seeseccfg

 seeseccfg action options

This utility is used to configure and maintain security configurations and managers from the command line.

Actions

• - create
  • Create or modify a security configuration or security manager definition in the database defined using command-line parameters
• -delete
  • Delete a security configuration or security manager from the database
• -export
  • Export one or more security configurations or security managers from the database to an XML file
• -import
  • Import security configurations and/or managers from an XML file
• -list
  • List security configurations and/or managers

Options

• All actions:

  • -usedb
    • Use the cross-region database on the default SQL Server instance to host the SC resource definitions (default)

  • -usedb:<instance>

    • Use the cross-region database on the named SQL Server instance to host the SC resource definitions
  • -nobanner
    • Do not display the banner
  • -quiet
    • Display minimal output
• For creating a security configuration or security manager (-create):
  • -name:<name>
    • Name of the security configuration or manager to be created (required)
  • -cache_limit:<value>
    • Set the Cache Limit value
  • -cache_ttl:<value>
    • Set the Cache Time-To-Live value
  • -configfile:<file>
    • Specify a file containing configuration text
  • -type:configuration|manager
    • Type of object to create (required)
• For creating a security configuration (-create -type:configuration):
  • -allow_unknown_resources
    • Enable the Allow Unknown Resources option
  • -allow_unknown_users
    • Enable the Allow Unknown Users option
  • -create_audit_events
    • Enable the Create Audit Events option
  • -manager:<name>
    • Specify a security manager. May be used multiple times
  • -type:configuration
    • Create a security configuration
  • -use_all_groups
    • Enable the Use All Groups option
  • -verify_against_all
    • Enable the Verify Against All option
• For creating a security manager (-create -type:manager):
  • -authorized_id:<string>
    • ID to use when connecting to the ESM
  • -connection:<string>
    • Connection path to the ESM-description:<string> Description of this security manager
  • -disable
    • Do not enable this security manager
  • -module:<name>
    • Name of the ESM module (required)
  • -password:<string>
    • Password to use when connecting to the ES
  • -type:manager
    • Create a security manager
• For deleting security configurations or managers (-delete):
  • -name:<name>
    • Name of the security configuration or manager to be deleted (required)
  • -type:configuration|manager
    • Type of object to delete (required)
• For listing security configurations or managers (-list):
  • -type:configuration|manager
    • Type of object to list. If omitted, both are listed.
• For importing security configurations or managers from a file (-import):
  • -in:<file>
    • XML file containing definitions of security configurations and/or managers (required)
• For exporting security configurations or managers to a file (-export):
  • -append
    • If the output file already exists, append to it rather than replacing it
  • -name:<name>
    • Name of the security configuration or manager to be exported. If omitted, all are exported.
  • -out:<file>
    • Name of the file to create or update (required)
  • -type:configuration|manager
    • Type of object to export (required if -name specified, otherwise optional)

  seeseccfg -list -type:manager -usedb:(local)\SQLEXPRESS

seeseccfg -create -type:configuration -name:Default -manager:test3

 seeseccfg -create -usedb:host\ESDB -type:manager -name:test3 -module:NullEsm -description:"Test manager #3" -disable
       -cache_limit:200 -cache_ttl:600 -configfile:secmgr.txt 

seeseccfg -export -out:definitions.xml

 seeseccfg -import -in:definitions.xml