7-8 Oracle WebLogic Communications Server Administration Guide 4. Use the role command to add alice to the Location Service user group. Doing so grants alice permission to the Proxy Registrar’s Location Service lookup: role user add uid=alice name=Location Service 5. Add user authentication credentials for alice: credentials add uid=alice realm=test.company.com password=welcome1 The credentials command is not needed for applications configured to use the RADIUS Login Module to authenticate users against RADIUS servers. Fore more information on these login modules, see Chapter 5, Administering Security Features . Example 7–3 Creating a User from the Sash Command-Line Prompt sash privateIdentity add privateId=alice sash publicIdentity add publicId=sip:alicetest.company.com privateId=alice sash account add uid=alice active=true sash role user add uid=alice name=Location Service sash credentials add uid=alice realm=test.company.com password=welcome1

7.4.2 Creating a User with the Command Service MBean

You can execute Sash commands using the CommandService MBean’s execute operation. The Command Service MBean is defined within the subscrdataservcommandsear application. To create a user: 1. Select the execute operation. The Operation page for the execute operation appears. 2. Enter privateIdentity add privateId=alice in the Value field.

3. Click Invoke Operation. Repeat this process for each of the user creation

commands. For example, the subsequent publicIdentity and account commands would both be followed by Invoke Operation. Note: OWLCS Version 10.1.3.2 requires that the uid be in lower-case. Oracle Communicator users provisioned using OWLCS Version 10.1.3.2 must also enter their account names in lower case during login. OWLCS Version 10.1.3.3 and 10.1.3.4 support mixed-case uids. However, Oracle Communicator users can only log in by entering their user name exactly as it was provisioned. For example, if you define the uid as Alice, then the user must login as Alice. If you upgrade to 10.1.3.4 from 10.1.3.2, users provisioned in 10.1.3.2 must continue to log in using lower case. Note: You must also configure realms using the SIP Servlet Container MBean before you use Sash to add authorization credentials to a user. Tip: You can create multiple users by creating Sash batch files. For more information, see Scripting with Sash . Provisioning Users With Sash 7-9

7.4.3 Creating a User with the Identity Add Command

The identity add command enables you to create a user with one command string. This command, which is an alias to the privateIdentity, publicIdentity, account, role and credentials commands, enables you to quickly create a basic user account that contains the minimum information needed for users to connect to OWLCS through a SIP client. For example, to create a basic account for user alice using this command, enter the following from either the command line or through the Command Service Mbean’s execute operation: identity add privateId=alice publicId=sip:sip.alicecompany.com role=Location Service realm=company.com password=welcome1 The identity add command only enables you to create a basic user account. Accounts that require more complex construction, such as those that associate multiple publicIds with a single privateId, must be created using multiple Sash commands as illustrated in Example 7–3 .

7.4.3.1 Deleting a User Account with the identity delete Command

The identity delete command enables you to delete all of a user’s roles, credentials, account information, public and private identities using a single command string. For example, to delete an account for user alice using this command, enter the following from either the command line or through the Command Service Mbean’s execute operation: identity delete privateId=alice

7.5 Provisioning the XDMS Using Sash

The commands for provisioning the XDMS are included in the xcap group. Each of these commands is preceded by xcap. The XDMS commands within the xcap group that support user provisioning are included in the user and applicationUsage subgroups. You can provision XDMS from the Sash prompt or by using the CommandService MBean that is provided with the Presence application.

7.5.1 Provisioning XDMS User Accounts Using the CommandService MBean

You can provision XDMS using the execute command provided by the CommandService MBean that is registered to the Presence application. Use the CommandService MBean’s execute operation as described in Creating a User with the