000027718 - What are the rsautil CLU names and command line options?

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000027718
Applies ToList of all rsautil CLU's and their usage parameters
Find useful command line options
Documentation does not contain a complete list of CLU options
Finding a command line option is difficult if you do not already know the command you are looking for
Authentication Manager 7.x
IssueWhat are the rsautil CLU names and command line options?
Resolution

archive-ucm-request



Usage: rsautil archive-ucm-request [GeneralOptions] [ImportOptions] [ExportOptions]
General Options:
  -h, --help             Display help and exit.
  -X, --debug            Display debug messages. Optional.
  -v, --version          Display the version , copyright information and it exit.
  -I, --interactive      This turns on the Interactive mode. If no command line argument is given or required arguments that are missing in the command line are prompted to the user interactively even if this option is not explicitly turned on.
  -u  --userId           Name of the admin user.
  -p  --password         Password for specified admin user.
  -m  --masterPassword   Master password for the encrypted properties file.
  -d  --directory        The directory path to store archived requests.
  -a  --archiveOption    Choose the archive option (IMPORT | EXPORT)
Import Options:
  -j  --file             The file Name.
Export Options:
  -S  --fromDate         The FROM Date[MM/dd/yyyy].
  -E  --toDate           The TO Date[MM/dd/yyyy].
  -D  --delete           Delete Record After Export.


 


collect-product-info


Usage: rsautil collect-product-info [-h | -v]
       rsautil collect-product-info [-m <password>][-p <password>] --import
       rsautil collect-product-info [-m <password>][-p <password>] --export [-t <timestamp>]
Options:
-h, --help  Print this message.
-v, --version  Display version information.
-m, --master-password The master password of the system.
-p, --package-password The password used to encrypt the support page.
--export  Collects system information and exports it to an
   encrypted support package file.
--import  Decrypts a support package file. The file must be
   present in the current working directory.
-t, --archive-time Export log records newer than the provided timestamp.
   The timestamp format is yyyy-mm-dd hh:mm:ss.SSS.
   If this option is not provided, any records logged
   during the previous hour are exported.


 


gen-db-pkg


Usage: gen-db-pkg -t <fqhn> [-m <pwd>] [-u <admin>]


Options:
  -o, --overwrite-pkg  Overwrite DB Package if exists.
  -I, --interactive  Enter all values interactively.
  -m, --master-password  Master password for the encrypted properties file.
  -t, --host      Fully-qualified hostname of the remote machine.
  -i, --IP        IP Address of the remote machine.
  -v, --version   Display the version information.
  -u, --admin-uid  RSA Authentication Manager administrator's user id. Default: admin.


The db package will be output to the current directory as <hostname>-DB.pkg.


 


gen-radius-pkg


Usage: gen-radius-pkg [-m <pwd>]


Options:
  -o, --overwrite-pkg  Overwrite RADIUS Package if exists.
  -I, --interactive  Enter all values interactively.
  -m, --master-password  Master password for the encrypted properties file.
  -v, --version   Display the version information.


The radius package will be output to the current directory as <hostname>-radius.pkg.


 


gen-replica-pkg


Usage: gen-replica-pkg -t <fqhn> [-m <pwd>] [-p <pwd>] [-u <admin>] [-g]


Options:
  -g, --generate-data  Generate the primary data file as part of the replica
                  package, to allow offline data synchronization. Optional.
  -o, --overwrite-pkg  Overwrite Replica Package if exists.
  -I, --interactive  Enter all values interactively.
  -m, --master-password  Master password for the encrypted properties file.
  -t, --host      Fully-qualified hostname of the new replica machine.
  -i, --IP        IP Address of the new replica machine.
  -v, --version   Display the version information.
  -u, --admin-uid  RSA Authentication Manager Super Administrator's user id.
  -p, --admin-password  RSA Authentication Manager Super Administrator's password.


The replica package will be output to the current directory as <hostname>-replica.pkg.


 


import-bulk-request



Usage: rsautil import-bulk-request [options]
Options:
  -h, --help         Display help and exit.
  -X, --debug        Display debug messages. Optional.
  -v, --version      Display the version , copyright information and it exit.
  -I, --interactive  This turns on the Interactive mode. If no command line argument is given or required arguments that are missing in the command line are prompted to the user interactively even if this option is not explicitly turned on.
  -u  --userId           Name of the admin user.
  -p  --password         Password for specified admin user.
  -m  --masterPassword   Master password for the encrypted properties file.
  -r  --requestType      The request type (TOKEN | GROUP).
  -f  --file             The request file name (with correct absolute path location) in csv file format { eg:myfile.csv }.
  -d  --deliveryMethod   The On-Demand Code delivery method (SMS | E-MAIL). Optional.


 


import-puk


Usage: import-puk [options]
Options:
    -f  --filename       Path to PUK XML file
    -b  --batch          Run import as a batch job
    -r  --replace        Replace existing PUK records.
                         Default behavior is to ignore duplicate records.
    -u  --userID         Authentication Manager User ID.
    -p  --password       Authentication Manager password.
    -i  --interactive    Interactive mode. Optional.
    -v  --version        Display version information. Optional.
 -h,-?  --help           Display this help message.


 


install-ctkip-keystore


Usage: rsautil install-ctkip-keystore [options] ...


Options:
         -i --interactive      Enable interactive mode
         -s --server-type      Database server type [MSSQL,ORACLE]
         -d --database         Database instance name
         -t --host             Database server hostname
         -o --port             Port number the database server is listening on
         -u --user-id          Database user name
         -p --password         Database user password
         -y --token-type       Token type
         -l --location         Directory containing certificates/keys
         -c --cert             Certificate file name
         -k --key              Key file name
         -m --master-password  Master password
         -x --debug            Enable debug mode
      -h,-? --help             Print this help message
         -v --version          Print version information


 


manage-agents



Usage: rsautil manage-agents -u | -- username <username> -p | --password <password> ( (-n | --agent-name <agent name>) | (-i | --ip <agent IP>) ) -a | --attribute  (<protectIP=unprotected> | <protectIP=protected>) [options]
        
where:
     rsautil could either be the Linux shell script (rsautil) or Windows script (rsautil.cmd) for Linux and Windows respectively.


     Common options:
     -u, --username <username>      The user's login ID is supplied with this parameter.
     -p, --password <password>      The user's password is supplied with this parameter.
     -n --agent-name <agents name>   Agents name.
     -i --ip <agents IP address>     Agents IP address.
     -a --attribute <agents attribute>   Agents attribute. Could be only: protectIP=unprotected or protectIP=protected


[options]:
     General options:
     -h, --help,                    Utility usage information.
     -v, --version                  Display the version information
     -X, --debug                    Display debug messages.
Examples:


     1.  Change agent IP protected flag from protected to unprotected (agents names):


     rsautil.cmd manage-agents -u admin -p password -n *.company.hq.com -a protectIP=unprotected


     2.  Change agent IP protected flag from protected to unprotected (agents IP addresses):


     rsautil.cmd manage-agents -u admin -p password -i 10.100.* -a protectIP=unprotected


 



manage-backups


Usage: rsautil manage-backups -a <export/import/disable-pwd-prompt/enable-pwd-prompt> -f <filename> [[-m <password>]|[-u <user-name> -p <password>]]
Options:
 -m, --master-password Master password of the encrypted properties file
 -u, --user            Operations Console administrator user name for the encrypted properties file
 -p, --password        Operations Console administrator password for the encrypted properties file
 -a, --action          (one of the following)
   import: import database backup from a file
   export: export database into a file
   disable-pwd-prompt: disable requiring master password or OC admin user password prompt for export action only
   enable-pwd-prompt: enable requiring master password or OC admin user password prompt for export action only
 -f, --filename        The file to import from or export to. The file extension is required such as .dmp
 -h, --help            Prints help message and exits
 -v, --version         Prints version information and exits
 -V, --verbose         Enable verbose output. Optional
 -D, --transfer        The flag to indicate whether the action is for database transfer. Another file is generated as <filename_with_no_ext>.secrets. Optional
 -L, --includelog      The flag to indicate whether the log data needs to be imported. The default is false. Optional
 -g, --logonly         The flag to indicate whether to import/export the log data only. The default is false, and it cannot work with "A" "L" and "D". Optional
 -A, --appendlog       The flag to indicate whether to append the log data only during the import. The default is false, and it cannot work with "g" "L" and "D". Optional
 -r, --removeReplicationDataThe flag to indicate whether to remove replication meta data. The default is false. Optional
 -t, --addTimestamp    The flag to indicate whether to add the timestamp as part of the exported filename. The default is false, and the new filename is <filename_with_no_ext>_<timestamp>.<file_ext>. Optional
 -q, --quiet           The flag to indicate whether the prompt needs to be answered. The default is false. Optional
 -C, --corrupt         The flag to import the data into corrupt database, current it is used for testing purpose


 


manage-batchjob



Usage: rsautil manage-batchjob -u <username> -p <password> -j <job-ID>|-n <job-Name> -a [view|cancel|delete] [-X|--debug]
        
where:
     rsautil could either be the Linux shell script (rsautil) or Windows script (rsautil.cmd)     for Linux and Windows respectively.


     Common options:
     -u, --username <username>         The user's login ID is supplied with this parameter.
     -p, --password <password>         The user's password is supplied with this parameter.
     -j, --job-id <job-ID>             Batch Job ID obtained at batch job creation time.
     -n, --job-name <job-Name>         Batch Job Name obtained at batch job creation time.
                                       If Batch Job ID is specified, this parameter is ignored.
     -a, --action <action>             Administrative action to be performed on the batch job.


     where: <action> could be one of the following:


                view  View the status of the batch job.
              cancel  Cancel a currently running batch job.
              delete  Delete a cancelled or completed batch job


     -X, --debug                           Optionally display debug information.
Examples:


1. Display the current status of the batch job:
   rsautil.cmd manage-batchjob -u admin -p password -j ims.7519218cd014640a0072a168216b026b -a view


2. Cancel a currently running batch job:
   rsautil.cmd manage-batchjob -u admin -p password -j ims.7519218cd014640a0072a168216b026b -a cancel


3. Delete a completed or cancelled batch job:
   rsautil.cmd manage-batchjob -u admin -p password -j ims.7519218cd014640a0072a168216b026b -a delete


 



manage-config


 


Usage: rsautil manage-config -a <regenerate>
Options:
 -a, --action          (one of the following)
   regenerate: regenerate config.xml
 -h, --help            Prints help message and exits.
 -v, --version         Prints version information and exits.
 -V, --verbose         Enable verbose output. Optional.


 


manage-console-ext


Usage: rsautil manage-console-ext [options]
Options:
 -h, --help            Optional.  Displays this message.
 -v, --version         Optional.  Displays version information.
 -u, --user            Required.  Specifies the user ID.
 -p, --password        Required.  Specifies the password.
 -a, --action          Required if -r argument is not specified.
                       Specify action:
                           0 - Remove console plug-in
                           1 - Register console plug-in
 -U, --pluginurl       Required if -a argument is specified.
                       Specify the deploy URL of console plug-in.
 -r, --reset           Optional. Reset Integration Service Configuration Data.
 -l, --deployurllist   Required argument if -r argument is specified.
                       List of deploy URLs to be set in integration service.
                       The format is fully qualified URLs separated by ",,".
 -V, --verbose         Optional.  Sets verbose mode.


 



manage-database



Usage: rsautil manage-database -m <password> -a <action> [options]
Options:
 -h, --help                Display help.
 -v, --version             Display the version and copyright information.
 -m, --master-password     Master password for the encrypted properties file.


 -a, --action              (one of the following)
    list:                  Display the status for all database files.
    move-file:             Move the specified database file to the new location
      -f, --file name      The name of database file.
                               (i.e., "DATA_FILE_01").
      -n, --new location   The new location of the file.
                               (i.e., "D:/oracle/product/10.2.0")
    change-size:           Change the size for the specified database file.
      -f, --file name      The name of the database file
                               (i.e., "DATA_FILE_01").
      -s, --new size       The new size of database file
                               (i.e., "500M")
    change-max-size:       Change the maximum size for the database file
      -f, --file name      The name of database file
                               (i.e., "DATA_FILE_01").
      -s, --new size       The new maximum size of database file
                               (i.e., "45G").
    change-threshold:      Change the maximum size for the specified database file.
      -f, --file name      The name of the database file
                               (i.e., "DATA_FILE_01").
      -c, --critical threshold       The new critical threshold of database file
                               (i.e., "85").
      -w, --warning threshold        The new warning threshold of database file
                               (i.e., "60").


    optimize:              Optimize the database files for better performance.
    start-db:              Start the database.
    stop-db:               Shut down the database.
    db-status:             Determine the status of database


    create-readonly-user:  Create a user with read-only access to the database


      -r, --readonly user       The name of the read-only user
      -p, --password            The password of the read-only user
 -q, --quiet               Execute the action without input confirmation.


 


manage-nodes


Usage: rsautil manage-nodes -n <server_node_hostname>
                            -m <master password> -u <admin uid>
                            -p <admin password> -a <action>


Options:
 -h, --help              Display help
 -v, --version           Display the version and copyright information
 -n, --node-host         Fully-qualified host name of the new server node
 -i, --node-ip           IP address for the new server node (optional)
 -m, --master-password   Master password for the encrypted properties file
 -u, --admin-uid         RSA Authentication Manager administrator's user id
 -p, --admin-password    RSA Authentication Manager administrator's password
 -o, --overwrite         Overwrite existing node package
 -I, --interactive       Enter all values interactively.
 -a, --action
  add-node:         Adds server node to the cluster.
  rem-node:         Removes server node from the cluster
  list-nodes:       List server nodes in this cluster
  update-web-xml:   Updates the web.xml file in offline mode for an
                    existing node.


 



manage-oc-administrators



Usage: rsautil manage-oc-administrators -a <action> [-g <groups>] [-n] [<user name> [<password>]]
Options:
  -h, --help             Optional: Display help.
  -X, --debug            Optional: Display debug messages.
  -v, --version          Optional: Display the version and copyright information.
  -S, --script-mode      Optional: Do not prompt for missing arguments, just fail.
  -a, --action           Required, must be present and one of the following:


               create:   create a new user.
               update:   update an existing user with a new password.
               delete:   delete an existing user.
                         The last user cannot be deleted.
               list:     display all users.
               reload:   reload all users from database.


  -u, --user             Required: Super administrator's user name.
  -p, --password         Required: Super administrator's password.
  -g, --groups           Optional: List of comma separated group names to assign the user to.
  -r, --remove-groups    Optional: List of comma separated group names to remove the user from.
  -n, --not-empty        Optional: Prevent the specified list of groups from having zero members.
  -d, --default-none     Optional: Make the user have no default group association.
  -D, --disable-password Optional: Make the user have no password.
  <user name>            Required: User name to create, update or delete.
  <password>             Required: Password for user to create or update.


  Missing required arguments will be prompted for unless the '-S' option is also specified.


 


manage-rep-error



Usage: rsautil manage-rep-error -m <password> -a <action> [options]
Options:
 -h, --help               Display help
 -v, --version            Display the version and copyright information
 -m, --master-password    Master password for the encrypted properties file


 -a, --action             (one of the following)
    list:                 List replication error transaction
      -o, -file           The output XML file for the list result
    delete:               Delete some or all of the transactions in the error queue
      -t,  -trans-ID      Specify the transaction ID to be deleted from error queue
      -f,  -force         Force to delete all the transaction in the replication errror queue
    apply:                Attempt to apply all the transaction in the error queue to the database
    enable-soe:           Enable Stop-On-Error. Replication will stop when error occurs
    disable-soe:          Disable Stop-On-Error. Replication will continue when error occurs
    enable-rep:           Enable replication. It is used to enable apply processes after
                          replication error has caused replication to stop, and the error
                          has been fixed
    run-script:           Run the provided script file in the diagnostic directory.
      -o, -file           The script file name without path to be run
    disable-rep:          Disable replication.


 



manage-replication



Usage: rsautil manage-replication -m <password> -a <action> [options]
Options:
 -h, --help                Display help
 -v, --version             Display the version and copyright information
 -m, --master-password     Master password for the encrypted properties file


 -a, --action              (one of the following)
    cleanup-site:          Cleanup demoted primary site
    cleanup-offline-site:  Cleanup a off-line replica site that was disconnected
    remove-replica:        Remove replica site from replication system
      -n, --name           Comma separated instance name of sites
                           (i.e., "name1, name2")
    generate-data:         Generate primary schema data dump file
    list:                  List currently configured sites
    attach-online:         Attach disconnected replica site in online mode
      -n, --name           The instance name of the replica site
    attach-offline:        Attach disconnected replica site in offline mode
      -n, --name           The instance name of the replica site
      -P, --init-primary   Initialize primary site for the replica attachment
      -R, --init-replica   Complete the reattachment of the replica
    attach-status:         Display replicas re-attachment status
    report:                Display replication system status report
    pause:                 Pause the replication process
    resume:                Resume the replication process
    error-report:          Generate a replication error report
      -f, --report-name    The name of the error report
 -V, --verbose             Display setup information in verbose mode
 -G, --generate-sql        Generate sql scripts for debugging purpose
 -q, --quiet            Execute the action without input the prompt


 


manage-secrets



Usage: rsautil manage-secrets [[-m <password>]|[-u <user-name> -p <password>]]
         -a <action> [-n|-N] [-F] [-f -k] [name [value]]
Options:
  -h, --help             Display help.
  -X, --debug            Display debug messages.
  -v, --version          Display the version and copyright information.
  -S, --script-mode      Do not prompt for missing arguments, fail with messages.
  -m, --master-password  Master password for the encrypted properties file.
  -u, --user             User name for the encrypted properties file.
  -p, --password         Password of the user for the encrypted properties file.
  -a, --action           (one of the following)


               import:   Import password-protected file into system
                         fingerprint encrypted file. See also '-f'.
               export:   Export system fingerprint encrypted file
                         to password-protected file. See also '-f'.
               change:   Change system fingerprint encrypted file
                         password. See also '-n' option.
               recover:  Recover system fingerprint encrypted file
                         using the password.
               load:     Load plain text properties file into encrypted file.
               list:     Display all properties by English name.
               listkeys: Display all properties by raw key name.
               set:      Set a property to the specified value.
               get:      Get the current value for the specified property.


  -n, --new-password     New master password for 'change' action.
                           Passwords must be at least 8 characters in length and
                           only contain printable ASCII characters except for
                           space, '@', and '~'. (e.g. ASCII values 33-63,65-125)
  -N, --new-master-pwd   DEPRECATED: Use '-n' instead.
  -f, --file             Password-protected file to import, export, or load.
  -F, --force            Force overwrite admin credentials with imported file.
  -k, --file-password    Password to use with the specified file.
  name                   Name of property to set or get.
  value                  Value of property to set.


 


manage-ssl-certificate



Usage: rsautil manage-ssl-certificate --<action> [--option-name [option-value] ..]
Action:
--help
--version
--genkey     -m <master-password> --alias <alias> --dname <dname>
             --keypass <keypass> --keystore <keystore> [--debug | -x]
--certreq    -m <master-password> --alias <alias> --csr-file <csr_file>
             --keypass <keypass> --keystore <keystore> [--debug | -x]
--generate-cert-request | -g
             -m <master-password> --alias <alias> --dname <dname>
             --keypass <keypass> --keystore <keystore> --csr-file <csr_file>
             [--debug | -x]
--import     -m <master-password> --trustcacerts --alias <ca-alias>
             --cert-file <cert_file> --keystore <keystore>
             [--debug | -x]
--import     -m <master-password> --alias <alias> --cert-file <cert_file>
             --keypass <keypass> --keystore <keystore>
             [--debug | -x]
--list       -m <master-password> [--alias <alias>] --keystore <keystore>
             [--debug | -x]
--delete     -m <master-password> [--alias <alias>] --keystore <keystore>
             --keypass <keypass> [--debug | -x]
--printcert  --cert-file <cert_file>[-debug | -x]
--config-server
             -m <master-password> --keystore <keystore> --storepass <storepass>
             --alias <alias> --keypass <keypass>
             --server-name <server-name> [-debug | -x]
--update-server-certs | -u
             -m <master-password> --alias <alias> --cert-file <cert_file>
             --keypass <keypass> --keystore <keystore>
             --ca-alias <ca-alias> --ca-cert-file <ca-cert-file>
             --server-name <server-name> [-debug | -x]


 



manage-trusts



Usage: rsautil manage-trusts [options]
Options:
  -h, --help         Display help. Optional.
  -X, --debug        Display debug messages. Optional.
  -v, --version      Display the version and copyright information. Optional.
  -I, --interactive  Run utility in interactive mode. Optional.
  -a, --action       (one of the following)


              generate:
                     Generate realm certificate.
                     Options '-b', '-d' and '-f' are not applicable.


              build:
                     Build trust package.
                     Options '-b', '-d', '-k' and '-l' are not applicable.


              create-app:
                     Create application trust and client identity keystore.
                     Option '-c' and '-r' are not applicable.


  -b, --app-name     Application name to assign to the trust.
  -d, --admin-name   Administrator's account name to execute under.
  -r, --realm-name   Name of the realm to work in.
  -f, --filename     Filename for the output trust package file.
  -k, --keystore     Filename of the root keystore containing the CA.
  -l, --alias        Alias of the root certificate.
  -u, --username     Username of the administrator.
  -p, --password     Password of the administrator.


 


migrate-amapp



Usage: rsautil migration -m <password> -a <action>
Options:
  -h, --help             Display help. Optional argument.
  -X, --debug            Display debug messages. Optional argument.
  -v, --version          Display the version and copyright information. Optional argument.
  -V, --verbose          Enable verbose reporting. Optional argument.
  -m, --master-password  Master password for the encrypted properties file. Required argument.
  -a, --action           (one of the following)


          initMigration:          Initialize migration admin and related migration packages
          initMigrationOnReplica: Initialize addition migration configuration data on replica
          enableAudit:            Enable data capture on all replicas
          backupPrimary:          Backup data in primary instance
          backupReplica:          Backup data in replica instance
          backupAudit:            Backup runtime data capture on replica instance
          importAudit:            Import runtime data capture on replica instance
          importPrimary:          Import data in primary instance
          importReplica:          Import data in replica instance
          importPrimaryComponent: Import product specific data in primary instance
          importReplicaComponent: Import product specific data in replica instance
     installLicense:     Install an license to the primary instance
          migratePrimary:         Migrate data in primary instance
          migrateReplica:         Migrate data in replica instance
          migrateAudit:           Migrate runtime data on replica instance
          reportPrimary:          Primary instance migration report
          reportReplica:          Replica instance migration report
          validatePrimary:        validate primary instance
          validateReplica:        validate replica instance
          enableReplication:      Enable replication.
  -d, --scriptDir:       Specify the SQL script directory. Required argument
  -f, --fileName:        Specify the name of file to be backup to or to be imported from
                         Required argument if action are one of the following:
                         backupPrimary, backupReplica, importPrimary, importReplica
  -t, --hostName :       Specify the name of the machine to which an IMS based product is being migrated.
                         This is required if the IMS based product is being migrated to a machine
                         that is different from the existing installation. This additional
                         option goes with "migratePrimary" action.
  -o, --oldHostName :    Specify the name of the original machine from which an IMS based product is being migrated.
                         This is required if the IMS based product is being migrated to a machine
                         that is different from the existing installation. This additional
                         option goes with "migratePrimary" action.
  -DMIGRATION_PROPERTIES: Specify the system properties file name to initialize migration.  Required argument.
 



migration



Usage: rsautil migration -m <password> -a <action>
Options:
  -h, --help             Display help. Optional argument.
  -X, --debug            Display debug messages. Optional argument.
  -v, --version          Display the version and copyright information. Optional argument.
  -V, --verbose          Enable verbose reporting. Optional argument.
  -m, --master-password  Master password for the encrypted properties file. Required argument.
  -a, --action           (one of the following)


          initMigration:          Initialize migration admin and related migration packages
          initMigrationOnReplica: Initialize addition migration configuration data on replica
          enableAudit:            Enable data capture on all replicas
          backupPrimary:          Backup data in primary instance
          backupReplica:          Backup data in replica instance
          backupAudit:            Backup runtime data capture on replica instance
          importAudit:            Import runtime data capture on replica instance
          importPrimary:          Import data in primary instance
          importReplica:          Import data in replica instance
          importPrimaryComponent: Import product specific data in primary instance
          importReplicaComponent: Import product specific data in replica instance
     installLicense:     Install an license to the primary instance
          migratePrimary:         Migrate data in primary instance
          migrateReplica:         Migrate data in replica instance
          migrateAudit:           Migrate runtime data on replica instance
          reportPrimary:          Primary instance migration report
          reportReplica:          Replica instance migration report
          validatePrimary:        validate primary instance
          validateReplica:        validate replica instance
          enableReplication:      Enable replication.
  -d, --scriptDir:       Specify the SQL script directory. Required argument
  -f, --fileName:        Specify the name of file to be backup to or to be imported from
                         Required argument if action are one of the following:
                         backupPrimary, backupReplica, importPrimary, importReplica
  -t, --hostName :       Specify the name of the machine to which an IMS based product is being migrated.
                         This is required if the IMS based product is being migrated to a machine
                         that is different from the existing installation. This additional
                         option goes with "migratePrimary" action.
  -o, --oldHostName :    Specify the name of the original machine from which an IMS based product is being migrated.
                         This is required if the IMS based product is being migrated to a machine
                         that is different from the existing installation. This additional
                         option goes with "migratePrimary" action.
  -DMIGRATION_PROPERTIES: Specify the system properties file name to initialize migration.  Required argument.
 



register-custom-extension



Usage: rsautil register-custom-extension [options]
Options:
  -h, --help         Display help and exit.
  -v, --version      Display the version , copyright information and it exit.
  -I, --interactive  This turns on the Interactive mode. If no command line argument is given or required arguments that are missing in the command line are prompted to the user interactively even if this option is not explicitly turned on.
  -u  --userId           Name of the admin user.
  -p  --password         Password for specified admin user.
  -m  --masterPassword   Master password for the encrypted properties file.
  -f  --file             The properties file name (with correct absolute path location).


 


restore-admin


Usage: rsautil restore-admin -u <user> -p <user password> -m <password>
Options:
 -m, --master-password Master password of the encrypted properties file.
 -u, --admin           login id for new admin.
 -p, --password        password for new admin.
 -h, --help            prints help message and exits.
 -v, --version         prints version information and exits.
 -V, --verbose         enable verbose output. Optional.


 


restore-external-users


Usage: rsautil restore-external-users -B [ldap bind user] -l [ldap url]
Options:
 -m, --master-password Master password of the encrypted properties file.
 -h, --help            prints help message and exits.
 -v, --version         prints version information and exits.
 -V, --verbose         enable verbose output. Optional.
 -B, --ldap-User       LDAP bind user
 -l, --ldap-url        LDAP URL


 


set-trace



Usage: rsautil set-trace [-u <user>] [-p <password>] [-c <name> [-l <level>]
                         [-n] [-i <name>] [-r]
Options:
   -h, --help            Display help.
   -v, --version         Display the version and copyright information.
   -u, --user-id         Administrative user's ID.
   -p, --password        Administrative user's password.
   -s, --listCategory    List the categories which can be set.
   -t, --listDiagnostic  List the diagnostic monitors which can be set.
   -c, --category        Trace category to set/remove.
   -d, --diagnostic      Diagnostic Monitor to set.
   -e, --exportDiagnostic  Export the diagnostic data to XML file.
   -l, --level           Level to set to (VERBOSE, INFO, WARN, ERROR, FATAL, NONE).
   -n, --node            Modify log categories for this node instead of the instance.
   -i, --instance <name> Instance name for which log categories should be modified.
   -r, --remove          Disable the trace setting for the specified category.


NOTE: This CLU cannot be run on a replica instance to modify log categories.
      To modify log categories for a replica instance, run this CLU on the
      primary instance with '-i <ReplicaInstanceName>' option.


Examples:
   Enable node level verbose tracing for authentication.
     rsautil set-trace -n -c trace.com.rsa.ims.authn -l VERBOSE -u admin -p password


   Enable instance level tracing for hibernate.
     rsautil set-trace -c net.sf.hibernate -l VERBOSE -u admin -p password


   Enable authentication component diagnostic monitoring.
     rsautil set-trace -d AuthnBeforeMonitor -u admin -p password


   Enable tracing for spring only on this cluster node.
     rsautil set-trace -c org.springframework -l VERBOSE -n -u admin -p password


   Enable tracing for spring on replica instance 'ReplicaInstance'.
     rsautil set-trace -c org.springframework -l VERBOSE -i ReplicaInstance -n -u admin -p password


   Disable instance level tracing for hibernate.
     rsautil set-trace -c net.sf.hibernate -r -u admin -p password


   Disable authentication component diagnostic monitoring.
     rsautil set-trace -d AuthnBeforeMonitor -r -u admin -p password


   List trace categories for this instance and node.
     rsautil set-trace -s -u admin -p password


   List diagnostic monitors.
     rsautil set-trace -t -u admin -p password


 



setup-replication



Usage: rsautil setup-replication -m <password> -a <action> [options]
Options:
 -h, --help               Display help
 -v, --version            Display the version and copyright information
 -m, --master-password    Master password for the encrypted properties file


 -a, --action             (one of the following)
     cleanup:             Cleanup all sites from replication system
     cleanup-site:        Cleanup demoted primary site
     set-primary:         Setup primary site
     remove-primary:      Remove primary site from replication system
     add-replica-online:  Add a replica site in online data sync mode
       -f, --file         Comma separated configuration bootstrap data files
                          (i.e., "file1, file2")
     add-replica-offline: Add a replica site in offline data sync mode
       -f, --file         Comma separated configuration bootstrap data files
                          (i.e., "file1, file2")
     remove-replica:      Remove replica site from replication system
       -n, --name         Comma separated instance name of sites
                          (i.e., "name1, name2")
     generate-data:       Generate primary schema data dump file
     list:                List currently configured sites
     report:              Display replication system status report
     attach-old-primary:  Attach the demoted primary site to a replication system
     remove-unreg-replicas:  Remove the stale replica information caused by a failed replica attachment
 -V, --verbose            Display setup information in verbose mode
 -G, --generate-sql       Generate sql scripts for debugging purpose
 -q, --quiet              Execute the action without input the prompt


 


store


Usage: rsautil store -a <action> -m <password>
Options:
 -m, --master-password Master password of the encrypted properties file.
 -h, --help            prints help message and exits.
 -v, --version         prints version information and exits.
 -V, --verbose         enable verbose output. Optional.
 -a, --action          (one of the following)
     delete_report_jobs               Delete all scheduled report jobs
     admin_roles <attribute>          List all of the Admin Roles with View or None permission.
     fixlogs                          Fix error in log entries
     add_config <name> <value> <instance> <data_type> Create a new config parameter.
     config_all <name> <value>        Set config parameters for all instances
     clearanswers <normalize> <clear_answers> Create config parameter for normalization and clears answers to security questions.
     config <name> <value> <instance> Set config parameters.
     ldap_user_expiration <action> <criteria> List or clear user expiration
     delete_report <name>             Delete a report by name


 



sync-tokens



Authenticator Bulk Synchronization Utility am-7.1.4-build20111005200148
Copyright (C) 2010 RSA Security Inc. All rights reserved.


Usage: rsautil sync-tokens -u <username> -p <password> -o <filename> ( -a | -f <filename> ) ( -l | [-b <value>] [-r <value>] [-n] [-L] [-t] ) [options]
        
where:
     rsautil could either be the Linux shell script (rsautil) or Windows script (rsautil.cmd)     for Linux and Windows respectively.


     Common options:
     -u, --username <username>      The user's login ID is supplied with this parameter.
     -p, --password <password>      The user's password is supplied with this parameter.
     -o, --output-file <filename>   Absolute path to the output file.


     Token selection:
     -a, --all-tokens               Select all tokens from the database
     -f, --file <filename>          Select tokens from the specified file


     Actions:
     -l, --list                     List token attributes.
                                    Absense of this option assumes a modify operation.
     Modifying attributes:
     -b, --absolute-offset <value>  Absolute clock offset value.
                                    Append after resetting to zero.
     -r, --relative-offset <value>  Relative clock offset value.
                                    Append to current offset value.
     -n, --next-tokencode-mode      Reset next token-code mode.
                                    This also resets the bad passcode count to zero.
     -L, --last-login-date          Reset last login date and time.
                                    This option also resets the first login flag.
     -t, --user-lockout             Clear user lockout information.


[options]:
     General options:
     -h, --help,                    Utility usage information.
     -I, --interactive              Interactive mode of administration.
                                    This is the default when no arguments are specified.
     -v, --version                  Display the version information
     -X, --debug                    Display debug messages.


     Overriding filters:
     -U, --unassigned-tokens        Select unassigned tokens.
     -A, --assigned-tokens          Select assigned tokens only.
     -S, --base-domain              Select the base security domain for recursive search.


Examples:


     1) Reset the clock offsets of all tokens in the database to an absolute value:
     rsautil.cmd sync-tokens -u admin -p password -o c:\report.log -a -b 0


     2) Clear the user lockout information and reset next token-code mode:
     rsautil.cmd sync-tokens -u admin -p password -o c:\report.log -a -n -t


 


test-multicast


Usage: test-multicast [options]
Options:
    -n, --name           REQUIRED. Arbitrary system identifier used in test.
                           Good values include the system hostanme or
                           IP address.
    -a  --address        REQUIRED. The multicast address.
    -o  --port           The multicast port. Default: 7001
    -t  --timeout        The idle timeout, in seconds. Default: 600.
    -s  --send-pause     The pause between sending packets in seconds.
                           Default: 2
    -c  --interface      Address of interface card (NIC) to use. If none
                            specified will attempt to use default NIC.
    -l  --time-to-live   Time-to-live of packets (number of hops). Default: 1
    -i  --interactive    Interactive mode.
    -v  --version        Display version information.
 -h,-?  --help           Display this help message.


 


tune-system



Usage: rsautil tune-system [-m <password>] [-u <user>] [-p <password>] [-f <file>] [name value]
Options:
 -h, --help             Display help.
 -v, --version          Display the version and copyright information.
 -m, --master-password  Master password for the encrypted properties file.
 -u, --user-id          User ID of an administrative user.
 -p, --password         Password of the administrative user.
 -f, --file             File containing parameters and values to set.
 -l, --list             Display current settings.


Examples:
 Adjust an individual parameter.
  rsautil tune-system thread-pool 10


 Apply a set of parameters described in a file.
  rsautil tune-system -f small-deployment.properties


 


 


update-instance-node


Usage: rsautil update-instance-node -m <master-password> -i <instance-type>
     -o <old-host> -n <new-host>
Options:
-o, --old-host          Old host address of the node.
-n, --new-host          New host address of the node.
-i, --instance          Instance type. [primary | database-only | proxy-server-only | app-server-only]
-m, --master-password   Master password for the encrypted properties file.
-h, --help              Display this help message. Optional.
-v, --version           Display version information. Optional.


 


update-registry.jar


Invalid argument. 'update-registry.jar' is not a valid Command Line Utility.
Type 'rsautil --list' for a full list.


 


verify-archive-log



Usage: rsautil verify-archive-log -m <password> -f <file>
Options:
  -h, --help             Display help.
  -X, --debug            Display debug messages.
  -v, --version          Display the version and copyright information.
  -m, --master-password  Master password.
  -f, --file             Archive log file to verify.


Legacy Article IDa56341

Attachments

    Outcomes