You can use the Jython or Jacl scripting languages to configure the virtual member manager with the wsadmin tool. The commands and parameters in the IdMgrConfig group can be used to create and manage your entity type configuration.
The createIdMgrSupportedEntityType command creates a supported entity type configuration.
Parameters
Examples
Batch mode example usage:
$AdminTask createIdMgrSupportedEntityType {-name entity1 –defaultParent node1 –rdnProperties rdn1}
AdminTask.createIdMgrSupportedEntityType ('[-name entity1 –defaultParent node1 –rdnProperties rdn1]')
AdminTask.createIdMgrSupportedEntityType (['-name', 'entity1', '–defaultParent', 'node1', '–rdnProperties', 'rdn1'])
Interactive mode example usage:
$AdminTask createIdMgrSupportedEntityType {-interactive}
AdminTask.createIdMgrSupportedEntityType ('[-interactive]')
AdminTask.createIdMgrSupportedEntityType (['-interactive'])
The deleteIdMgrSupportedEntityType command deletes the supported entity type configuration that you specify.
Parameters
Examples
Batch mode example usage:
$AdminTask deleteIdMgrSupportedEntityType {-name entity1}
AdminTask.deleteIdMgrSupportedEntityType ('[-name entity1]')
AdminTask.deleteIdMgrSupportedEntityType (['-name', 'entity1'])
Interactive mode example usage:
$AdminTask deleteIdMgrSupportedEntityType {-interactive}
AdminTask.deleteIdMgrSupportedEntityType ('[-interactive]')
AdminTask.deleteIdMgrSupportedEntityType (['-interactive'])
The getIdMgrSupportedEntityType command returns the configuration of the supported entity type that you specify.
Parameters
Examples
Batch mode example usage:
$AdminTask getIdMgrSupportedEntityType {-name entity1}
AdminTask.getIdMgrSupportedEntityType ('[-name entity1]')
AdminTask.getIdMgrSupportedEntityType (['-name', 'entity1'])
Interactive mode example usage:
$AdminTask getIdMgrSupportedEntityType {-interactive}
AdminTask.getIdMgrSupportedEntityType ('[-interactive]')
AdminTask.getIdMgrSupportedEntityType (['-interactive'])
The isIdMgrUseGlobalSchemaForModel command returns a boolean that indicates whether the global schema option is enabled for the data model for the specified domain in a multiple security domain environment.
Parameters
Returns
A Boolean value that indicates whether global schema option is enabled for the data model for the specified domain.
Examples
Batch mode example usage:
$AdminTask isIdMgrUseGlobalSchemaForModel {–securityDomainName mysecDomain}
AdminTask.isIdMgrUseGlobalSchemaForModel ('[–securityDomainName mysecDomain]')
AdminTask.isIdMgrUseGlobalSchemaForModel (['–securityDomainName', 'mysecDomain'])
Interactive mode example usage:
$AdminTask isIdMgrUseGlobalSchemaForModel {-interactive}
AdminTask.isIdMgrUseGlobalSchemaForModel ('[-interactive]')
AdminTask.isIdMgrUseGlobalSchemaForModel (['-interactive'])
The listIdMgrSupportedEntityTypes command lists all of the supported entity types that are configured.
Parameters
Returns
A list that contains the names of the supported entity types
Examples
Batch mode example usage:
$AdminTask listIdMgrSupportedEntityTypes
AdminTask.listIdMgrSupportedEntityTypes()
AdminTask.listIdMgrSupportedEntityTypes()
Interactive mode example usage:
$AdminTask listIdMgrSupportedEntityTypes {-interactive}
AdminTask.listIdMgrSupportedEntityTypes ('[-interactive]')
AdminTask.listIdMgrSupportedEntityTypes (['-interactive'])
The listIdMgrGroupsForRoles command lists the mapping of groups to roles in federated repositories.
Parameters
Returns
A Map object that contains roleName as the key, and the value of each key is a list of uniqueNames.
Examples
Batch mode example usage:
$AdminTask listIdMgrGroupsForRoles
AdminTask.listIdMgrGroupsForRoles ()
AdminTask.listIdMgrGroupsForRoles ()
Interactive mode example usage:
$AdminTask listIdMgrGroupsForRoles {-interactive}
AdminTask.listIdMgrGroupsForRoles ('[interactive]')
AdminTask.listIdMgrGroupsForRoles (['interactive'])
The listIdMgrUsersForRoles command lists the mapping of users to roles in federated repositories.
Parameters
Returns
A Map object that contains roleName as the key, and the value of each key is a list of uniqueNames.
Examples
Batch mode example usage:
$AdminTask listIdMgrUsersForRoles
AdminTask.listIdMgrUsersForRoles ()
AdminTask.listIdMgrUsersForRoles ()
Interactive mode example usage:
$AdminTask listIdMgrUsersForRoles {-interactive}
AdminTask.listIdMgrUsersForRoles ('[-interactive]')
AdminTask.listIdMgrUsersForRoles (['-interactive'])
The mapIdMgrUserToRole command maps a user to a specified role in federated repositories. You can map a user to only one role.
Parameters
Examples
Batch mode example usage:
$AdminTask mapIdMgrUserToRole {-roleName IdMgrWriter -userId uid=user1,o=customrealm}
AdminTask.mapIdMgrUserToRole ('[-roleName IdMgrWriter -userId user1,o=customrealm]')
AdminTask.mapIdMgrUserToRole (['-roleName', 'IdMgrWriter', '-userId', 'uid=user1,o=customrealm'])
Interactive mode example usage:
$AdminTask mapIdMgrUserToRole {-interactive}}
AdminTask.mapIdMgrUserToRole ('[-interactive]')
AdminTask.mapIdMgrUserToRole (['-interactive'])
The mapIdMgrGroupToRole command maps a group to a specified role in federated repositories. You can map a group to only one role.
Parameters
Examples
Batch mode example usage:
$AdminTask mapIdMgrGroupToRole {-roleName IdMgrReader -groupId cn=group1,o=customrealm}
$AdminTask mapIdMgrGroupToRole {-roleName IdMgrWriter -groupId ALLAUTHENTICATED}
AdminTask.mapIdMgrGroupToRole ('[-roleName IdMgrReader -groupId cn=group1,o=customrealm]')
AdminTask.mapIdMgrGroupToRole ('[-roleName IdMgrWriter -groupId ALLAUTHENTICATED]')
AdminTask.mapIdMgrGroupToRole (['-roleName', 'IdMgrReader', '-groupId', 'cn=group1,o=customrealm'])
AdminTask.mapIdMgrGroupToRole (['-roleName', 'IdMgrReader', '-groupId', 'ALLAUTHENTICATED'])
Interactive mode example usage:
$AdminTask mapIdMgrGroupToRole {-interactive}
AdminTask.mapIdMgrGroupToRole ('[-interactive]')
AdminTask.mapIdMgrGroupToRole (['-interactive'])
The removeIdMgrGroupsFromRole command removes a group from a specified role in federated repositories.
Parameters
Examples
Batch mode example usage:
$AdminTask removeIdMgrGroupsFromRole {-roleName IdMgrReader -groupId cn=group1,o=customrealm}
$AdminTask removeIdMgrGroupsFromRole {-roleName IdMgrReader -groupId ALLAUTHENTICATED}
AdminTask.removeIdMgrGroupsFromRole ('[-roleName IdMgrReader -groupId cn=group1,o=customrealm]')
AdminTask.removeIdMgrGroupsFromRole ('[-roleName IdMgrReader -groupId ALLAUTHENTICATED]')
AdminTask.removeIdMgrGroupsFromRole (['-roleName', 'IdMgrReader', '-groupId', 'cn=group1,o=customrealm'])
AdminTask.removeIdMgrGroupsFromRole (['-roleName', 'IdMgrReader', '-groupId', 'ALLAUTHENTICATED'])
Interactive mode example usage:
$AdminTask removeIdMgrGroupsFromRole {-interactive}
AdminTask.removeIdMgrGroupsFromRole ('[-interactive]')
AdminTask.removeIdMgrGroupsFromRole (['-interactive'])'])
The removeIdMgrUsersFromRole command removes a user from a specified role in federated repositories.
Parameters
Examples
Batch mode example usage:
$AdminTask removeIdMgrUsersFromRole {-roleName IdMgrWriter -userId uid=user1,o=customrealm}
AdminTask.removeIdMgrUsersFromRole ('[-roleName IdMgrWriter -userId uid=user1,o=customrealm]')
AdminTask.removeIdMgrUsersFromRole (['-roleName', 'IdMgrWriter', '-userId', 'uid=user1,o=customrealm'])
Interactive mode example usage:
$AdminTask removeIdMgrUsersFromRole {-interactive}
AdminTask.removeIdMgrUsersFromRole ('[-interactive]')
AdminTask.removeIdMgrUsersFromRole (['-interactive'])
The resetIdMgrConfig command resets the current configuration to the last configuration that was saved.
Parameters
Returns
None.Examples
Batch mode example usage:
$AdminTask resetIdMgrConfig
AdminTask.resetIdMgrConfig()
AdminTask.resetIdMgrConfig()
Interactive mode example usage:
$AdminTask resetIdMgrConfig {-interactive}
AdminTask.resetIdMgrConfig ('[-interactive]')
AdminTask.resetIdMgrConfig (['-interactive'])
The setIdMgrUseGlobalSchemaForModel command sets the global schema option for the data model in a multiple security domain environment. Global schema refers to the schema of the admin domain.
Parameters
Examples
Batch mode example usage:
$AdminTask setIdMgrUseGlobalSchemaForModel {-useGlobalSchema true –securityDomainName mysecDomain}
AdminTask.setIdMgrUseGlobalSchemaForModel ('[-useGlobalSchema true –securityDomainName mysecDomain]')
AdminTask.setIdMgrUseGlobalSchemaForModel (['-useGlobalSchema', 'true', '–securityDomainName', 'mysecDomain'])
Interactive mode example usage:
$AdminTask setIdMgrUseGlobalSchemaForModel {-interactive}
AdminTask.setIdMgrUseGlobalSchemaForModel ('[-interactive]')
AdminTask.setIdMgrUseGlobalSchemaForModel (['-interactive'])
The showIdMgrConfig command returns the current configuration XML in string format.
Parameters
Returns
None.Examples
Batch mode example usage:
$AdminTask showIdMgrConfig
AdminTask.showIdMgrConfig()
AdminTask.showIdMgrConfig()
Interactive mode example usage:
$AdminTask showIdMgrConfig {-interactive}
AdminTask.showIdMgrConfig ('[-interactive]')
AdminTask.showIdMgrConfig (['-interactive'])
The updateIdMgrLDAPBindInfo command dynamically updates the LDAP server bind information. If you specify a value for the bindDN parameter, then you must specify a value for the bindPassword parameter. If you specify the id parameter only, then the LDAP server information is refreshed.
Parameters
Examples
Batch mode example usage:
AdminTask.updateIdMgrLDAPBindInfo('[-id id1 -bindDN cn=root -bindPassword myPassword22]')
AdminTask.updateIdMgrLDAPBindInfo(['-id id1 -bindDN cn=root -bindPassword myPassword22'])
$AdminTask updateIdMgrLDAPBindInfo {-id id1 -bindDN cn=root -bindPassword myPassword22}
Interactive mode example usage:
AdminTask.updateIdMgrLDAPBindInfo(['-interactive'])
$AdminTask updateIdMgrLDAPBindInfo {-interactive}
The updateIdMgrSupportedEntityType command updates the configuration that you specify for a supported entity type.
Parameters
Examples
Batch mode example usage:
$AdminTask updateIdMgrSupportedEntityType {-name entity1}
AdminTask.updateIdMgrSupportedEntityType ('[-name entity1]')
AdminTask.updateIdMgrSupportedEntityType (['-name', 'entity1'])
Interactive mode example usage:
$AdminTask updateIdMgrSupportedEntityType {-interactive}
AdminTask.updateIdMgrSupportedEntityType ('[-interactive]')
AdminTask.updateIdMgrSupportedEntityType (['-interactive'])