Create A Top Secret Profile ACID Using LDAP
Article ID: 109853
Updated On:
Products
Top Secret
Top Secret - LDAP
Issue/Introduction
What is the method to create a Top Secret PROFILE ACID using LDAP?
Environment
Release:
Component: TSSLDP
Component: TSSLDP
Resolution
To add a PROFILE:
./ldapmodify -c -h YourHost -p nnnn -D cn=Admin -w XXXX -x -f add_profile.ldif
where:
YourHost is your Host name
nnn is your port number
Admin is your TSS administrator
XXXX is the administrator password
add_profile.ldif is the ldif file containing the profile definition to be created.
Here is an example of the add_profile.ldif:
*** Top of file ****
dn:tssproflist=profldap,tssacidgrp=proflist,tssacid=myacid,tssadmingrp=acids,host=YourHost,o=ca,c=us
changetype: add
objectClass: tssproflist
Profile-Before: prof001
Profile-Until-Date: 10/12/20
Target-Nodes-for-Cmds: =
**** End of file ****
To permit a resource to a PROFILE, the ldapmodify command is the same as above, but the ldif file name 'per_resource.ldif' will be different. For example:
**** Top of file ****
dn: tssresname=ZZZZ,tssresclass=IBMGROUP,tssacidgrp=Permissions,
tssprofile=PROFLDAP,tssadmingrp=profiles,host=YourHost,o=ca,c=us
changetype: add
objectClass: tssresname
tssresclass: IBMGROUP
tssresname: ZZZZ
**** End of file ****
To create an acid, the ldapmodify command is the same as above, but the ldif file name 'create_acid.ldif' will be different. For example:
**** Top of file ****
version: 1
dn:tssacid=000002,tssadmingrp=acids,host=usi252me,o=ca,c=us
changetype: add
objectClass: tssacid
Name:DEFAULT USER 2
tssacid:000002
User-Type:USER
Department:D112
userPassword:000002
userPassword-Expire: Y
My-Phone-Number-is:06.17.69.89.00
My-Street-is:£4, Place des Pyramides
**** End of file ****
./ldapmodify -c -h YourHost -p nnnn -D cn=Admin -w XXXX -x -f add_profile.ldif
where:
YourHost is your Host name
nnn is your port number
Admin is your TSS administrator
XXXX is the administrator password
add_profile.ldif is the ldif file containing the profile definition to be created.
Here is an example of the add_profile.ldif:
*** Top of file ****
dn:tssproflist=profldap,tssacidgrp=proflist,tssacid=myacid,tssadmingrp=acids,host=YourHost,o=ca,c=us
changetype: add
objectClass: tssproflist
Profile-Before: prof001
Profile-Until-Date: 10/12/20
Target-Nodes-for-Cmds: =
**** End of file ****
To permit a resource to a PROFILE, the ldapmodify command is the same as above, but the ldif file name 'per_resource.ldif' will be different. For example:
**** Top of file ****
dn: tssresname=ZZZZ,tssresclass=IBMGROUP,tssacidgrp=Permissions,
tssprofile=PROFLDAP,tssadmingrp=profiles,host=YourHost,o=ca,c=us
changetype: add
objectClass: tssresname
tssresclass: IBMGROUP
tssresname: ZZZZ
**** End of file ****
To create an acid, the ldapmodify command is the same as above, but the ldif file name 'create_acid.ldif' will be different. For example:
**** Top of file ****
version: 1
dn:tssacid=000002,tssadmingrp=acids,host=usi252me,o=ca,c=us
changetype: add
objectClass: tssacid
Name:DEFAULT USER 2
tssacid:000002
User-Type:USER
Department:D112
userPassword:000002
userPassword-Expire: Y
My-Phone-Number-is:06.17.69.89.00
My-Street-is:£4, Place des Pyramides
**** End of file ****
Feedback
Yes
No
Powered by
