get_roles
Use the get_roles
command to check Active Directory and return a Tcl list of roles defined within the currently selected zone. If executed in a script, this command does not output its list to stdout
, and no output appears in the shell where the script is executed. Use list_roles
to output the list to stdout
.
You can only use the get_roles
command if the currently selected zone is a classic4 or hierarchical zone. The command does not work in other types of zones.
Zone type
Classic and hierarchical
Syntax
get_roles
Abbreviation
getr
Options
This command takes no options.
Arguments
This command takes no arguments.
Return value
This command returns a Tcl list of roles defined in the currently selected zone.
Examples
get_roles
This example returns the list of roles:
{Rescue - always permit login} scp sftp listed {UNIX Login} {Windows Login} winscp
Related commands
Before you use this command, you must have a currently selected role stored in memory. The following commands enable you to view and select the role to work with:
- list_roles lists to
stdout
the roles in the currently selected zone. - new_role creates a new role and stores it in memory.
- select_role retrieves a role from Active Directory and stores it in memory.
After you have a role stored in memory, you can use the following commands to work with role:
- add_command_to_role adds a UNIX command to the currently selected role.
- add_pamapp_to_role adds a PAM application to the currently selected role.
- delete_role deletes the selected role from Active Directory and from memory.
- get_role_apps returns a Tcl list of the PAM applications associated with the currently selected role.
- get_role_commands returns a Tcl list of the UNIX commands associated with the currently selected role.
- list_role_rights returns a list of all UNIX commands and PAM applications associated with the currently selected role.
- remove_command_from_role removes a UNIX command from the currently selected role.
- remove_pamapp_from_role removes a PAM application from the currently selected role.
- save_role saves the selected role with its current settings to Active Directory.
- set_role_field sets a field value in the currently selected role.