> Documentation > CommCell Management > Security > User Administration and Security Overview > Command Line > Managing User Groups

XML Parameters for User Group Operations

The following table lists the supported parameters for user group operations.

Parameter

Description and Parameter Values

userGroupEntity/userGroupName

Name of the user group.

userGroupEntity/newName

If you are changing the name of the user group, enter the new name in the userGroupEntity/newName parameter and the original name in the userGroupEntity/userGroupName parameter.

associationsOperationType

The operation to perform on the role and entities inside the <associations> block. The entity, role, and user group form a security association. To perform an operation on multiple security associations, add an <associations> block in the XML file for each security association:

<associations>
   <entities>
     <entity>
       <entity_name></entity_name>
     </entity>
   </entities>
   <properties>
     <role>
       <roleName></roleName>
     </role>
   </properties>
</associations>

Valid values are:

  • ADD, to create a new security association between the entity, role, and user group

  • OVERWRITE, to overwrite existing security associations with new security associations

  • DELETE, to delete one or more security associations

entity/entity_name

Replace entity_name with the name of the entity operated on by the associationsOperationType parameter.

Valid replacement values are:

  • appName

  • backupsetName

  • clientGroupName

  • clientName

  • commCellName

  • containerName

  • libraryName

  • locationName

  • mediaAgentName

  • providerDomainName

  • schedulePolicyName

  • shelfName

  • storagePolicyName

  • subclientName

  • trackingPolicyName

  • userGroupName

  • userName

    To include multiple entities in a security association, add the following elements in the XML file for each entity:

     
    <entity>
  <entity_name>entity_value</entity_name>
</entity>

    Examples

    To associate two libraries, enter the following in the XML file:

    <entities>
   <entity>
     <libraryName>library_001</libraryName>
   </entity>
   <entity>
     <libraryName>library_022</libraryName>
   </entity>
</entities>

    To associate a domain, enter the following in the XML file:

    <entities>
   <entity>
     <providerDomainName>mydomain</providerDomainName>
   </entity>
</entities>

    To associate a file system and a MySQL agent, enter the following in the XML file:

    <entities>
  <entity>
     <appName>File System</appName>
  </entity>
</entities>
<entities>
  <entity>
     <appName>MySQL</appName>
  </entity>
</entities>

    Tip: For a list of valid values for the <appName> element, see GET Agent: appName.

role/roleName

The name of the role operated on by the associationsOperationType parameter. The <associations> block must have exactly one role, for example:

<associations>
   <properties>
     <role>
       <roleName>Role3</roleName>
     </role>
   </properties>
 ...
 ...
</associations>

permissionName

Use this element to add permissions without selecting a role. If you use the permissionName parameter, you cannot use the roleName parameter.

The name of the permission operated on by the associationsOperationType parameter. To work with multiple permissions, add the following elements in the XML file for each permission:

<categoriesPermissionList permissionName = ""/>

For a list of valid values, see User Security Permissions and Permitted Actions.

categoryName

Use this element to add all of the permissions in a category without selecting a role. If you use the categoryName parameter, you cannot use the roleName parameter.

The name of the permission category operated on by the associationsOperationType parameter. To work with multiple categories, add the following elements in the XML file for each category:

<categoriesPermissionList categoryName = ""/>

Valid values are:

  • Alert

  • Analytics

  • Client

  • CommCell

  • Content Director

  • Developer Tools

  • Global

  • Monitoring Policy

  • Plan

  • Schedule Policy

  • Storage Management

  • User Management

description

A general description of the user group.

enabled

Option to enable/disable the user group.

Valid values are True/False.

users/userName

Name of the user to be associated with the user group. To associate more than one user with a user group, add a <users> element for each user:

<users>
   <userName>USER1</userName>
</users>
<users>
   <userName>USER2</userName>
</users>

usersOperationType

The operation to perform on the users in the userName parameter.

Valid values are:

  • ADD, to associate new users.

  • OVERWRITE, to overwrite the existing users with the new users.

  • DELETE, to delete one or more users.

level

The property level information that you want to display when listing user groups. When no property level is specified, all properties are returned by default. Valid values are:

  • ListOnly, to list the user group name without its property information.

  • BasicProperties, to list the user group name along with its basic properties.

  • ExtendedProperties, to list the user group name along with its basic and extended properties.

  • AllProperties, to list the user group name along with all its properties.

transferAllFromOldUser

When a user group is deleted, you must transfer the ownership of entities such as alerts, scheduled policies, and workflows from the deleted user group to another user or user group.

To transfer ownership, the valid value is 1.

newUser/userName

The user name to transfer ownership to. When you delete a user group, you must provide either a new user name or a new user group name.

newUserGroup/userGroupName

The user group name to transfer ownership to. When you delete a user group, you must provide either a new user name or a new user group name.

Loading...