jbsrmacl
- Organization of this page
Function
The jbsrmacl command deletes all the operating permissions assigned to a specified JP1 user or DS group. The JP1 user can be a standard user, linkage user, or DS user.
Format
jbsrmacl [-h logical-host-name]
[-s authentication-server-name]
{-u JP1-user-name | -g DS-group-name}
[-i]
[-ds#]- #:
-
The -ds option can be specified in Windows only.
Required execution permission
In Windows: Administrators (If User Account Control (UAC) for Windows is enabled, you must execute the command from the administrator console.)
In UNIX: Superuser or JP1/Base administrator permission
Command directory
- In Windows:
-
installation-folder\bin\
- In UNIX:
-
/opt/jp1base/bin/
Arguments
-h logical-host-name
When using JP1/Base in a cluster system, specify the logical host for which you want to delete the operating permissions of the JP1 user or DS group. If you omit this option, the host name set in the environment variable JP1_HOSTNAME is assumed. If the environment variable JP1_HOSTNAME is not set, the physical host name is assumed.
-s authentication-server-name
Specify the name of the authentication server from which you want to delete the operating permissions. When you set this option, the -h option is ignored.
-u JP1-user-name | -g DS-group-name
- -u JP1-user-name
-
Specify the JP1 user name for which you want to delete operating permissions.
- -g DS-group-name
-
Specify the security group name of the directory server from which you want to delete operating permission. Specify also the -ds option at the same time.
If the group name contains a space, enclose it with double quotation marks (").
The permissible number of characters is 1 through 256 (bytes). Permissible DS group name characters are limited only to ASCII characters except * / \ " ' ^ [ ] { } ( ) : ; | = , + ? < >, and tab characters.
-i
When you specify this option, a confirmation message appears before the operating permissions for the specified JP1 user or DS group are deleted. The deletion processing is executed only if you type y or Y in response to the message.
-ds
This option can be specified in Windows only.
Specify this option to delete operating permission from a DS user or DS group. If this option is specified, the value of the JP1 operating permission attribute of the DS user or DS group registered in the directory server becomes a null character.
Note
-
The -s option takes precedence if you specify both the -h and -s options. If you omit both options, the host name set in the environment variable JP1_HOSTNAME is assumed as the logical host. If you omit both options and nothing is set in JP1_HOSTNAME, the operating permissions are registered for the physical host.
-
When the -ds option is specified, the reload command (jbsaclreload) must be executed.
Return values
|
0 |
Normal end |
|
1 |
The user is not registered in the authentication server. |
|
2 |
Invalid arguments |
|
4 |
Insufficient system resource such as memory |
|
8 |
The authentication server has not started or is not responding |
|
12 |
An error occurred in the authentication server side when a DS user was used |
|
16 |
An error occurred in processing of the authentication server. |
|
32 |
An error occurred during initialization of the communication functionality |
|
128 |
Inconsistency in internal processing (a C++ exception) |
|
255 |
Other error |