qlogin

Description

This command logs on to a given CommServe by using the credentials of a CommCell Console user with sufficient permissions to perform the desired operations. The qlogin command writes encrypted user logon information to a .qsessions file in the install directory. The .qsessions file is used by subsequent commands until the session times out or you log off from the CommServe. The .qsessions file appears as qsessions.osuser on Windows and qsessions.osuserId on Unix.

By default, the timeout for each logon session is 14 days, so sessions idle for more than 14 days are terminated automatically. For changing the timeout for logon sessions, use QSDKSessionTimeout additional setting.

On Windows client computers, you can log on to the CommServe using the -sso option with the qlogin command. The -sso option uses your account credentials from the Active Directory service provider. For more information on this CommCell feature, see Single Sign On (SSO).

If multiple user sessions are needed to the CommServe, each user must use the qlogin command with the -f or -gt option to obtain a token. A token is an encrypted string that uniquely identifies the user and the CommServe to which the user is connected. For more information, see Using Tokens to Perform QCommands.

Upon successful completion, qlogin does not display any message in the command prompt. In case of an error, an error code and description are displayed as: "qlogin: Error errorcode: errordescription"

Note

When a user upgrades from a previous version to the current version a new session file is generated. To run the qcommands using this session file the user has to do a qlogout -all and has to log in again.

Usage

qlogin [-cs <commservehostname>] [-u <username>] [-ps <passwordstrong>] [-clp <plainpasswordtext>] [-af <argsfile>] [-f <logintokenfile>] [-gt <givetoken>] [-csn <csClientName>] [-sso] [-localadmin <localadmin>] [-h]

Options

-cs

CommServe host name

If a CommServe host name is not specified, this command logs on to the CommServe of the current host. To log on to a remote CommServe configured behind a firewall, specify the CommServe host name along with the CommServe client name.

-csn

CommServe client name

If the CommServe client name is not specified, this command will automatically select the current CommServe client name.

-clp

Plain text password

-u

User name (prompted if not specified)

On a Linux computer, if you include a domain along the user name , you must enclose it within a single quote.

For example, E:\commandline>qlogin -cs server1 -u 'domain\user1'

-ps

Strong encrypted password to log on to the CommServe.

You can create an encrypted password by saving any supported operation (for example, a backup or restore job) as a script using the Save as Script option in the CommCell Console. The batch file contains the qlogin string with the encrypted password in the -ps parameter. You can copy and paste the encrypted password into other scripts. For information on creating a batch file, see Save as Script Overview.

-af

Reads arguments from a file.

-f

Saves token to a file.

Note

tokenFile is the file name and location of the token file, for example, c:\YourTokenFile. If the token file path is not specified, then the token file is created in the following default locations:

  • UNIX: %installdir%qsessions.userid (For example, /opt/Commvault/Contentstore/qsessions.0)

  • Windows: %installdir%qsessions.username (For example, C:/Program Files/Commvault/Contentstore/qsessions.admin)

-gt

Returns the token after login.

-sso

Uses single sign-on (SSO) to log on using the user account credentials from the Active Directory service provider. This option is available on Windows client computers.

-localadmin

Allows the local administrator of a client computer (or a user with administrative rights) to log on to the CommServe without the need to provide a user name and password.

This option verifies that the user currently logged on to the client is a local administrator. Once authenticated, the user is automatically logged on to the CommServe as the owner of the client. All the operations that the user can perform will be limited to that client.

-h

Displays help

Argument File

For information on creating an argument file, see Command Line - FAQ - How do I use argument files in commands.

server

CommServe host name

user

User name (prompted if not specified)

password

Strong encrypted password to log on to the CommServe. (prompted if not specified)

You can create an encrypted password by saving any supported operation (for example, a backup or restore job) as a script using the Save as Script option in the CommCell Console. The batch file contains the qlogin string with the encrypted password in the -ps parameter. You can copy and paste the encrypted password into other scripts. For information on creating a batch file, see Save as Script Overview.

To use a plain text password, use the -clp command line option.

passwordstrong

Indicates that a strong encrypted password is used to log in. You can use any of the following values:

  • Y

  • Yes

  • 1

Diagnostics

Possible exit status values are:

  • 0 - Successful completion.

  • 1 - CLI usage failures, due to the use of an unsupported option or missing argument.

  • 2 - Any other failure.

Examples

  • Log on to CommServe server1 with user name user1.

    E:\commandline>qlogin -cs server1 -u user1 
     Password:
  • Log on to CommServe server1 with user name user1 and plain text password.

    E:\commandline>qlogin -cs server1 -u user1 -clp pwd123
    User logged in successfully.
  • On a Windows client computer, log on to the CommServe without providing credentials using the Single Sign-On option.

    E:\commandline>qlogin -sso
     User logged in successfully
  • Unsuccessful Log on to CommServe server1 with user name user1 due to Invalid Password.

    E:\commandline>qlogin -cs server1 -u user1
     Password:
     qlogin: Error 0x260: Invalid Login/Password
  • Use the following command to log on to a remote CommServe server2 which is behind a firewall.

    E:\commandline>qlogin -cs server2.mycompany.com -csn server2 -u user1
     Password:

Modifying the Timeout Session

You can modify the timeout for a logon session. By default, the timeout for each logon session is 14 days, so sessions idle for more than 14 days are terminated automatically. After a session times out, the user must log on again to continue running commands.

Note

The modified timeout is implemented for all active sessions.

  1. On the command line, go to software_installation_directory/Base and type the following command:

    qoperation execscript -sn SetKeyIntoGlobalParamTbl.sql -si QSDKSessionTimeout -si y -si 'timeout_period'

    where timeout_period is the number of seconds the session is valid before it times out, surrounded by single-quote marks. The minimum timeout is 300 seconds (5 minutes).

    Note

    To prevent sessions from timing out, set timeout_period to -1.

  2. Restart the Commvault Commands Manager (QSDK) service.

    For information on restarting a service, see Restarting a Service.

qlogin Using a Token

If multiple user sessions are needed to the CommServe, each user must use the qlogin command with the -f or -gt option to obtain a token. A token is an encrypted string that uniquely identifies the user and the CommServe to which the user is connected. Use one of the following methods to set up a token:

Method 1: Using a Token File

  1. Execute the following command to create a token file:

    C:\commandline>qlogin -f <tokenFile>

    where tokenFile is the file name and location where you want to create the token file, for example, c:\tokenfile.

  2. Provide the user name and password of the account you want to use to access the CommServe.

    Enter User Name:
    Password:

    An encrypted token file is created. You can run any qcommand operation by appending the token file to your qcommand.

    UNIX Example

    ./qlist client -tf /root/token/tokenfile

    Windows Example

    C:\commandline>qlist client -tf c:\tokenFile

Method 2: Using a Token String

  1. Execute the following command to obtain a token string:

    C:\commandline>qlogin -gt
  2. Provide the user name and password of the account you want to use to access the CommServe.

    Enter User Name:
    Password:

    A token string is displayed. You can run any qcommand operation by appending the token string to your qcommand. For example:

    C:\commandline>qlist client -tk 3405d9d1394cb7a023f66f7e31b23b65ca29d
     9df88ff2cb5de884bf6ff42cd1281ae818fd0
     30f047f297c769353f65e63690bd1de0260f1
     c1339e38d59f449c02108aca351bd1a70eb4a
     a7a37c2c3e90a16b91cd8a15a22c8691f3f53
     5a72e015b362b992018cdc3b067ed12fc8165
     77fe52624d513b9e7d2646bcdf5adf260dc39
     a6e8036f6e0e4c63f4408e8dadf20fe4b26a2
     008a02fb7446f8337852a8ae7c7d1014ad162
     76b15b3221246a2547c2189c04e54648518fb
     837f6922f81c378e0b5d9ce516ca7409dbb75
     521d3cef7d3cfa8720ea27568e6c352d2b83f
     d58d2c0debafc11eb273025ff8bee217473db
     b65da0365114326f51a868c2e1e36a2ade624
     741661cf1c392045a9ad323908f0224c9ade0
     0949bf46aec0c8f121f9a2

Loading...