Operation functions
The operation overrides that may be specified in the configuration file are as follows:
checktpl List the attribute information for a given acctid.
list List the accounts for the target.
listgroups List the groups for the target.
isenabled Checks if the account is enabled.
islocked Checks if the account is locked.
ispwexpired Checks if the account password is expired.
disable Disables an account.
enable Enables an account.
lock Locks an account.
unlock Unlocks an account.
expirepw Expires an account password.
unexpirepw Unexpires an account password.
create Creates an account.
delete Deletes an account.
verify Verify an account password and increment the failed password attempts on verification failure.
admin_verify Verify an account password.
verifyreset Verify an account password and on failed password verification, reset the password.
reset Reset an account password.
change Verify an account password and on successful password verification, reset the password.
resetexpirepw Reset an account password and expire the account password.
groupuseradd Add an account to a given group.
groupuserdelete Remove an account from a given group.
groupcreate Create a group.
groupdelete Delete a group.
update Updates an account.
Warning
Functions which reset or verify passwords in scripts used by Bravura Privilege for password randomization must always report the result of the reset or verification accurately. Inaccurate status information may result in checked out passwords not working; additionally, if the credential used to manage the target system is being randomized, Bravura Privilege may invalidate its own managed system credential when an erroneous status is returned. Do not assume scripted password changes are always successful; always check return codes.