user list

Edit online

Lists users by Security Verify Access user name or by registry identifier.

Requires authentication (administrator ID and password) to use this command.

Syntax

user list pattern max_return

user list-dn pattern max_return

Options

list pattern max_return
Specifies the pattern for the principal name. The pattern can include a mixture of wildcard and string constants. The specified pattern is case-sensitive. For example: *luca*

The pattern max_return options specify the maximum number of entries that are found and returned for a single request. The number that is returned is also governed by the server configuration, which specifies the maximum number of results that can be returned as part of a search operation.

The actual maximum returned entries is the minimum number of results between the pattern max_return and the configured value on the server. The configured value is taken from the max-search-size=[0|num_entries] entry in the [ldap] stanza. The [ldap] stanza is in the ldap.conf configuration file.

list-dn pattern max_return
Specifies the pattern for the common name (CN) portion of the registry identifier of the user. When you specify the pattern, you can exclude the cn= component. The pattern can include a mixture of wildcard and string constants, and is case-sensitive. For example, *luca*.

The returned list contains users that are defined in the user registry but are not necessarily Security Verify Access users. Users that are not Security Verify Access users can be imported into Security Verify Access by using the user import command.

Note: When the user registry contains many user definitions, use wildcard characters with discretion. When a pattern includes one or more wildcard characters, the command attempts to find all user definitions that match the specified pattern. However, the command displays only the specified number of matching definitions in the user registry.

For example, if the user registry contains 10,000 definitions, specifying a single wildcard (user list * 100) displays only the first 100 matching definitions but finds all 10,000 definitions.

Return codes

0
The command completed successfully.
1
The command failed. When a command fails, the pdadmin command provides a description of the error and an error status code in hexadecimal format (for example, 0x14c012f2).

See "Error messages" in the IBM Knowledge Center. This reference provides a list of the Security Verify Access error messages by decimal or hexadecimal codes.

Examples

  • The following example lists the users that match the specified pattern: 
    pdadmin sec_master> user list *luca* 2
    The output is like: 
    dlucas
mlucaser
  • The following example lists the users that match the specified registry identifier: 
    pdadmin sec_master> user list-dn *luca* 2
    The output is like: 
    cn=Diana Lucas,ou=Austin,o=Tivoli,c=US
cn=Mike Lucaser,ou=Austin,o=Tivoli,c=US

See also

user show