Name
[Windows]
Installation_folder\Manager\bin\rcxadm authctl - user management using directory service
[Linux]
/opt/FJSVrcvmr/bin/rcxadm authctl - user management using directory service
Format
rcxadm authctl register -ip ip_address [-port port] -base base_dn -bind bind_dn [-method {SSL|PLAIN}] {-passwd password|-passwd_file password_file} [-auth {serverview|ldap}] rcxadm authctl unregister rcxadm authctl show rcxadm authctl modify -ip ip_address [-port port] -base base_dn -bind bind_dn [-method {SSL|PLAIN}] {-passwd password|-passwd_file password_file} [-auth {serverview|ldap}] rcxadm authctl export
Description
rcxadm authctl is the command to operate the connection information of the directory server that retains user authentication information.
Only OS administrators can execute this command.
When using the following subcommands, stop the manager prior to command execution:
register
unregister
modify
Subcommands
Registers a directory server with Resource Orchestrator.
When a directory server is registered, user authentication is performed in the directory service.
Unregisters a directory server registered with Resource Orchestrator. User information registered in the directory server is not deleted, the information is only deleted from Resource Orchestrator.
When the registration is released, user authentication is performed using the internal authentication function.
Modifies settings of the directory service registered with Resource Orchestrator.
The registered directory server information is displayed in the following format.
ip address: IP_address |
Migrates the information from a directory server used with Resource Orchestrator, to the management information of Resource Orchestrator.
When user information is being managed using a directory service with Resource Orchestrator, this task must be done before migration.
Migrate the following information to the management information:
User group information and the users belonging to it
Role definition
Scope and role of access
Resource information under the orchestration tree (the names and tree structure)
Options
Specify the IP address of the directory server to register.
Specify the port number of the directory server to register. When omitted, the following port numbers are regarded as having been specified using the -method value.
SSL : 636 PLAIN : 389 |
Specify the search base of the directory server to register in DN format.
Specify the administrative privilege user name of the directory server to register in DN format.
Specify the encryption communication method to use with the directory server to register. Specify one of following.
If this option is omitted, "SSL" is specified. If PLAIN is specified, encryption is not performed.
SSL
PLAIN
Specify the password for the administrative privilege user of the directory server to register.
Specify the administrative privilege user name of the directory server to register.
This option is used in Basic mode.
Specify the method for user authentication. Specify one of following items.
If omitted, "serverview" is set.
serverview
Operation using ServerView Operations Manager and Single Sign-On is performed.
ldap
Only user authentication using directory service is performed. Operation is not performed using Single Sign-On.
Examples
To display the registered directory service information:
>rcxadm authctl show <RETURN>
ip address: 127.0.0.1
port: 389
base: dc=fujitsu,dc=com
bind: cn=manager,dc=fujitsu,dc=com
method: PLAIN
auth: ldap |