secadm loginscheme - Security Administration: Maintain Login Schemes

secadm loginscheme list

secadm loginscheme display login-scheme-name

secadm loginscheme add login-scheme-name [--description description] [--schemetype scheme-type] [--loginprocedure login-procedure] [--provider ldap-provider] [--ctxfactory ldap-contextFactory] [--rdn ldap-relativeDistinguishedName] [--namingattr ldap-namingAttribute]

secadm loginscheme udpate login-scheme-name [--description description] [--schemetype scheme-type] [--loginprocedure login-procedure] [--provider ldap-provider] [--ctxfactory ldap-contextFactory] [--rdn ldap-relativeDistinguishedName] [--namingattr ldap-namingAttribute]

secadm loginscheme delete login-scheme-name

Manage login schemes. Login schemes are attached to a service to determine how users or other services can access that service. A login scheme specifies what types of services are allowed to access the service it is attached to, whether the service will time out if idle for an amount of time, and determines how the user or service is authenticated.

After defining a login scheme, attach it to a service using the secadm service command.

Option Description
list List all login schemes in the system.
display Display a login scheme in the system.
add Add a login scheme to the system.
update Update a login scheme in the system.
delete Delete a login scheme from the system.
login-scheme-name Specify the login scheme name.
--description description Optional. Add a description of the login scheme name.
--schemetype scheme-type

Specify one of the following (Do not include spaces if you use command line entry):

  • Web UP Login

  • OS Login

  • NT Login

  • DB Login

  • No Login
--loginprocedure login-procedure

Specify one of the following:

  • LDAPBind

    Authenticate web access based on LDAP entries stored in a customer-specified location instead of in the Lawson default location.

  • XRefLookup

    Stores user information in a Landmark database table.

  • USE_PRIVILEGED_ID

    Allows a single privileged user to log into the database.

  • USE_USER_ID

    Users log in using their specified database login names and passwords.
--provider ldap-provider

The LDAP server host name and LDAP port formatted as a URL.

For example, ldap://hostname:portnumber

--ctxfactory ldap-contextFactory The ctx factory, such as com.sun.jndi.ldap.LdapCtxFactory.
--rdn ldap-relativeDistinguishedName

The Relative Distinguished Name (rdn) container for all users in the LDAP directory.

For the single LDAP container scenario, this is the DN containing all the LDAP users.

For the multiple LDAP container scenario, this is the base DN of the LDAP directory tree from which we begin to search to locate users.
--namingattr ldap-namingAttribute The naming attribute for users in the LDAP user container, for instance, cn or uid.