select_pam_app
Use the select_pam_app command to retrieve a PAM application access right in the currently selected zone from Active Directory. This command stores the PAM application right in memory, and makes it the currently selected PAM application right for subsequent ADEdit commands. The PAM application right remains selected until you select another PAM application right or zone, delete the PAM application right, or end the ADEdit session.
If you use ADEdit commands such as set_pam_field to change settings for the selected PAM application right, you must save the selected PAM application right using the save_pam_app command for your changes to take effect in Active Directory. If you select another PAM application right or end the ADEdit session before saving the currently selected PAM application right, your changes will be lost.
You can only use the select_pam_app command to select PAM applications if the currently selected zone is a classic4 or hierarchical zone. The command does not work for other types of zones.
Zone Type
Classic and hierarchical
Syntax
select_pam_app name[/zonename]
Abbreviation
slpam
Options
This command takes no options.
Arguments
This command takes the following argument:
| Argument | Type | Description |
|---|---|---|
| name[/zonename] | string | Required. Specifies the name of the PAM application right to select. If the PAM application right that you want to select is defined in the current zone, the zonename argument is optional. If the PAM application right is defined in a zone other than the currently selected zone, the zonename argument is required to identify the specific PAM application right to select. |
Return Value
This command returns nothing if it runs successfully.
Examples
The following example retrieves the PAM application right named sftp in the current zone and makes it the currently selected PAM application right:
select_pam_app sftp
The following example retrieves the PAM application right named sftp defined in the chicago zone and makes it the currently selected PAM application right:
select_pam_app sftp/chicago
The definition for the PAM application right named sftp might be the same in both zones, but it is not required to be. Specifying the zone ensures you get the definition you expect.
Related Commands
Before you use this command, you must have a currently selected zone stored in memory. After you have a zone stored in memory, you can use the following commands to view and select the PAM application to work with:
get_pam_appsreturns a Tcl list of PAM application rights in the current zone.list_pam_appslists tostdoutthe PAM application rights in the current zone.new_pam_appcreates a new PAM application right and stores it in memory.select_pam_appretrieves a PAM application right from Active Directory and stores it in memory
After you have a PAM application stored in memory, you can use the following commands to work with that PAM application’s attributes, delete the PAM application, or save information for the PAM application:
delete_pam_appdeletes the selected PAM application right from Active Directory and from memory.get_pam_fieldreads a field value from the currently selected PAM application right.save_pam_appsaves the selected PAM application right with its current settings to Active Directory.set_pam_fieldsets a field value in the currently selected PAM application right.
