Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 6 Command Line Utilities : ExportDomainSecurity

ExportDomainSecurity
Command
ExportDomainSecurity -domain domain [-allUsers | -minimalUsers] [-userIncrement number] [-roleMembership] [-roles [role1:role2: ... : roleN] ] [-super] [-acls] [-date date] [-GUID] [-writeDates] [-encryptKey key] ((-user user -pw password) | -cred cred) -file file
Purpose
This command exports administration domain information to an XML file. The file can be loaded back into the domain or into another domain using the ImportDomainSecurity command.
The ExportDomainSecurity and ImportDomainSecurity commands are designed for data loading (for example, batch loading users into a domain), synchronizing user and role data between domains, and backing up domain data.
You can use ExportDomainSecurity to create example templates.
Either -allUsers or -minimalUsers must be specified to export users.
Use the -GUID flag to keep two domains synchronized.
Data exported from an administration domain integrated with an LDAP directory server can only be imported into another LDAP based domain. Similarly, data exported from a non-LDAP domain can only be imported into a non-LDAP domain.
Circular role hierarchies can be defined in an LDAP directory. For example, as shown next, R1 is a child of R2 which is a child of R3 which is a child of R1.
Figure 12 Circular Role Hierarchy
Circular role hierarchies are not supported in TIBCO Administrator. If you import a role hierarchy that contains circular role hierarchies into another LDAP based domain, the LDAP synchronization will fail. To resolve this, you must remove the roles that are part of the circular hierarchy from the exported file and import the file into your target LDAP based domain. When TIBCO Administrator syncs with the LDAP directory server, the roles you removed will be restored.
 
 
–roles role1:role2: ...: roleN
–pw password
-cred cred
Name and path to a property file that contains the user name and encrypted password. Use the obfuscate utility to encrypt the password. The utility is documented in the TIBCO Runtime Agent Installation guide. For example, the property file could contain this entry after running the utility:
Examples
The following command line exports only users who have been created or changed after the given date.
exportdomainsecurity -domain tp0513 -allUsers -date "Tue 09 Nov 2004 12:30:00 GMT" -user admin -pw admin -file \tibco\export.xml
Given the following users and roles:
The following command exports only users U1 and U2, and roles, R1 and R2.
exportdomainsecurity -domain tp0513 -roles -minimalUsers -user admin -pw admin -file \tibco\export.xml
Given the following roles:
The following command exports roles R1, R2, R3, Ra, and Rb.
exportdomainsecurity -domain tp0513 -roles R1 Ra -user admin -pw admin -file \tibco\export.xml
The following command exports roles R3, and Rb.
exportdomainsecurity -domain tp0513 -roles R3 Rb -user admin -pw admin -file \tibco\export.xml
The following command exports roles R2, R3 and Rc.
exportdomainsecurity -domain tp0513 -roles R2 Rc -user admin -pw admin -file \tibco\export.xml
Location
TIBCO_HOME\tra\version\bin\

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved