set_role_assignment_field
Use the set_role_assignment_field command to sets the value for a specified field in the currently selected role assignment stored in memory. The set_role_assignment_field command does not set a field value stored in Active Directory for this role assignment.
If you change any fields, you must save the role assignment using the save_role_assignment command for your changes to take effect in Active Directory. If you select another role assignment or end the ADEdit session before saving the currently selected role assignment, your changes will be lost.
You can only use the set_role_assignment_field command if the currently selected zone is a classic4 or hierarchical zone. The command does not work in other types of zones.
Zone Type
Classic and hierarchical
Syntax
set_role_assignment_field field value
Abbreviation
sraf
Options
This command takes no options.
Arguments
This command takes the following arguments:
| Argument | Type | Description |
|---|---|---|
| field | string | Required. Specifies the name of the field that you want to set. The possible values are: customAttr: Sets custom text strings for the role assignment. This field is only applicable for hierarchical zones. description: Sets the description for the role assignment. from: Sets the starting date and time for the role assignment. The date and time is expressed in standard UNIX time. The Tcl clock command manipulates these time values. A value of 0 means no starting date and time for the role assignment. role: Sets the name of the role to assign and the zone in which the role was defined.The zone value is optional if the role is defined in the currently selected zone. The zone is required if the role is defined in another zone. to: Sets the ending date and time for the role assignment. The start and end dates and times are expressed in standard UNIX time. You can use the Tcl clock command to manipulate these values. A value of 0 indicates no date or time is set for the role assignment. |
| value | depends on field | Required. Specifies the value to assign to the specified field. In some cases, you can assign a dash (-) or an empty string to unset a field value. However, this is not supported for all fields or all zone types. |
Return Value
This command returns nothing if it runs successfully.
Examples
set_role_assignment_field role su-root/global
This example assigns the role named su-root that is defined in the global zone.
Related Commands
Before you use this command, you must have a currently selected zone stored in memory. The following commands enable you to view and select a role assignment:
get_role_assignmentsreturns a Tcl list of role assignments in the current zone.list_role_assignmentslists tostdoutthe role assignments in the current zone.new_role_assignmentcreates a new role assignment and stores it in memory.select_role_assignmentretrieves a role assignment from Active Directory and stores it in memory.
After you have a role assignment stored in memory, you can use the following commands to work with that role assignment:
delete_role_assignmentdeletes the selected role assignment from Active Directory and from memory.get_role_assignment_fieldreads a field value from the currently selected role assignment.save_role_assignmentsaves the selected role assignment with its current settings to Active Directory.write_role_assignmentsaves the selected role assignment to a file.
