esfadmin Command Syntax

Restriction: This topic applies only when the Enterprise Server feature is enabled.

Syntax:

esfadmin [options] subcmd [keyword=value | keyword]...

Used to update the security definitions in active External Security Managers. It calls the Enterprise Server External Security Facility (ESF) to submit requests.

Parameters:

The options are:

-a Do not audit. By default, esfadmin sends audit information for each request to the ESF Audit Facility.
-cconfig file Specifies the name of a configuration file for the MLDAP ESM Module. This is a text file, in the same format as the "Configuration Information" area in the Security Manager definition.

Usage: esfadmin -cldap-config.txt where ldap-config.txt contains:

[LDAP] 
base=CN=Micro Focus,
CN=Program Data,
DC=mycorp,DC=com
-uESF user A valid ES account that is being used to sign on to the ESF. The default is: SYSAD

Usage:

esfadmin -uSYSAD

-pESF password. The associated password. The default is: SYSAD
-UESM user A valid username for the External Security Manager; for example, with MLDAP, a user account with appropriate access to the LDAP repository.

If this is not supplied, then for commands other than the LIST commands, esfadmin prompts for the ESM username. (For LIST commands, esfadmin lets the ESM module use its default credentials.

-PESM password The associated password.

If this is not supplied, then for commands other than the LIST commands, esfadmin prompts for a password.

-Sserver URL Specifies the connection path for the LDAP server.

Usage:

esfadmin -S ldap://adhost
Note: You can specify a URL up to 256 characters in length.
-ooptions file Specifies the relative or absolute path and file name that contains the options to be used with the esfadmin command. Values containing spaces must be quoted. Options must be delimited with spaces and/or newlines.

The options file can contain any esfadmin options and positional parameters, except -o. An options file can be combined with command-line options. Parameters from the options file and the command line will be combined in the order they appear on the command line.

The options file is typically used to contain sensitive data such as the ESM password, or to simplify scripting a set of commands.

Note: The options file path and file name is limited to 256 bytes.
-Mmodule Specifies the ESM module. The default is mldap_esm.

The sub commands are:

ADDACE, ALTACE, DELACE
ADDUSER, ALTUSER, DELUSER, LISTUSER
ADDGROUP, ALTGROUP, DELGROUP, LISTGROUP
ADDCLASS, ALTCLASS, DELCLASS, LISTCLASS
ADDMEMBER, DELMEMBER
ADDRESOURCE, ALTRESOURCE, DELRESOURCE, LISTRESOURCE
LISTREFERENCES
SETPASSWORD, SETOPTIONS

Comments:

The subcommand specifies the function to be performed. Each function requires one or more parameters. Parameters consist of stand-alone keywords and keyword-value pairs. Keyword-value pairs should be entered with no spaces between the keyword, the equal sign, and the value. Values that contain spaces or other special characters should be quoted, as required by the shell.