Command Reference > infacmd isp Command Reference > AddRolePrivilege


Assigns a privilege to a role in the domain. You can assign privileges to a role for the domain. You can also assign role privileges for each application service in the domain.
The infacmd isp AddRolePrivilege command uses the following syntax:

<-DomainName|-dn> domain_name

<-UserName|-un> user_name

<-Password|-pd> password

[<-SecurityDomain|-sdn> security_domain]

[<-Gateway|-hp> gateway_host1:port gateway_host2:port...]

[<-ResilienceTimeout|-re> timeout_period_in_seconds]

<-RoleName|-rn> role_name

<-ServiceType|-st> service_type AS|CMS|LDM|MM|MRS|RS|TDM|TDW|DOMAIN

<-PrivilegePath|-pp> path_of_privilege
The following table describes infacmd isp AddRolePrivilege options and arguments:
Required. Name of the Informatica domain. You can set the domain name with the -dn option or the environment variable INFA_DEFAULT_DOMAIN. If you set a domain name with both methods, the -dn option takes precedence.
Required if the domain uses Native or LDAP authentication. User name to connect to the domain. You can set the user name with the -un option or the environment variable INFA_DEFAULT_DOMAIN_USER. If you set a user name with both methods, the -un option takes precedence.
Optional if the domain uses Kerberos authentication. To run the command with single sign-on, do not set the user name. If you set the user name, the command runs without single sign-on.
Required if you specify the user name. Password for the user name. The password is case sensitive. You can set a password with the -pd option or the environment variable INFA_DEFAULT_DOMAIN_PASSWORD. If you set a password with both methods, the password set with the -pd option takes precedence.
Required if the domain uses LDAP authentication. Optional if the domain uses native authentication or Kerberos authentication. Name of the security domain to which the domain user belongs. You can set a security domain with the -sdn option or the environment variable INFA_DEFAULT_SECURITY_DOMAIN. If you set a security domain name with both methods, the -sdn option takes precedence. The security domain name is case sensitive.
If the domain uses native or LDAP authentication, the default is Native. If the domain uses Kerberos authentication, the default is the LDAP security domain created during installation. The name of the security domain is the same as the user realm specified during installation.
gateway_host1:port gateway_host2:port ...
Required if the gateway connectivity information in the domains.infa file is out of date.The host names and port numbers for the gateway nodes in the domain.
Optional. Amount of time in seconds that infacmd attempts to establish or reestablish a connection to the domain. If you omit this option, infacmd uses the timeout value specified in the INFA_CLIENT_RESILIENCE_TIMEOUT environment variable. If no value is specified in the environment variable, the default of 180 seconds is used.
Required. Name of the role to which you are assigning the privilege. To enter a name that contains a space or other non-alphanumeric character, enclose the name in quotation marks.
Required. Domain or application service type to which you assign the privilege for the role.
Service types include:
  • - AS. Analyst Service
  • - CMS. Content Management Service
  • - LDM. Live Data Map
  • - MM. Metadata Manager Service
  • - MRS. Model Repository Service
  • - RS. PowerCenter Repository Service
  • - TDM. Test Data Manager Service
  • - TDW. Test Data Warehouse Service
  • - DOMAIN. Domain
Required. Fully-qualified name of the privilege you want to assign to the group. A fully-qualified name includes privilege group name and privilege name. For example, a fully-qualified privilege name for the Repository Service is folder/create. If the privilege name includes spaces, enclose the path in quotation marks as follows:
“Runtime Objects/Monitor/Execute/Manage Execution”
If the privilege name includes the special character “/”, add the escape character “/”before it as follows:
“Model/View Model/Export\/Import Models”