Command Reference > infacmd aud Command Reference > getDomainObjectPermissions
  

getDomainObjectPermissions

Gets the list of domain objects to which the specified users or groups have permission. You can generate reports for the specified users or groups.
Users with the administrator role can run this command.
The infacmd aud getDomainObjectPermissions command uses the following syntax:
getDomainObjectPermissions

<-DomainName|-dn> domain_name

<-UserName|-un> user_name

<-Password|-pd> password

[<-SecurityDomain|-sdn> security_domain]

[<-Gateway|-hp> gateway_host1:port gateway_host2:port...]

[<-ResilienceTimeout|-re> timeout_period_in_seconds]

<<-ExistingUserNames|-eu> existing_user_names|

<-ExistingGroupNames|-eg> existing_group_names>

[<-ExistingSecurityDomain|-esd> existing_security_domain]

[<-Format|-fm> format_TEXT_CSV]

[<-OutputFile|-lo> output_file_name]
The following table describes infacmd aud getDomainObjectPermissions options and arguments:
Option
Argument
Description
-DomainName
-dn
domain_name
Required. Name of the Informatica domain. You can set the domain name with the -dn option or the environment variable INFA_DEFAULT_DOMAIN. If you set a domain name with both methods, the -dn option takes precedence.
-UserName
-un
user_name
Required if the domain uses Native or LDAP authentication. User name to connect to the domain. You can set the user name with the -un option or the environment variable INFA_DEFAULT_DOMAIN_USER. If you set a user name with both methods, the -un option takes precedence.
Optional if the domain uses Kerberos authentication. To run the command with single sign-on, do not set the user name. If you set the user name, the command runs without single sign-on.
-Password
-pd
password
Required if you specify the user name. Password for the user name. The password is case sensitive. You can set a password with the -pd option or the environment variable INFA_DEFAULT_DOMAIN_PASSWORD. If you set a password with both methods, the password set with the -pd option takes precedence.
-SecurityDomain
-sdn
security_domain
Name of the security domain that you want to create to which the domain user belongs. You can set a security domain with the -sdn option or the environment variable INFA_DEFAULT_SECURITY_DOMAIN. If you set a security domain name with both methods, the -sdn option takes precedence. The security domain name is case sensitive.
You can specify a value for ‑sdn or use the default based on the authentication mode:
  • - Required if the domain uses LDAP authentication. Default is Native. To work with LDAP authentication, you need to specify the value for -sdn.
  • - Optional if the domain uses native authentication or Kerberos authentication. Default is native for native authentication. If the domain uses Kerberos authentication, the default is the LDAP security domain created during installation. The name of the security domain is the same as the user realm specified during installation.
-Gateway
-hp
gateway_host1:port gateway_host2:port ...
Required if the gateway connectivity information in the domains.infa file is out of date. Specify the host names and port numbers for the gateway nodes in the domain.
-ResilienceTimeout
-re
timeout_period_in_seconds
Optional. Amount of time in seconds that infacmd attempts to establish or re-establish a connection to the domain. You can set the resilience timeout period with the -re option or the environment variable INFA_CLIENT_RESILIENCE_TIMEOUT. If you set the resilience timeout period with both methods, the -re option takes precedence.
-ExistingUserNames
-eu
existing_user_names
Required if you do not use ‑ExistingGroupNames (-eg). Name of the user or a list of users to run the reports. For multiple users, separate each user by a comma at the command line.
-ExistingGroupNames
-eg
existing_group_names
Required if you do not use ‑ExistingUserName (-eu). Name of the group or a list of groups to run the reports. For multiple groups, separate each group by a comma at the command line.
-ExistingSecurityDomain
-esd
existing_security_domain
Required if you use LDAP authentication. Security domain to which the user or group belongs. Default is Native.
-Format
-fm
format_TEXT_CSV
Optional. Output file format. Valid types include:
  • - Text
  • - CSV
If you do not specify a format, infacmd uses text format with lines wrapped at 80 characters.
-OutputFile
-lo
output_file_name
Optional. Name and file path for the output file.
If you do not specify an output file name, infacmd displays the log events on the screen.