Precise Application Performance Platform 10.3.x

Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

...

Table 1 Elements of the Manage roles command

Element	Description
action	Values: manage-roles Mandatory: yes
i3-user	See Authenticate to CLI Utility on page 8.
is-encrypted-password	See Authenticate to CLI Utility on page 8.
roles-parametersfile	Values: the parameters file that holds the roles definitions. Mandatory: Yes

The parameters file contains the definitions for one or more roles. The file structure is as follows

...

Table 2 Parameter values for Adding a new role

Parameter

Description

action

The action we wish to perform on the defined role.

Value: add.

role-name

Value: The name of the role to be added.

Mandatory: Yes

role-scope

The scope of the role the user wants to define the permissions on.

Value: technology, application, Tier, or instance. See Table 9-3 on page 111.

Mandatory: Yes

permissions

The permissions we wish to assign to this role.

Info
When assigning permission to a role all the dependencies of this permission are automatically assigned to the role as well (i.e. assigning MONITOR.WHAT_IF will automatically assign MONITOR.EXPLAIN as well).

Mandatory: Yes

permission-type

The permission type name we wish to assign to this role, for example: monitor.

Mandatory: Yes

permission-operation

The permission operation name we wish to assign to this role, for example: view.

Mandatory: Yes

resources

The resources the role permissions apply to.

Mandatory: Yes

resource-information

Resource information holds the information of the resource the permission is granted on. This information is derived from the role scope parameter, as shown in Table 9-3 on page 111.

Mandatory: Yes

nodes

This parameter is relevant only to ‘technology’ role scope. Use this parameter to define technologies permissions on specific nodes. If this parameter is not defined the technology permissions will apply on all nodes.

Value: Name of the node

Info
To define permission on all the resources of a specific type and all future resources as well (i.e. all instances), do not specify any resource information. Instead, define the resources value attribute as "". To define permission on all the nodes do not specify any node name. Instead, define the nodes value attribute as "".

Mandatory: No

Table 3 Role scope parameters

Role scope parameter

Resource information

Example

technology

technology-code: the technology code the permission should be granted on

environment

environment-name: the name of the application the permission should be granted on.

Info
View permission can only be set on the application resource.

apptier

apptier-name: the name of the Tier the permission should be granted on environment-name: the name of the application the Tier belongs to.

instance

instance-name: the name of the instance the permission should be granted on.

technology-code: this parameter is optional, specifies the instance technology code. This parameter should be used if the instance name is not unique.

server-name: this parameter is optional, specifies the server the instance is installed on. If this parameter is specified the technology code parameter must be specified as well. This parameter should be used if the instance name and technology are not unique.

Example

In this example we will be adding two roles as follows:

...

Table 4 Parameter values for Deleting a role

Parameter	Description
action	The action we wish to perform on the defined role. Value: delete. Mandatory: Yes
role-name	The name of the role we wish to delete. Mandatory: Yes

Parameter

Description

action

The action we wish to perform on the defined role.

Value: delete.

Mandatory: Yes

role-name

The name of the role we wish to delete.

Mandatory: Yes

Example

In this example we will be deleting one role ‘test-role1’:

...

Table 5 Parameter values for Editing a role

Parameter

Description

Action

The action we wish to perform on the defined role.

Value: Edit

Mandatory: Yes

Role-name

The name of the role we wish to edit.

Mandatory: Yes

Role-scope

The scope of the rode the user wants to define the permissions on.

Values: technology, application, Tier, or instance.

Mandatory: Yes

Role-new-name

The new role name.

Mandatory: No

Permissions

The permissions we wish to assign to this role.

Mandatory: No

Info

When assigning permission to a role, all the dependencies of this permission are automatically assigned to the role as well (i.e. assigning MONITOR.WHAT_IF will automatically assign MONITOR.EXPLAIN as well).

Permission-type. The permission type name we wish to assign to this role.
Permission-operation. The permission operation name we wish to assign to this role.

Info
Permissions that are already assigned to the role and are not specified in edit will be removed from the role definition.

Resources

The resources the role permissions apply on.

Resource-information. See Table 9-3 on page 111.

Info
Resources that are already assigned to the role and are not specified in edit will be removed from the role definition.

Mandatory: Yes, if permissions are changed.

Nodes

Node-name: the name of the node

Nodes that are already assigned to the role and are not specified in edit will be removed from the role definition. If no proxies are specified in edit mode then the role’s proxies will remain unchanged.

Mandatory: No

Example

In this example we will be editing the following role:

...

Table 6 Elements for the Manage users command

Parameter	Description
i3-user	See Authenticate to CLI Utility on page 8.
is-encrypted-password	See Authenticate to CLI Utility on page 8.
role-parametersfile	Values: the parameters file that holds the users definitions Mandatory: Yes
action	Values: manage-users Mandatory: Yes

The parameters file contains the definitions for one or more users. The file structure is as follows

...

Table 7 Parameters for Adding a new user

Parameter

Description

action

The action we wish to perform on the defined user.

Values: Add

Mandatory: Yes

User-name

The name of the user we wish to add.

Mandatory: Yes

user-clear-password or user-encrypted-password

The user’s password as clear or encrypted text.

Mandatory: Yes

User-roles

The roles we wish to assign to this user

Role-name: The name of the role we wish to assign to this user.

Info
The Role name is case sensitive.

Mandatory: Yes

Example

In this example we will be adding two users.

...

Info
The ‘admin’ user cannot be deleted. The user activating this command cannot delete himself.

Table 8 Parameters for Deleting a user

Parameter	Description
Action	The action we wish to perform on the defined user. Values: Delete Mandatory: Yes
User-name	The name of the user we wish to delete. Mandatory: Yes

Parameter

Description

Action

The action we wish to perform on the defined user.

Values: Delete

Mandatory: Yes

User-name

The name of the user we wish to delete.

Mandatory: Yes

Example

In this example we will be deleting one user ‘koby’:

...

Table 9 Parameters for Editing a user

Parameter

Description

-action

The action we wish to perform on the defined user.

Values: Edit

Mandatory: Yes

User-name

The name of the user we wish to edit.

Mandatory: Yes

user-clear-password or user-encrypted-password

The user’s password as clear or encrypted text.

Mandatory: Yes

User-roles

The roles we wish to assign to this user.

Role-name

The name of the role we wish to assign to this user.

Info
The Role name is case sensitive.

Info
Roles that are already assigned to the user and are not specified in edit will be removed from the user assigned roles.

Mandatory: Yes

Example

In this example we will be editing the user ‘user1’. This user has the following roles assigned to him:

...

Table 10 Elements for Exporting users/roles

Elements	Description
Mode	The required export mode. Values: export users, export roles, or export users and roles. Mandatory: Yes
output-file	The file path to which the export will be written. Value: If not specified: <precise_root>\infra\cli2\output\cli_expo rt_<mode>.xml. Mandatory: No

Elements

Description

Mode

The required export mode.

Values: export users, export roles, or export users and roles.

Mandatory: Yes

output-file

The file path to which the export will be written.

Value: If not specified: <precise_root>\infra\cli2\output\cli_expo rt_<mode>.xml.

Mandatory: No

Command output

The roles export output is written to an output file as described in the previous table.

...

Table 11 Elements for the User permissions summary

Element	Description
user-name	The user we wish to generate the permissions summary for. If this parameter is not specified, the permissions summary will be generated for the user activating this command according to the i3-user parameter. Mandatory: Yes
output-file	The file the command output will be written to. If this parameter is not specified the output will be written as follows: An xml file will be generated under the following folder: infra\cli2\permissions. The file name will be of the following format: permissions_summary_YYYY.MM.DD_HH_MM_S S.xml. Mandatory: No

Element

Description

user-name

The user we wish to generate the permissions summary for. If this parameter is not specified, the permissions summary will be generated for the user activating this command according to the i3-user parameter.

Mandatory: Yes

output-file

The file the command output will be written to. If this parameter is not specified the output will be written as follows:

An xml file will be generated under the following folder: infra\cli2\permissions.
The file name will be of the following format: permissions_summary_YYYY.MM.DD_HH_MM_S S.xml.

Mandatory: No

Command output

The user permissions summary is printed to an output file as described above in the Parameters specification section.

...

<user-permissions-summary user-name="usr1">
     <roles-permissions-summary>
          <role role-name="monitor default environment" role-scope="ENVIRONMENT"
               <permission>
                    <description>'Monitor.View' permission on the selected applications</description>
                    <permission-type>MONITOR</permission-type>
                    <permission-operation>VIEW</permission-operation>
                    <resource resource-type="ENVIRONMENT" environment-name="Default" />
                    <affected-instances>
                         <instance>
                              <instance-name>PIFA1000</instance-name>
                              <server-name>pifa1000</server-name>
                              <technology-code>SQ</technology-code>
                         </instance>
                         <instance>
                              <instance-name>H47_TEST</instance-name>
                              <server-name>poolhp3</server-name>
                              <technology-code>SP</technology-code>
                         </instance>
                         <instance>
                              <instance-name>H47_TEST2</instance-name>
                              <server-name>poolhp3</server-name>
                              <technology-code>SP</technology-code>
                         </instance>
                    </affected-instances>
               </permission>
          </role>
          <role role-name="monitor sql apptier" role-scope="APPTIER">
               <permission>
                    <description>'Monitor.View' permission on the selected Tiers</description>
                    <permission-type>MONITOR</permission-type>
                    <permission-operation>VIEW</permission-operation>
                    <resource resource-type="APPTIER" environment-name="Default" apptier-name="SQL Server" />
                    <affected-instances>
                         <instance>
                              <instance-name>PIFA1000</instance-name>
                              <server-name>pifa1000</server-name>
                              <technology-code>SQ</technology-code>
                         </instance>
                    </affected-instances>
               </permission>
               <permission>
                    <description>'Monitor.Execute' permission on the selected Tiers</description>
                    <permission-type>MONITOR</permission-type>
                    <permission-operation>EXECUTE</permission-operation>
                    <resource resource-type="APPTIER" environment-name="Default" apptier-name="SQL Server" />
                    <affected-instances>
                         <instance>
                              <instance-name>PIFA1000</instance-name>
                              <server-name>pifa1000</server-name>
                              <technology-code>SQ</technology-code>
                         </instance>
                    </affected-instances>
               </permission>
          </role>
          <role role-name="administrate sql instance" role-scope="INSTANCE">
             <permission>
                    <description>'Administrate.Execute' permission on the selected instances</description>
                    <permission-type>ADMINISTRATE</permission-type>
                    <permission-operation>EXECUTE</permission-operation>
                    <resource resource-type="INSTANCE" instance-name="PIFA1000" server-name="pifa1000" technology-code="SQ" />
                    <affected-instances>
                         <instance>
                              <instance-name>PIFA1000</instance-name>
                              <server-name>pifa1000</server-name>
                              <technology-code>SQ</technology-code>
                         </instance>
                    </affected-instances>
               </permission>
               <permission>
                    <description>'Administrate.Full Control' permission on the selected instances</description>
                    <permission-type>ADMINISTRATE</permission-type>
                    <permission-operation>FULL_CONTROL</permission-operation>
                    <resource resource-type="INSTANCE" instance-name="PIFA1000" server-name="pifa1000" technology-code="SQ" />
                    <affected-instances>
                         <instance>
                              <instance-name>PIFA1000</instance-name>
                              <server-name>pifa1000</server-name>
                              <technology-code>SQ</technology-code>
                         </instance>
                    </affected-instances>
               </permission>
               <permission>
                    <description>'Administrate.View' permission on the selected instances</description>
                    <permission-type>ADMINISTRATE</permission-type>
                    <permission-operation>VIEW</permission-operation>
                    <resource resource-type="INSTANCE" instance-name="PIFA1000" server-name="pifa1000" technology-code="SQ" />
                    <affected-instances>
                         <instance>
                              <instance-name>PIFA1000</instance-name>
                              <server-name>pifa1000</server-name>
                              <technology-code>SQ</technology-code>
                         </instance>
                    </affected-

Scroll Ignore

scroll-eclipsehelp
scroll-pdf	true
scroll-office	true
scroll-chm	true
scroll-docbook	true

...

true
scroll-epub	true
scroll-html	true

Newtabfooter
alias IDERA
url http://www.idera.com
|
Newtabfooter
alias Products
url https://www.idera.com/productssolutions/sqlserver
|
Newtabfooter
alias Purchase
url https://www.idera.com/buynow/onlinestore
|
Newtabfooter
alias Support
url https://idera.secure.force.com/precise/
|
Newtabfooter
alias Community
url http://community.idera.com
|
Newtabfooter
alias Resources
url http://www.idera.com/resourcecentral
|
Newtabfooter
alias About Us
url http://www.idera.com/about/aboutus
|
Newtabfooter
alias Legal
url https://www.idera.com/legal/termsofuse

Content

Space Tools

Versions Compared

Old Version 12

New Version 13

Key

Example

Example

Example

Example

Command output

Command output