user show

Displays the properties of the specified user.

This command requires authentication of administrator ID and password.

Syntax

user show user_name

user show-dn dn

user show-groups user_name

Options

show user_name
Specifies the name of the user to display. The user must exist, or an error is displayed.
Based on the Policy Server and WebSEAL configuration settings, the following information is displayed: 
Last login: YYYY-mm-dd-HH:MM:SS
Last Password Change: YYYY-mm-dd-HH:MM:SS
The system displays the local time of the computer where pdadmin was run. For more information about the last login and last password change configuration settings, see the Stanza Reference topics in the IBM Knowledge Center.

Examples of user names are dlucas, sec_master, and "Mary Jones".

show-dn dn
Displays the user that is specified by the identifier of the user in the user registry. The returned user is defined in the user registry, but it is not necessarily a Security Access Manager user. Users that are not Security Access Manager users can be imported into Security Access Manager by use of the user import command. The format for a distinguished name is like: 
cn=Claude Wright,ou=Austin,o=Tivoli,c=us
Based on the Policy Server and WebSEAL configuration settings, the following information is displayed: 
Last login: YYYY-mm-dd-HH:MM:SS
Last Password Change: YYYY-mm-dd-HH:MM:SS
The system displays the local time of the computer where pdadmin was run. For more information about last login and last password change configuration settings, see the Stanza Reference topics in the IBM Knowledge Center.
show-groups user_name
Displays the groups in which the specified user is a member. The user must exist, or an error is displayed.

Examples of user names are dlucas, sec_master, and "Mary Jones".

Return codes

0
The command completed successfully.
1
The command failed. When a command fails, the pdadmin command provides a description of the error and an error status code in hexadecimal format (for example, 0x14c012f2). See "Error messages" in the IBM Knowledge Center. This reference provides a list of the Security Access Manager error messages by decimal or hexadecimal codes.

Examples

  • The following example displays the user account information for testuser: 
    pdadmin sec_master> user show testuser
    The output is like: 
    Login ID: testuser
LDAP DN: cn=testuser,o=tivoli,c=us
LDAP CN: test
LDAP SN: test
Description: a test user
Is SecUser: yes
Is GSO user: no
Account valid: no
Password valid: yes
Last login: 1999-09-05-01:08:55
Last Password Change: 1999-09-04-05:06:45
  • The following example displays the groups of which the specified user is a member: 
    pdadmin sec_master> user show-groups dlucas
    The output is like: 
    sales
credit
engineering
  • The following example provides more information about the user when the registry identifier is specified: 
    pdadmin sec_master> user show-dn "cn=Diana Lucas,ou=Austin,o=Tivoli,c=US"
    The output is like: 
    Login ID: dlucas
LDAP dn: cn=Diana Lucas,ou=Austin,o=Tivoli
Inc,c=US
LDAP cn: Diana Lucas
LDAP sn: Lucas
Description: Diana Lucas, Credit Dept HCUS
IS SecUser: true
IS GSO user: false
Account valid: true
Password valid: true
Last login: 1999-09-05-01:08:55
Last Password Change: 1999-09-04-05:06:45
Authentication mechanism: Default:LDAP

See also

user list