removeGroupFromDestinationRole command
Use the removeGroupFromDestinationRole command to remove a group from the destination roles for a local or foreign bus.
To run the command, use the AdminTask object of the wsadmin scripting client.
The wsadmin scripting client is run from Qshell.
For more information, see Configuring Qshell to run WebSphere scripts using wsadmin scripting.
- For a list of the available service integration bus security commands in Jython
and a brief description of each command, enter the following command at the wsadmin
prompt:
print AdminTask.help('SIBAdminBusSecurityCommands')
- For overview help on a given command, enter the following command at the wsadmin
prompt:
print AdminTask.help('command_name')
AdminConfig.save()
Purpose
Use the removeGroupFromDestinationRole command remove a group from destination roles for a selected local bus. By removing a group from destination roles, you prevent the group from accessing the local bus.
Target object
None.
Required parameters
- -type destinationType
- You can specify one of the following destination types:
- Queue
- Port
- TopicSpace
- ForeignDestination
- Alias
The allowed roles for a destination depend on the type of the destination as defined in Administering destination roles.
If you are specifying a destinationType that is either foreignDestination or alias, the foreign bus name that you specify must be the name of the foreign bus hosting the destination.
If you specify a destinationType of queue or topic, the foreign bus name is ignored. The authorization is granted against the destination in the local bus.
- -bus busName
- The name of the local bus. You can use the listSIBuses command to list the names of existing buses.
- -role roleType
- You can specify one of the following role types, depending on the destinationType you
have specified.
- Sender
- This role type is authorized to send messages to destinations on the local bus.
- Receiver
- This role type is authorized to receive messages from destinations on the local bus.
- Browser
- This role type is authorized to browse messages on destinations on the local bus.
- -group groupName or uniqueName
- The name of a group you want to remove from the destination roles for
the local bus. You can type one of the following names:
- A security group name, or one of the following specialized group names:
- Server
- This group contains application servers.
- AllAuthenticated
- This group contains authenticated users only.
- Everyone
- This group contains all users. Each user is anonymous.
- A unique group name.
- A security group name, or one of the following specialized group names:
Conditional parameters
None.
Optional parameters
- -foreignBus foreignBusName
- Specify the name of the foreign bus. If you are removing a group from a destination role on a foreign destination or an alias, you must specify the name of the foreign bus that hosts the foreign destination or the alias.
Examples
The following example removes a group called Group1 from the Sender role for a queue type destination called Queue1, on a local bus called Bus1.
removeGroupFromDestinationRole { -type queue -bus Bus1
-destination Queue1 -role Sender -group Group1}
The following example removes a group called Group2 from the Receiver role for a queue type destination called Queue2, on a local bus called Bus1.
removeGroupFromDestinationRole { -type queue -bus Bus1
-destination Queue2 -role Receiver -group Group2}