Adding users and groups to default roles using the wsadmin tool

To grant a user or group default access to all local service integration bus destinations, use these commands to add them to the appropriate default role or roles. Adding a user or group to any of the default roles grants them the authorization permissions for that role for all the local destinations that are allowed to inherit defaults.

To run these commands, use the AdminTask object of the wsadmin scripting client. Each command acts on multiple objects in one operation. The commands are provided to allow you to make the most commonly-required types of update in a consistent manner, where modifying the underlying objects directly would be error-prone.

[iSeries] The wsadmin scripting client is run from Qshell. For more information, see the topic "Configure Qshell to run WebSphere® Application Server scripts".

[iSeries] These commands are only valid when used with WebSphere Application Server Version 6 and later application servers. Do not use them with earlier versions.

[iSeries] Command-line help is provided for service integration bus commands:

Commands

You can use this command to define the access control policy for a messaging resource that does not yet exist. This approach is deliberate; by defining the access control policy first, you ensure that the associated messaging resource is secure from the moment it is created.
Tip: Adding a user or group to a default role does not allow them to access any local destinations that have inheritance of defaults disallowed. To give a user or group permission to access a local destination where inheritance is disallowed, you must add this user or group to the role that gives them the required permission for the specific local destination as described in Adding users and groups to bus destination roles using the wsadmin tool.
Adding a user
To add a user to a default role, use the following command:
$AdminTask addUserToDefaultRole {-bus busName -role roleName -user userName}
Adding a group
To add a group to a default role, use the following command:
$AdminTask addGroupToDefaultRole {-bus busName -role roleName -group groupName}
After using these commands, save your changes to the master configuration; for example, by using the following command:
 $AdminConfig save



Related tasks
Administering default roles through the command line
Related reference
Adding users and groups to bus destination roles using the wsadmin tool
Reference topic Reference topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Aug 31, 2013 1:23:07 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=pix&product=was-nd-dist&topic=rjr_default_roles_add
File name: rjr_default_roles_add.html