object modify
Modifies an existing object.
Requires authentication (administrator ID and password) to use this command.
Syntax
object modify object_name
delete
attribute
attribute_name
[attribute_value
]
object
modify object_name
set
attribute
attribute_name
attribute_value
object
modify object_name
set
description
description
object
modify object_name
set
ispolicyattachable
{yes
|no
}
object
modify object_name
set
type
type
Options
delete
attribute
attribute_name
[attribute_value
]- Deletes the specified extended attribute (name and value) from
the specified protected object. The attribute must exist, or an error
is displayed. When you delete the last value for an attribute, it
also deletes the attribute from the specified protected object. The
optional
attribute_value
deletes the specified value from the specified extended attribute key in the specified protected object. Examples of attribute names and values:test11111 Dept_No445 Employee_name"Diana Lucas"
object_name
- Specifies the protected object to be modified. The specified protected
object is the fully qualified name of the object, including the object
space within which it is located. The object must exist, or an error
is displayed.
Examples of object names are:
/Management/Groups/Travel
/WebSEAL
/Management
set
attribute
attribute_name
attribute_value
- Creates an extended attribute, with the specified name and value,
and adds it to the specified protected object. If the attribute exists,
the attribute value is added as an additional value if the same value
does not exist for this attribute. If the same value exists for this
attribute, it does not get added again (duplicate values are not allowed),
and no error is returned.
The optional
attribute_value
sets the specified value from the specified extended attribute key in the specified protected object. The attribute value must exist, or an error is displayed.Examples of extended attribute names and values:attr1valueA attr1valueB attr2valueC
set
description
description
- Sets the description field of the specified protected object.
A valid description is an alphanumeric string that is not case-sensitive. String values are expected to be characters that are part of the local code set. Spaces are allowed. If the description contains a space, ensure that you enclose the description in double quotation marks. You can specify an empty string ("") to clear an existing description.
Example of description:
"Travel Group aaa"
set
ispolicyattachable
{yes
|no
}- Sets whether the protected object can have an ACL, a POP, or an
authorization rule attached or not. Valid values are
yes
orno
. set
type
type
- Specifies the type of the object space to be created. Types range
from 0 to 17. For example, types
10
or16
are appropriate for objects.You can assign any of the following types:- 0
- Unknown
- 1
- Secure domain
- 2
- File
- 3
- Executable program
- 4
- Directory
- 5
- Junction
- 6
- WebSEAL server
- 7
- Unused
- 8
- Unused
- 9
- HTTP server
- 10
- Nonexistent object
- 11
- Container object
- 12
- Leaf object
- 13
- Port
- 14
- Application container object
- 15
- Application leaf object
- 16
- Management object
- 17
- Unused
Return codes
- 0
- The command completed successfully.
- 1
- The command failed. When a command fails, the pdadmin command
provides a description of the error and an error status code in hexadecimal
format (for example,
0x14c012f2
). See "Error messages" in the IBM Knowledge Center. This reference provides a list of the Security Verify Access error messages by decimal or hexadecimal codes.
Examples
- The following example sets the
ispolicyattachable
option for the/Management/Groups/Travel
object:pdadmin sec_master> object modify /Management/Groups/Travel set ispolicyattachable yes
- The following example sets the attributes for the
/Management/test-object
object:pdadmin sec_master> object modify /Management/test-object set attribute test1 1111