You can use the wsadmin tool to remove user registries
from global security or security domain configurations. Use the steps
in this topic to remove Lightweight Directory Access Protocol (LDAP),
local operating system, custom, or federated repository user registries
from your global security or security domain configurations.
Before you begin
You must meet the following requirements before configuring
local operating system user registries:
- You must have the administrator or new admin role.
- Enable global security in your environment.
Procedure
- Launch the wsadmin scripting tool using the Jython scripting
language. See the Starting the wsadmin scripting client article for
more information.
- Determine the registry to remove.
Use the
getUserRegistryInfo command to display information about a user registry
from the global security configuration or in a security domain. You
must specify the type of user registry of interest. Valid values are
LDAPUserRegistry,
WIMUserRegistry,
CustomUserRegistry,
and
LocalOSUserRegistry. The following command returns a
list of values in the local operating system user registry object
for the
domain2 security domain, as the following example
Jython demonstrates:
AdminTask.getUserRegistryInfo('-securityDomainName domain2 -userRegistryType LocalOSUserRegistry')
- Determine whether the registry of interest is the active
user registry.
You cannot remove the active user registry.
Use the getActiveSecuritySettings command to see check if the user
registry is the active user registry before removing it.
- Remove the registry of interest.
Use the
unconfigureUserRegistry command to remove the registry of interest.
If you remove the user registry from the global security configuration,
then the command reduces the registry object to the minimum values
for the configuration. If you remove the user registry from a security
domain, then the command removes the configuration object from the
security domain. The following Jython example removes the local operating
system user registry configuration from the
domain2 security
domain:
AdminTask.unconfigureUserRegistry('-securityDomainName domain2 -userRegistryType LocalOSUserRegistry')
- Save your configuration changes.
請利用下列指令範例來儲存您的配置變更:
AdminConfig.save()