[Windows]
Installation_folder\Manager\bin\rcxadm authctl - user management using directory service

[Linux]
/opt/FJSVrcvmr/bin/rcxadm authctl - user management using directory service

rcxadm authctl register -ip ip_address [-port port] -base base_dn -bind bind_dn [-method {SSL|PLAIN}] {-passwd password|-passwd_file password_file} [-auth {serverview|ldap}]
rcxadm authctl unregister
rcxadm authctl show
rcxadm authctl modify -ip ip_address [-port port] -base base_dn -bind bind_dn [-method {SSL|PLAIN}] {-passwd password|-passwd_file password_file} [-auth {serverview|ldap}]
rcxadm authctl export

rcxadm authctl is the command to operate the connection information of the directory server that retains user authentication information.

Only OS administrators can execute this command.

When using the following subcommands, stop the manager prior to command execution:

• register

• unregister

• modify

  
  

register

Registers a directory server with Resource Orchestrator.
When a directory server is registered, user authentication is performed in the directory service.

unregister

Unregisters a directory server registered with Resource Orchestrator. User information registered in the directory server is not deleted, the information is only deleted from Resource Orchestrator.
When the registration is released, user authentication is performed using the internal authentication function.

modify

Modifies settings of the directory service registered with Resource Orchestrator.

show

The registered directory server information is displayed in the following format.

ip address: IP_address port: Port_number base: base_dn bind: Administrator_user_DN method: Encryption_communication_method auth: Authentication_method

export

Migrates the information from a directory server used with Resource Orchestrator, to the management information of Resource Orchestrator.

When user information is being managed using a directory service with Resource Orchestrator, this task must be done before migration.

Migrate the following information to the management information:

• User group information and the users belonging to it

• Role definition

• Scope and role of access

• Resource information under the orchestration tree (the names and tree structure)

  
  

-ip ip

Specify the IP address of the directory server to register.

-port port(optional)

Specify the port number of the directory server to register. When omitted, the following port numbers are regarded as having been specified using the -method value.

SSL : 636 PLAIN : 389

-base base_dn

Specify the search base of the directory server to register in DN format.

-bind bind_dn

Specify the administrative privilege user name of the directory server to register in DN format.

-method {SSL|PLAIN} (optional)

Specify the encryption communication method to use with the directory server to register. Specify one of following.

If this option is omitted, "SSL" is specified. If PLAIN is specified, encryption is not performed.

• SSL

• PLAIN

-passwd password

Specify the password for the administrative privilege user of the directory server to register.

-passwd_file password_file

Specify the administrative privilege user name of the directory server to register.

-auth (optional)

This option is used in Basic mode.

Specify the method for user authentication. Specify one of following items.

If omitted, "serverview" is set.

• serverview

  Operation using ServerView Operations Manager and Single Sign-On is performed.

• ldap

  Only user authentication using directory service is performed. Operation is not performed using Single Sign-On.

  
  

• To display the registered directory service information:

  >rcxadm authctl show <RETURN> ip address: 127.0.0.1 port: 389 base: dc=fujitsu,dc=com bind: cn=manager,dc=fujitsu,dc=com method: PLAIN auth: ldap