After setting up the single sign-on for multiple CommCells by configuring the IdP and SP CommCells, you can access the features or services of the participating SP CommCells from the command line interface.
SAML tokens are used for logging on and performing operations on the participating SP CommCells.
Procedure
-
Create the SAML token file on the IdP CommCell and save it to a specified location:
Token expiration
Command
Valid up to 300 seconds (5 minutes)
Run the following command:
qlogin getsamltoken –f token_fileWhere, token_File is the file name and location where you want to create the token file.
Example
qlogin getsamltoken –f c:\tok9Valid for a user-defined period
Run the following command:
qlogin getsamltoken [–f token_file] [-validformins minutes]Where, token_file is the file name and location where you want to create the token file and minutes is the validity period for the token file.
Example
qlogin getsamltoken –f c:\tok9 -validformins 20 -
Perform operations on the SP CommCell by using the generated token as a one-time request token or a session token:
Token
Command
Session token
Allows you to log on and set up a session in the SP CommCell to perform operations.
To log on to set up a session on the SP CommCell, run the following command:
qlogin [-cs commserve_host_name][-csn cs_Client_Name][–samlloginfile token_file]For example, to list all the client computers configured in the CommCell, run the following command:
qlist client [-cs commserve_host_name]One-time request token
This token allows you to perform operations on the SP CommCell without setting up a logon session (using the qlogin command).
The QCommands can be used directly by specifying the generated token.
This token can be used with the following commands:
-
qlist client
-
qlist clientgroup
-
qlist job
-
qoperation execute
For example, to list all the client computers configured on the CommCell by using a one-time request, run the following command:
qlist client [-cs commserve_host_name] [-tf token_file]
-