Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 10 Users and Groups : Control Instructions

Control Instructions
The following control instructions can be used:
Reset
This instruction (which should only appear as the first character in a control file) resets all user information: all users, attributes and groups are removed. It consists of the single character R.
Change Attribute
This instruction adds or deletes an attribute applicable to all users. It consists of the single character A followed by either + to add, or - to delete:
A-attribute
Delete attribute.
A+attribute,type[,length],changer,[default]
Add an attribute, where:
attribute is the name of the new attribute.
type is T for Text, N for Numeric, D for Date or M for Time.
length is the length of the field for Text or Numeric fields; decimal numerics should have the number of decimal places after a period.
changer specifies who can change the values for this attribute: U for the user the attribute applies to, or S for the user or group’s supervisor, (that is, the username in the user or group's SUPERVISOR attribute), or blank for neither. The IPEADMIN user or IPEBACKGROUND user can change any attribute.
default specifies an initial value of this attribute for all users.
For example:

 
A+MENUNAME,T,10,,USER
A+WEIGHT,N,5.2,U,0.00
A+DEPT,T,10,S,DEPT

 
Change User
This instruction adds or deletes a user. It consists of the single character U followed by either + to add, or - to delete the user:
U-name
Delete the name user.
U+name[@location]
Add the name user.
If iProcess Engine is running on a Windows system, you can optionally include a location (a single valid machine name or domain name) which will be used to check if the user is a valid Windows operating system user. See Validating New Users on a Windows iProcess Engine.
location is ignored on UNIX platforms or when using UVAPI to perform user validation.
The new user is given default attribute values, which may subsequently be changed with the change attribute value instruction.
For example:

 
U-keith
U+peter
U+fred@EMEA

 
Validating New Users on a Windows iProcess Engine
Unless an alternative user validation system has been implemented using the UVAPI, an iProcess Engine user must also exist as an operating system user. On Windows, when iProcess Engine processes a U+ instruction to add a new user, it will only create the user if it can find the named user on the following search path:
1.
the location specified in the location parameter in the U+ instruction.
2.
the location defined by the value of the LOGON_OS_LOCATION process attribute.
3.
the search path provided by the Windows LookupAccountName function.
If the user cannot be found in any of these locations, the add user instruction fails.
For more information about:
UVAPI, see TIBCO iProcess User Validation API User's Guide.
LOGON_OS_LOCATION, see "Administering Process Attributes" in TIBCO iProcess Engine Administrator’s Guide.
Change Group
This instruction adds or deletes a group. It consists of the single character G followed by either + to add, or - to delete:
G-group
Delete group.
G+group
Add group.
The new group is given default attribute values, which may subsequently be changed with the change attribute value instruction.
For example:

 
G+clerks
G-admin

 
Change Attribute Value
This instruction enables the attributes of an existing user or group to be changed. It consists of the single character V followed by either + to set an attribute to a new value, or - to reset an attribute to its default value. Both the user/group and the attribute must already exist.
V+name,attribute,value
Change the attribute belonging to user or group name to value.
V-name,attribute
Reset the attribute belonging to user or group name to its default.
For example:

 
V+fred,DESCRIPTION,Fred Bloggs

 
As well as the IPEADMIN user or IPEBACKGROUND user, a user can change their own attributes if the attribute has the U flag set. Also the supervisor of a user or group can change attributes with the S flag set.
Change Membership
This instruction adds or removes a user from a group.
M+user,group
Add user to group.
M-user,group
Remove user from group.
For example:

 
M+keith,clerks
M-peter,admin

 
An iProcess user can have access to a maximum of 32,767 work queues. If this number is exceeded, users cannot log in. Users can access personal, group and test queues, either directly or by supervision or participation.

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved