select_role command to retrieve a role in the currently selected zone from Active Directory. This command stores the role in memory, and makes it the currently selected role for subsequent ADEdit commands. The role remains selected until you select another role or zone, delete the role, or end the ADEdit session.
If you use ADEdit commands such as
set_role_field to change settings for the selected role, you must save the selected role using the
save_role command for your changes to take effect in Active Directory. If you select another role or end the ADEdit session before saving the currently selected role, your changes will be lost.
You can only use the
select_role command to select roles if the currently selected zone is a classic4 or hierarchical zone. The command does not work for other types of zones.
Classic and hierarchical
This command takes no options.
This command takes the following arguments:
Required. Specifies the name of the role to select.
This command returns nothing if it runs successfully.
This example retrieves the role definition named
servicerep in the current zone and makes it as the currently selected role.
Before you use this command, you must have a currently selected zone stored in memory. The following commands enable you to view and select a role:
- get_roles returns a Tcl list of roles in the current zone.
- list_roles lists to
stdoutthe roles in the current zone.
- new_role creates a new role and stores it in memory.
After you have a role stored in memory, you can use the following commands to work with that role:
- add_command_to_role adds a UNIX command right to the current role.
- add_pamapp_to_role adds a PAM application right to the current role.
- delete_role deletes the selected role from Active Directory and from memory.
- get_role_apps returns a Tcl list of the PAM application rights associated with the current role.
- get_role_commands returns a Tcl list of the UNIX commands associated with the current role.
- get_role_field reads a field value from the current role.
- list_role_rights returns a list of all UNIX command and PAM application rights associated with the current role.
- remove_command_from_role removes a UNIX command right from the current role.
- remove_pamapp_from_role removes a PAM application right from the current role.
- save_role saves the selected role with its current settings to Active Directory.
- set_role_field sets a field value in the current role.