Network Deployment (Distributed operating systems), v8.0 > Scripting the application serving environment (wsadmin) > Scripting for security > Configure security with scripting > Configure multiple security domains using scripting

Remove user registries using scripting

We can use wsadmin.sh to remove user registries from global security or security domain configurations. Use the steps in this topic to remove LDAP, local operating system, custom, or federated repository user registries from your global security or security domain configurations. We must meet the following requirements before configuring local operating system user registries:

• We must have the administrator or new admin role.
• Enable global security in the environment.

Procedure

1. Launch wsadmin.sh using the Jython scripting language. See the Starting the wsadmin scripting client article for more information.
2. Determine the registry to remove.

   Use the getUserRegistryInfo command to display information about a user registry from the global security configuration or in a security domain. We must specify the type of user registry of interest. Valid values are LDAPUserRegistry, WIMUserRegistry, CustomUserRegistry, and LocalOSUserRegistry. The following command returns a list of values in the local operating system user registry object for the domain2 security domain, as the following example Jython demonstrates:

   AdminTask.getUserRegistryInfo('-securityDomainName domain2 -userRegistryType LocalOSUserRegistry')
   

3. Determine whether the registry of interest is the active user registry.

   We cannot remove the active user registry. Use the getActiveSecuritySettings command to see check if the user registry is the active user registry before removing it.

4. Remove the registry of interest.

   Use the unconfigureUserRegistry command to remove the registry of interest. If you remove the user registry from the global security configuration, then the command reduces the registry object to the minimum values for the configuration. If you remove the user registry from a security domain, then the command removes the configuration object from the security domain. The following Jython example removes the local operating system user registry configuration from the domain2 security domain:

   AdminTask.unconfigureUserRegistry('-securityDomainName domain2 -userRegistryType LocalOSUserRegistry')
   

5. Save the configuration changes.

   Save the configuration changes:

   AdminConfig.save()
   

Local operating system registries
Configure security domains using scripting
Map resources to security domains using scripting
Remove resources from security domains using scripting
Remove security domains using scripting
Start the wsadmin scripting client using wsadmin.sh

+

Search Tips   |   Advanced Search