Universal Messaging 10.7 | Administration Guide | Command Line Administration Tools | Syntax reference for command line tools | Syntax: Security Tools
 
Syntax: Security Tools
AddChannelACLEntry

Tool name:
AddChannelACLEntry

Description:
Adds an ACL entry on the specified channel for the specified user and host,
on the specified realm.

Usage:
runUMTool AddChannelACLEntry -channelname=<channelname> -rname=<rname>
-type=<type> [optional_args]

Examples:

AddChannelACLEntry -rname=nsp://localhost:8080 -channelname=channel0
-type=group -groupname=security_group0 -fullprivileges=true

AddChannelACLEntry -rname=nsp://localhost:8080 -channelname=channel0
-type=subject -user=username -host=127.0.0.1 -fullprivileges=true

Required arguments:

channelname :
Name of the channel to which the ACL entry is being applied.

rname :
URL of the server on which the channel exists.

type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.

Optional Parameters:

groupname :
Name of the group for which ACL is being updated.

user :
User for which ACL is being updated.

host :
Host for which ACL is being updated.

canlistacl :
Specify that the 'list' ACL permission should be added.

canmodifyacl :
Specify that the 'modify' ACL permission should be added.

fullprivileges :
Specify that the 'full permissions' ACL permission should be added.

cangetlasteid :
Specify that the 'get last EID' ACL permission should be added.

canread :
Specify that the 'read' ACL permission should be added.

canwrite :
Specify that the 'write' ACL permission should be added.

canpurge :
Specify that the 'purge' ACL permission should be added.

cannamed :
Specify that the 'named' ACL permission should be added.

canpop :
Specify that the 'pop' ACL permission should be added.

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
AddContainerACLEntry

Tool name:
AddContainerACLEntry

Description:
Adds an ACL entry on the specified container for the specified user and host.

Usage:
runUMTool AddContainerACLEntry -containername=<containername> -rname=<rname>
-type=<type> [optional_args]

Examples:

AddContainerACLEntry -rname=nsp://localhost:8080 -containername=container0
-type=group -groupname=security_group0 -fullprivileges=true

AddContainerACLEntry -rname=nsp://localhost:8080 -containername=container0
-type=subject -user=username -host=127.0.0.1 -fullprivileges=true

Required arguments:

containername :
Name of the container to which the ACL entry is being applied.

rname :
URL of the server from which to start searching for the container.

type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.

Optional Parameters:

groupname :
Name of the group for which ACL is being updated.

user :
User for which ACL is being updated.

host :
Host for which ACL is being updated.

canlistacl :
Specify that the 'list' ACL permission should be added.

canmodifyacl :
Specify that the 'modify' ACL permission should be added.

fullprivileges :
Specify that the 'full permissions' ACL permission should be added.

cangetlasteid :
Specify that the 'get last EID' ACL permission should be added.

canread :
Specify that the 'read' ACL permission should be added.

canwrite :
Specify that the 'write' ACL permission should be added.

canpurge :
Specify that the 'purge' ACL permission should be added.

cannamed :
Specify that the 'named' ACL permission should be added.

canpop :
Specify that the 'pop' ACL permission should be added.

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
AddQueueACLEntry

Tool name:
AddQueueACLEntry

Description:
Adds an ACL entry on the specified queue for the specified user and host,
on the specified realm.

Usage:
runUMTool AddQueueACLEntry -queuename=<queuename> -rname=<rname> -type=<type>
[optional_args]

Examples:

AddQueueACLEntry -rname=nsp://localhost:8080 -queuename=queue0 -type=group
-groupname=security_group0 -fullprivileges=true

AddQueueACLEntry -rname=nsp://localhost:8080 -queuename=queue0 -type=subject
-user=username -host=127.0.0.1 -fullprivileges=true

Required arguments:

queuename :
Name of the queue to which the ACL entry is being applied.

rname :
URL of the server on which the queue exists.

type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.

Optional Parameters:

groupname :
Name of the group for which ACL is being updated.

user :
User for which ACL is being updated.

host :
Host for which ACL is being updated.

canlistacl :
Specify that the 'list' ACL permission should be added.

canmodifyacl :
Specify that the 'modify' ACL permission should be added.

fullprivileges :
Specify that the 'full permissions' ACL permission should
be added.

canread :
Specify that the 'read' ACL permission should be added.

canwrite :
Specify that the 'write' ACL permission should be added.

canpurge :
Specify that the 'purge' ACL permission should be added.

canpop :
Specify that the 'pop' ACL permission should be added.

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
AddRealmACLEntry

Tool name:
AddRealmACLEntry

Description:
Adds an ACL entry on the specified realm for the specified user and host.

Usage:
runUMTool AddRealmACLEntry -rname=<rname> -type=<type> [optional_args]

Examples:

AddRealmACLEntry -rname=nsp://localhost:8080 -type=group
-groupname=security_group0 -fullprivileges=true

AddRealmACLEntry -rname=nsp://localhost:8080 -type=subject -user=username
-host=127.0.0.1 -fullprivileges=true

Required arguments:

rname :
URL of the realm to which the ACL entry is being applied.

type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.

Optional Parameters:

groupname :
Name of the group for which ACL is being updated.

user :
User for which ACL is being updated.

host :
Host for which ACL is being updated.

canlistacl :
Specify that the 'list' ACL permission should be added.

canmodifyacl :
Specify that the 'modify' ACL permission should be added.

fullprivileges :
Specify that the 'full permissions' ACL permission should be added.

canuseadminapi :
Specify that the 'use admin api' ACL permission should be added.

canmanagerealms :
Specify that the 'manage realms' ACL permission should be added.

canmanagejoins :
Specify that the 'manage joins' ACL permission should be added.

canmanagechannels :
Specify that the 'manage channels' ACL permission should be added.

canaccess :
Specify that the 'access' ACL permission should be added.

canoverrideconnectioncount :
Specify that the 'override connection count' ACL permission should be added.

canconfigure :
Specify that the 'configuration' ACL permission should be added.

canmanagedatagroups :
Specify that the 'manage data groups' ACL permission should be added.

canpublishglobaldatagroups :
Specify that the 'publish global data groups' ACL permission should
be added.

cantakeownershipdatagroups :
Specify that the 'take ownership of data groups' ACL permission should
be added.

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
AddSecurityGroup

Tool name:
AddSecurityGroup

Description:
Adds a security group to the specified realm with the specified name.

Usage:
runUMTool AddSecurityGroup -rname=<rname> -groupname=<groupname> [optional_args]

Examples:

AddSecurityGroup -rname=nsp://localhost:8080 -groupname=security_group0

Required arguments:

rname :
URL of the realm to which the security group is being added.

groupname :
Name of the security group to be added.

Optional Parameters:

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
AddUserToSecurityGroup

Tool name:
AddUserToSecurityGroup

Description:
Adds a specified user and host subject to a given security group on a
specified realm.

Usage:
runUMTool AddUserToSecurityGroup -rname=<rname> -groupname=<groupname>
-user=<user> -host=<host> [optional_args]

Examples:

AddUserToSecurityGroup -rname=nsp://localhost:8080 -groupname=security_group0
-user=username -host=127.0.0.1

Required arguments:

rname :
URL of the realm on which is the security group.

groupname :
Name of the security group to which the user is being added.

user :
User of the subject being added to security group.

host :
Host of the subject being added to security group.

Optional Parameters:

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
DeleteChannelACLEntry

Tool name:
DeleteChannelACLEntry

Description:
Deletes the ACL entry from the specified channel with the specified user
and host.

Usage:
runUMTool DeleteChannelACLEntry -channelname=<channelname> -rname=<rname>
-type=<type> [optional_args]

Examples:

DeleteChannelACLEntry -rname=nsp://localhost:8080 -channelname=channel0
-type=group -groupname=security_group0

DeleteChannelACLEntry -rname=nsp://localhost:8080 -channelname=channel0
-type=subject -user=username -host=127.0.0.1

Required arguments:

channelname :
Name of the channel from which the ACL entry is being removed.

rname :
URL of the server on which the channel exists.

type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.

Optional Parameters:

groupname :
Name of the group for which the ACL entry is being removed.

user :
User for which the ACL entry is being removed.

host :
Host for which the ACL entry is being removed.

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
DeleteContainerACLEntry

Tool name:
DeleteContainerACLEntry

Description:
Removes an ACL entry from the specified container with the specified user
and host.

Usage:
runUMTool DeleteContainerACLEntry -containername=<containername> -rname=<rname>
-type=<type> [optional_args]

Examples:

DeleteContainerACLEntry -rname=nsp://localhost:8080 -containername=container0
-type=group -groupname=security_group0

DeleteContainerACLEntry -rname=nsp://localhost:8080 -containername=container0
-type=subject -user=username -host=127.0.0.1

Required arguments:

containername :
Name of the container from which the ACL entry is being removed.

rname :
URL of the server from which to start searching for the container.

type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.

Optional Parameters:

groupname :
Name of the group for which the ACL entry is being removed.

user :
User for which the ACL entry is being removed.

host :
Host for which the ACL entry is being removed.

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
DeleteQueueACLEntry

Tool name:
DeleteQueueACLEntry

Description:
Deletes the ACL entry from the specified queue with the specified user and host.

Usage:
runUMTool DeleteQueueACLEntry -queuename=<queuename> -rname=<rname>
-type=<type> [optional_args]

Examples:

DeleteQueueACLEntry -rname=nsp://localhost:8080 -queuename=queue0
-type=group -groupname=security_group0

DeleteQueueACLEntry -rname=nsp://localhost:8080 -queuename=queue0
-type=subject -user=username -host=127.0.0.1

Required arguments:

queuename :
Name of the queue from which the ACL entry is being removed.

rname :
URL of the server on which the queue exists.

type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.

Optional Parameters:

groupname :
Name of the group for which the ACL entry is being removed.

user :
User for which the ACL entry is being removed.

host :
Host for which the ACL entry is being removed.

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
DeleteRealmACLEntry

Tool name:
DeleteRealmACLEntry

Description:
Removes an ACL entry from the specified realm with the specified user and host.

Usage:
runUMTool DeleteRealmACLEntry -rname=<rname> -type=<type> [optional_args]

Examples:

DeleteRealmACLEntry -rname=nsp://localhost:8080 -type=group
-groupname=security_group0

DeleteRealmACLEntry -rname=nsp://localhost:8080 -type=subject -user=username
-host=127.0.0.1

Required arguments:

rname :
URL of the realm from which the ACL entry is being removed.

type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.

Optional Parameters:

groupname :
Name of the group for which the ACL entry is being removed.

user :
User for which the ACL entry is being removed.

host :
Host for which the ACL entry is being removed.

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
DeleteSecurityGroup

Tool name:
DeleteSecurityGroup

Description:
Removes a security group from the specified realm with the specified name.

Usage:
runUMTool DeleteSecurityGroup -rname=<rname> -groupname=<groupname>
[optional_args]

Examples:

DeleteSecurityGroup -rname=nsp://localhost:8080 -groupname=security_groupp

Required arguments:

rname :
URL of the realm from which the security group is being removed.

groupname :
Name of the security group to be removed.

Optional Parameters:

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
DumpACL
Note:
If you have only the Universal Messaging template applications installed, this tool can print output in plaintext and xml format. To print output in json format, you must have the realm server component installed.

Tool name:
DumpACL

Description:
Dumps all the ACL data for a realm.

Usage:
runUMTool DumpACL -rname=<rname> [optional_args]

Examples:

DumpACL -rname=nsp://localhost:8080

DumpACL -rname=nsp://localhost:8080 -format=XML

DumpACL -rname=nsp://localhost:8080 -format=JSON

Required arguments:

rname :
URL of the realm for which to dump the ACL data.

Optional Parameters:

format :
Which format to output ACL data. Defaults to plaintext, other
options are: plaintext, xml, json.

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
ModifyChannelACLEntry

Tool name:
ModifyChannelACLEntry

Description:
Updates an ACL entry on the specified channel for the specified user and
host, on the specified realm.

Usage:
runUMTool ModifyChannelACLEntry -channelname=<channelname> -rname=<rname>
-type=<type> [optional_args]

Examples:

ModifyChannelACLEntry -rname=nsp://localhost:8080 -channelname=channel0
-type=group -groupname=security_group0 -fullprivileges=true

ModifyChannelACLEntry -rname=nsp://localhost:8080 -channelname=channel0
-type=subject -user=username -host=127.0.0.1 -fullprivileges=true

Required arguments:

channelname :
Name of the channel on which the ACL entry is being updated.

rname :
URL of the server on which the channel exists.

type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.

Optional Parameters:

groupname :
Name of the group for which ACL is being updated.

user :
User for which ACL is being updated.

host :
Host for which ACL is being updated.

canlistacl :
Specify that the 'list' ACL permission should be added.

canmodifyacl :
Specify that the 'modify' ACL permission should be added.

fullprivileges :
Specify that the 'full permissions' ACL permission should be added.

cangetlasteid :
Specify that the 'get last EID' ACL permission should be added.

canread :
Specify that the 'read' ACL permission should be added.

canwrite :
Specify that the 'write' ACL permission should be added.

canpurge :
Specify that the 'purge' ACL permission should be added.

cannamed :
Specify that the 'named' ACL permission should be added.

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
ModifyContainerACLEntry

Tool name:
ModifyContainerACLEntry

Description:
AddContainerACLEntry adds an ACL entry on the specified container for the
specified user and host.

Usage:
runUMTool ModifyContainerACLEntry -containername=<containername> -rname=<rname>
-type=<type> [optional_args]

Examples:

ModifyContainerACLEntry -rname=nsp://localhost:8080 -containername=container0
-type=group -groupname=security_group0 -fullprivileges=true

ModifyContainerACLEntry -rname=nsp://localhost:8080 -containername=container0
-type=subject -user=username -host=127.0.0.1 -fullprivileges=true

Required arguments:

containername :
Name of the container to which the ACL entry is being applied.

rname :
URL of the server from which to start searching for the container.

type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.

Optional Parameters:

groupname :
Name of the group for which ACL is being updated.

user :
User for which ACL is being updated.

host :
Host for which ACL is being updated.

canlistacl :
Specify that the 'list' ACL permission should be added.

canmodifyacl :
Specify that the 'modify' ACL permission should be added.

fullprivileges :
Specify that the 'full permissions' ACL permission should be added.

cangetlasteid :
Specify that the 'get last EID' ACL permission should be added.

canread :
Specify that the 'read' ACL permission should be added.

canwrite :
Specify that the 'write' ACL permission should be added.

canpurge :
Specify that the 'purge' ACL permission should be added.

cannamed :
Specify that the 'named' ACL permission should be added.

canpop :
Specify that the 'pop' ACL permission should be added.

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
ModifyQueueACLEntry

Tool name:
ModifyQueueACLEntry

Description:
Updates an ACL entry on the specified queue for the specified user and host,
on the specified realm.

Usage:
runUMTool ModifyQueueACLEntry -queuename=<queuename> -rname=<rname> -type=<type>
[optional_args]

Examples:

ModifyQueueACLEntry -rname=nsp://localhost:8080 -queuename=queue0 -type=group
-groupname=security_group0 -fullprivileges=true

ModifyQueueACLEntry -rname=nsp://localhost:8080 -queuename=queue0 -type=subject
-user=username -host=127.0.0.1 -fullprivileges=true

Required arguments:

queuename :
Name of the queue on which the ACL entry is being updated.

rname :
URL of the server on which the queue exists.

type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.

Optional Parameters:

groupname :
Name of the group for which ACL is being updated.

user :
User for which ACL is being updated.

host :
Host for which ACL is being updated.

canlistacl :
Specify that the 'list' ACL permission should be added.

canmodifyacl :
Specify that the 'modify' ACL permission should be added.

fullprivileges :
Specify that the 'full permissions' ACL permission should be added.

canread :
Specify that the 'read' ACL permission should be added.

canwrite :
Specify that the 'write' ACL permission should be added.

canpurge :
Specify that the 'purge' ACL permission should be added.

canpop :
Specify that the 'pop' ACL permission should be added.

username :
Your Universal Messaging server username.

password : Your Universal Messaging server password.
ModifyRealmACLEntry

Tool name:
ModifyRealmACLEntry

Description:
Modifies an ACL entry on the specified realm for the specified user and host.

Usage:
runUMTool ModifyRealmACLEntry -rname=<rname> -type=<type> [optional_args]

Examples:

ModifyRealmACLEntry -rname=nsp://localhost:8080 -type=group
-groupname=security_group0 -fullprivileges=true

ModifyRealmACLEntry -rname=nsp://localhost:8080 -type=subject -user=username
-host=127.0.0.1 -fullprivileges=true

Required arguments:

rname :
URL of the realm on which ACL is being updated.

type :
Type of ACL entry, either 'group' or 'subject'. If group is chosen,
'groupname' must be set. Otherwise 'user' and 'host' must be set.

Optional Parameters:

groupname :
Name of the group for which ACL is being updated.

user :
User for which ACL is being updated.

host :
Host for which ACL is being updated.

canlistacl :
Specify that the 'list' ACL permission should be added.

canmodifyacl :
Specify that the 'modify' ACL permission should be added.

fullprivileges :
Specify that the 'full permissions' ACL permission should be added.

canuseadminapi :
Specify that the 'use admin api' ACL permission should be added.

canmanagerealms :
Specify that the 'manage realms' ACL permission should be added.

canmanagejoins :
Specify that the 'manage joins' ACL permission should be added.

canmanagechannels :
Specify that the 'manage channels' ACL permission should be added.

canaccess :
Specify that the 'access' ACL permission should be added.

canoverrideconnectioncount :
Specify that the 'override connection count' ACL permission should be added.

canconfigure :
Specify that the 'configuration' ACL permission should be added.

canmanagedatagroups :
Specify that the 'manage data groups' ACL permission should be added.

canpublishglobaldatagroups :
Specify that the 'publish global data groups' ACL permission should be added.

cantakeownershipdatagroups :
Specify that the 'take ownership of data groups' ACL permission should be added.

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.
RemoveUserFromSecurityGroup

Tool name:
RemoveUserFromSecurityGroup

Description:
Removes a specified user from a given security group on the specified realm.

Usage:
runUMTool RemoveUserFromSecurityGroup -rname=<rname> -groupname=<groupname>
-user=<user> -host=<host> [optional_args]

Examples:

RemoveUserFromSecurityGroup -rname=nsp://localhost:8080
-groupname=security_group0 -user=username -host=127.0.0.1

Required arguments:

rname :
URL of the realm on which the security group resides.

groupname :
Name of the security group user is being removed from.

user :
User being removed from security group.

host :
Host of subject being removed from security group.

Optional Parameters:

username :
Your Universal Messaging server username.

password :
Your Universal Messaging server password.