IBM Security-specific Objects Classes
The IBM Security Windows API consists of several common, interdependent classes that correspond with the core elements of IBM Security-managed data, such as computers, users, groups, and zones. These basic classes provide properties, methods, and attributes that you can manipulate in programs and scripts to set or retrieve data.
The following table lists the classes that compose the IBM Security Windows API.
| Class | Description |
|---|---|
| AzRoleAssignment | Represents a computer-role assignment. |
| Cims | Initiates interaction with Active Directory. This top-level class connects to Active Directory and prepares the Active Directory domain and forest for working with IBM Security objects. |
| Command : Right | Represents the right to run a command, including which users and groups have that right. |
| Commands | Represents a collection of command rights. |
| Computer | Manages an individual computer account object. |
| ComputerGroupUnixProfiles : GroupUnixProfiles | Represents the groups in a computer zone. |
| ComputerRole | Manages a computer role. |
| ComputerRoles | Represents a collection of computer roles. |
| Computers | Represents a collection of computers in a zone. |
| ComputerUserUnixProfiles: UserUnixProfiles | Represents the users in a computer zone. |
| Group | Manages an individual group account object. |
| GroupUnixProfile | Manages the properties in the UNIX profile of a group. |
| GroupUnixProfiles | Represents a collection of UNIX groups in a zone. |
| HierarchicalGroup : GroupUnixProfile | Manages the properties in the UNIX profile of a group in a hierarchical zone. |
| HierarchicalUser : UserUnixProfile | Manages the properties in the UNIX profile of a user in a hierarchical zone. |
| HierarchicalZone : Zone | Represents a hierarchical zone. |
| HierarchicalZoneComputer: Computer | Manages the properties in the profile of a computer object joined to a hierarchical zone. |
| HzRoleAssignment : RoleAssignment | Manages a zone-level role assignment in a hierarchical zone. |
| InheritedRoleAsg | Represents an inherited role assignment. |
| Key | Represents a license key. |
| Keys | Represents a collection of IBM Security license keys. |
| License | Represents a IBM Security license. |
| Licenses | Represents a collection of IBM Security licenses in a license container object. |
| LicensesCollection | Manages all the IBM Security licenses in all of the Licenses parent containers defined for a forest. |
| MzRoleAssignment : RoleAssignment | Represents a computer-level role assignment. |
| NetworkAccesses | Represents a collection of network access rights. |
| Pam : Right | Represents a PAM (Pluggable Authentication Module) application right. |
| Pams | Represents a collection of PAM application rights. |
| Right | The base class for all rights. |
| Right : NetworkAccess | Represents a Windows network access right. |
| Right : WindowsApplication | Represents a Windows application right. |
| Right : WindowsDesktop | Represents a Windows desktop right. |
| Role | Manages a IBM Security role. |
| RoleAssignment | Represents a role assignment. |
| RoleAssignments | Represents a collection of role assignments. |
| Roles | Represents a collection of roles. |
| User | Represents an individual user account object. |
| UserUnixProfile | Manages the properties in the profile associated with an individual UNIX user. |
| UserUnixProfiles | Represents a collection of users in a zone. |
| WindowsApplications | Represents a collection of Windows application rights. |
| WindowsDesktops | Represents a collection of Windows desktop rights. |
| WindowsUser | Represents a Windows user. |
| WindowsUsers | Represents a collection of Windows users. |
| Zone | Represents a IBM Security zone, including the users, groups, and computers that have been added to the zone. |
In addition to these objects, there are optional objects for managing and manipulating NIS maps and NIS map entries in Active Directory. For an overview of those objects, see Working With NIS Maps. For more information about all of the objects that enable you to manipulate IBM Security-specific data in Active Directory, see IBM Security Object Reference.