What etautil command can be used to add multiple Oracle Roles?

book

Article ID: 140397

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

Etautil is a provisioning server command utility that can be used to apply  roles and privileges to and endpoint using a command line syntax.  The Oracle Etautil Conventions are documented in the product documentation (link below)


https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-management-and-governance-connectors/1-0/connectors/oracle-connectors/oracle-server-connector/administrating-the-oracle-connector.html

 

 

 

Environment

Release : 14.x

Component : IdentityMinder(Identity Manager)

Resolution

Users can have one or more roles granted to them, passing several types of privileges in the process. However, not all the roles are enabled when a user creates a session. Only the roles defined as default are enabled. The following command can be used to add two roles and set them as default role:


etautil.exe -u admin_name -p password -d im update 'eTORAAccountContainerName=Accounts,eTORADirectoryName=Endpoint_Name,eTNamespaceName=Oracle Server' eTORAAccount eTORAAccountName=Account_Name to +eTORAUserRole=Role_Name1 +eTORAUserRole=Role_Name2 +eTORADefaultRole=Role_Name1 +eTORADefaultRole=Role_Name2