NAME

Tivoli::AccessManager::Admin - Perl extension for TAM Admin API

SYNOPSIS

  use Tivoli::AccessManager::Admin;

  # Connect to the policy server as sec_master
  my $pdadmin = Tivoli::AccessManager::Admin->new('sec_master', 'password');

  # Get the user with the ID joe and print basic information
  my $user = $pdadmin->get_user('joe');
  print 'Login ID: ', $user->id, "\n";
  print 'Login CN: ', $user->cn, "\n";
  print 'Login DN: ', $user->dn, "\n";

  # Make the user account valid
  $user->valid(1);
  # Make the user a Non-GSO user
  $user->gso(0);

DESCRIPTION

Tivoli::AccessManager::Admin is a set of modules that utilize to TAM Admin C API to perform management functions within a Tivoli Access Manager environment.

METHODS

new(<user>, <password>, [<options>])

Creates a new Tivoli::AccessManager::Admin object and connects to the policy server. The first two arguments specifies the user ID of the administration and the password. If no other options are specified, the API will utilize the configuration information of the local TAM runtime. Additional options are:

keyring => FILENAME

Specifies the filename for a CMS keyring database for SSL operations.

stash => FILENAME

Specifies the filename of the stash file for the keyring.

password => PASSWORD

Specifies the password for the keyring. This parameter will take precedence over the stash file.

dn => CERTIFICATE DN

Specifies the DN of a certificate to be utilized for authentication.

server => HOSTNAME

Specifies the location of the policy server.

port => PORT

Specifies the TCP port of the policy server process. Default port is 7135.

Examples

        # Create a default context
        $pdadmin = Tivoli::AccessManager::Admin->new('sec_master', 'password'); 

        # Connect to policy server tam2.foobar.com
        $pdadmin = Tivoli::AccessManager::Admin->new('sec_master', 'password', 
                keyfile => '/var/PolicyDirector/keytab/pd2.kdb',
                password => 'cmsopen',
                server => 'tam2.foobar.com');

get_user(<userid>)

Retrieve a user object for the specified ID. This function will return a Tivoli::AccessManager::Admin::User object.

import_user(<userid>, <dn>)

Import a LDAP account into TAM. The first argument will used as the userd TAM logon ID and the second argument designates the LDAP of the existing account. This function will return a Tivoli::AccessManager::Admin::User object relating to the imported user.

remove_user(<userid>)

Remove a user from TAM only. This method is equivalent to the following pdadmin command.

   pdadmin> user delete <userid>

delete_user(<userid>)

Remove a user from TAM and LDAP. This method is equivalent to the following pdadmin command.

   pdadmin> user delete -registry <userid>

ok

Returns true if the last action was successful.

error

Returns true if the last action was unsuccessful.

message([<index>])

Returns the error message for the last action. The index will specify which error message to return if the last action resulted in more that one error condition. The index is 0 based.

code([<index>])

Returns the error code for the last action. The index will specify which error code to return if the last ction resulted in more that one error condition. The index is 0 based.

msg_count

Returns the number of errors generated for the last action.

EXPORT

None by default.

Exportable constants

  IVADMINAPI_H
  IVADMIN_AUDIT_ADMIN
  IVADMIN_AUDIT_ALL
  IVADMIN_AUDIT_DENY
  IVADMIN_AUDIT_ERROR
  IVADMIN_AUDIT_NONE
  IVADMIN_AUDIT_PERMIT
  IVADMIN_CALLTYPE
  IVADMIN_CONTEXT_ADUSERREG
  IVADMIN_CONTEXT_DCEUSERREG
  IVADMIN_CONTEXT_DOMINOUSERREG
  IVADMIN_CONTEXT_LDAPUSERREG
  IVADMIN_CONTEXT_MULTIDOMAIN_ADUSERREG
  IVADMIN_DECLSPEC
  IVADMIN_FALSE
  IVADMIN_MAXRETURN
  IVADMIN_PROTOBJ_TYPE_UNKNOWN
  IVADMIN_PROTOBJ_TYPE__APP_CONTAINER
  IVADMIN_PROTOBJ_TYPE__APP_LEAF
  IVADMIN_PROTOBJ_TYPE__CONTAINER
  IVADMIN_PROTOBJ_TYPE__DIR
  IVADMIN_PROTOBJ_TYPE__DOMAIN
  IVADMIN_PROTOBJ_TYPE__EXTERN_AUTH_SVR
  IVADMIN_PROTOBJ_TYPE__FILE
  IVADMIN_PROTOBJ_TYPE__HTTP_SVR
  IVADMIN_PROTOBJ_TYPE__JNCT
  IVADMIN_PROTOBJ_TYPE__LEAF
  IVADMIN_PROTOBJ_TYPE__MGMT_OBJ
  IVADMIN_PROTOBJ_TYPE__NETSEAL_NET
  IVADMIN_PROTOBJ_TYPE__NETSEAL_SVR
  IVADMIN_PROTOBJ_TYPE__NON_EXIST_OBJ
  IVADMIN_PROTOBJ_TYPE__PORT
  IVADMIN_PROTOBJ_TYPE__PROGRAM
  IVADMIN_PROTOBJ_TYPE__WEBSEAL_SVR
  IVADMIN_REASON_ALREADY_EXISTS
  IVADMIN_RESPONSE_ERROR
  IVADMIN_RESPONSE_INFO
  IVADMIN_RESPONSE_WARNING
  IVADMIN_SSOCRED_SSOGROUP
  IVADMIN_SSOCRED_SSOWEB
  IVADMIN_TIME_LOCAL
  IVADMIN_TIME_UTC
  IVADMIN_TOD_ALL
  IVADMIN_TOD_ANY
  IVADMIN_TOD_FRI
  IVADMIN_TOD_MINUTES
  IVADMIN_TOD_MON
  IVADMIN_TOD_OCLOCK
  IVADMIN_TOD_SAT
  IVADMIN_TOD_SUN
  IVADMIN_TOD_THU
  IVADMIN_TOD_TUE
  IVADMIN_TOD_WED
  IVADMIN_TOD_WEEKDAY
  IVADMIN_TOD_WEEKEND
  IVADMIN_TRUE

AUTHOR

George Chlipala, george@walnutcs.com

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)