IdMgrRealmConfig command group for the AdminTask object
You can use the Jython or Jacl scripting languages to configure federated repositories realms. The commands and parameters in the IdMgrRealmConfig group can be used to create and manage your realm configuration.
- addIdMgrRealmBaseEntry
- createIdMgrRealm
- deleteIdMgrRealm
- deleteIdMgrRealmBaseEntry
- deleteIdMgrRealmDefaultParent
- getIdMgrDefaultRealm
- getIdMgrRepositoriesForRealm
- getIdMgrRealm
- listIdMgrRealms
- listIdMgrRealmBaseEntries
- listIdMgrRealmDefaultParents
- listIdMgrRealmURAttrMappings
- renameIdMgrRealm
- setIdMgrDefaultRealm
- setIdMgrRealmDefaultParent
- setIdMgrRealmURAttrMapping
- updateIdMgrRealm
addIdMgrRealmBaseEntry
The addIdMgrRealmBaseEntry command adds a base entry to a specific realm configuration and links the realm with the repository.
Target Object
None.Required parameters
- -name
- Specifies the name of the realm. (String, required)
- -baseEntry
- Specifies the name of the base entry. (String, optional)
Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask addIdMgrRealmBaseEntry {-name defaultWIMFileBasedRealm -baseEntry o=sampleFileRepository}
- Using Jython string:
AdminTask.addIdMgrRealmBaseEntry ('[-name defaultWIMFileBasedRealm -baseEntry o=sampleFileRepository]')
- Using Jython list:
AdminTask.addIdMgrRealmBaseEntry (['-name', 'defaultWIMFileBasedRealm', '-baseEntry', 'o=sampleFileRepository'])
Interactive mode example usage:
- Using Jacl:
$AdminTask addIdMgrRealmBaseEntry {-interactive}
- Using Jython string:
AdminTask.addIdMgrRealmBaseEntry ('[-interactive]')
- Using Jython list:
AdminTask.addIdMgrRealmBaseEntry (['-interactive'])
createIdMgrRealm
The createIdMgrRealm command creates a realm configuration.
Target Object
None.Required parameters
- -name
- Specifies the name of the realm. (String, required)
Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
- -securityUse
- Specifies a string that indicates if this virtual realm will be used in security now, later, or never. The default value is active. Additional values includes: inactive and nonSelectable. (String, optional)
- -delimiter
- Specifies the delimiter used for this realm. The default value is /. (String, optional)
- -allowOperationIfReposDown
- Specifies whether the system allows a repository operation such
as get or search to complete successfully, even
if repositories in the realm are down. The default value is false.
(Boolean, optional)Avoid trouble: Even if this parameter is specified, all repositories must be available when you start the server, or the federated repositories will not function properly.
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask createIdMgrRealm {-name realm1 -allowOperationIfReposDown true}
- Using Jython string:
AdminTask.createIdMgrRealm ('[-name realm1 -allowOperationIfReposDown true]')
- Using Jython list:
AdminTask.createIdMgrRealm (['-name', 'realm1', '-allowOperationIfReposDown', 'true'])
Interactive mode example usage:
- Using Jacl:
$AdminTask createIdMgrRealm {-interactive}
- Using Jython string:
AdminTask.createIdMgrRealm ('[-interactive]')
- Using Jython list:
AdminTask.createIdMgrRealm (['-interactive'])
deleteIdMgrRealm
The deleteIdMgrRealm command deletes the realm configuration that you specified.
Target Object
None.Required parameters
- -name
- The realm name. (String, required)
Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask deleteIdMgrRealm {-name realm1}
- Using Jython string:
AdminTask.deleteIdMgrRealm ('[-name realm1]')
- Using Jython list:
AdminTask.deleteIdMgrRealm (['-name', 'realm1'])
Interactive mode example usage:
- Using Jacl:
$AdminTask deleteIdMgrRealm {-interactive}
- Using Jython string:
AdminTask.deleteIdMgrRealm ('[-interactive]')
- Using Jython list:
AdminTask.deleteIdMgrRealm (['-interactive'])
deleteIdMgrRealmBaseEntry
The deleteIdMgrRealmBaseEntry command deletes a base entry from a realm configuration that you specified.
The realm must always contain at least one base entry, thus you cannot remove every entry.
Target Object
None.Required parameters
- -name
- Specifies the name of the realm. (String, required)
- -baseEntry
- Specifies the name of a base entry. (String, required)
Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask deleteIdMgrRealmBaseEntry {-name realm1 -baseEntry entry1}
- Using Jython string:
AdminTask.deleteIdMgrRealmBaseEntry ('[-name realm1 -baseEntry entry1]')
- Using Jython list:
AdminTask.deleteIdMgrRealmBaseEntry (['-name', 'realm1', '-baseEntry', 'entry1'])
Interactive mode example usage:
- Using Jacl:
$AdminTask deleteIdMgrRealmBaseEntry {-interactive}
- Using Jython string:
AdminTask.deleteIdMgrRealmBaseEntry ('[-interactive]')
- Using Jython list:
AdminTask.deleteIdMgrRealmBaseEntry (['-interactive'])
deleteIdMgrRealmDefaultParent
Use the deleteIdMgrRealmDefaultParent command to delete the mapping of the default parent of an entity type for a realm.
Target Object
None.Required parameters
- -entityTypeName
- Use this parameter to specify the name of a valid supported entity type for which you want to delete the default parent mapping. You can specify an asterisk (*) to delete the default parent mapping for all entity types in the realm. (String, required)
Optional parameters
- -name
- Use this parameter to specify a valid realm name for which you want to delete the mapping. If you do not specify the -name parameter, the command deletes the mapping for defaultWIMFileBasedRealm, which is the default realm in the federated repository configuration. (String, optional)
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask deleteIdMgrRealmDefaultParent {-entityTypeName entity_type}
- Using Jython string:
AdminTask.deleteIdMgrRealmDefaultParent ('[-entityTypeName entity_type]')
- Using Jython list:
AdminTask.deleteIdMgrRealmDefaultParent (['-entityTypeName', 'entity_type'])
Interactive mode example usage:
- Using Jacl:
$AdminTask deleteIdMgrRealmDefaultParent {-interactive}
- Using Jython string:
AdminTask.deleteIdMgrRealmDefaultParent ('[-interactive]')
- Using Jython list:
AdminTask.deleteIdMgrRealmDefaultParent (['-interactive'])
getIdMgrDefaultRealm
The getIdMgrDefaultRealm command returns the default realm name.
Target Object
None.Required parameters
None.Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask getIdMgrDefaultRealm
- Using Jython string:
AdminTask.getIdMgrDefaultRealm()
- Using Jython list:
AdminTask.getIdMgrDefaultRealm()
Interactive mode example usage:
- Using Jacl:
$AdminTask getIdMgrDefaultRealm {-interactive}
- Using Jython string:
AdminTask.getIdMgrDefaultRealm ('[-interactive]')
- Using Jython list:
AdminTask.getIdMgrDefaultRealm (['-interactive'])
getIdMgrRepositoriesForRealm
The getIdMgrRepositoriesForRealm command returns repository specific details for the repositories configured for a specified realm.
Target Object
None.Required parameters
- -name
- Specifies the name of the realm. (String, required)
Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask getIdMgrRepositoriesForRealm {-name realm1}
- Using Jython string:
AdminTask.getIdMgrRepositoriesForRealm ('[-name realm1]')
- Using Jython list:
AdminTask.getIdMgrRepositoriesForRealm (['-name', 'realm1'])
Interactive mode example usage:
- Using Jacl:
$AdminTask getIdMgrRepositoriesForRealm {-interactive}
- Using Jython string:
AdminTask.getIdMgrRepositoriesForRealm ('[-interactive]')
- Using Jython list:
AdminTask.getIdMgrRepositoriesForRealm (['-interactive'])
getIdMgrRealm
The getIdMgrRealm command returns the configuration parameters for the realm that you specified.
Target Object
None.Required parameters
- -name
- Specifies the name of the realm. (String, required)
Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask getIdMgrRealm {-name realm1}
- Using Jython string:
AdminTask.getIdMgrRealm ('[-name realm1]')
- Using Jython list:
AdminTask.getIdMgrRealm (['-name', 'realm1'])
Interactive mode example usage:
- Using Jacl:
$AdminTask getIdMgrRealm {-interactive}
- Using Jython string:
AdminTask.getIdMgrRealm ('[-interactive]')
- Using Jython list:
AdminTask.getIdMgrRealm (['-interactive'])
listIdMgrRealms
The listIdMgrRealms command returns all of the names of the configured realms.
Target Object
None.Required parameters
None.Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask listIdMgrRealms
- Using Jython string:
AdminTask.listIdMgrRealms()
- Using Jython list:
AdminTask.listIdMgrRealms()
Interactive mode example usage:
- Using Jacl:
$AdminTask listIdMgrRealms {-interactive}
- Using Jython string:
AdminTask.listIdMgrRealms ('[-interactive]')
- Using Jython list:
AdminTask.listIdMgrRealms (['-interactive'])
listIdMgrRealmBaseEntries
The listIdMgrRealmBaseEntries command returns all of the names of the configured realms.
Target Object
None.Required parameters
- -name
- Specifies the name of the realm. (String, required)
Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask listIdMgrRealmBaseEntries {-name realm1}
- Using Jython string:
AdminTask.listIdMgrRealmBaseEntries ('[-name realm1]')
- Using Jython list:
AdminTask.listIdMgrRealmBaseEntries (['-name', 'realm1'])
Interactive mode example usage:
- Using Jacl:
$AdminTask listIdMgrRealmBaseEntries {-interactive}
- Using Jython string:
AdminTask.listIdMgrRealmBaseEntries ('[-interactive]')
- Using Jython list:
AdminTask.listIdMgrRealmBaseEntries (['-interactive'])
listIdMgrRealmDefaultParents
Use the listIdMgrRealmDefaultParents command to list the mapping of the default parent uniqueName for all entity types in a specified realm.
Target Object
None.Required parameters
None.Optional parameters
- -name
- Use this parameter to specify a valid realm name for which you want to list the mapping. If you do not specify the -name parameter, the command returns the mapping for defaultWIMFileBasedRealm, which is the default realm in the federated repository configuration. (String, optional)
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
Return values
The listIdMgrRealmDefaultParents command returns the mapping of each entity type to default parent uniqueName for the specified realm. The results are returned as a Map where the key is entityType and the value is parentUniqueName.Examples
Batch mode example usage:
- Using Jacl:
$AdminTask listIdMgrRealmDefaultParents {-name realm_name}
- Using Jython string:
AdminTask.listIdMgrRealmDefaultParents ('[-name realm_name]')
- Using Jython list:
AdminTask.listIdMgrRealmDefaultParents ((['-name', 'realm_name'])
Interactive mode example usage:
- Using Jacl:
$AdminTask listIdMgrRealmDefaultParents {-interactive}
- Using Jython string:
AdminTask.listIdMgrRealmDefaultParents ('[-interactive]')
- Using Jython list:
AdminTask.listIdMgrRealmDefaultParents (['-interactive'])
listIdMgrRealmURAttrMappings
Use the listIdMgrRealmURAttrMappings command to list the mappings between the user or group attributes for a user registry and the federated repository properties of a specified realm.
Target object
None.
Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
- -name
- Use this parameter to specify a valid realm name for which you
want to list the mapping.
If you do not specify the -name parameter, the listIdMgrRealmURAttrMappings command returns the mapping of the default realm in the federated repository configuration.
(String, optional)
Return values
- The key is the user registry attribute name (URAttrName parameter).
- The value is another HashMap that contains the propertyForInput and propertyForOutput as keys and the corresponding mapping as the values.
{userDisplayName={propertyForInput=principalName, propertyForOutput=principalName},
userSecurityName={propertyForInput=principalName, propertyForOutput=principalName},
uniqueUserId={propertyForInput=uniqueName, propertyForOutput=uniqueName},
uniqueGroupId={propertyForInput=uniqueName, propertyForOutput=uniqueName},
groupSecurityName={propertyForInput=cn, propertyForOutput=cn},
groupDisplayName={propertyForInput=cn, propertyForOutput=cn}}
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask listIdMgrRealmURAttrMappings
- Using Jython string:
AdminTask.listIdMgrRealmURAttrMappings()
- Using Jython list:
AdminTask.listIdMgrRealmURAttrMappings()
Interactive mode example usage:
- Using Jacl:
$AdminTask listIdMgrRealmURAttrMappings {-interactive}
- Using Jython string:
AdminTask.listIdMgrRealmURAttrMappings ('[-interactive]')
- Using Jython list:
AdminTask.listIdMgrRealmURAttrMappings (['-interactive'])
renameIdMgrRealm
The renameIdMgrRealm command renames the name of the realm that you specified.
Target Object
None.Required parameters
- -name
- Specifies the name of the realm. (String, required)
- -newName
- Specifies the new name of the realm. (String, required)
Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask renameIdMgrRealm {-name realm1 -newName realm2}
- Using Jython string:
AdminTask.renameIdMgrRealm ('[-name realm1 -newName realm2]')
- Using Jython list:
AdminTask.renameIdMgrRealm (['-name', 'realm1', '-newName', 'realm2'])
Interactive mode example usage:
- Using Jacl:
$AdminTask renameIdMgrRealm {-interactive}
- Using Jython string:
AdminTask.renameIdMgrRealm ('[-interactive]')
- Using Jython list:
AdminTask.renameIdMgrRealm (['-interactive'])
setIdMgrDefaultRealm
The setIdMgrDefaultRealm command sets the default realm name.
Required parameters
- -name
- Specifies the name of the realm that is used as a default realm when the caller does not specify any in context. (String, required)
Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask setIdMgrDefaultRealm {-name realm1}
- Using Jython string:
AdminTask.setIdMgrDefaultRealm ('[-name realm1]')
- Using Jython list:
AdminTask.setIdMgrDefaultRealm (['-name', 'realm1'])
Interactive mode example usage:
- Using Jacl:
$AdminTask setIdMgrDefaultRealm {-interactive}
- Using Jython string:
AdminTask.setIdMgrDefaultRealm ('[-interactive]')
setIdMgrRealmDefaultParent
Use the setIdMgrRealmDefaultParent command to set or modify the default parent uniqueName for an entity type in a specified realm.
Target object
None.
Required parameters
- -entityTypeName
- Use this parameter to specify the name of a valid supported entity type for which you want to set or modify the default parent. (String, required)
- -parentUniqueName
- Use this parameter to specify the default parent of the entity type in the specified realm. The default parent specified should be a valid uniqueName in this realm. (String, required)
Optional parameters
- -name
- Use this parameter to specify a valid realm name for which you want to set or modify the mapping. If you do not specify the -name parameter, the command sets or modifies the mapping for defaultWIMFileBasedRealm, which is the default realm in the federated repository configuration. (String, optional)
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask setIdMgrRealmDefaultParent {-entityTypeName entity_type -parentUniqueName unique_name}
- Using Jython string:
AdminTask.setIdMgrRealmDefaultParent ('[-entityTypeName entity_type -parentUniqueName unique_name]')
- Using Jython list:
AdminTask.setIdMgrRealmDefaultParent (['-entityTypeName', 'entity_type', '-parentUniqueName', 'unique_name'])
Interactive mode example usage:
- Using Jacl:
$AdminTask setIdMgrRealmDefaultParent {-interactive}
- Using Jython string:
AdminTask.setIdMgrRealmDefaultParent ('[-interactive]')
- Using Jython list:
AdminTask.setIdMgrRealmDefaultParent (['-interactive'])
setIdMgrRealmURAttrMapping
Use the setIdMgrRealmURAttrMapping command to set or modify the mapping of the user or group attribute for a user registry to a federated repository property of a specified realm.
The setIdMgrRealmURAttrMapping command is available in both connected and local modes. If you run the setIdMgrRealmURAttrMapping command in connected mode, the realm attribute mapping changes take effect after you restart the server.
Target object
None.
Required parameters
- -URAttrName
- Use this parameter to specify the name of the user or group attribute
in a user registry that you want to map. The following case-sensitive
values are valid for the URAttrName parameter:
- uniqueUserId
- userSecurityName
- userDisplayName
- uniqueGroupId
- groupSecurityName
- groupDisplayName
Avoid trouble: If you run the setIdMgrRealmURAttrMapping command multiple times for the same user registry attribute name, it overwrites the previous value.(String, required)
- -propertyForInput
- Use this parameter to specify the name of the federated repository property that maps to the specified user registry attribute (URAttrName parameter) when it is an input parameter for the user registry interface. (String, required)
- -propertyForOutput
- Use this parameter to specify the name of the federated repository property that maps to the specified user registry attribute (URAttrName parameter) when it is an output parameter (return value) for the user registry interface. (String, required)
Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
- -name
- Use this parameter to specify a valid realm name for which you want to set or modify the mapping. If you do not specify the name parameter, the setIdMgrRealmURAttrMapping command uses the default realm in the federated repository configuration. (String, optional)
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask setIdMgrRealmURAttrMapping {-URAttrName uniqueUserId -propertyForInput uniqueName -propertyForOutput uniqueName}
- Using Jython string:
AdminTask.setIdMgrRealmURAttrMapping ('[-URAttrName uniqueUserId -propertyForInput uniqueName -propertyForOutput uniqueName]')
- Using Jython list:
AdminTask.setIdMgrRealmURAttrMapping (['-URAttrName', 'uniqueUserId', '-propertyForInput', 'uniqueName', '-propertyForOutput', 'uniqueName'])
Interactive mode example usage:
- Using Jacl:
$AdminTask setIdMgrRealmURAttrMapping {-interactive}
- Using Jython string:
AdminTask.setIdMgrRealmURAttrMapping ('[-interactive]')
- Using Jython list:
AdminTask.setIdMgrRealmURAttrMapping (['-interactive'])
updateIdMgrRealm
The updateIdMgrRealm command updates the configuration for a realm that you specify.
Target Object
None.Required parameters
- -name
- Specifies the name of the realm. (String, required)
Optional parameters
- -securityDomainName
- Use this parameter to specify the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository. (String, optional)
- -securityUse
- Specifies a string that indicates if this realm will be used in security now, later, or never. The default value is active. Additional values includes: inactive and nonSelectable. (String, optional)
- -delimiter
- specifies the delimiter used for this realm. The default value is /. (String, optional)
- -allowOperationIfReposDown
- Specifies whether the system allows a repository operation such
as get or search to complete successfully, even
if repositories in the realm are down. (Boolean, optional)Avoid trouble: Even if this parameter is specified, all repositories must be available when you start the server, or the virtual member manager might not function properly.
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask updateIdMgrRealm {-name realm1}
- Using Jython string:
AdminTask.updateIdMgrRealm ('[-name realm1]')
- Using Jython list:
AdminTask.updateIdMgrRealm (['-name', 'realm1'])
Interactive mode example usage:
- Using Jacl:
$AdminTask updateIdMgrRealm {-interactive}
- Using Jython string:
AdminTask.updateIdMgrRealm ('[-interactive]')
- Using Jython list:
AdminTask.updateIdMgrRealm (['-interactive'])