ssoexport (Referencing the single sign-on information repository)
- Organization of this page
Format
ssoexport [-n realm name] [-u user ID] [-scramble] useradmin_configfile
Function
This outputs the user information stored in the single sign-on information repository in the standard output in the CSV format.
When the user information is changed in the single sign-on information repository, the information output by the ssoexport command is placed and edited in the CSV file, and then it is re-registered with the ssoimport command.
When the user information is fetched by using the ssoexport command, the actual data in "SECRETDATA" is decrypted.
The realm and user ID must be contained in the user information so that the ssoexport command converts and outputs the user information in the CSV format. Otherwise, the command does not output the user information.
This command can be executed by the users with root privilege or permissions to execute the command. To learn more about how to grant permissions to execute the command to specific users, see mngenvsetup (setup management group) in the uCosminexus Application Server Command Reference Guide.
Arguments
- -n <realm name>
-
This specifies the realm name to be searched for. When omitted, all the realm names are searched.
- -u <user ID>
-
This specifies the user ID to be searched for. Wildcards (*) can be used in the user ID. Enclose a wildcard (*) with double quotation marks (").
- Examples:
-
-
-u "*"
All users are fetched.
-
-u "Ta*"
The users whose user ID starts with "Ta" are fetched.
-
-u "*no"
The users whose user ID ends with "no" are fetched.
-
When omitted, all the user IDs are searched.
- -scramble
-
Use this argument when passwords are scrambled by using the password change command (uachpw).
- <useradmin_configfile>
-
This specifies the integrated user management configuration file (ua.conf).
Examples of input and output
The following are the examples of input and output when the realm name is "RealmA" and when the users starting with "s9" are to be fetched.
- Input
-
- Windows:
C:\>ssoexport -n RealmA -u "s9*" "C:\Program Files\Hitachi\Cosminexus\manager\config\ua.conf"
- UNIX:
% ssoexport -n RealmA -u "s9*" /opt/Cosminexus/manager/config/ua.conf
- Output
SecurityDomain,USERID,SECRETDATA,PUBLICDATA,LINK_J2EE,LINK_REALMA RealmA,s981234,abfdef,, RealmA,s991234,ghijkl,,
Notes
-
When no information is stored in the single sign-on information repository or the user information that corresponds to the specified realm name or user ID cannot be obtained, this command exits with the header only.
-
Do not stop the LDAP directory server when the ssoexport command is executed. The command may exit without error messages.
-
Do not execute the ssoexport and ssoimport commands simultaneously.
-
Integrity is not ensured for the application that manages users at the destination registered by the ssoimport command. In other words, no error occurs even when the corresponding realm entry (or user entry) is not present in the single sign-on information repository. Be aware that no information is output when the ssoexport command is executed to reference the information. For the application that manages users at the destination, the ssoexport command outputs the value that corresponds to the realm entry immediately below the base DN.