NAME

TAM::Admin - Perl extension for TAM Admin API

SYNOPSIS

use TAM::Admin;

# Connect to the policy server as sec_master
my $pdadmin = TAM::Admin->new('sec_master', 'password');

# Get the user with the ID joe and print basic information
my $user = $pdadmin->get_user('joe');
print 'Login ID: ', $user->id, "\n";
print 'Login CN: ', $user->cn, "\n";
print 'Login DN: ', $user->dn, "\n";

# Make the user account valid
$user->valid(1);
# Make the user a Non-GSO user
$user->gso(0);

DESCRIPTION

TAM::Admin is a set of modules that utilize to TAM Admin C API to perform management functions within a Tivoli Access Manager environment.

METHODS

new(<user>, <password>, [<options>])

Creates a new TAM::Admin object and connects to the policy server. The first two arguments specifies the user ID of the administration and the password. If no other options are specified, the API will utilize the configuration information of the local TAM runtime. Additional options are:

keyring => FILENAME

Specifies the filename for a CMS keyring database for SSL operations.

stash => FILENAME

Specifies the filename of the stash file for the keyring.

password => PASSWORD

Specifies the password for the keyring. This parameter will take precedence over the stash file.

dn => CERTIFICATE DN

Specifies the DN of a certificate to be utilized for authentication.

server => HOSTNAME

Specifies the location of the policy server.

port => PORT

Specifies the TCP port of the policy server process. Default port is 7135.

Examples

# Create a default context
$pdadmin = TAM::Admin->new('sec_master', 'password'); 

# Connect to policy server tam2.foobar.com
$pdadmin = TAM::Admin->new('sec_master', 'password', 
	keyfile => '/var/PolicyDirector/keytab/pd2.kdb',
	password => 'cmsopen',
	server => 'tam2.foobar.com');

get_user(<userid>)

Retrieve a user object for the specified ID. This function will return a TAM::Admin::User object.

import_user(<userid>, <dn>)

Import a LDAP account into TAM. The first argument will used as the userd TAM logon ID and the second argument designates the LDAP of the existing account. This function will return a TAM::Admin::User object relating to the imported user.

remove_user(<userid>)

Remove a user from TAM only. This method is equivalent to the following pdadmin command.

pdadmin> user delete <userid>

delete_user(<userid>)

Remove a user from TAM and LDAP. This method is equivalent to the following pdadmin command.

pdadmin> user delete -registry <userid>

ok

Returns true if the last action was successful.

error

Returns true if the last action was unsuccessful.

message([<index>])

Returns the error message for the last action. The index will specify which error message to return if the last action resulted in more that one error condition. The index is 0 based.

code([<index>])

Returns the error code for the last action. The index will specify which error code to return if the last ction resulted in more that one error condition. The index is 0 based.

msg_count

Returns the number of errors generated for the last action.

EXPORT

None by default.

Exportable constants

IVADMINAPI_H
IVADMIN_AUDIT_ADMIN
IVADMIN_AUDIT_ALL
IVADMIN_AUDIT_DENY
IVADMIN_AUDIT_ERROR
IVADMIN_AUDIT_NONE
IVADMIN_AUDIT_PERMIT
IVADMIN_CALLTYPE
IVADMIN_CONTEXT_ADUSERREG
IVADMIN_CONTEXT_DCEUSERREG
IVADMIN_CONTEXT_DOMINOUSERREG
IVADMIN_CONTEXT_LDAPUSERREG
IVADMIN_CONTEXT_MULTIDOMAIN_ADUSERREG
IVADMIN_DECLSPEC
IVADMIN_FALSE
IVADMIN_MAXRETURN
IVADMIN_PROTOBJ_TYPE_UNKNOWN
IVADMIN_PROTOBJ_TYPE__APP_CONTAINER
IVADMIN_PROTOBJ_TYPE__APP_LEAF
IVADMIN_PROTOBJ_TYPE__CONTAINER
IVADMIN_PROTOBJ_TYPE__DIR
IVADMIN_PROTOBJ_TYPE__DOMAIN
IVADMIN_PROTOBJ_TYPE__EXTERN_AUTH_SVR
IVADMIN_PROTOBJ_TYPE__FILE
IVADMIN_PROTOBJ_TYPE__HTTP_SVR
IVADMIN_PROTOBJ_TYPE__JNCT
IVADMIN_PROTOBJ_TYPE__LEAF
IVADMIN_PROTOBJ_TYPE__MGMT_OBJ
IVADMIN_PROTOBJ_TYPE__NETSEAL_NET
IVADMIN_PROTOBJ_TYPE__NETSEAL_SVR
IVADMIN_PROTOBJ_TYPE__NON_EXIST_OBJ
IVADMIN_PROTOBJ_TYPE__PORT
IVADMIN_PROTOBJ_TYPE__PROGRAM
IVADMIN_PROTOBJ_TYPE__WEBSEAL_SVR
IVADMIN_REASON_ALREADY_EXISTS
IVADMIN_RESPONSE_ERROR
IVADMIN_RESPONSE_INFO
IVADMIN_RESPONSE_WARNING
IVADMIN_SSOCRED_SSOGROUP
IVADMIN_SSOCRED_SSOWEB
IVADMIN_TIME_LOCAL
IVADMIN_TIME_UTC
IVADMIN_TOD_ALL
IVADMIN_TOD_ANY
IVADMIN_TOD_FRI
IVADMIN_TOD_MINUTES
IVADMIN_TOD_MON
IVADMIN_TOD_OCLOCK
IVADMIN_TOD_SAT
IVADMIN_TOD_SUN
IVADMIN_TOD_THU
IVADMIN_TOD_TUE
IVADMIN_TOD_WED
IVADMIN_TOD_WEEKDAY
IVADMIN_TOD_WEEKEND
IVADMIN_TRUE

AUTHOR

George Chlipala, george@walnutcs.com

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)