CA System z Security Communication Servers (DSI, LDAP, PAM) 15.1

PDF
English

Sample Search Commands (CA Top Secret)

To issue CA LDAP Server queries with command line tools and retrieve specific objects in the CA Top Secret tree, use the following search commands:
cszscss
To issue CA LDAP Server queries with command line tools and retrieve specific objects in the CA Top Secret tree, use the following search commands:
In the samples in the following table, you must supply your site-specific values for the following parameters. Use these samples with the variable definitions listed after the table.
Function
Command
Retrieve security and backend version information
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
-s base -b “
your_suffix
” tsssysinfo=internal
Retrieve all ACIDs
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
-s one -b “tssadmingrp=acids,
your_suffix
Retrieve a specific ACID
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
-s base -b “tssacid=
the_acid
, tssadmingrp=acids,
your_suffix
Retrieve all ACIDs that start with the characters ‘LDAP’
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
-s one -b “tssadmingrp=acids,
your_suffix
” (tssacid=’LDAP*’)
Retrieve all the facilities for a specific ACID
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
 -s one -b “tssacidgrp=facilities,tssacid=
the_acid
, tssadmingrp=acids,
your_suffix
Retrieve all the ownerships for a specific ACID
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
-s one -b “tssacidgrp=
ownerships,tssacid=the_acid
, tssadmingrp=acids,
your_suffix
Retrieve all the permissions for a specific ACID
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
 -s one -b
“tssacidgrp=permissions,tssacid=the_acid
, tssadmingrp=acids,
your_suffix
Retrieve all the profiles for a specific ACID
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
-s one -b “tssacidgrp=proflist,tssacid=
the_acid
, tssadmingrp=acids,
your_suffix
Retrieve all ACIDs of type=profile
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
-s one -b “tssadmingrp=profiles,
your_suffix
Retrieve all ACIDs of type=group
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
-s one -b “tssadmingrp=groups,
your_suffix
Retrieve a specific profile
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
-s base -b “tssprofile=
the_profile
, tssadmingrp=profiles,
your_suffix
Retrieve all the facilities for a specific profile
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
-s one -b
“tssprofgrp=facilities,tssprofile=the_profile
, tssadmingrp=profiles,
your_suffix
Retrieve all the permissions for a specific profile
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
-s one -b “tssprofgrp=permissions, tssprofile=
the_profile
, tssadmingrp=profiles,
your_suffix
Retrieve all the ACIDs for a specific profile
ldapsearch -x -D cn=
real_acid
 -w
real_pswd
 -H
your_url
:
your_port
 -s one -b “tssprofgrp=acidlist,
tssprofile=the_profile
, tssadmingrp=profiles,
your_suffix
  • real_acid
    Specifies a real ACID defined in the CA Top Secret database.
  • real_pswd
    Specifies the password for the
    real_acid.
  • your_url
    Specifies the URL of CA LDAP Server.
  • your_port
    Specifies the port that CA LDAP Server is using.
  • your_suffix
    Specifies the configured suffix used in slapd.conf.
  • the_acid
    Specifies the real ACID defined in the CA Top Secret database that you are trying to retrieve details for.
  • the_profile
    Specifies the real profile or group defined in the CA Top Secret database for which you are trying to retrieve details.