3 Replies Latest reply on Jun 30, 2015 3:29 PM by Bill Robinson

    NSH script/job blcli_setoption roleName not working

    michael huttner

      We have a script/job to syncronize our AD/LDAP user/groups with Bladelogic RBAC user/roles.  The job is set up to execute with BLAdmins role equivalence, but needs to switch roles to handle RBACUser functions (eg, createUser, addRole, removeRole).   The NSH was not working, using:



      blcli_setoption authType BLSSO


      blcli_setoption roleName BLADmins

      blcli_connect || exit 2


      blcli_execute RBACUser removeRole ${USERNAME} ${ROLENAME}


      We finally inserted this code right after the blcli_connect to get it working:

      blcli_execute Utility assumeRole RBACAdmins


      But we are concerned that BMC may change java classes/namespaces in future releases, and this code may only be a temporary workaround.   Can someone advise or suggest a better way to handle this?