NAME
mxuser - Systems Insight Manager User file format
SYNOPSIS
mxuser
DESCRIPTION
The mxuser command supports reading and writing user and user group
information in the eXtensible Markup Language (XML) format. You may
use this capability to add, modify, or remove multiple users or user
groups in the Systems Insight Manager environment. Each file may
contain the definitions of one or more users or groups.
Document Type Definition
The Document Type Definition (DTD) file defines the constraints for an
XML file. These constraints include the valid element tags,
attributes, and the cardinality of elements in an XML file. The user
DTD file is named userlist.dtd and is included in the following
paragraph. The user group dtd is very similar to the user dtd and is
named usergrouplist.dtd, it is shown later. Note that due to man page
formatting, the DTD contents may not appear the same as in the file.
<?xml version="1.0" encoding="UTF-8" ?>
<!-- READ THIS FIRST! This file is intentionally formatted with a
right margin set at 70. This allows the DTD file to be pasted
directly into the mxuser(4) man page file. Please respect this
constraint when editing this file. After edits are final for
a given release, please paste the final DTD version in the
mxuser(4) man page to keep the documentation current. -->
<!-- The user-list element consists of 0 or more user elements. -->
<!ELEMENT user-list ( user )* >
<!-- The user element has the following attributes: -->
<!-- The name attribute specifies the user name and is required. -->
<!-- The guid attribute specifies the user GUID and is optional. -->
<!-- The trusted attribute specifies whether the user is trusted and
defaults to "false". The trusted attribute may be set to "true"
which corresponds to "full" config-rights or "false" which
corresponds to "limited" config-rights.-->
<!-- The config-rights attribute specifies the configuration rights
the user has on the management server. The config-rights may
be set to "debug", "full", "limited" or "none". -->
<!-- The user element is composed of the following elements: -->
<!-- The description element may optionally appear once and specifies
the user description. -->
<!-- The full-name element may optionally appear once and specifies
the user's full name. -->
<!-- The email-address element may optionally appear once and
specifies the user's email address. -->
<!-- The phone-number element may optionally appear once and specifies
the user's phone number. -->
<!-- The attribute element may appear zero or more times and specifies
the user's client attributes. -->
<!ELEMENT user ( description?, full-name?, email-address?,
phone-number?, attribute* ) >
<!ATTLIST user name NMTOKEN #REQUIRED
trusted (true | false) "false"
config-rights ( debug |
full |
limited |
none ) "limited"
guid NMTOKEN #IMPLIED >
<!ELEMENT description ( #PCDATA ) >
<!ELEMENT full-name ( #PCDATA ) >
<!ELEMENT email-address ( #PCDATA ) >
<!ELEMENT phone-number ( #PCDATA ) >
<!-- The attribute element specifies the name value pairs that
comprise client attributes. The client attribute name is
specified using the name attribute and the client attribute value
is specified as the PCDATA of the element. -->
<!ELEMENT attribute ( #PCDATA ) >
<!ATTLIST attribute name CDATA #REQUIRED >
Elements
As defined in the DTD, the user XML file may contain the following
elements.
The first line of a user XML file should be in the following format:
<?xml version="1.0" encoding="encoding-value" ?>
where the user substitutes a recognized encoding value for the
encoding-value parameter. The recognized encoding values may be found
at the following web site:
http://www.iana.org/assignments/character-sets
If no XML header line is specified, the system defaults encoding to
"UTF-8".
The "user-list" element must appear once in a user XML file and wraps
the list of user information. The "user-list" element may contain zero
or more "user" elements. Note if the "user-list" element contains no
"user" elements, the associated mxuser command will have no effect.
The "user" element may appear zero or more times in a user XML file.
The "user" element has three attributes.
The "name" attributes is mandatory and specifies the user name.
The "config-rights" attribute is optional and specifies what
configuration rights the user has on the CMS. When it is specified it
must be specified using "full", "limited" or "none". If it is not
specified it defaults to "limited".
The "guid" attribute is optional and specifies the globally unique
identifier of the user. Because this value is assigned by the system,
the system ignores this attribute when adding a new user.
The "user" element may contain a number of optional elements. Each of
these elements may only appear once in each "user" element with the
exception of the "attribute" element which may appear zero or more
times. Each element must appear in the order they are defined in the
DTD.
The "description" element specifies a description of the user.
The "full-name" element specifies the user's full name.
The "email-address" element specifies the user's email address.
The "phone-number" element specifies the user's telephone number.
The "attribute" element specifies a set of client attributes to be
associated with the user. Each "attribute" element contains a "name"
attribute which identifies the client attribute and a "value" element
which specifies the client attribute value.
Commenting
Comments may be included in XML files. The comment must begin with
the characters "<!--" and end with the characters "-->". Comments may
span multiple lines within the beginning and ending character tags.
Examples
This section contains some examples of user XML files.
This example shows a file containing the Full Rights user root and a
description.
<?xml version="1.0" encoding="UTF-8"?>
<user-list>
<user name="root" config-rights="full">
<description>Default full rights user.</description>
</user>
</user-list>
This example shows a file containing 2 users. The user "joan1" is a
full rights user with a description, full name, email address, and a
phone number. The user "john2" is a limited rights user with a
description and an email address.
<?xml version="1.0" encoding="UTF-8"?>
<user-list>
<user name="joan1" config-rights="full">
<description>A new full rights user</description>
<full-name>Joan A. User</full-name>
<email-address>joan_user@goodco.com</email-address>
<phone-number>555-1212</phone-number>
</user>
<user name="john2" config-rights="limited">
<description>A limited rights user</description>
<email-address>john_user@goodco.com</email-address>
</user>
</user-list>
<?xml version="1.0" encoding="UTF-8" ?>
<!-- READ THIS FIRST! This file is intentionally formatted with a
right margin set at 70. This allows the DTD file to be pasted
directly into the mxuser(4) man page file. Please respect this
constraint when editing this file. After edits are final for
a given release, please paste the final DTD version in the
mxuser(4) man page to keep the documentation current. -->
<!-- The usergroup-list element consists of 0 or more user elements. -->
<!ELEMENT usergroup-list ( user )* >
<!-- The usergroup element has the following attributes: -->
<!-- The name attribute specifies the usergroup name and is required. Note
the name attribute is CDATA to allow the backslash characters
that may be used to specify Windows domain usergroups. -->
<!-- The guid attribute specifies the user GUID and is optional. -->
<!-- The trusted attribute specifies whether the usergroup is trusted and
defaults to "false". The trusted attribute may be set to "true"
which corresponds to "full" config-rights or "false" which
corresponds to "limited" config-rights.-->
<!-- The config-rights attribute specifies the configuration rights
the usergroup has on the management server. The config-rights may
be set to "debug", "full", "limited" or "none". A default of
"limited" is provided by the Java code although not specified
here. -->
<!-- The usergroup element is composed of the following elements: -->
<!-- The description element may optionally appear once and specifies
the user description. -->
<!-- The full-name element may optionally appear once and specifies
the usergroup's name. -->
<!-- The incl-ip-ranges element may optionally appear once and
specifies the range of IP addresses the user CAN login from. The
string specifying the IP addresses must be in the form of a
semicolon (;) separated list of IP address ranges. Each range is
either a single IP address or two IP addresses separated by a
single dash (-). The IP addresses must be in standard dotted
form (eg. 15.1.54.133). White space surrounding the semicolons
or the dashes is ignored. No white space is allowed within a
single IP address in dotted form. -->
<!-- The excl-ip-ranges element may optionally appear once and
specifies the range of IP addresses the user can NOT login from.
Its value has the same format as that of the incl-ip-ranges
described above. -->
<!-- The attribute element may appear zero or more times and specifies
the usergroup's client attributes. -->
<!ELEMENT user ( description?, full-name?, incl-ip-ranges?,
excl-ip-ranges?, attribute* ) >
<!ATTLIST user name CDATA #REQUIRED
trusted (true | false | unspecified ) "unspecified"
config-rights ( debug |
full |
limited |
none ) "limited"
guid NMTOKEN #IMPLIED >
<!ELEMENT description ( #PCDATA ) >
<!ELEMENT full-name ( #PCDATA ) >
<!ELEMENT incl-ip-ranges ( #PCDATA ) >
<!ELEMENT excl-ip-ranges ( #PCDATA ) >
<!-- The attribute element specifies the name value pairs that
comprise client attributes. The client attribute name is
specified using the name attribute and the client attribute value
is specified as the PCDATA of the element. -->
<!ELEMENT attribute ( #PCDATA ) >
<!ATTLIST attribute name CDATA #REQUIRED >
The usergrouplist.dtd elemnts and attributes listed above correspond
to the same elements in the userlist.dtd. The only difference is that
user specific data, like phone number, etc. is not included in the
usergrouplist.dtd.
Examples
This section contains one example of the user group XML file.
This example shows a file containing the Full Rights user group
fullgroup and a description.
<?xml version="1.0" encoding="UTF-8"?>
<usergroup-list>
<user name="fullgroup" config-rights="full">
<description>Default full rights user.</description>
</user>
</usergroup-list>
LIMITATIONS
This command may only be run on the CMS.
AUTHOR
mxuser was developed by the Hewlett-Packard Company.
SEE ALSO for HP-UX
mxuser(1M)
SEE ALSO for Linux
mxuser(8)