rmres Command Delete a Resource
Valid in the AC environment
capamsc141
Valid in the AC environment
The rmres command removes resources from the database. Records belonging to the following classes can be deleted using the rmres command: ACVAR, ADMIN, APPL, CATEGORY, CONNECT, FILE, GAPPL, GHOST, GSUDO, GTERMINAL, HNODE, HOST, HOSTNET, HOSTNP, LOGINAPPL, MFTERMINAL, POLICY, PWPOLICY, SECFILE, SECLABEL, SPECIALPGM, SUDO, SURROGATE, TERMINAL, PROGRAM, PROCESS, RULESET, TCP, UACC, and any user defined class.
This command also exists in the native Windows environment but operates differently.
To remove a record from the database, you must meet one of the following conditions:
- You have the ADMIN attribute.
- The resource record is within the scope of a group in which you have the GROUP-ADMIN attribute.
- You are the owner of the resource record.
- You are assigned the DELETE authority in the access control list of the resource class's record in the ADMIN class.
This command has the following format:
{rmres|rr} classNameresourceName
- classNameSpecifies the name of the class to which the resource belongs. To list the resource classes defined toPAM Server Control, use the find command. See the find command in this chapter for more information.
- resourceNameSpecifies the name of the resource record you are deleting. When removing more than one resource, enclose the list of resource names in parentheses and separate the resource names with a space or a comma.PAM Server Controlprocesses each resource record independently. If an error occurs while processing a resource,PAM Server Controlissues a message and continues processing with the next resource in the list.
Example
The user Admin1 wants to remove the record TERMS from the TERMINAL class in the database.
- The user Admin1 has the ADMIN attribute.
rmres TERMINAL TERMS