Wednesday, 2 October 2013

WLST for adding and removing users in EM

/u01/obiee/middlewarehome/Oracle_BI1/common/bin$ ./wlst.sh (Sources the enviroment and required libraries for opss)


Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
wls:/offline>  connect('biadmin','XXXXXXXXX','localhost:29000')
Connecting to t3://localhost:29000 with userid biadmin ...
Successfully connected to Admin Server 'AdminServer' that belongs to domain 'bifoundation_domain'.
Warning: An insecure protocol was used to connect to the
server. To ensure on-the-wire security, the SSL port or
Admin port should be used instead.
wls:/bifoundation_domain/serverConfig>  listAppRoles("obi")
Location changed to domainRuntime tree. This is a read-only tree with DomainMBean as the root.
For more help, use help(domainRuntime)
[ [Principal Clz Name : oracle.security.jps.service.policystore.ApplicationRole, Principal Name : BISystem, Type : APP_ROLE], Display Name : BI System Role, Description : null, Guid : F224900024E511E3BF8DAD4CACA361BB]
[ [Principal Clz Name : oracle.security.jps.service.policystore.ApplicationRole, Principal Name : BIAdministrator, Type : APP_ROLE], Display Name : BI Administrator Role, Description : null, Guid : F225053024E511E3BF8DAD4CACA361BB]
[ [Principal Clz Name : oracle.security.jps.service.policystore.ApplicationRole, Principal Name : BIAuthor, Type : APP_ROLE], Display Name : BI Author Role, Description : null, Guid : F225053124E511E3BF8DAD4CACA361BB]
[ [Principal Clz Name : oracle.security.jps.service.policystore.ApplicationRole, Principal Name : BIConsumer, Type : APP_ROLE], Display Name : BI Consumer Role, Description : null, Guid : F225053224E511E3BF8DAD4CACA361BB]


wls:/bifoundation_domain/serverConfig> grantAppRole('obi','BIAdministrator','weblogic.security.principal.WLSUserImpl','User1')
Already in Domain Runtime Tree


wls:/bifoundation_domain/serverConfig> listAppRoleMembers('obi','BIAdministrator')
Already in Domain Runtime Tree
[Principal Clz Name : weblogic.security.principal.WLSGroupImpl, Principal Name : BIAdministrators, Type : ENT_ROLE]
[Principal Clz Name : weblogic.security.principal.WLSUserImpl, Principal Name : User1, Type : ENT_USER]
[Principal Clz Name : weblogic.security.principal.WLSUserImpl, Principal Name : User2, Type : ENT_USER]
[Principal Clz Name : weblogic.security.principal.WLSUserImpl, Principal Name : User3, Type : ENT_USER]
[Principal Clz Name : weblogic.security.principal.WLSUserImpl, Principal Name : User4, Type : ENT_USER]


wls:/bifoundation_domain/serverConfig> revokeAppRole('obi','BIAdministrator','weblogic.security.principal.WLSUserImpl','User1')
Already in Domain Runtime Tree
wls:/bifoundation_domain/serverConfig> revokeAppRole('obi','BIAdministrator','weblogic.security.principal.WLSUserImpl','User2')
Already in Domain Runtime Tree
wls:/bifoundation_domain/serverConfig> grantAppRole('obi','BIAdministrator','weblogic.security.principal.WLSUserImpl','User1')
Already in Domain Runtime Tree
wls:/bifoundation_domain/serverConfig> exit ()


For More Info: Refer to section 9.3 Managing Application Policies with OPSS Scripts (Oracle® Fusion Middleware Application Security Guide
11g Release 1 (11.1.1)


 

No comments:

Post a Comment