object modify

Modifies an existing object.

Requires authentication (administrator ID and password) to use this command.

Important: User cannot modify objects within a shared object space or underneath an objectspace path, as opposed to under a standard object path.

Syntax

object modify object_name delete attribute attribute_name [attribute_value]

object modify object_name set attribute attribute_name attribute_value

object modify object_name set description description

object modify object_name set ispolicyattachable {yes|no}

object modify object_name set type type

Options

delete attribute attribute_name [attribute_value]

Deletes the specified extended attribute (name and value) from the specified protected object. The attribute must exist, or an error is displayed. When you delete the last value for an attribute, it also deletes the attribute from the specified protected object. The optional attribute_value deletes the specified value from the specified extended attribute key in the specified protected object. Examples of attribute names and values:

test11111
Dept_No445
Employee_name"Diana Lucas"

object_name

Specifies the protected object to be modified. The specified protected object is the fully qualified name of the object, including the object space within which it is located. The object must exist, or an error is displayed.

Examples of object names are:

/Management/Groups/Travel
/WebSEAL
/Management

set attribute attribute_name attribute_value

Creates an extended attribute, with the specified name and value, and adds it to the specified protected object. If the attribute exists, the attribute value is added as an additional value if the same value does not exist for this attribute. If the same value exists for this attribute, it does not get added again (duplicate values are not allowed), and no error is returned.

The optional attribute_value sets the specified value from the specified extended attribute key in the specified protected object. The attribute value must exist, or an error is displayed.

Examples of extended attribute names and values:

attr1valueA
attr1valueB
attr2valueC

set description description

Sets the description field of the specified protected object.

A valid description is an alphanumeric string that is not case-sensitive. String values are expected to be characters that are part of the local code set. Spaces are allowed. If the description contains a space, ensure that you enclose the description in double quotation marks. You can specify an empty string ("") to clear an existing description.

Example of description: "Travel Group aaa"

set ispolicyattachable {yes|no}

Sets whether the protected object can have an ACL, a POP, or an authorization rule attached or not. Valid values are yes or no.

set type type

Specifies the type of the object space to be created. Types range from 0 to 17. For example, types 10 or 16 are appropriate for objects.

You can assign any of the following types:

0: Unknown
1: Secure domain
2: File
3: Executable program
4: Directory
5: Junction
6: WebSEAL server
7: Unused
8: Unused
9: HTTP server
10: Nonexistent object
11: Container object
12: Leaf object
13: Port
14: Application container object
15: Application leaf object
16: Management object
17: Unused

Return codes

0: The command completed successfully.
1: The command failed. When a command fails, the pdadmin command provides a description of the error and an error status code in hexadecimal format (for example, 0x14c012f2). See "Error messages" in the IBM Knowledge Center. This reference provides a list of the Security Verify Access error messages by decimal or hexadecimal codes.

Examples

The following example sets the ispolicyattachable option for the /Management/Groups/Travel object:
```
pdadmin sec_master> object modify /Management/Groups/Travel set
ispolicyattachable yes
```

The following example sets the attributes for the /Management/test-object object:

pdadmin sec_master> object modify /Management/test-object set attribute
test1 1111