setad(8)
System Administration 151
group administrator Assign group name for up to five specified administrator
groups. The administrator group has platadm, useradm,
and auditadm privileges and you cannot change that.
group operator Assign group name for up to five specified operator
groups. The operator group has platop and auditop
privileges and you cannot change that.
group custom Assign group name and privileges for up to five groups.
userdomain Configure the specified user domain. A user domain can
be configured explicitly through the setad userdomain
command on XSCF, or entered at the login prompt using
the form, user@domain.
■If a user domain is specified at the login prompt – for
example, login: ima.admin@dc01.example.com –
that user domain is used for this login attempt. Any
pre-configured user domains (as displayed by showad
userdomain) are ignored.
■If a user domain is not specified at the login prompt –
for example, login: ima.admin – XSCF checks each of
the pre-configured user domains, in turn, to
authenticate the user.
See EXAMPLE 6, below, for important information.
defaultrole Configure default privileges. If defaultrole is configured,
users have privileges as specified by defaultrole after
authentication; user group membership is not checked. If
defaultrole is not configured, users’ privileges will be
learned from Active Directory based on group
membership.
timeout Configure transaction timeout, in seconds. seconds can be
1 to 20. The default is 4. If the specified timeout is too
brief for the configuration, the login process or retrieval
of user privilege settings could fail.
server Configure the primary and up to five alternate Active
Directory servers. To use a host name, DNS must be
enabled. An IP address can be specified with port
number; otherwise, the default port is used.