pki-user-membership - Man Page

Command-line interface for managing PKI user memberships.

Synopsis

pki [CLI-options] lt;subsystemgt;-user-membership
pki [CLI-options] lt;subsystemgt;-user-membership-find user-ID [command-options]
pki [CLI-options] lt;subsystemgt;-user-membership-add user-ID group-ID [command-options]
pki [CLI-options] lt;subsystemgt;-user-membership-del user-ID group-ID [command-options]

Description

The pki lt;subsystemgt;-user-membership commands provide command-line interfaces to manage user memberships on the specified subsystem.

Valid subsystems are ca, kra, ocsp, tks, and tps.

pki [CLI-options] lt;subsystemgt;-user-membership
   This command is to list available user membership commands for the subsystem.

pki [CLI-options] lt;subsystemgt;-user-membership-find user-ID [command-options]
   This command is to list groups in which the subsystem user is a member.

pki [CLI-options] lt;subsystemgt;-user-membership-add user-ID group-ID [command-options]
   This command is to add the subsystem user into a group.

pki [CLI-options] lt;subsystemgt;-user-membership-del user-ID group-ID [command-options]
   This command is to delete the subsystem user from a group.

Options

The CLI options are described in pki(1).

Operations

To view available user membership commands, type pki lt;subsystemgt;-user-membership. To view each command's usage, type pki lt;subsystemgt;-user-membership-lt;commandgt; --help.

All user membership commands must be executed as the subsystem administrator.

For example, to list groups in which a CA user is a member execute the following command:

$ pki <CA admin authentication> ca-user-membership-find testuser

The results can be paged by specifying the (0-based) index of the first entry to return and the maximum number of entries returned:

$ pki <CA admin authentication> ca-user-membership-find testuser --start 20 --size 10

The above command will return entries #20 to #29.

To add a CA user into a group, specify the user ID and the group ID in the following command:

$ pki <CA admin authentication> ca-user-membership-add testuser Administrators

To delete a CA user from a group, specify the user ID and the group ID in the following command:

$ pki <CA admin authentication> ca-user-membership-del testuser Administrators

Authors

Endi S. Dewata lt;edewata@redhat.comgt;.

Referenced By

pki(1).

Aug 24, 2015 PKI User Membership Management Commands