login
Establishes authentication credentials that are used for communication with the Security Access Manager policy server. These credentials are used to determine access privileges for the user to policy server data. Most commands cannot be performed unless an explicit login is done.
This command does not require a login or authentication to use.
Syntax
login –a admin_id [–p password] [–d domain]
login –a admin_id [–p password] [–m]
login –l
Description
Credentials are used to determine user access privileges to policy server data. Except the context, errtext, exit, help, login, logout, and quit commands, and the local configuration commands, a user ID, and a password are needed for authentication.
Credentials are not accumulated or stacked. A login command completely replaces any existing credentials.
- Not interactive mode. This command starts the pdadmin utility.
In interactive mode, the login commands are entered
from the pdadmin> prompt.
c:\> pdadmin pdadmin>
- A user local login that is performed for local configuration.
No authentication is required.
pdadmin> login -l pdadmin local>
- An administrator login that is performed to the local domain.
In some cases, the local domain might be the management domain, which
is named Default. Authentication is required.
pdadmin> login -a sec_master -p secmstrpw pdadmin sec_master>
- A user login that is performed to the local domain. Authentication
is required.
pdadmin> login -a dlucas -p lucaspw pdadmin dlucas>
- A user login that is performed to another domain other than their
local domain. Authentication is required.
pdadmin> login -a dlucas -p lucaspw -d domain_a pdadmin dlucas@domain_a>
- A user login that is performed to the management domain. Authentication
is required.
pdadmin> login -a dlucas -p lucaspw -m pdadmin dlucas@Default>
Options
- –a admin_id
- Specifies an administrator ID.
- –d domain
- Specifies the Security Access Manager secure domain for the login. The admin_id user must exist in this domain.
- –m
- Specifies that the login operation must be directed to the management
domain. The admin_id user must
exist in this domain. Note: Only one of the following domain options can be specified: –d domain or –m. If neither option is specified, the target domain is the local domain that is configured for the system. The admin_id user must exist in the target domain, whether it is explicitly specified.
- –p password
- Specifies the password for the admin_id user. If this option is not specified, the user is prompted for the password. The password cannot be specified if the admin_id is not specified.
- –l
- Specifies a local login operation. When modifications are made to local configuration files by using the config commands, a local login is required before you can run commands. The user can run the context show command to view more authentication information.
Return codes
- 0
- The command completed successfully.
- 1
- The command failed. When a command fails, the pdadmin command provides a description of the error and an error status code in hexadecimal format (for example, 0x14c012f2). See "Error messages" in the IBM Knowledge Center. This reference provides a list of the Security Access Manager error messages by decimal or hexadecimal codes.
Examples
- The following example logs the sec_master user
in to the management domain and then displays the authentication context
for the user:
pdadmin> login -a sec_master -p pa55w0rd -m pdadmin sec_master> context show User: sec_master Domain: Default The user is logged in to the management domain.
- The following example logs in a user to the domain1 domain
and then displays the authentication context for the user:
pdadmin> login -a domain1_admin -p d0main1pwd -d domain1 pdadmin domain1_admin@domain1> context show User: domain1_admin Domain: domain1 The user is not logged in to the management domain
- The following example interactively logs in the user to their
local domain that is configured for the system. The domain name is testdomain.
The example then displays the authentication context of the user:
pdadmin> login Enter User ID: testdomain_admin Enter password: adminpwd pdadmin testdomain_admin> context show User: testdomain_admin Domain: testdomain The user is not logged in to the management domain
- The following example of a local login demonstrates how the prompt
changes, depending on the type of interactive login:
c:\> pdadmin login -l
Provides this prompt:
pdadmin local>