global_connect identified globally;
SQL> create role global_resource identified globally;
SQL> grant connect to global_connect;
SQL> grant resource to global_resource;
Examples
Examples include listing enterprise roles in an enterprise domain in the realm with and without SSL port connectivity to OID.
Example 7-53 List the Enterprisre Roles with SSL Port Conectivity to OID
eusm listEnterpriseRoles domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-54 List the Enterprisre Roles with non-SSL Port Conectivity to OID
eusm listEnterpriseRoles domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.26 listEnterpriseRolesOfUser
Syntax
listEnterpriseRolesOfUser
user_dn=<Distinguished name of user>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
user_dn=<Distinguished name of user> |
DN of the user. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Enterprise roles are access privileges assigned to enterprise users. Enterprise roles are a set of Oracle role-based authorizations across one or more databases in an enterprise domain. Enterprise roles are stored in the directory and contain one or more global roles.
SQL> create role global_connect identified globally;
SQL> create role global_resource identified globally;
SQL> grant connect to global_connect;
SQL> grant resource to global_resource;
Examples
Examples include listing the enterprise roles of a user in the realm with and without SSL port connectivity to OID.
Example 7-55 List the Enterprise Roles of a User with SSL Port Conectivity to OID
eusm listEnterpriseRolesOfUser user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-56 List the Enterprise Roles of a User with non-SSL Port Conectivity to OID
eusm listEnterpriseRolesOfUser user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.27 listEnterpriseRoleInfo
Syntax
listEnterpriseRoleInfo
enterprise_role=<Enterprise role name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
enterprise_role=<Enterprise role name> |
Name of the enterprise role. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Enterprise roles are access privileges assigned to enterprise users. Enterprise roles are a set of Oracle role-based authorizations across one or more databases in an enterprise domain. Enterprise roles are stored in the directory and contain one or more global roles.
SQL> create role global_connect identified globally;
SQL> create role global_resource identified globally;
SQL> grant connect to global_connect;
SQL> grant resource to global_resource;
Examples
Examples include listing the enterprise role information in an enterprise domain in the realm with and without SSL port connectivity to OID.
Example 7-57 List the Enterprise Role Information with SSL Port Conectivity to OID
eusm listEnterpriseRoleInfo enterprise_role=ent_connect domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_ssl_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-58 List the Enterprise Role Information with non-SSL Port Conectivity to OID
eusm listEnterpriseRoleInfo enterprise_role=ent_connect domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.28 listGlobalRolesInDB
Syntax
listGlobalRolesInDB
dbuser=<Database user name to connect>
[dbuser_password=]-b prompt for database user password
dbconnect_string=<Database connect string>
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
dbuser=<Database user name to connect> |
The database user name to connect. |
[dbuser_password=]-b prompt for database user password |
Password of the database user taken interactively at the prompt. |
dbconnect_string=<Database connect string>
|
Database connect string |
Usage Notes
Enterprise roles are access privileges assigned to enterprise users. Enterprise roles are a set of Oracle role-based authorizations across one or more databases in an enterprise domain. Enterprise roles are stored in the directory and contain one or more global roles.
SQL> create role global_connect identified globally;
SQL> create role global_resource identified globally;
SQL> grant connect to global_connect;
SQL> grant resource to global_resource;
Examples
Listing the global roles for a database user.
Example 7-59 Listing the Global Roles in the Database
eusm listGlobalRolesInDB dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1
7.2.29 listSharedSchemasInDB
Syntax
listSharedSchemasInDB
dbuser=<Database user name to connect>
[dbuser_password=]-b prompt for database user password
dbconnect_string=<Database connect string>
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
dbuser=<Database username to connect> |
The database user name to connect. |
[dbuser_password=]-b prompt for database user password |
Password of the database user taken interactively at the prompt. |
dbconnect_string=<Database connect string>
|
Database connect string |
Usage Notes
None.
Examples
Listing the shared schemas for a database user.
Example 7-60 List the Shared Schemas in the Database
eusm listSharedSchemasInDB dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1
7.2.30 createProxyPerm
Syntax
createProxyPerm
proxy_permission=<proxy permission name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
proxy_permission=<proxy permission name> |
Name of the proxy permission. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Proxy Authentication is a process typically employed in an environment with a middle tier such as a firewall, wherein the end user authenticates to the middle tier, which then authenticates to the directory on the user's behalf—as its proxy. The middle tier logs into the directory as a proxy user. A proxy user can switch identities and, once logged into the directory, switch to the end user's identity. It can perform operations on the end user's behalf, using the authorization appropriate to that particular end user.
SQL> create user proxy_test identified by proxy_test;
SQL> alter user proxy_test grant connect through enterprise users;
Examples
Examples include creating a proxy permission object in an enterprise domain in the realm with and without SSL port connectivity to OID.
Example 7-61 Create the Proxy Permission Object PROXY01 with SSL Port Conectivity to OID
eusm createProxyPerm proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-62 Create the Proxy Permission Object PROXY01 with non-SSL Port Conectivity to OID
eusm createProxyPerm proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.31 deleteProxyPerm
Syntax
deleteProxyPerm
proxy_permission=<proxy permission name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
proxy_permission=<proxy permission name> |
Name of the proxy permission. |
domain_name=<domain name>
|
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Proxy Authentication is a process typically employed in an environment with a middle tier such as a firewall, wherein the end user authenticates to the middle tier, which then authenticates to the directory on the user's behalf—as its proxy. The middle tier logs into the directory as a proxy user. A proxy user can switch identities and, once logged into the directory, switch to the end user's identity. It can perform operations on the end user's behalf, using the authorization appropriate to that particular end user.
Examples
Examples include deleting a proxy permission object in an enterprise domain in the realm with and without SSL port connectivity to OID.
Example 7-63 Deleting the Proxy Permission PROXY01 with SSL Port Conectivity to OID
eusm deleteProxyPerm proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-64 Deleting the Proxy Permission PROXY01 with non-SSL Port Conectivity to OID
eusm deleteProxyPerm proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.32 addTargetUser
Syntax
addTargetUser
proxy_permission=<proxy permission name>
domain_name=<domain name>
realm_dn=<DN of the realm>
database_name=<Database name>
target_user=<Target user in database>
dbuser=<Database user name to connect>
[dbuser_password=]-b prompt for database user password
dbconnect_string=<Database connect string>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
proxy_permission=<proxy permission name> |
Name of the proxy permission. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
database_name=<Database name> |
Database name. |
target_user=<Target user in database>
|
Target user in the database. |
dbuser=<Database user name to connect> |
The database user name to connect. |
[dbuser_password=]-b prompt for database user password |
Password of the database user taken interactively at the prompt. |
dbconnect_string=<Database connect string>
|
Database connect string |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Proxy Authentication is a process typically employed in an environment with a middle tier such as a firewall, wherein the end user authenticates to the middle tier, which then authenticates to the directory on the user's behalf—as its proxy. The middle tier logs into the directory as a proxy user. A proxy user can switch identities and, once logged into the directory, switch to the end user's identity. It can perform operations on the end user's behalf, using the authorization appropriate to that particular end user.
Examples
Examples include adding a target database user to the proxy permission object in an enterprise domain in the realm with and without SSL port connectivity to OID.
Example 7-65 Add the Target Database User to the Proxy Permission Object with SSL Port Conectivity to OID
eusm addTargetUser proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 target_user=PROXY_TEST dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1 ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-66 Add the Target Database User to the Proxy Permission Object with non-SSL Port Conectivity to OID
eusm addTargetUser proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 target_user=PROXY_TEST dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1 ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.33 removeTargetUser
Syntax
removeTargetUser
proxy_permission=<proxy permission name>
domain_name=<domain name>
realm_dn=<DN of the realm>
database_name=<Database name>
target_user=<Target user in database>
dbuser=<Database user name to connect>
[dbuser_password=]-b prompt for database user password
dbconnect_string=<Database connect string>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
proxy_permission=<proxy permission name> |
Name of the proxy permission. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
database_name=<Database name> |
Database name. |
target_user=<Target user in database>
|
Target user in the database. |
dbuser=<Database username to connect> |
The database user name to connect. |
[dbuser_password=]-b prompt for database user password |
Password of the database user taken interactively at the prompt. |
dbconnect_string=<Database connect string>
|
Database connect string |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Proxy Authentication is a process typically employed in an environment with a middle tier such as a firewall, wherein the end user authenticates to the middle tier, which then authenticates to the directory on the user's behalf—as its proxy. The middle tier logs into the directory as a proxy user. A proxy user can switch identities and, once logged into the directory, switch to the end user's identity. It can perform operations on the end user's behalf, using the authorization appropriate to that particular end user.
Examples
Examples include removing a target database user from the proxy permission object in an enterprise domain in the realm with and without SSL port connectivity to OID.
Example 7-67 Removing the Target User from the Proxy Permission Object with SSL Port Conectivity to OID
eusm removeTargetUser proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 target_user=PROXY_TEST dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1 ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-68 Removing the Target User from the Proxy Permission Object with non-SSL Port Conectivity to OID
eusm removeTargetUser proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com database_name=dbtest1 target_user=PROXY_TEST dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1 ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.34 grantProxyPerm
Syntax
grantProxyPerm
proxy_permission=<proxy permission name>
domain_name=<domain name>
realm_dn=<DN of the realm>
[user_dn=<Distinguished name of user>]
[group_dn=<Distinguished name of group>]
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
proxy_permission=<proxy permission name> |
Name of the proxy permission. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
[user_dn=<Distinguished name of user>] |
DN of the user. |
[group_dn=<Distinguished name of group>] |
DN of the group. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Proxy Authentication is a process typically employed in an environment with a middle tier such as a firewall, wherein the end user authenticates to the middle tier, which then authenticates to the directory on the user's behalf—as its proxy. The middle tier logs into the directory as a proxy user. A proxy user can switch identities and, once logged into the directory, switch to the end user's identity. It can perform operations on the end user's behalf, using the authorization appropriate to that particular end user.
Examples
Examples include mapping the enterprise user to the database user through the proxy permission object in the realm with and without SSL port connectivity to OID.
Example 7-69 Mapping the Enterprise User to the Database User Through the PROXY01 Permission Object with SSL Port Conectivity to OID
eusm grantProxyPerm proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-70 Mapping the Enterprise User to the Database User Through the PROXY01 Permission Object with non-SSL Port Conectivity to OID
eusm grantProxyPerm proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.35 revokeProxyPerm
Syntax
revokeProxyPerm
proxy_permission=<proxy permission name>
domain_name=<domain name>
realm_dn=<DN of the realm>
[user_dn=<Distinguished name of user>]
[group_dn=<Distinguished name of group>]
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
proxy_permission=<proxy permission name> |
Name of the proxy permission. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
[user_dn=<Distinguished name of user>] |
DN of the user. |
[group_dn=<Distinguished name of group>] |
DN of the group. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Proxy Authentication is a process typically employed in an environment with a middle tier such as a firewall, wherein the end user authenticates to the middle tier, which then authenticates to the directory on the user's behalf—as its proxy. The middle tier logs into the directory as a proxy user. A proxy user can switch identities and, once logged into the directory, switch to the end user's identity. It can perform operations on the end user's behalf, using the authorization appropriate to that particular end user.
Examples
Examples include revoking proxy permission object PROXY01 from the database user in the realm with and without SSL port connectivity to OID.
Example 7-71 Revoking Proxy Permission Object PROXY01 From the User with SSL Port Conectivity to OID
eusm revokeProxyPerm proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-72 Revoking Proxy Permission Object PROXY01 From the User with non-SSL Port Conectivity to OID
eusm revokeProxyPerm proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.36 listProxyPermissions
Syntax
listProxyPermissions
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Proxy Authentication is a process typically employed in an environment with a middle tier such as a firewall, wherein the end user authenticates to the middle tier, which then authenticates to the directory on the user's behalf—as its proxy. The middle tier logs into the directory as a proxy user. A proxy user can switch identities and, once logged into the directory, switch to the end user's identity. It can perform operations on the end user's behalf, using the authorization appropriate to that particular end user.
Examples
Examples include listing the proxy permissions for the enterprise domain in the realm with and without SSL port connectivity to OID.
Example 7-73 Listing the Proxy Permissions for the Domain with SSL Port Conectivity to OID
eusm listProxyPermissions domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-74 Listing the Proxy Permissions for the Domain with non-SSL Port Conectivity to OID
eusm listProxyPermissions domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.37 listProxyPermissionsOfUser
Syntax
listProxyPermissionsOfUser
user_dn=<Distinguished name of user>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
user_dn=<Distinguished name of user> |
DN of the user. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Proxy Authentication is a process typically employed in an environment with a middle tier such as a firewall, wherein the end user authenticates to the middle tier, which then authenticates to the directory on the user's behalf—as its proxy. The middle tier logs into the directory as a proxy user. A proxy user can switch identities and, once logged into the directory, switch to the end user's identity. It can perform operations on the end user's behalf, using the authorization appropriate to that particular end user.
Examples
Examples include listing the proxy permissions for the user in the realm with and without SSL port connectivity to OID.
Example 7-75 List the Proxy Permission for the User with SSL Port Conectivity to OID
eusm listProxyPermissionsOfUser user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-76 List the Proxy Permission for the User with non-SSL Port Conectivity to OID
eusm listProxyPermissionsOfUser user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.38 listProxyPermissionInfo
Syntax
listProxyPermissionInfo
proxy_permission=<proxy permission name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
proxy_permission=<proxy permission name> |
Name of the proxy permission. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
Proxy Authentication is a process typically employed in an environment with a middle tier such as a firewall, wherein the end user authenticates to the middle tier, which then authenticates to the directory on the user's behalf—as its proxy. The middle tier logs into the directory as a proxy user. A proxy user can switch identities and, once logged into the directory, switch to the end user's identity. It can perform operations on the end user's behalf, using the authorization appropriate to that particular end user.
Examples
Examples include listing the proxy permission information for the enterprise domain in the realm with and without SSL port connectivity to OID.
Example 7-77 List Proxy Permission Information with SSL Port Conectivity to OID
eusm listProxyPermissionInfo proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-78 List Proxy Permission Information with non-SSL Port Conectivity to OID
eusm listProxyPermissionInfo proxy_permission=PROXY01 domain_name=OracleDefaultDomain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.39 listTargetUsersInDB
Syntax
listTargetUsersInDB
dbuser=<Database user name to connect>
[dbuser_password=]-b prompt for database user password
dbconnect_string=<Database connect string>
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
dbuser=<Database user name to connect> |
The database user name to connect. |
[dbuser_password=]-b prompt for database user password |
Password of the database user taken interactively at the prompt. |
dbconnect_string=<Database connect string>
|
Database connect string |
Usage Notes
None.
Examples
Listing the target users in the database.
Example 7-79 Listing the Target Users in the Database
eusm listTargetUsersInDB dbuser=system -b dbconnect_string=zzzz10-yy.yy.company.com:1531:dbtest1
7.2.40 setDBOIDAuth
Syntax
setDBOIDAuth
realm_dn=<DN of the realm>
dboid_auth=<Default DB OID authentication>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
realm_dn=<DN of the realm> |
DN of the realm. |
dboid_auth=<Default DB OID authentication> |
Default DB OID authentication. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
The OID authentication method can be either SSL or PASSWORD.
Examples
Examples include setting the database-OID authentication method in the realm with and without SSL port connectivity to OID.
Example 7-80 Setting the Database-OID Authentication Method with SSL Port Conectivity to OID
eusm setDBOIDAuth realm_dn=dc=yy,dc=company,dc=com dboid_auth=SSL ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-81 Setting the Database-OID Authentication Method with non-SSL Port Conectivity to OID
eusm setDBOIDAuth realm_dn=dc=yy,dc=company,dc=com dboid_auth=SSL ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.41 listDBOIDAuth
Syntax
listDBOIDAuth
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
The OID authentication method can be either SSL or PASSWORD.
Examples
Examples include listing the database-OID authentication method in the realm with and without SSL port connectivity to OID.
Example 7-82 Listing the Database-OID Authentication Method with SSL Port Conectivity to OID
eusm listDBOIDAuth realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-83 Listing the Database-OID Authentication Method with non-SSL Port Conectivity to OID
eusm listDBOIDAuth realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.42 addToPwdAccessibleDomains
Syntax
addToPwdAccessibleDomains
realm_dn=<DN of the realm>
domain_name=<name of enterprise domain>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
realm_dn=<DN of the realm> |
DN of the realm. |
domain_name=<domain name> |
Name of the domain. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include adding to password accessible domains in the realm with and without SSL port connectivity to OID.
Example 7-84 Adding to Password Accessible Domains with SSL Port Conectivity to OID
eusm addToPwdAccessibleDomains domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-85 Adding to Password Accessible Domains with non-SSL Port Conectivity to OID
eusm addToPwdAccessibleDomains domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.43 removeFromPwdAccessibleDomains
Syntax
removeFromPwdAccessibleDomains
realm_dn=<DN of the realm>
domain_name=<name of enterprise domain>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single spaceOption | Description |
---|---|
realm_dn=<DN of the realm> |
DN of the realm. |
domain_name=<domain name> |
Name of the domain. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include removing from password accessible domains in the realm with and without SSL port connectivity to OID.
Example 7-86 Removing from Password Accessible Domains with SSL Port Conectivity to OID
eusm removeFromPwdAccessibleDomains domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-87 Removing from Password Accessible Domains with non-SSL Port Conectivity to OID
eusm removeFromPwdAccessibleDomains domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.44 listPwdAccessibleDomains
Syntax
listPwdAccessibleDomains
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include listing the password accessible domains in the realm with and without SSL port connectivity to OID.
Example 7-88 Listing the Password Accessible Domains with SSL Port Conectivity to OID
eusm listPwdAccessibleDomains realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-89 Listing the Password Accessible Domains with non-SSL Port Conectivity to OID
eusm listPwdAccessibleDomains realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.45 listRealmCommonAttr
Syntax
listRealmCommonAttr
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include listing the realm common attributes with and without SSL port connectivity to OID.
Example 7-90 Listing the Realm Common Attributes with SSL Port Conectivity to OID
eusm listRealmCommonAttr realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-91 Listing the Realm Common Attributes with non-SSL Port Conectivity to OID
eusm listRealmCommonAttr realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.46 createAppCtxNamespace
Syntax
createAppCtxNamespace
namespace=<namespace name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
namespace=<namespace name>
|
Name of the namespace. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include adding a new domain namespace in the realm with and without SSL port connectivity to OID.
Example 7-92 Adding a New Domain Namespace with SSL Port Conectivity to OID
eusm createAppCtxNamespace namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-93 Adding a New Domain Namespace with non-SSL Port Conectivity to OID
eusm createAppCtxNamespace namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.47 deleteAppCtxNamespace
Syntax
deleteAppCtxNamespace
namespace=<namespace name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
namespace=<namespace name>
|
Name of the namespace. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include deleting a domain namespace from the realm with and without SSL port connectivity to OID.
Example 7-94 Deleting a Domain Namespace with SSL Port Conectivity to OID
eusm deleteAppCtxNamespace namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-95 Deleting a Domain Namespace with non-SSL Port Conectivity to OID
eusm deleteAppCtxNamespace namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.48 listAppCtxNamespaces
Syntax
listAppCtxNamespaces
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include listing the domain namespaces in the realm with and without SSL port connectivity to OID.
Example 7-96 Listing the Namespaces with SSL Port Conectivity to OID
eusm listAppCtxNamespaces domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-97 Listing the Namespaces with non-SSL Port Conectivity to OID
eusm listAppCtxNamespaces domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.49 createAppCtxAttribute
Syntax
createAppCtxAttribute
attribute_name=<attribute name>
namespace=<namespace name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
attribute_name=<attribute name>
|
Name of the attribute. |
namespace=<namespace name>
|
Name of the namespace. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include adding a new attribute to a domain namespace in the realm with and without SSL port connectivity to OID.
Example 7-98 Adding a New Attribute with SSL Port Conectivity to OID
eusm createAppCtxAttribute attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-99 Adding a New Attribute with non-SSL Port Conectivity to OID
eusm createAppcCtxAttribute attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.50 deleteAppCtxAttribute
Syntax
deleteAppCtxAttribute
attribute_name=<attribute name>
namespace=<namespace name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
attribute_name=<attribute name>
|
Name of the attribute. |
namespace=<namespace name>
|
Name of the namespace. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include deleting an attribute from a domain namespace in the realm with and without SSL port connectivity to OID.
Example 7-100 Deleting Attributes with SSL Port Conectivity to OID
eusm deleteAppCtxAttribute attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-101 Deleting Attributes with non-SSL Port Conectivity to OID
eusm deleteAppCtxAttribute attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.51 listAppCtxAttributes
Syntax
listAppCtxAttributes
namespace=<namespace name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
namespace=<namespace name>
|
Name of the namespace. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include listing the domain namespace attributes in the realm with and without SSL port connectivity to OID.
Example 7-102 Listing Attributes with SSL Port Conectivity to OID
eusm listAppCtxAttributes namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-103 Example Title with non-SSL Port Conectivity to OID
eusm listAppCtxAttributes namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.52 createAppCtxAttributeValue
Syntax
createAppCtxAttributeValue
attribute_value=<value of the attribute>
attribute_name=<attribute name>
namespace=<namespace name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
attribute_value=<value of the attribute> |
Value of the attribute. |
attribute_name=<attribute name>
|
Name of the attribute. |
namespace=<namespace name>
|
Name of the namespace. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include adding a new attribute value to an attribute to a domain namespace in the realm with and without SSL port connectivity to OID.
Example 7-104 Adding a New Attribute Value with SSL Port Conectivity to OID
eusm createAppCtxAttributeValue attribute_value=val1 attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-105 Adding a New Attribute Value with non-SSL Port Conectivity to OID
eusm createAppCtxAttributeValue attribute_value=val1 attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.53 deleteAppCtxAttributeValue
Syntax
deleteAppCtxAttributeValue
attribute_value=<value of the attribute>
attribute_name=<attribute name>
namespace=<namespace name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
attribute_value=<value of the attribute> |
Value of the attribute. |
attribute_name=<attribute name>
|
Name of the attribute. |
namespace=<namespace name>
|
Name of the namespace. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include deleting an attribute value from an attribute in a domain namespace in the realm with and without SSL port connectivity to OID.
Example 7-106 Deleting an Attribute Value with SSL Port Conectivity to OID
eusm deleteAppCtxAttributeValue attribute_value=val1 attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-107 Deleting an Attribute Value with non-SSL Port Conectivity to OID
eusm deleteAppCtxAttributeValue attribute_value=val1 attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.54 listAppCtxAttributeValues
Syntax
listAppCtxAttributeValues
attribute_name=<attribute name>
namespace=<namespace name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
attribute_name=<attribute name>
|
Name of the attribute. |
namespace=<namespace name>
|
Name of the namespace. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include listing the attribute values for an attribute for a domain namespace in the realm with and without SSL port connectivity to OID.
Example 7-108 Listing the Attribute Values with SSL Port Conectivity to OID
eusm listAppCtxAttributeValues attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-109 Listing the Attribute Values with non-SSL Port Conectivity to OID
eusm listAppCtxAttributeValues attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.55 createAppCtxUsers
Syntax
createAppCtxUsers
user_dn=<Distinguished name of user>
attribute_value=<value of the attribute>
attribute_name=<attribute name>
namespace=<namespace name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
user_dn=<Distinguished name of user> |
DN of the user. |
attribute_value=<value of the attribute> |
Value of the attribute. |
attribute_name=<attribute name>
|
Name of the attribute. |
namespace=<namespace name>
|
Name of the namespace. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include adding a new user for an attribute value to an attribute to a domain namespace in the realm with and without SSL port connectivity to OID.
Example 7-110 Adding a New User for an Attribute Value with SSL Port Conectivity to OID
eusm createAppCtxUsers user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com attribute_value=val1 attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-111 Adding a New User for an Attribute Value with non-SSL Port Conectivity to OID
eusm createAppCtxUsers user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com attribute_value=val1 attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.56 deleteAppCtxUsers
Syntax
deleteAppCtxUsers
user_dn=<Distinguished name of user>
attribute_value=<value of the attribute>
attribute_name=<attribute name>
namespace=<namespace name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
user_dn=<Distinguished name of user> |
DN of the user. |
attribute_value=<value of the attribute> |
Value of the attribute. |
attribute_name=<attribute name>
|
Name of the attribute. |
namespace=<namespace name>
|
Name of the namespace. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include deleting a user from an attribute value for an attribute in a domain namespace in the realm with and without SSL port connectivity to OID.
Example 7-112 Deleting a User from an Attribute Value with SSL Port Conectivity to OID
eusm deleteAppCtxUsers user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com attribute_value=val1 attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-113 Deleting a User from an Attribute Value with non-SSL Port Conectivity to OID
eusm deleteAppCtxUsers user_dn=cn=test_user,cn=Users,dc=yy,dc=company,dc=com attribute_value=val1 attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B
7.2.57 listAppCtxUsers
Syntax
listAppCtxUsers
attribute_value=<value of the attribute>
attribute_name=<attribute name>
namespace=<namespace name>
domain_name=<domain name>
realm_dn=<DN of the realm>
ldap_host=<OID host>
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port>
keystore=<path to keystore>
[key_pass=]-K prompt for keystore password
ldap_user_dn=<DN of OID user>
[ldap_user_password=]-B prompt for OID user password
Options
Each option must be prefixed with a space. Multiple options can be concatenated and prefixed with single space.
Option | Description |
---|---|
attribute_value=<value of the attribute> |
Value of the attribute. |
attribute_name=<attribute name>
|
Name of the attribute. |
namespace=<namespace name>
|
Name of the namespace. |
domain_name=<domain name> |
Name of the domain. |
realm_dn=<DN of the realm> |
DN of the realm. |
ldap_host=<OID host>
|
OID host. |
ldap_port=<OID non ssl port> | ldap_ssl_port=<OID ssl port> |
OID non ssl port or OID ssl port. |
keystore=<path to keystore> |
Path to the keystore. |
[key_pass=]-K prompt for keystore password |
Keystore password taken interactively at the prompt. |
ldap_user_dn=<DN of OID user> |
DN of OID user which is used for authenticating and executing a command in the OID. |
[ldap_user_password=]-B prompt for OID user password
|
OID user password taken interactively at the prompt. |
Usage Notes
None.
Examples
Examples include listing all users for an attribute value for an attribute for a domain namespace in the realm with and without SSL port connectivity to OID.
Example 7-114 Listing All Users for an Attribute Value with SSL Port Conectivity to OID
eusm listAppCtxUsers attribute_value=val1 attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3131 keystore=/etc/myapp/keyStore -K ldap_user_dn=cn=orcladmin -B
Example 7-115 Listing All Users for an Attribute Value with non-SSL Port Conectivity to OID
eusm listAppcCtxUsers attribute_value=val1 attribute_name=attr1 namespace=ns1 domain_name=test_domain realm_dn=dc=yy,dc=company,dc=com ldap_host=xxxxx.zz.company.com ldap_port=3060 ldap_user_dn=cn=orcladmin -B