searchUsers command

Use this command to search for users.

Purpose

Use the searchUsers command to find users in virtual member manager that match particular criteria. For example, your can use the searchUsers command to find all users with a uid that starts with the letter 'd'.

If successful, the searchUsers command returns a list of unique names of all users that match the search criteria.

Note: If the Use global security settings option is selected for the user realm or the Global federated repositories option is selected as the realm type for the specified domain, this command is executed on the federated repository of the admin domain. However, configuration changes that are performed on the domain are applied to the security domain-specific configuration.

Syntax

searchUsers { {-cn commonname –sn surname -principalName principalName -uid uid 
               -mail mail} [-timeLimit tlimit] [-countLimit countlimit] [-clearCache clearCacheMode] [-securityDomainName domainName] }
Exactly one of the parameters (cn, sn, principalName, uid, or mail) must be specified. If none or more than one is specified, an exception occurs.

Parameters

-cn commonname
Specifies the first name or given name of the user. This parameter maps to the cn property in virtual member manager.
-sn surname
Specifies the last name or family name of the user. This parameter maps to the sn property in virtual member manager.
-principalName principalName
Specifies the principal name of the user that is used as the logon ID for the user in the system. This parameter maps to the principalName property in virtual member manager.
-uid uid
Specifies the unique ID value for the user that you want to search for. This parameter maps to the uid property in virtual member manager.
–timeLimit tlimit
Specifies the maximum amount of time in milliseconds that the search can run. The default is no time limit.
–countLimit countlimit
Specifies the maximum number of results that you want returned from the search. By default, all users found in the search are returned.
-clearCache clearCacheMode
Specifies whether the repository adapter cache should be cleared before performing the search operation for users.
The valid value is clearAll, which clears all of the cached information in the repository adapter. The value is not case-sensitive. There is no default value for this parameter. If you do not specify a value, or specify a value other than clearAll, an error message appears.
Avoid trouble: Frequent use of this parameter to clear the cache may result in performance degradation. When the cache is cleared, the subsequent operation has to get the details from the repository and update the cache with this newly retrieved data; so the subsequent operation takes longer to complete.
-securityDomainName domainName
Specifies the name that uniquely identifies the security domain. If you do not specify this parameter, the command uses the global federated repository.
Note: If you define multiple login properties, then the first login property is programmatically mapped to the federated repositories principalName property. For example, if you set uid;mail as the login properties, the LDAP attribute uid is mapped to the federated repositories principalName property.

Sample

To search for all users that have a principal name, issue this command:
$AdminTask searchUsers {-principalName *}
To search for all users that have a uid that starts with the letter 'd', issue this command:
$AdminTask searchUsers {-uid d*}


Terms of use | Feedback