Page History
...
Parameter | Description | ||||
---|---|---|---|---|---|
Action | The action we wish to perform on the defined role. Value: Edit Mandatory: Yes | ||||
Role-name | The name of the role we wish to edit. Mandatory: Yes | ||||
Role-scope | The scope of the rode the user wants to define the permissions on. Values: technology, application, Tier, or instance. Mandatory: Yes | ||||
Role-new-name | The new role name. Mandatory: No | ||||
Permissions | The permissions we wish to assign to this role. Mandatory: No
| ||||
Resources | The resources the role permissions apply on.
Mandatory: Yes, if permissions are changed. | ||||
Nodes | This parameter is relevant only to ‘technology’ role scope. Use this parameter to define technologies permissions on specific nodes. If this parameter is not defined the technology permissions will apply on all nodes. Node-name: the name of the node Nodes that are already assigned to the role and are not specified in edit will be removed from the role definition. If no proxies are specified in edit mode then the role’s proxies will remain unchanged. Mandatory: No |
Example
In this example we will be editing the following role:
...
Info |
---|
When managing only one user the <user> tag is not required. |
<root>
User definition
</root>
...
Table 9-7 Parameters for Adding a new user
Parameter Description
...
Parameter | Description |
---|---|
action | The action we wish to perform on the defined user. Values: Add Mandatory: Yes |
User- |
...
name | The name of the user we wish to add. Mandatory: Yes |
user-clear-password or user-encrypted- |
...
password | The user’s password as clear or encrypted text. Mandatory: Yes |
User- |
...
roles | The roles we wish to assign to this user |
...
|
...
Mandatory: Yes |
Example
In this example we will be adding two users.
<root>
<user>
<parameter name="action" value="add"/>
<parameter name="user-name" value="koby"/>
<parameter name="user-clear-password" value="1234"/>
<complex name="user-roles">
<parameter role-name="Tuxedo Manager"/>
<parameter role-name="SQL Server Administrator"/>
</complex>
</user>
<user>
<parameter name="action" value="add"/>
<parameter name="user-name" value="yossi"/>
<parameter name="user-clear-password" value="5678"/>
<complex name="user-roles">
<parameter role-name="Web Manager"/>
</complex>
</user>
</root>
Deleting a user
The definition for deleting a user is as follows:
<root>
<parameter name="action" value="delete"/>
<parameter name="user-name" value="user-name"/>
</root>
...
Info |
---|
The ‘admin’ user cannot be deleted. The user activating this command cannot delete himself. |
Table 9-8 Parameters for Deleting a user
Parameter Description
...
Parameter | Description |
---|---|
Action | The action we wish to perform on the defined user. Values: Delete Mandatory: Yes |
User- |
...
name | The name of the user we wish to delete. Mandatory: Yes |
Example
In this example we will be deleting one user ‘koby’:
<root>
<parameter name="action" value="delete"/>
<parameter name="user-name" value="koby"/>
</root>
Editing a user
The definition for editing or adding a user is as follows:
<root>
<parameter name="action" value="edit"/>
<parameter name="user-name" value="user-name"/> [<parameter name="user-new-name" value="user-new-name"/>] [{<parameter name="user-clear-password" value="clear-password"/> |
<parameter name="user-encrypted-password" value="encrypted-password"/>}]
[<complex name="user-roles">
<parameter role-name="role-name"/>
…additional roles definitions
</complex>]
</root>
Table 9-9 Parameters for Editing a userParameter Description
Parameter | Description |
---|---|
- |
...
action | The action we wish to perform on the defined user. Values: Edit Mandatory: Yes |
User- |
...
name | The name of the user we wish to edit. Mandatory: Yes |
user-clear-password or user-encrypted- |
...
password | The user’s password as clear or encrypted text. Mandatory: Yes |
User- |
...
roles | The roles we wish to assign to this user. |
Role- |
...
name | The name of the role we wish to assign to this user.
|
...
|
...
Mandatory: Yes |
Example
In this example we will be editing the user ‘user1’. This user has the following roles assigned to him:• Tuxedo
- Tuxedo Manager
...
- SQL Server Administrator
We will remove the role ‘SQL Server Administrator’ from his assigned roles and add the following role – ‘Oracle Administrator’. After the edit operation the user will have the following roles assigned to him:• Tuxedo
- Tuxedo Manager
...
- Oracle Administrator
We don’t want to change the user’s password or name.
<root>
<user>
<parameter name="action" value="edit"/>
<parameter name="user-name" value="user1"/>
<complex name="user-roles">
<parameter role-name="Oracle Administrator"/>
<parameter role-name="Tuxedo Manager"/>
</complex>
</user>
</root>
Exporting users/roles
The roles-export command prints the current users/roles defined in Precise. The export result can later be used to define/update roles/users.
Windows
...
infra\bin\psin_cli.bat
-i3-user
...
<user_
...
name>
{-i3-encrypted-password
...
<encrypted_
...
password> | -i3-clear-password
...
<clear_
...
password>}
-action roles-export
-mode {users|roles|all}
[-output-file <file
...
_
...
name>]
...
UNIX ./infra/bin/psin_cli.sh
-i3-user
...
<user_
...
name>
{-i3-encrypted-password
...
<encrypted_
...
password> | -i3-clear-password
...
<clear_
...
password>}
-action roles-export
-mode {users|roles|all}
[-output-file
...
<file_
...
name>]
Table 9-10 Elements for Exporting users/roles
Elements Description
...
Elements | Description |
---|---|
Mode | The required export mode. Values: export users, export roles, or export users and roles. Mandatory: Yes |
output- |
...
file | The file path to which the export will be written. Value: If not specified: <precise_root>\infra\cli2\output\cli_expo rt_<mode>.xml. Mandatory: No |
Command output
The roles export output is written to an output file as described in the previous table.
Output format
The output format can be users, roles or all.
Export users output
<users>
<user>
<parameter name="action" value="add" />
<parameter name="user-encrypted-password" value="IAJDFKJBI@" />
<parameter name="user-name" value="usr1" />
<complex name="user-roles">
<parameter role-name="Oracle view only" />
</complex>
</user>
<user>
<parameter name="action" value="add" />
<parameter name="user-encrypted-password" value="ICDDFK@FFA" />
<parameter name="user-name" value="usr2" />
<complex name="user-roles">
<parameter role-name="Precise Manager" />
</complex>
</user>
...additional users
</users>
Export roles output
<roles>
<role>
<parameter name="action" value="add" />
<parameter name="nodes" value="*" />
<complex name="permissions">
<parameter permission-operation="FULL_CONTROL" permission-type="ADMINISTRATE" />
<parameter permission-operation="FULL_CONTROL" permission-type="TUNE" />
<parameter permission-operation="FULL_CONTROL" permission-type="MONITOR" />
</complex>
<parameter name="resources" value="*" />
<parameter name="role-name" value="Precise Manager" />
<parameter name="role-scope" value="TECHNOLOGY" />
</role>
<role>
<parameter name="action" value="add" />
<parameter name="nodes" value="*" />
<complex name="permissions">
<parameter permission-operation="VIEW" permission-type="MONITOR" />
<parameter permission-operation="VIEW" permission-type="ADMINISTRATE" />
<parameter permission-operation="VIEW" permission-type="TUNE" />
</complex>
<complex name="resources">
<parameter technology-code="OR" />
</complex>
<parameter name="role-name" value="Oracle view only" />
<parameter name="role-scope" value="TECHNOLOGY" />
</role>
...additional roles
</roles>
Export all output
<all>
<user>
...
<parameter name="action" value="add" />
<parameter name="user-encrypted-password" value="IAJDFKJBI@" />
<parameter name="user-name" value="usr1" />
<complex name="user-roles">
<parameter role-name="Oracle view only" />
</complex>
</user>
<user>
<parameter name="action" value="add" />
<parameter name="user-encrypted-password" value="ICDDFK@FFA" />
<parameter name="user-name" value="usr2" />
<complex name="user-roles">
<parameter role-name="Precise Manager" />
</complex>
</user>
...additional users
<role>
<parameter name="action" value="add" />
<parameter name="nodes" value="*" />
<complex name="permissions">
<parameter permission-operation="FULL_CONTROL" permission-type="ADMINISTRATE" />
<parameter permission-operation="FULL_CONTROL" permission-type="TUNE" />
<parameter permission-operation="FULL_CONTROL" permission-type="MONITOR" />
</complex>
<parameter name="resources" value="*" />
<parameter name="role-name" value="Precise Manager" />
<parameter name="role-scope" value="TECHNOLOGY" />
</role>
<role>
<parameter name="action" value="add" />
<parameter name="nodes" value="*" />
<complex name="permissions">
<parameter permission-operation="VIEW" permission-type="MONITOR" />
<parameter permission-operation="VIEW" permission-type="ADMINISTRATE" />
<parameter permission-operation="VIEW" permission-type="TUNE" />
</complex>
<complex name="resources">
<parameter technology-code="OR" />
</complex>
<parameter name="role-name" value="Oracle view only" />
<parameter name="role-scope" value="TECHNOLOGY" />
</role>
...
...
a dditional roles
</all>
User permissions summary
User permissions summary prints a summary of the permissions a user has. Managing users using CLI is done using the following command:
...