pop
Use the pop command to retrieve a previously-stored context of bindings and selected objects from the top of the context stack. This command replaces the current ADEdit context with the retrieved context. Popping a context from the context stack removes the context from the stack.
This command is useful for Tcl scripts that use subroutines. A push can save the context before it’s altered in the subroutine; a pop can return the saved context when the subroutine returns.
Zone Type
Not applicable
Syntax
pop
Abbreviation
None.
Options
This command takes no options.
Arguments
This command takes no arguments.
Return Value
This command returns nothing if it runs successfully. If the stack is empty, it returns a message stating so.
Examples
pop
This example retrieves the context from the top of the context stack and uses it as the current ADEdit context.
Related Commands
The following commands perform actions related to this command:
showreturns the current context of ADEdit, including its bound domains and its currently selected objects.pushsaves the current ADEdit context to the ADEdit context stack.
principal_from_sid
Use the principal_from_sid command look up the security principal for a specified security identifier (SID) in Active Directory. If the security identifier is found, the command returns the Active Directory name of the principal.
Zone Type
Not applicable
Syntax
principal_from_sid [-upn] sid
Abbreviation
pfs
Options
This command takes the following option:
| Option | Description |
|---|---|
| -upn | Returns the user names in user principal name (UPN) format, not the default sAMAccount@domain format. |
Arguments
This command takes the following argument:
| Argument | Type | Description |
|---|---|---|
| sid | string | Required. Specifies the security identifier of an Active Directory security principal. |
Return Value
This command returns the Active Directory name of the principal if it finds a principal. If it does not find a principal, it returns a message stating so.
Examples
principal_from_sid S-1-5-21-2076040321-3326545908-468068287-1159
This example returns the principal name: oracle_machines@acme.com
Related Commands
The following commands perform actions related to this command:
principal_to_dnsearches Active Directory for a user principal name (UPN) and, if found, returns the corresponding distinguished name (DN).dn_to_principalsearches Active Directory for a distinguished name (DN) and, if found, returns the corresponding user principal name (UPN).
principal_to_dn
Use the principal_to_dn command to search Active Directory for the specified user principal name (UPN) of a security principal (user, machine, or group). If a security principal is found for the specified UPN, the command returns the distinguished name (DN) of the principal.
Zone Type
Not applicable
Syntax
principal_to_dn principal_upn
Abbreviation
ptd
Options
This command takes no options.
Arguments
This command takes the following argument:
| Argument | Type | Description |
|---|---|---|
| principal_upn | string | Required. Specifies the user principal name (UPN) of a security principal. |
Return Value
This command returns a distinguished name. If the command doesn’t find the specified security principal in Active Directory, it presents a message that it didn’t find the principal.
Examples
principal_to_dn brenda.butler@acme.com
This example returns the distinguished name for the specified UPN:
cn=brenda butler,cn=users,dc=acme,dc=com
Related Commands
The following commands perform actions related to this command:
dn_from_domainconverts a domain’s dotted name to a distinguished name.get_parent_dnreturns the parent of an LDAP path as a distinguished name.get_rdn returnsthe relative distinguished name of an LDAP path.dn_to_principalsearches Active Directory for a distinguished name, and, if found, returns the corresponding user principal name (UPN).principal_from_sidsearches Active Directory for a security identifier and returns the security principal associated with the security identifier.
principal_to_id
Use the principal_to_id command to search Active Directory for the specified user principal name (UPN) of a user or group security principal. If a security principal is found for the specified UPN, the command returns the numeric identifier for the principal.
Zone Type
Not applicable
Syntax
principal_to_id [-apple] upn
Abbreviation
pti
Options
This command takes the following option:
| Option | Description |
|---|---|
| -apple | Specifies that you want to use the Apple scheme for generating the UID or GID for the specified user or group principal. If you don’t specify this option, the UID or GID returned is based on the Delinea Auto Zone scheme. |
Arguments
This command takes the following argument:
| Argument | Type | Description |
|---|---|---|
| upn | string | Required. Specifies the user principal name (UPN) of a user or group security principal. |
Return Value
This command returns a unique UID or GID based on either the Apple methodology or the Delinea Auto Zone methodology for generating numeric identifiers. If the user or group principal is not found in Active Directory, the command returns an error message indicating that it didn’t find the principal.
Examples
principal_to_id -apple brenda.butler@acme.com
This example returns the UID for the specified user generated using the Apple scheme:
1983765448
Related Commands
The following commands perform actions related to this command:
guid_to_idaccepts a globally unique identifier (GUID) for a user or group and returns a UID or GID generated using the Apple scheme.principal_from_sidsearches Active Directory for a security identifier and returns the security principal associated with the security identifier.
push
Use the push command to save the current ADEdit context—its bindings and selected objects in memory—to a context stack. This command leaves the current context in place, so all current bindings and selected objects remain in effect in ADEdit after the push.
This command is useful for Tcl scripts that use subroutines. You can use the push command to save the context before it’s altered in the subroutine. You can then use the pop command to retrieve the saved context when the subroutine returns.
Zone Type
Not applicable
Syntax
push
Abbreviation
None.
Options
This command takes no options.
Arguments
This command takes no arguments.
Return Value
This command returns nothing.
Examples
push
The example saves the current ADEdit context.
Related Commands
The following commands perform actions related to this command:
showreturns the current context of ADEdit, including its bound domains and currently selected objects.poprestores the context from the top of the ADEdit context stack to ADEdit.
quit
Use the quit command to quit ADEdit and return to the shell from which ADEdit was launched. You can also end an interactive ADEdit session by pressing Ctrl-D or entering exit.
Note:If you enter the exit command, understand that it will terminate the session immediately without performing a commit operation.
Zone Type
Not applicable
Syntax
quit
Abbreviation
q
Options
This command takes no options.
Arguments
This command takes no arguments.
Return Value
This command returns nothing.
Examples
quit
This example ends an ADEdit session.
Related Commands
None.
remove_command_from_role
Use theremove_command_from_rolecommand to remove a UNIX command from the currently selected role stored in memory.
Theremove_command_from_rolecommand does not change the role as it is stored in Active Directory. You must save the role before the removed command takes effect in Active Directory. If you select another role or quit ADEdit before saving the role, any UNIX commands you have removed since the last save won’t take effect.
You can only use theremove_command_from_rolecommand if the currently selected zone is a classic4 or hierarchical zone. The command does not work in other types of zones.
Zone Type
Classic and hierarchical
Syntax
remove_command_from_role command[/zonename]
Abbreviation
rcfr
Options
This command takes no options.
Arguments
This command takes the following argument:
| Argument | Type | Description |
|---|---|---|
| command[/zonename] | string | Required. Specifies the name of a UNIX command to remove from the currently selected role. If the UNIX command that you want to remove is defined in the current zone, the zonename argument is optional. If the UNIX command right is defined in a zone other than the currently selected zone, the zonename argument is required to identify the specific command to remove. |
Return Value
This command returns nothing if it runs successfully.
Examples
remove_command_from_role basicshell/global
This example removes the UNIX command named basicshell, which is defined in the global zone, from the currently selected role.
Related Commands
Before you use this command, you must have a currently selected role stored in memory. The following commands enable you to view and select the role to work with:
get_rolesreturns a Tcl list of roles in the current zone.list_roleslists tostdoutthe roles in the current zone.new_rolecreates a new role and stores it in memory.select_roleretrieves a role from Active Directory and stores it in memory.
After you have a role stored in memory, you can use the following commands to work with that role:
add_command_to_roleadds a UNIX command to the current role.add_pamapp_to_roleadds a PAM application to the current role. 'delete_role" deletes the selected role from Active Directory and from memory.get_role_appsreturns a Tcl list of the PAM applications associated with the current role.get_role_commandsreturns a Tcl list of the UNIX commands associated with the current role.list_role_rightsreturns a list of all UNIX commands and PAM applications associated with the current role.remove_pamapp_from_roleremoves a PAM application from the current role.save_role savesthe selected role with its current settings to Active Directory.set_role_fieldsets a field value in the current role.
