A few months back, I was asked how to create users and groups in WAS, using Jython scripts. This is the post from that time: -
wasadmin@defaultWIMFileBasedRealm
deAdmin@defaultWIMFileBasedRealm
BPMAdmin@defaultWIMFileBasedRealm
ldapbind@defaultWIMFileBasedRealm
WebSphereAdmin@defaultWIMFileBasedRealm
Subsequently, I wanted to run a query against WIM to see what users existed, following an openLDAP integration.
Having determined the available Jython commands: -
which drew me to this: -
AdminTask.listRegistryUsers()
By default, this is what I get: -
print AdminTask.listRegistryUsers()
wasadmin
deAdmin
ldapbind
WebSphereAdmin
BPMAdmin
ldapbind
WebSphereAdmin
BPMAdmin
The Knowledge Centre provided more input: -
listRegistryUsers
The listRegistryUsers command displays the users in the user registry for a specific security realm, resource name, or domain name.
Target object
None.
Optional parameters
-securityDomainName
The listRegistryUsers command displays the users in the user registry for a specific security realm, resource name, or domain name.
Target object
None.
Optional parameters
-securityDomainName
Specifies the name of the security domain of interest. The securityDomainName, resourceName, and securityRealmName parameters are mutually exclusive. Do not specify more than one of these parameters. If you do not specify the securityDomainName, resourceName, or securityRealmName parameter, the system uses the active user registry from the global security configuration. (String)
-resourceName
Specifies the name of the resource of interest. The securityDomainName, resourceName, and securityRealmName parameters are mutually exclusive. Do not specify more than one of these parameters. If you do not specify the securityDomainName, resourceName, or securityRealmName parameter, the system uses the active user registry from the global security configuration. (String)
-securityRealmName
Specifies the name of the security realm of interest. The securityDomainName, resourceName, and securityRealmName parameters are mutually exclusive. Do not specify more than one of these parameters. If you do not specify the securityDomainName, resourceName, or securityRealmName parameter, the system uses the active user registry from the global security configuration. (String)
-displayAccessIds
Specifies whether to display the access IDs for each group. Specify true to display the access ID and group name for each group that the command returns. (Boolean)
-userFilter
Specifies the filter that the command uses to query for users. For example, specify test* to display each user name that starts with the test string. By default, the command returns all users. (String)
-numberOfUsers
Specifies the number of users to return. The default number of groups that the command displays is 20. (Integer)
Using this as input, this is what I get: -
print AdminTask.listRegistryUsers(['-securityRealmName', 'defaultWIMFileBasedRealm', '-displayAccessIds', 'true'])
[[accessId user:defaultWIMFileBasedRealm/uid=wasadmin,o=defaultWIMFileBasedRealm] [name wasadmin@defaultWIMFileBasedRealm] ]
[[accessId user:defaultWIMFileBasedRealm/uid=deAdmin,o=defaultWIMFileBasedRealm] [name deAdmin@defaultWIMFileBasedRealm] ]
[[accessId user:defaultWIMFileBasedRealm/cn=BPMAdmin,ou=people,dc=uk,dc=ibm,dc=com] [name BPMAdmin@defaultWIMFileBasedRealm] ]
[[accessId user:defaultWIMFileBasedRealm/cn=ldapbind,ou=people,dc=uk,dc=ibm,dc=com] [name ldapbind@defaultWIMFileBasedRealm] ]
[[accessId user:defaultWIMFileBasedRealm/cn=WebSphereAdmin,ou=people,dc=uk,dc=ibm,dc=com] [name WebSphereAdmin@defaultWIMFileBasedRealm] ]
[[accessId user:defaultWIMFileBasedRealm/uid=wasadmin,o=defaultWIMFileBasedRealm] [name wasadmin@defaultWIMFileBasedRealm] ]
[[accessId user:defaultWIMFileBasedRealm/uid=deAdmin,o=defaultWIMFileBasedRealm] [name deAdmin@defaultWIMFileBasedRealm] ]
[[accessId user:defaultWIMFileBasedRealm/cn=BPMAdmin,ou=people,dc=uk,dc=ibm,dc=com] [name BPMAdmin@defaultWIMFileBasedRealm] ]
[[accessId user:defaultWIMFileBasedRealm/cn=ldapbind,ou=people,dc=uk,dc=ibm,dc=com] [name ldapbind@defaultWIMFileBasedRealm] ]
[[accessId user:defaultWIMFileBasedRealm/cn=WebSphereAdmin,ou=people,dc=uk,dc=ibm,dc=com] [name WebSphereAdmin@defaultWIMFileBasedRealm] ]
print AdminTask.listRegistryUsers(['-securityRealmName', 'defaultWIMFileBasedRealm'])
wasadmin@defaultWIMFileBasedRealm
deAdmin@defaultWIMFileBasedRealm
BPMAdmin@defaultWIMFileBasedRealm
ldapbind@defaultWIMFileBasedRealm
WebSphereAdmin@defaultWIMFileBasedRealm
which is nice.