4-132 Oracle Fusion Middleware Services Reference Guide for Oracle Universal Content Management all roles get RWDA permission on the security group. For more information about numbering of permissions, see Oracle Fusion Middleware System Administrators Guide for Oracle Content Server. Example IdcService=ADD_GROUP dGroupName=NEW_GROUP dPrivilege=15 dDescription=admin privileges

4.14.3 ADD_ROLE

Service that creates a new role. A role is a set of permissions Read, Write, Delete, Admin for each security group. The service adds a row in the RoleDefinition table for every existing security group. The most likely error is when the role name is not unique. Location: IdcHomeDirresourcescoretemplatesstd_services.htm Additional Required Service Parameters ■ dRoleName: The role name. ■ dPrivilege: The permission setting. If this value is set to 0, only the admin role has RWDA permission on the security group. No other roles are able to access the security group. If the value is set to 15, all roles get RWDA permission on the security group. For more information about numbering of permissions, see Oracle Fusion Middleware System Administrators Guide for Oracle Content Server. Example IdcService=ADD_ROLE dRoleName=specialuser dPrivilege=15

4.14.4 ADD_USER

Service used to create a new user. The most likely error is when the user name is not unique. Location: IdcHomeDirresourcescoretemplatesstd_services.htm Additional Required Service Parameters ■ dName: The user name. ■ dUserAuthType: The user authorization type. This value must be set to either Local or Global. Optional Service Parameters ■ dFullName: The full name of the user. ■ dPassword: The password for the user. ■ dEmail: The email address for the user. Core Oracle Content Server Services 4-133 Optional Attribute Information Optional attribute information is specified in a result set that contains the users attribute information and references the roles the user belongs to and the accounts the user has access to. Attribute information consists of a list of three comma-delimited strings. The first string indicates the type of attribute, the second the name of the attribute, and the third is the access number for accounts or default entry for role. ■ Attribute Type : When defining a role, the first string specifies that this is a role attribute, the second string is the name of the role, and the third is the default entry of 15. When defining an account, the first string specifies that this is an account attribute, the second string is the name of the account, and the third is the access level. – For a role attribute, the information is in the form: – role,contributor,15 – For an account attribute, the information is in the form: – account,books,1 ■ Attribute Name : A user can belong to multiple roles and accounts, so there can be multiple role and account information strings separated by commas in the attribute information column. If the user is to have the admin role, define the user attribute information as follows: ResultSet UserAttribInfo 2 dUserName AttributeInfo jsmith role,contributor,15 end If the user is to belong to both the contributor and editor roles and have Read permission on the books account, define the user attribute information as: ResultSet UserAttribInfo 2 dUserName AttributeInfo jsmith role,contributor,15,role,editor,15,account,books,1 end ■ Access Number : These access numbers can be assigned to the user. – 1: Read only – 3: Read and write – 7: Read, write, delete – 15: Administrative permissions Important: The user attribute information is not predefined. By default, a new user belongs to no roles or accounts, and becomes a guest in the system. 4-134 Oracle Fusion Middleware Services Reference Guide for Oracle Universal Content Management Example ■ IdcCommand command file format: IdcService=ADD_USER dName=specialuser dUserAuthType=LOCAL ■ HDA format with optional parameters: Properties LocalData IdcService=ADD_USER dName=jsmith dUserAuthType=LOCAL dFullName=Jennifer Smith dPassword=password dEmail=jsmithexample.com end ResultSet UserAttribInfo 2 dUserName AttributeInfo jsmith role,admin,15,role,contributor,15 end

4.14.5 CHANGE_USER_AUTH_TYPE