+

Search Tips   |   Advanced Search

Removing security domains using scripting

Use this topic to delete security domains from the configuration using the wsadmin tool. Remove security domains that are not needed in the security configuration.

Users assigned to the administrator role can configure security domains. Verify that we have the appropriate administrative role before configuring security domains. A security domain must exist in the configuration.


Tasks

  1. Start the wsadmin scripting tool.

  2. Determine the security domain to delete.

    Use the listSecurityDomains to view a list of security domains in the configuration. Specify true for the optional -listDescription parameter to list the description for each security domain...

      print AdminTask.listSecurityDomains('-listDescription true')

    The command returns the following example output: 

    {{name myDomain}
{description {security domain for administrative applications}}}
{{name domain2}
{description {new domain for cell123}}}

  3. Verify that no resources are assigned to the security domain to delete.

    Use this step to manually remove resources from the security domain of interest. We do not need to complete this step if we want to delete the security domain and each assigned resource. Use the listResourcesInSecurityDomain command to view a list of resources that are mapped to the security domain of interest...

      print AdminTask.listResourcesInSecurityDomain('-securityDomainName domain2')

    If the command returns the name of a resource, use the removeResourceFromSecurityDomain command to remove a resource from the security domain. For example, use the following Jython command to remove the Cell01 cell resource from the domain2 security domain:

      "AdminTask.removeResourceFromSecurityDomain('-securityDomainName domain2 -resourceName Cell=myhostCell01')"

  4. Delete the security domain from the configuration.

    Use the deleteSecurityDomain command to delete the security domain. If a resource associated with the domain was deleted from the system but the mapping was not removed form the domain, specify the optional -force parameter to remove the domain...

      AdminTask.deleteSecurityDomain('-securityDomainName domain2 -force true')

  5. Save the configuration changes.

  • Removing resources from security domains using scripting
  • Manage servers, nodes and cells with scripting