config modify

Modifies a stanza entry in a configuration file or sets the password for the server user account.

Syntax

config modify keyvalue append [–obfuscate] config_file stanza key value

config modify keyvalue remove [–obfuscate] config_file stanza key [value]

config modify keyvalue set [–obfuscate] config_file stanza key value

config modify svrpassword config_file password

Description

The config modify command either modifies a stanza entry in a configuration file or sets the password for the application server user account. Depending on which configuration operation you want, you must either perform a local login or a remote login.

To set the password for the server user account by using the svrpassword option, perform a remote login by using:
- The login command.
- The login command with the –d option.
- The login command with the –m option.
To modify the value of a stanza entry in a configuration file by using the keyvalue option, perform a local login. Use the login command with the –l option.

Note: If you attempt to run one of the configuration operations that requires a local login, an error is displayed.

Error: HPDMS4061E Local authentication (local login) is required to perform
this operation (status 0x14c52fdd)

To use the svrpassword option, you must:

Be defined in the ACL policy.
Have the Password permission - W action bit.
Have the necessary operating system permissions to modify the local configuration file.

To use the keyvalue options, you must have the necessary operating system permissions to read and modify the configuration file.

To specify a negative value, end the options with a dash (-) and specify the value with a dash before it. For example:

config modify keyvalue append /opt/pdweb/etc/webseald-default.conf 
    content-mime-types */* - -1

In this example, the value */* = -1 is added to the [content-mime-types] stanza. Without the dash (-) after */*, the -1 would be read as an option instead of a value and an error would be returned.

For key values that are not obfuscated, use the config show command to display modified values.

For information and guidelines about the stanzas and stanza entries in configuration files, see the IBM Security Access Manager for Web Stanza Reference.

Options

–obfuscate: Indicates that the stanza entry must be written to or removed from the obfuscated (.obf file) version of the configuration file, which is specified by config_file. (Optional)
config_file: Specifies the fully qualified name of the configuration file, unless the configuration file is in the current directory. When used with the –obfuscate option, do not specify the .obf extension as part of the configuration file name.
key: Specifies the key portion of the stanza entry.
keyvalue append: Adds a value to a stanza entry in the configuration file stanza. If you attempt to append a duplicate value to a key, the duplicate value is ignored.
keyvalue remove: Removes a value from a stanza entry in the configuration file stanza. If you do not specify the value option, the key is removed from the configuration file.
keyvalue set: Defines a stanza entry (key value pair) or changes the value of a key in the configuration file stanza.
password: Specifies the password for the application server account.
stanza: Specifies the name of stanza that contains the stanza entry.
svrpassword: Sets the password for the application server account. This password is updated in the registry and in the obfuscated version of the local configuration file.
value: Specifies the configuration value for the key.

Authorization

No authentication is required, except for the svrpassword option. The svrpassword option requires authentication (administrator ID and password).

Return codes

0: The command completed successfully.
1: The command failed. When a command fails, the pdadmin command provides a description of the error and an error status code in hexadecimal format (for example, 0x14c012f2).
See the IBM Security Access Manager for Web Error Message Reference. This reference provides a list of the Security Access Manager error messages by decimal or hexadecimal codes.

Examples

The following example provides a local login:
```
pdadmin> login -l
```
After a local login, the prompt changes from pdadmin> to pdadmin local>.
After a local login, the following example changes the value of the version key in the [meta-info] stanza of the d:\temp\my.conf configuration file to 6798:
```
pdadmin local> config modify keyvalue set d:\temp\my.conf \
meta-info version 6798
```
After a local login, the following example adds the new key mynewvalue to the [meta-info] stanza of the d:\temp\my.conf.obf configuration file. The example sets the value of the new key to 14 in a new obfuscated stanza entry:
```
pdadmin local> config modify keyvalue set -obfuscate d:\temp\my.conf \
meta-info mynewkey 14
```
Note: In the config modify command above, the name of the configuration file does not have the .obf file extension.