RBACRole - setLdapSyncOptions

RBACRole - setLdapSyncOptions

Description :

This command sets the synchronization options associated with an RBAC role. The options are:

  • Delete missing users: Delete any users that exist in the RBAC role, but do not exist in the synchronization source.
  • Disable missing users: Disable any users that exist in the RBAC role but do not exist in the synchronization source.

  • Prune missing users: Prune any users that exist in the RBAC role but do not exist in the synchronization source.
     Note that setting the Delete option to true is mutually exclusive with setting the Disable or Prune option to true. Disable and Prune options can both be set to true simultaneously.

    Return type : void

Command Input :

Variable Name

Variable Type

Description

roleName

String

Name of the RBAC Role.

deleteMissingUsers

Boolean

True to delete any users that exist in the RBAC role but do not exist in the synchronization source.

disableMissingUsers

Boolean

True to disable any users that exist in the RBAC role but do not exist in the synchronization source.

pruneMissingUsers

Boolean

True to prune any users that exist in the RBAC role but do not exist in the synchronization source.

Example

The following example sets the BLAdmins role synchronization options to the following values:

  • Delete missing users: true
  • Disable missing users: false
  • Prune missing users: false

Script





RBACRole setLdapSyncOptions BLAdmins true false false



 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*