List of Commands ssoadm OpenAM
Table of Contents
In this post, I am going show List of Commands ssoadm OpenAM. Its command-line tool for OpenAM Configuration. Without using OpenAM console, we can configure OpenAM like creation of realms, creation of agent, the configuration of global parameters, find server configuration, etc…
Go to the ssoadm installed folder and execute the following command to list of commands ssoadm OpenAM.
OpenAM ssoadm Installation am folder generated
Sample ssoadm Command
Command 1
D:\forgerock\blog\AM-SSOAdminTools-5.1.2.13\am\bin>ssoadm.bat list-servers -u amadmin -f password.txt
Output
http://openam.narayanatutorial.com:8991/am
Command 2
D:\forgerock\blog\AM-SSOAdminTools-5.1.2.13\am\bin>ssoadm.bat list-server-cfg -u amadmin -f password.txt -s http://openam.narayanatutorial.com:8991/am
Output
am.encryption.pwd=lrN8maUDT6BxnUEbpIB3Y91lEdCLt2xN bootstrap.file=C:Users com.iplanet.am.lbcookie.value=01 com.iplanet.am.ldap.connection.ldap.error.codes.retries=80,81,91 com.iplanet.am.locale=en_US com.iplanet.am.server.host=openam.narayanatutorial.com com.iplanet.am.server.port=8991 com.iplanet.am.server.protocol=http com.iplanet.am.serverMode=true com.iplanet.am.services.deploymentDescriptor=/am com.iplanet.security.SSLSocketFactoryImpl=com.sun.identity.shared.ldap.factory.JSSESocketFactory com.iplanet.services.configpath=C:/Users/narayanaswamy.ragi/am com.iplanet.services.debug.level=error com.sun.am.event.connection.disable.list=aci,um com.sun.embedded.replicationport= com.sun.embedded.sync.servers=on com.sun.identity.common.systemtimerpool.size=3 com.sun.identity.sm.enableDataStoreNotification=true com.sun.identity.sm.sms_object_class_name=com.sun.identity.sm.SmsWrapperObject com.sun.identity.urlconnection.useCache=false com.sun.services.debug.mergeall=off opensso.protocol.handler.pkgs= org.forgerock.embedded.dsadminport=4444 ssoadm.disabled=false Server ID: 01
List of Commands
D:\forgerock\blog\AM-SSOAdminTools-5.1.2.13\am\bin>ssoadm.bat --help
Usage:
ssoadm --version, -V
Print version of this tool.
ssoadm --information, -O
Print basic information of this tool.
ssoadm --help, -?
Print Help.
ssoadm subcommand --global-options --options
Execute sub command.
ssoadm subcommand --help, -?
Print Help for sub command.
Global Options:
--locale, -l
Name of the locale to display the results.
--debug, -d
Run in debug mode. Results sent to the debug file.
--verbose, -v
Run in verbose mode. Results sent to standard output.
Subcommands:
add-agent-to-grp
Add agents to a agent group.
add-amsdk-idrepo-plugin
Create AMSDK IdRepo Plug-in
add-app-priv
Add a policy set privilege to delegate resources of a given policy
set. Note that policy sets are cached for 30 minutes. Restart
OpenAM to apply changes immediately.
add-attr-defs
Add default attribute values in schema.
add-attrs
Add attribute schema to an existing service.
add-auth-cfg-entr
Add authentication configuration entry
add-cot-member
Add a member to a circle of trust.
add-member
Add an identity as member of another identity
add-plugin-interface
Add Plug-in interface to service.
add-plugin-schema
Add Plug-in schema to service.
add-privileges
Add privileges to an identity. To add a privilege to all
authenticated users, use the "All Authenticated Users" idname with
"role" idtype.
add-res-bundle
Add resource bundle to data store.
add-site-members
Add members to a site.
add-site-sec-urls
Add Site Secondary URLs.
add-sub-schema
Add sub schema.
add-svc-attrs
Add service attribute values in a realm. Long content for an
attribute can be supplied in a file by appending '-file' to the
attribute name, and giving the filename as the value.
add-svc-identity
Add Service to an identity
add-svc-realm
Add service to a realm. Long content for an attribute can be
supplied in a file by appending '-file' to the attribute name, and
giving the filename as the value.
agent-remove-props
Remove agent's properties.
clone-server
Clone a server instance.
create-agent
Create a new agent configuration.
create-agent-grp
Create a new agent group.
create-appl
Create policy set.
create-appl-type
Create application type.
create-auth-cfg
Create authentication configuration
create-auth-instance
Create authentication module instance
create-cot
Create circle of trust.
create-datastore
Create data store under a realm
create-identity
Create identity in a realm
create-metadata-templ
Create new metadata template.
create-realm
Create realm.
create-server
Create a server instance.
create-site
Create a site.
create-sub-cfg
Create a new sub configuration. Long content for an attribute can
be supplied in a file by appending '-file' to the attribute name,
and giving the filename as the value.
create-svc
Create a new service in server.
create-svrcfg-xml
Create serverconfig.xml file. No options are required for flat file
configuration data store.
create-xacml
Create policies in a realm with XACML input.
delete-agent-grps
Delete agent groups.
delete-agents
Delete agent configurations.
delete-appl-types
Delete application types.
delete-appls
Delete policy sets. Note that policy sets are cached for 30
minutes. Restart OpenAM to apply changes immediately.
delete-attr
Delete attribute schemas from a service
delete-attr-def-values
Delete attribute schema default values.
delete-auth-cfgs
Delete authentication configurations
delete-auth-instances
Delete authentication instances
delete-cot
Delete circle of trust.
delete-datastores
Delete data stores under a realm
delete-entity
Delete entity.
delete-identities
Delete identities in a realm
delete-realm
Delete realm.
delete-realm-attr
Delete attribute from a realm.
delete-server
Delete a server instance.
delete-site
Delete a site.
delete-sub-cfg
Remove Sub Configuration.
delete-svc
Delete service from the server.
delete-xacml
Delete XACML policies from a realm.
do-batch
Do multiple requests in one command.
do-bulk-federation
Perform bulk federation.
do-migration70
Migrate organization to realm.
embedded-status
Status of embedded store.
export-entity
Export entity.
export-server
Export a server instance.
export-svc-cfg
Export service configuration. In production environments, you
should back up the service configuration using file system
utilities or the export-ldif command. Note that
export-ldif/import-ldif commands must be on the same deployment
where the encryption keys are located.
get-attr-choicevals
Get choice values of attribute schema.
get-attr-defs
Get default attribute values in schema.
get-auth-cfg-entr
Get authentication configuration entries
get-auth-instance
Get authentication instance values
get-identity
Get identity property values
get-identity-svcs
Get the service in an identity
get-realm
Get realm property values.
get-realm-svc-attrs
Get realm's service attribute values.
get-recording-status
Get the status of recording operations.
get-revision-number
Get service schema revision number.
get-sub-cfg
Get sub configuration.
get-svrcfg-xml
Get server configuration XML from centralized data store
import-bulk-fed-data
Import bulk federation data which is generated by
'do-bulk-federation' sub command.
import-entity
Import entity.
import-server
Import a server instance.
import-svc-cfg
Import service configuration. In production environments, you
should restore the service configuration using file system
utilities or the import-ldif command. Note that
import-ldif/export-ldif commands must be on the same deployment
where the encryption keys are located.
list-agent-grp-members
List agents in agent group.
list-agent-grps
List agent groups.
list-agents
List agent configurations.
list-app-privs
List policy set privileges in a realm.
list-appl-types
List application types.
list-appls
List policy set in a realm.
list-auth-cfgs
List authentication configurations
list-auth-instances
List authentication instances
list-cot-members
List the members in a circle of trust.
list-cots
List circles of trust.
list-datastore-types
List the supported data store types
list-datastores
List data stores under a realm
list-entities
List entities under a realm.
list-identities
List identities in a realm
list-identity-assignable-svcs
List the assignable service to an identity
list-realm-assignable-svcs
List the assignable services to a realm.
list-realms
List realms by name.
list-res-bundle
List resource bundle in data store.
list-server-cfg
List server configuration.
list-servers
List all server instances.
list-sessions
List stateful sessions.
list-sites
List all sites.
list-xacml
Export policies in realm as XACML.
policy-export
Export policy configuration for a given realm
policy-import
Import policy model into a given realm
register-auth-module
Registers authentication module.
remove-agent-from-grp
Remove agents from a agent group.
remove-app-priv-resources
Remove policy set privilege resources. Note that policy sets are
cached for 30 minutes. Restart OpenAM to apply changes immediately.
remove-app-priv-subjects
Remove policy set privilege subjects.
remove-app-privs
Remove policy set privileges.
remove-attr-choicevals
Remove choice values from attribute schema.
remove-attr-defs
Remove default attribute values in schema.
remove-cot-member
Remove a member from a circle of trust.
remove-member
Remove membership of identity from another identity
remove-plugin-schema
Add Plug-in interface to service.
remove-privileges
Remove privileges from an identity
remove-res-bundle
Remove resource bundle from data store.
remove-server-cfg
Remove server configuration.
remove-site-members
Remove members from a site.
remove-site-sec-urls
Remove Site Secondary URLs.
remove-sub-schema
Remove sub schema.
remove-svc-attrs
Remove service attribute values in a realm.
remove-svc-identity
Remove Service from an identity
remove-svc-realm
Remove service from a realm.
set-appl
Set policy set attributes. Note that policy sets are cached for 30
minutes. Restart OpenAM to apply changes immediately.
set-attr-any
Set any member of attribute schema.
set-attr-bool-values
Set boolean values of attribute schema.
set-attr-choicevals
Set choice values of attribute schema.
set-attr-defs
Set default attribute values in schema.
set-attr-end-range
Set attribute schema end range.
set-attr-i18n-key
Set i18nKey member of attribute schema.
set-attr-start-range
Set attribute schema start range.
set-attr-syntax
Set syntax member of attribute schema.
set-attr-type
Set type member of attribute schema.
set-attr-ui-type
Set UI type member of attribute schema.
set-attr-validator
Set attribute schema validator.
set-attr-view-bean-url
Set properties view bean URL member of attribute schema.
set-entitlement-conf
Set entitlements service configuration
set-identity-attrs
Set attribute values of an identity
set-identity-svc-attrs
Set service attribute values of an identity
set-inheritance
Set Inheritance value of Sub Schema.
set-plugin-viewbean-url
Set properties view bean URL of plug-in schema.
set-realm-attrs
Set attribute values of a realm.
set-realm-svc-attrs
Set attribute values of a service that is assigned to a realm. Long
content for an attribute can be supplied in a file by appending
'-file' to the attribute name, and giving the filename as the
value.
set-revision-number
Set service schema revision number.
set-site-id
Set the ID of a site.
set-site-pri-url
Set the primary URL of a site.
set-site-sec-urls
Set Site Secondary URLs.
set-sub-cfg
Set sub configuration. Long content for an attribute can be
supplied in a file by appending '-file' to the attribute name, and
giving the filename as the value.
set-svc-attrs
Set service attribute values in a realm. Long content for an
attribute can be supplied in a file by appending '-file' to the
attribute name, and giving the filename as the value.
set-svc-i18n-key
Set service schema i18n key.
set-svc-view-bean-url
Set service schema properties view bean URL.
set-svrcfg-xml
Set server configuration XML to centralized data store
show-agent
Show agent profile.
show-agent-grp
Show agent group profile.
show-agent-membership
List agent's membership.
show-agent-types
Show agent types.
show-app-priv
Show policy set privilege.
show-appl
Show policy set attributes.
show-appl-type
Show application type details.
show-auth-modules
Show the supported authentication modules in the system.
show-data-types
Show the supported data type in the system.
show-datastore
Show data store profile.
show-entitlement-conf
Display entitlements service configuration
show-identity-ops
Show the allowed operations of an identity a realm
show-identity-svc-attrs
Show the service attribute values of an identity
show-identity-types
Show the supported identity type in a realm
show-members
Show the members of an identity. For example show the members of a
role
show-memberships
Show the memberships of an identity. For sample show the
memberships of an user.
show-privileges
Show privileges assigned to an identity
show-realm-svcs
Show services in a realm.
show-site
Show site profile.
show-site-members
Display members of a site.
start-recording
Start recording a bundle that contains troubleshooting information,
including debug logs, thread dumps, and environment information.
stop-recording
Stop an active recording operation.
unregister-auth-module
Unregisters authentication module.
update-agent
Update agent configuration.
update-agent-grp
Update agent group configuration.
update-app-priv
Update a policy set privilege.
update-app-priv-resources
Set policy set privilege resources. Note that policy sets are
cached for 30 minutes. Restart OpenAM to apply changes immediately.
update-app-priv-subjects
Set policy set privilege subjects.
update-auth-cfg-entr
Set authentication configuration entries
update-auth-cfg-props
Set authentication configuration properties
update-auth-instance
Update authentication instance values
update-datastore
Update data store profile.
update-entity-keyinfo
Update XML signing and encryption key information in hosted entity
metadata.
update-server-cfg
Update server configuration.
update-svc
Update service.
Thanks for reading the article. Please comments and subscribe to get more updates.
Hello! I am Narayanaswamy founder and admin of narayanatutorial.com. I have been working in the IT industry for more than 12 years. NarayanaTutorial is my web technologies blog. My specialties are Java / J2EE, Spring, Hibernate, Struts, Webservices, PHP, Oracle, MySQL, SQLServer, Web Hosting, Website Development, and IAM(ForgeRock) Specialist
I am a self-learner and passionate about training and writing. I am always trying my best to share my knowledge through my blog.
