Table of Contents

Search

  1. Preface
  2. Command Line Programs and Utilities
  3. Installing and Configuring Command Line Utilities
  4. Using the Command Line Programs
  5. Environment Variables for Command Line Programs
  6. Using infacmd
  7. infacmd as Command Reference
  8. infacmd aud Command Reference
  9. infacmd autotune Command Reference
  10. Infacmd bg Command Reference
  11. infacmd ccps Command Reference
  12. infacmd cluster Command Reference
  13. infacmd cms Command Reference
  14. infacmd dis Command Reference
  15. infacmd dps Command Reference
  16. infacmd edl Command Reference
  17. Infacmd es Command Reference
  18. infacmd ihs Command Reference
  19. infacmd ipc Command Reference
  20. infacmd isp Command Reference
  21. infacmd ldm Command Reference
  22. infacmd mas Command Reference
  23. infacmd mi Command Reference
  24. infacmd mrs Command Reference
  25. infacmd ms Command Reference
  26. infacmd oie Command Reference
  27. infacmd ps Command Reference
  28. infacmd pwx Command Reference
  29. infacmd rms Command Reference
  30. infacmd rtm Command Reference
  31. infacmd sch Command Reference
  32. infacmd search Command Reference
  33. infacmd sql Command Reference
  34. infacmd tdm Command Reference
  35. infacmd wfs Command Reference
  36. infacmd ws Command Reference
  37. infacmd xrf Command Reference
  38. infacmd Control Files
  39. infasetup Command Reference
  40. pmcmd Command Reference
  41. pmrep Command Reference
  42. Working with pmrep Files

SetApplicationObjectPermissions

SetApplicationObjectPermissions

Assigns or denies permissions on an application object such as mapping or workflow to a user or a group.
You can allow or deny permissions to users with the -ap or -dp options of the SetApplicationObjectPermissions command. If you do not explicitly allow or deny permissions using one of the options, the user inherits the application-level permission on the mapping or the workflow.
The infacmd dis SetApplicationObjectPermissions command uses the following syntax:
SetApplicationObjectPermissions <-DomainName|-dn> domain_name <-ServiceName|-sn> service_name <-UserName|-un> user_name <-Password|-pd> password [<-SecurityDomain|-sdn> security_domain] [<-ResilienceTimeout|-re> timeout_period_in_seconds] <-Application|-a> application_name <-ApplicationObjectType|-t> application_object_type_Mapping_Workflow <-ApplicationObject|-ao> application_object_name <<-GranteeUserName|-gun> grantee_user_name|<-GranteeGroupName|-ggn> grantee_group_name> [<-GranteeSecurityDomain|-gsdn> grantee_security_domain] [<-AllowedPermissions|-ap> allowed_permissions] [<-DeniedPermissions|-dp> denied_permissions]
The following table describes infacmd dis SetApplicationObjectPermissions options and arguments:
Option
Argument
Description
-DomainName
-dn
domain_name
Required. Name of the Informatica domain. You can set the domain name with the -dn option or the environment variable INFA_DEFAULT_DOMAIN. If you set a domain name with both methods, the -dn option takes precedence.
-ServiceName
-sn
service_name
Required. Name of the Data Integration Service where the application is deployed.
-UserName
-un
user_name
Required if the domain uses Native or LDAP authentication. User name to connect to the domain. You can set the user name with the -un option or the environment variable INFA_DEFAULT_DOMAIN_USER. If you set a user name with both methods, the -un option takes precedence.
Optional if the domain uses Kerberos authentication. To run the command with single sign-on, do not set the user name. If you set the user name, the command runs without single sign-on.
-Password
-pd
password
Required if you specify the user name. Password for the user name. The password is case sensitive. You can set a password with the -pd option or the environment variable INFA_DEFAULT_DOMAIN_PASSWORD. If you set a password with both methods, the password set with the -pd option takes precedence.
-SecurityDomain
-sdn
security_domain
Required if the domain uses LDAP authentication. Optional if the domain uses native authentication or Kerberos authentication. Name of the security domain to which the domain user belongs. You can set a security domain with the -sdn option or the environment variable INFA_DEFAULT_SECURITY_DOMAIN. If you set a security domain name with both methods, the -sdn option takes precedence. The security domain name is case sensitive.
If the domain uses native or LDAP authentication, the default is Native. If the domain uses Kerberos authentication, the default is the LDAP security domain created during installation. The name of the security domain is the same as the user realm specified during installation.
-ResilienceTimeout
-re
timeout_period_in_seconds
Optional. Amount of time in seconds that infacmd attempts to establish or re-establish a connection to the domain. You can set the resilience timeout period with the -re option or the environment variable INFA_CLIENT_RESILIENCE_TIMEOUT. If you set the resilience timeout period with both methods, the -re option takes precedence.
-Application
-a
application_name
Required. Name of the application.
-ApplicationObjectType
-t
application_object_type
Required. Type of the application object type.
Enter one of the following values:
  • Mapping
  • Workflow
-ApplicationObject
-ao
application_object_name
Required. Name of the application object.
-GranteeUserName|GranteeGroupName
-gun|-ggn
grantee_user_name|
grantee_group_name
Required. User name or group name to set or deny permissions for.
-GranteeSecurityDomain
-gsdn
grantee_security_domain
Required if you use LDAP authentication and you are granting user permissions. Name of the security domain that the user belongs to.
-AllowedPermissions
-ap
allowed_permissions
Optional. List of permissions to allow. Enter any of the following permissions separated by spaces:
  • View. Users can view application.
  • Grant. Users can grant and revoke permissions on the application.
  • Execute. Users can run application.
-DeniedPermissions
-dp
denied_permissions
Optional. List of permissions to deny users. Separate each parameter by a space. Enter any of the following permissions separated by spaces:
  • View. Users can view application.
  • Grant. Users cannot grant and revoke permissions on the application.
  • Execute. Users cannot run application.

0 COMMENTS

We’d like to hear from you!