List of Commands ssoadm OpenAM

List of Commands ssoadm OpenAM

In this post, I am going show List of Commands ssoadm OpenAM. Its command-line tool for OpenAM Configuration. Without using OpenAM console, we can configure OpenAM like creation of realms, creation of agent, the configuration of global parameters, find server configuration, etc…

Go to the ssoadm installed folder and execute the following command to list of commands ssoadm OpenAM.

 

OpenAM ssoadm Installation am folder generated

OpenAM ssoadm Installation am folder generated

 

Sample ssoadm Command

Command 1

D:\forgerock\blog\AM-SSOAdminTools-5.1.2.13\am\bin>ssoadm.bat list-servers -u amadmin -f password.txt

Output

http://openam.narayanatutorial.com:8991/am

 

Command 2

D:\forgerock\blog\AM-SSOAdminTools-5.1.2.13\am\bin>ssoadm.bat list-server-cfg -u amadmin -f password.txt -s http://openam.narayanatutorial.com:8991/am

Output

am.encryption.pwd=lrN8maUDT6BxnUEbpIB3Y91lEdCLt2xN
bootstrap.file=C:Users
com.iplanet.am.lbcookie.value=01
com.iplanet.am.ldap.connection.ldap.error.codes.retries=80,81,91
com.iplanet.am.locale=en_US
com.iplanet.am.server.host=openam.narayanatutorial.com
com.iplanet.am.server.port=8991
com.iplanet.am.server.protocol=http
com.iplanet.am.serverMode=true
com.iplanet.am.services.deploymentDescriptor=/am
com.iplanet.security.SSLSocketFactoryImpl=com.sun.identity.shared.ldap.factory.JSSESocketFactory
com.iplanet.services.configpath=C:/Users/narayanaswamy.ragi/am
com.iplanet.services.debug.level=error
com.sun.am.event.connection.disable.list=aci,um
com.sun.embedded.replicationport=
com.sun.embedded.sync.servers=on
com.sun.identity.common.systemtimerpool.size=3
com.sun.identity.sm.enableDataStoreNotification=true
com.sun.identity.sm.sms_object_class_name=com.sun.identity.sm.SmsWrapperObject
com.sun.identity.urlconnection.useCache=false
com.sun.services.debug.mergeall=off
opensso.protocol.handler.pkgs=
org.forgerock.embedded.dsadminport=4444
ssoadm.disabled=false

Server ID: 01

 

List of Commands

 

D:\forgerock\blog\AM-SSOAdminTools-5.1.2.13\am\bin>ssoadm.bat --help


Usage:
    ssoadm --version, -V
        Print version of this tool.

    ssoadm --information, -O
        Print basic information of this tool.

    ssoadm --help, -?
        Print Help.

    ssoadm subcommand --global-options --options
        Execute sub command.

    ssoadm subcommand --help, -?
        Print Help for sub command.

Global Options:
    --locale, -l
        Name of the locale to display the results.

    --debug, -d
        Run in debug mode. Results sent to the debug file.

    --verbose, -v
        Run in verbose mode. Results sent to standard output.


Subcommands:
    add-agent-to-grp
        Add agents to a agent group.

    add-amsdk-idrepo-plugin
        Create AMSDK IdRepo Plug-in

    add-app-priv
        Add a policy set privilege to delegate resources of a given policy
        set. Note that policy sets are cached for 30 minutes. Restart
        OpenAM to apply changes immediately.

    add-attr-defs
        Add default attribute values in schema.

    add-attrs
        Add attribute schema to an existing service.

    add-auth-cfg-entr
        Add authentication configuration entry

    add-cot-member
        Add a member to a circle of trust.

    add-member
        Add an identity as member of another identity

    add-plugin-interface
        Add Plug-in interface to service.

    add-plugin-schema
        Add Plug-in schema to service.

    add-privileges
        Add privileges to an identity. To add a privilege to all
        authenticated users, use the "All Authenticated Users" idname with
        "role" idtype.

    add-res-bundle
        Add resource bundle to data store.

    add-site-members
        Add members to a site.

    add-site-sec-urls
        Add Site Secondary URLs.

    add-sub-schema
        Add sub schema.

    add-svc-attrs
        Add service attribute values in a realm. Long content for an
        attribute can be supplied in a file by appending '-file' to the
        attribute name, and giving the filename as the value.

    add-svc-identity
        Add Service to an identity

    add-svc-realm
        Add service to a realm. Long content for an attribute can be
        supplied in a file by appending '-file' to the attribute name, and
        giving the filename as the value.

    agent-remove-props
        Remove agent's properties.

    clone-server
        Clone a server instance.

    create-agent
        Create a new agent configuration.

    create-agent-grp
        Create a new agent group.

    create-appl
        Create policy set.

    create-appl-type
        Create application type.

    create-auth-cfg
        Create authentication configuration

    create-auth-instance
        Create authentication module instance

    create-cot
        Create circle of trust.

    create-datastore
        Create data store under a realm

    create-identity
        Create identity in a realm

    create-metadata-templ
        Create new metadata template.

    create-realm
        Create realm.

    create-server
        Create a server instance.

    create-site
        Create a site.

    create-sub-cfg
        Create a new sub configuration. Long content for an attribute can
        be supplied in a file by appending '-file' to the attribute name,
        and giving the filename as the value.

    create-svc
        Create a new service in server.

    create-svrcfg-xml
        Create serverconfig.xml file. No options are required for flat file
        configuration data store.

    create-xacml
        Create policies in a realm with XACML input.

    delete-agent-grps
        Delete agent groups.

    delete-agents
        Delete agent configurations.

    delete-appl-types
        Delete application types.

    delete-appls
        Delete policy sets. Note that policy sets are cached for 30
        minutes. Restart OpenAM to apply changes immediately.

    delete-attr
        Delete attribute schemas from a service

    delete-attr-def-values
        Delete attribute schema default values.

    delete-auth-cfgs
        Delete authentication configurations

    delete-auth-instances
        Delete authentication instances

    delete-cot
        Delete circle of trust.

    delete-datastores
        Delete data stores under a realm

    delete-entity
        Delete entity.

    delete-identities
        Delete identities in a realm

    delete-realm
        Delete realm.

    delete-realm-attr
        Delete attribute from a realm.

    delete-server
        Delete a server instance.

    delete-site
        Delete a site.

    delete-sub-cfg
        Remove Sub Configuration.

    delete-svc
        Delete service from the server.

    delete-xacml
        Delete XACML policies from a realm.

    do-batch
        Do multiple requests in one command.

    do-bulk-federation
        Perform bulk federation.

    do-migration70
        Migrate organization to realm.

    embedded-status
        Status of embedded store.

    export-entity
        Export entity.

    export-server
        Export a server instance.

    export-svc-cfg
        Export service configuration. In production environments, you
        should back up the service configuration using file system
        utilities or the export-ldif command. Note that
        export-ldif/import-ldif commands must be on the same deployment
        where the encryption keys are located.

    get-attr-choicevals
        Get choice values of attribute schema.

    get-attr-defs
        Get default attribute values in schema.

    get-auth-cfg-entr
        Get authentication configuration entries

    get-auth-instance
        Get authentication instance values

    get-identity
        Get identity property values

    get-identity-svcs
        Get the service in an identity

    get-realm
        Get realm property values.

    get-realm-svc-attrs
        Get realm's service attribute values.

    get-recording-status
        Get the status of recording operations.

    get-revision-number
        Get service schema revision number.

    get-sub-cfg
        Get sub configuration.

    get-svrcfg-xml
        Get server configuration XML from centralized data store

    import-bulk-fed-data
        Import bulk federation data which is generated by
        'do-bulk-federation' sub command.

    import-entity
        Import entity.

    import-server
        Import a server instance.

    import-svc-cfg
        Import service configuration. In production environments, you
        should restore the service configuration using file system
        utilities or the import-ldif command. Note that
        import-ldif/export-ldif commands must be on the same deployment
        where the encryption keys are located.

    list-agent-grp-members
        List agents in agent group.

    list-agent-grps
        List agent groups.

    list-agents
        List agent configurations.

    list-app-privs
        List policy set privileges in a realm.

    list-appl-types
        List application types.

    list-appls
        List policy set in a realm.

    list-auth-cfgs
        List authentication configurations

    list-auth-instances
        List authentication instances

    list-cot-members
        List the members in a circle of trust.

    list-cots
        List circles of trust.

    list-datastore-types
        List the supported data store types

    list-datastores
        List data stores under a realm

    list-entities
        List entities under a realm.

    list-identities
        List identities in a realm

    list-identity-assignable-svcs
        List the assignable service to an identity

    list-realm-assignable-svcs
        List the assignable services to a realm.

    list-realms
        List realms by name.

    list-res-bundle
        List resource bundle in data store.

    list-server-cfg
        List server configuration.

    list-servers
        List all server instances.

    list-sessions
        List stateful sessions.

    list-sites
        List all sites.

    list-xacml
        Export policies in realm as XACML.

    policy-export
        Export policy configuration for a given realm

    policy-import
        Import policy model into a given realm

    register-auth-module
        Registers authentication module.

    remove-agent-from-grp
        Remove agents from a agent group.

    remove-app-priv-resources
        Remove policy set privilege resources. Note that policy sets are
        cached for 30 minutes. Restart OpenAM to apply changes immediately.

    remove-app-priv-subjects
        Remove policy set privilege subjects.

    remove-app-privs
        Remove policy set privileges.

    remove-attr-choicevals
        Remove choice values from attribute schema.

    remove-attr-defs
        Remove default attribute values in schema.

    remove-cot-member
        Remove a member from a circle of trust.

    remove-member
        Remove membership of identity from another identity

    remove-plugin-schema
        Add Plug-in interface to service.

    remove-privileges
        Remove privileges from an identity

    remove-res-bundle
        Remove resource bundle from data store.

    remove-server-cfg
        Remove server configuration.

    remove-site-members
        Remove members from a site.

    remove-site-sec-urls
        Remove Site Secondary URLs.

    remove-sub-schema
        Remove sub schema.

    remove-svc-attrs
        Remove service attribute values in a realm.

    remove-svc-identity
        Remove Service from an identity

    remove-svc-realm
        Remove service from a realm.

    set-appl
        Set policy set attributes. Note that policy sets are cached for 30
        minutes. Restart OpenAM to apply changes immediately.

    set-attr-any
        Set any member of attribute schema.

    set-attr-bool-values
        Set boolean values of attribute schema.

    set-attr-choicevals
        Set choice values of attribute schema.

    set-attr-defs
        Set default attribute values in schema.

    set-attr-end-range
        Set attribute schema end range.

    set-attr-i18n-key
        Set i18nKey member of attribute schema.

    set-attr-start-range
        Set attribute schema start range.

    set-attr-syntax
        Set syntax member of attribute schema.

    set-attr-type
        Set type member of attribute schema.

    set-attr-ui-type
        Set UI type member of attribute schema.

    set-attr-validator
        Set attribute schema validator.

    set-attr-view-bean-url
        Set properties view bean URL member of attribute schema.

    set-entitlement-conf
        Set entitlements service configuration

    set-identity-attrs
        Set attribute values of an identity

    set-identity-svc-attrs
        Set service attribute values of an identity

    set-inheritance
        Set Inheritance value of Sub Schema.

    set-plugin-viewbean-url
        Set properties view bean URL of plug-in schema.

    set-realm-attrs
        Set attribute values of a realm.

    set-realm-svc-attrs
        Set attribute values of a service that is assigned to a realm. Long
        content for an attribute can be supplied in a file by appending
        '-file' to the attribute name, and giving the filename as the
        value.

    set-revision-number
        Set service schema revision number.

    set-site-id
        Set the ID of a site.

    set-site-pri-url
        Set the primary URL of a site.

    set-site-sec-urls
        Set Site Secondary URLs.

    set-sub-cfg
        Set sub configuration. Long content for an attribute can be
        supplied in a file by appending '-file' to the attribute name, and
        giving the filename as the value.

    set-svc-attrs
        Set service attribute values in a realm. Long content for an
        attribute can be supplied in a file by appending '-file' to the
        attribute name, and giving the filename as the value.

    set-svc-i18n-key
        Set service schema i18n key.

    set-svc-view-bean-url
        Set service schema properties view bean URL.

    set-svrcfg-xml
        Set server configuration XML to centralized data store

    show-agent
        Show agent profile.

    show-agent-grp
        Show agent group profile.

    show-agent-membership
        List agent's membership.

    show-agent-types
        Show agent types.

    show-app-priv
        Show policy set privilege.

    show-appl
        Show policy set attributes.

    show-appl-type
        Show application type details.

    show-auth-modules
        Show the supported authentication modules in the system.

    show-data-types
        Show the supported data type in the system.

    show-datastore
        Show data store profile.

    show-entitlement-conf
        Display entitlements service configuration

    show-identity-ops
        Show the allowed operations of an identity a realm

    show-identity-svc-attrs
        Show the service attribute values of an identity

    show-identity-types
        Show the supported identity type in a realm

    show-members
        Show the members of an identity. For example show the members of a
        role

    show-memberships
        Show the memberships of an identity. For sample show the
        memberships of an user.

    show-privileges
        Show privileges assigned to an identity

    show-realm-svcs
        Show services in a realm.

    show-site
        Show site profile.

    show-site-members
        Display members of a site.

    start-recording
        Start recording a bundle that contains troubleshooting information,
        including debug logs, thread dumps, and environment information.

    stop-recording
        Stop an active recording operation.

    unregister-auth-module
        Unregisters authentication module.

    update-agent
        Update agent configuration.

    update-agent-grp
        Update agent group configuration.

    update-app-priv
        Update a policy set privilege.

    update-app-priv-resources
        Set policy set privilege resources. Note that policy sets are
        cached for 30 minutes. Restart OpenAM to apply changes immediately.

    update-app-priv-subjects
        Set policy set privilege subjects.

    update-auth-cfg-entr
        Set authentication configuration entries

    update-auth-cfg-props
        Set authentication configuration properties

    update-auth-instance
        Update authentication instance values

    update-datastore
        Update data store profile.

    update-entity-keyinfo
        Update XML signing and encryption key information in hosted entity
        metadata.

    update-server-cfg
        Update server configuration.

    update-svc
        Update service.

 

Thanks for reading the article. Please comments and subscribe to get more updates.

 

 

 

Leave a Reply