authzrule modify
Changes an authorization rule.
Requires authentication (administrator ID and password) to use this command.
Syntax
authzrule modify rule_id ruletext rule_text
authzrule modify rule_id description description
authzrule modify rule_id failreason fail_reason
Options
- description description
- Specifies the new description of the rule.
A valid description is an alphanumeric string that is not case-sensitive. String values are expected to be characters that are part of the local code set. Spaces are allowed. If the description contains a space, ensure that you enclose the description in double quotation marks. You can specify an empty string ("") to clear an existing description.
Example of description: "time-of-day access"
- failreason fail_reason
- Specifies the fail reason code. Consider that authorization is denied as a result of the evaluation of this rule. However, other authorization checks succeed. In this case, the reason code is returned to the application that makes the authorization check. You can specify an empty string ("") to clear an existing fail reason.
- rule_id
- Specifies the name of the authorization rule to change. The authorization rule must exist, or an error is displayed.
- ruletext rule_text
- Specifies the new rule text in XSL format.
Return codes
- 0
- The command completed successfully.
- 1
- The command failed. When a command fails, the pdadmin command provides a description of the error and an error status code in hexadecimal format (for example, 0x14c012f2). See "Error messages" in the IBM Knowledge Center. This reference provides a list of the Security Access Manager error messages by decimal or hexadecimal codes.
Example
The following example changes the
description of a rule named r2:
pdadmin sec_master> authzrule modify r2 description "time-of-day access"