CLI Administrator Methods

Contents
sm1252sp1
Contents
AuthScheme Method Sets or Retrieves an Authentication Scheme
The AuthScheme method sets or retrieves the authentication scheme for an administrator stored in an external directory.
Syntax
The AuthScheme method has the following format:
Netegrity::PolicyMgtAdmin->AuthScheme( [authScheme] )
Parameters
The AuthScheme method accepts the following parameter:
  1. authScheme
    (PolicyMgtAuthScheme)
    (Optional) Specifies the authentication scheme to set.
Return Value
The AuthScheme method returns one of the following values:
  • A PolicyMgtAuthScheme object
  • undef
    if no authentication scheme exists, or if the call was unsuccessful
Description Method Sets or Retrieves the Description of an Administrator
The Description method sets or retrieves the description of the administrator.
Syntax
The Description method has the following format:
Netegrity::PolicyMgtAdmin->Description( [adminDesc] )
Parameters
The Description method accepts the following parameter:
  1. adminDesc
    (string)
    (Optional) Specifies the description of the administrator.
Return Value
The Description method returns one of the following values:
  • The new or existing administrator directory description
  • An empty string if unsuccessful
ManageAllDomains Method Grants or Revokes Privileges to Manage Policy Server Objects
The ManageAllDomains method grants or revokes privileges to manage all system-level and domain-level Policy Server objects.
Syntax
The ManageAllDomains method has the following format:
Netegrity::PolicyMgtAdmin->ManageAllDomains( [allDomFlag] )
Parameters
The ManageAllDomains method accepts the following parameter:
  1. allDomFlag
    (int)
    (Optional) Specifies whether system-level and domain-level privileges are enable (set to a value of 1), or disabled (set to a value of 0).
Return Value
The ManageAllDomains method returns one of the following values:
  • 1 if the administrator can manage all domains
  • 0 if the administrator cannot manage all domains
Remarks
Privileges include:
Management of system-level Policy Store objects such as administrators, agents, directories, policy domains, authentication schemes, registration schemes, ODBC query schemes, and password policies
  • Management of agent groups, directory mappings, and certificate mappings
    These objects cannot be managed through the Scripting Interface.
  • All of the domain-level privileges granted through the ManageDomainObjects method
ManageDomainObjects Method Grants or Revokes Privileges to Manage Domain Objects
The ManageDomainObjects method grants or revokes privileges to manage domain-level Policy Server objects.
Syntax
The ManageDomainObjects method has the following format:
Netegrity::PolicyMgtAdmin->ManageDomainObjects( [domFlag] )
Parameters
The ManageDomainObjects method accepts the following parameter:
  1. domFlag
    (int)
    (Optional) Specifies whether domain object management privileges are granted (set to a value of 1), or revoked (set to a value of 0).
Return Value
The ManageDomainObjects method returns one of the following values:
  • 1 if the administrator can manage domain objects
  • 0 if the administrator cannot manage domain objects
Remarks
Privileges include:
Management of rules, responses, policies, and realms
  • Management of rule and response groups
    These objects cannot be managed through the Scripting Interface.
  • Flushing of realms from the resource cache
ManageKeysAndPwdPolicy Method Grants or Revokes Privileges to Manage Keys and Password Policies
The ManageKeysAndPwdPolicy method grants or revokes administrator privileges to manage keys and password policies.
Syntax
The ManageKeysAndPwdPolicy method has the following format:
Netegrity::PolicyMgtAdmin->ManageKeysAndPwdPolicy( [pwdPolFlag] )
Parameters
The ManageKeysAndPwdPolicy method accepts the following parameters:
pwdPolFlag
(int)
(Optional) Specifies granting or revoking privileges. Setting this flag to 1 has different meanings for different types of administrators:
System-level administrators will be able to manage both keys and password policies.
  • Domain-level administrators will be able to manage password policies only.
Note: You can only create system-level administrators with the Command Line Interface. To create a domain-level administrator, use the Administrative UI.
Setting this flag to 0 revokes these privileges.
Return Value
The ManageKeysAndPwdPolicy method returns one of the following values:
  • 1 privileges enabled
  • 0 privileges disabled
ManageUsers Method Grants or Revokes Privileges to Manage Users
The ManageUsers method grants or revokes privileges to manage users.
Syntax
The ManageUsers method has the following format:
Netegrity::PolicyMgtAdmin->ManageUsers( [userFlag] )
Parameters
The ManageUsers method accepts the following parameter:
  1. userFlag
    (int)
    (Optional) Specifies whether to grant (set value to 1) or revoke (set value to 0) user management privileges.
Return Value
The ManageUsers method returns one of the following values:
  • 1 if the administrator can manage users
  • 0 if the administrator cannot manage users
Name Method Sets or Retrieves the Name of an Administrator
The Name method sets or retrieves the name of the administrator.
Syntax
The Name method has the following format:
Netegrity::PolicyMgtAdmin->Name( [adminName] )
Parameters
The Name method accepts the following parameter:
  1. adminName
    (string)
    (Optional) Specifies the name of the administrator.
Return Value
The Name method returns one of the following values:
  • The new or existing administrator name
  • undef
    if the call was unsuccessful
Password Method Sets or Retrieves the Administrator Password
The Password method sets or retrieves the administrator password.
Syntax
The Password method has the following format:
Netegrity::PolicyMgtAdmin->Password([adminPwd])
Parameters
The Password method accepts the following parameter:
  1. adminPwd
    (string)
    (Optional) Specifies the administrator password.
Return Value
The Password method returns one of the following values:
  • The new or existing administrator password
  • undef
    if the call was unsuccessful
UserDirectory Method Sets or Retrieves an External User Directory
The UserDirectory method sets or retrieves an external user directory for the administrator.
Syntax
The UserDirectory method has the following format:
Netegrity::PolicyMgtAdmin->UserDirectory([userDir])
Parameters
The UserDirectory method accepts the following parameter:
  1. userDir
    (PolicyMgtUserDir)
    (Optional) Specifies the external user directory.
Return Value
The UserDirectory method returns one of the following values:
  • A PolicyMgtUserDir object
  • undef
    if no directory exists, or if the call was unsuccessful