jsschauthorityserver (switches the authentication method)
- Organization of this page
Description
This command switches the authentication method used by JP1/Service Support. The available authentication methods are as follows:
-
Authentication using the Item management database
-
Authentication using an LDAP server
-
Authentication using the JP1/Base authentication server
Format
jsschauthorityserver {-imss | -ldap LDAP-server-type | -base | -state}
Required execution permission
Administrator permissions
Storage folder
JP1/SS-path\bin\
Arguments
-imss
Authenticates using the Item management database.
-ldap LDAP-server-type
Authenticates using an LDAP server.
JP1/Service Support supports only Active Directory as the LDAP server. You can only specify AD (short for Active Directory) for LDAP-server-type.
When you specify this option, you need to specify required information in the JAAS user management definition file. For details about the JAAS user management definition file, see JAAS user management definition file (hptl_jp1_imss_ua_conf.properties) in Chapter 13. Definition Files.
-base
Authenticates using the JP1/Base authentication server.
-state
Confirms the current authentication server.
Return values
Return value |
Meaning |
---|---|
0 |
Normal end |
1 |
Abnormal end |
Prerequisites for executing the command
-
For details about which services need to be active or inactive when the command is executed, see Status of services when commands are executed in Chapter 12. Commands.
Remarks
-
If you use Ctrl+C or Ctrl+Break to cancel the jsschauthorityserver command while the command is being executed, switching of the authentication method might fail.
-
Only one jsschauthorityserver command can be executed at a time.
-
After you execute the jsschauthorityserver command to switch the authentication method, restart the JP1/Service Support service and the JP1/Service Support - Web Service service. If you do not restart these services, the windows might not be displayed correctly after login. If that occurs, restart the services and log in again.
-
If you perform restore installation after you execute the jsschauthorityserver command, the Item management database is set to be used for authentication. If you want to use the LDAP server for authentication, re-execute the jsschauthorityserver command after the restore installation.
-
When you are using the LDAP server or the JP1/Base authentication server for authentication, the LDAP server or the JP1/Base authentication server manages passwords. If you change a password from JP1/Service Support, the password managed by the LDAP server or the JP1/Base authentication server will not change. In this case, suppress changing of passwords in JP1/Service Support. To suppress changing of passwords, use the User management property file. For details, see User management property file (hptl_jp1_imss_usermgr.properties) in Chapter 13. Definition Files.
-
When the Windows UAC feature is enabled and the user account of the user who executes the jsschauthorityserver command has Administrator permissions other than Administrator, the command is successfully executed. However, authentication servers are not switched.
For details about how to execute the command when the Windows UAC feature is enabled and the user account has Administrator permissions, but is not the Administrator account itself, see List of commands.
-
After you switch the authentication server by using the jsschauthorityserver command, restart JP1/Service Support and JP1/Service Support - Web Service. If you do not restart these services, the window after the Login window might not be displayed normally. If the window after the Login window is not displayed normally, restart the above services, and then log in again.