Listing Details of a Particular Configuration
To list details of a particular configuration, use a command of the following format:
CentraSiteCommand get Authentication -domain <DOMAIN>
Input Parameters
The following table describes the complete set of input parameters that you can use with the get Authentication utility:
Parameter | Description |
-domain | The domain name of the user repository associated with the configuration. |
For example:
CentraSiteCommand get Authentication -domain LDAPDomain
The details are returned as an XML file. The XML file has a root element ino:domain that has the following attributes:
Element name | Description |
ino:acceptusers | Meaning: This specifies whether to allow access of any user that is correctly authenticated by the authentication service or whether to only allow access by users that are explicitly defined in CentraSite. Possible values: all - Allow access of any user that is correctly authenticated by the authentication service; defined (default value) - allow access only to users defined in CentraSite |
ino:casesensitiveuserids | Meaning: This determines whether or not user names in this domain are case-sensitive. Possible values: true - user IDs in this domain are case-sensitive; false - user IDs are not case-sensitive |
ino:default | Meaning: This determines whether or not the configuration is the default configuration. Possible values: true - This is the default configuration; false - this is not the default configuration. |
ino:domainid | Meaning: The domain name of the user repository associated with the configuration. |
ino:domaintype | Meaning: The type of user repository associated with the configuration. Possible values: Typical values are: INTERNAL (the default domain), or a Windows domain name or an LDAP domain name. |
ino:expire | Meaning: The amount of time (in seconds) that the user is cached in the server after successful authentication. Changes made to the user, e.g. deletion or password changes, do not take effect until this time has elapsed. The default is 120 seconds. This setting is provided for performance reasons. A value of 120 seconds is reasonable. If the connection to the LDAP server is slow, you can increase this figure. |
ino:usegroups | Meaning: This specifies whether to use the external group information from domains; for example, the groups in an Active Directory Server or in an LDAP server. Possible values: true - use external group information; false (default value) - do not use external group information. |
Example 1. Example
Here is an example of an authentication configuration returned as an XML file:
<ino:domain xmlns:ino="http://namespaces.softwareag.com/tamino/response2"
ino:acceptusers="all" ino:casesensitiveuserids="false" ino:default="false"
ino:domainid="LDAP" ino:domaintype="ldap" ino:expire="120"
ino:usegroups="true">
<ino:param ino:content="ldap://ldapserver12" ino:name="host"/>
<ino:param ino:content="10389" ino:name="port"/>
<ino:param ino:content="ApacheDS" ino:name="ldap_server_type"/>
<ino:param ino:content="ou=people,ou=RegionNorth,o=WidgetCo"
ino:name="ldap_person_dn"/>
<ino:param ino:content="inetOrgPerson" ino:name="ldap_person_object"/>
<ino:param ino:content="cn" ino:name="ldap_user_field"/>
<ino:param ino:content="ou=groups,ou=RegionNorth,o=WidgetCo"
ino:name="ldap_group_dn"/>
<ino:param ino:content="groupOfUniqueNames" ino:name="ldap_group_object"/>
<ino:param ino:content="uniqueMember"
ino:name="ldap_group_person_attribute"/>
<ino:param ino:content="rd" ino:name="ldap_resolve_groups"/>
<ino:param ino:content="TRUE" ino:name="useLdapTechUser" />
<ino:param ino:content="c:\softwareag\centrasite\bin\cred.txt"
ino:name="techLdapUserCredFile" />
<ino:param ino:content="c:\softwareag\centrasite\bin\key.txt"
ino:name="techLdapUserKeyFile" />
<ino:configuration>
<ino:group>
<ino:properties>
<ino:mapping ino:external="description" ino:local="description"/>
</ino:properties>
</ino:group>
<ino:user>
<ino:properties>
<ino:mapping ino:local="organization" ino:external="org"/>
<ino:mapping ino:local="emailAddresses:emailAddress:address"
ino:external="mail"/>
<ino:mapping ino:local="telephoneNumbers:telephoneNumber:number"
ino:external="telephoneNumber"/>
<ino:mapping
ino:local="telephoneNumbers:telephoneNumber:countryCode"
ino:external="telephoneCode"/>
<ino:mapping ino:local="telephoneNumbers:telephoneNumber:extension"
ino:external="telephoneExt"/>
<ino:mapping ino:local="telephoneNumbers:telephoneNumber:areaCode"
ino:external="telephoneAreaCode"/>
<ino:mapping ino:local="personName:firstName" ino:external="cn"/>
<ino:mapping ino:local="description" ino:external="description"/>
<ino:mapping ino:local="postalAddresses:postalAddress:postalCode:"
ino:external="postalcode"/>
<ino:mapping ino:local="postalAddresses:postalAddress:city:"
ino:external="postalcity"/>
<ino:mapping
ino:local="postalAddresses:postalAddress:stateOrProvince"
ino:external="stateorprovince"/>
<ino:mapping ino:local="postalAddresses:postalAddress:country"
ino:external="countrycode"/>
<ino:mapping ino:local="URL" ino:external="E-mail"/>
</ino:properties>
</ino:user>
</ino:configuration>
</ino:domain>
