user import
Creates a Security Access Manager user by importing user data that exists in the user registry.
Requires authentication (administrator ID and password) to use this command.
If the user registry is Active Directory Lightweight Directory Service (AD LDS), import within the AD LDS partition where the Security Access Manager management domain information is stored.
Syntax
user import [–gsouser] user_name dn [group_name]
Description
Imported user accounts are created invalid by default. To make the user account valid, you must use the user modify command to set the account-valid option to yes.
Options
- –gsouser
- Specifies that the user has single sign-on capabilities. (Optional)
- dn
- Specifies the registry identifier of the user that is being imported.
This identifier must exist in the user registry and must not be associated
with another user in the same Security Access Manager secure
domain. The format for a distinguished name is like:
cn=Claude Wright,ou=Austin,o=Tivoli,c=us
- group_name
- Specifies an optional group to which the user is being added.
The group must exist, or an error is displayed. (Optional)
Examples of group names are Credit, Sales, and Test-group.
- user_name
- Specifies a unique Security Access Manager user
name. This user is created from information that exists in the user
registry. A
valid user name is an alphanumeric string that is not case-sensitive.
If the user is a GSO user, certain characters are not allowed. See Characters disallowed for GSO names for
the list of these characters.
Examples of user names are dlucas, sec_master, and "Mary Jones".
Return codes
- 0
- The command completed successfully.
- 1
- The command failed. When a command fails, the pdadmin command provides a description of the error and an error status code in hexadecimal format (for example, 0x14c012f2). See "Error messages" in the IBM Knowledge Center. This reference provides a list of the Security Access Manager error messages by decimal or hexadecimal codes.
Example
The following example creates the
user mlucaser by importing information from the registry
user cn=Mike Lucaser,ou=Austin,o=Tivoli,c=US:
pdadmin sec_master> user import –gsouser mlucaser
"cn=Mike Lucaser,ou=Austin,o=Tivoli,c=US"