# Enterprise Management Commands ## Overview The Enterprise Management Commands in Keeper Commander CLI provide administrators with powerful tools to manage and configure enterprise-level settings. These commands facilitate the administration of users, roles, teams, nodes, and compliance reporting, enabling efficient oversight and control across the organisation. ## Commmands This Section details and exposes following commands 1. [Enterprise User Command](https://docs.keeper.io/en/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/enterprise-management-commands/enterprise-user-commands) 2. [Enterprise Node Command](https://docs.keeper.io/en/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/enterprise-management-commands/enterprise-node-commands) 3. [Enterprise Role Command](https://docs.keeper.io/en/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/enterprise-management-commands/enterprise-role-commands) 4. [Enterprise Team Command](https://docs.keeper.io/en/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/enterprise-management-commands/enterprise-team-commands) 5. [Enterprise Info Command](https://docs.keeper.io/en/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/enterprise-management-commands/enterprise-info-commands) 6. [Transfer User Command](https://docs.keeper.io/en/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/enterprise-management-commands/transfer-user-commands) 7. [Device Approve Command](https://docs.keeper.io/en/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/enterprise-management-commands/device-approve-commands) 8. [Enterprise Down Command](#enterprise-down) 9. [Audit Alert Command](https://docs.keeper.io/en/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/enterprise-management-commands/audit-alert-commands) 10. [Audit Log Command](#audit-log) 11. [Audit Report Command](#audit-report) 12. [Create User Command](#create-user) ### Enterprise Down Command Download enterprise data to local cache.

DotNet CLI

**Command:** `enterprise-get-data` **Example:** ```sh My Vault> enterprise-get-data ```

DotNet SDK

**Function:** `public async Task Load()` ```csharp public async Task Load() ```

PowerCommander

**Command:** `Sync-KeeperEnterprise` **Flag:** ```powershell PS> Sync-KeeperEnterprise ```

Python CLI

**Command**: `enterprise-down` **Options**: * `--reset` Reload enterprise data **Example:** ```sh My Vault> enterprise-down --reset ```

Python SDK

**Function:** enterprise\_loader.load() ```python from keepersdk.enterprise import enterprise_loader enterprise_loader = enterprise_loader.EnterpriseLoader(KeeperAuth) enterprise_loader.load() ```

### Audit Log Command Export and display the enterprise audit log.

DotNet CLI

**Command:** Coming Soon

DotNet SDK

**Function:** Coming Soon

PowerCommander

**Command:** Coming Soon

Python CLI

**Command**: `audit-log` **Parameters:** * `--target` - Target for audit log export: `json` (**required**) * `--record` - Keeper record name or UID **Options**: * `--anonymize` - Anonymises audit log by replacing email and user name with corresponding enterprise user id. If user was removed or if user's email was changed then the audit report will show that particular entry as deleted user. * `--shared-folder-uid` - Filter: Shared Folder UID(s). Overrides existing setting in config record and sets new field value. Can be repeated. * `--node-id` - Filter: Node ID(s). Overrides existing setting in config record and sets new field value. Can be repeated. * `--days` - Filter: max event age in days. Overrides existing "last\_event\_time" value in config record **Example:** ```bash My vault> audit-log --target json --record "Audit Log Config" --days 30 ```

Python SDK

Not Supported

### Audit Report Command Run an audit trail report.

DotNet CLI

**Command :** `audit-report [options]` **Options:** * `--limit ` - Maximum number of returned events (default: 100) * `--order ` - Sort order * `--created ` - Filter by event creation datetime * `--event-type ` - Comma-separated audit event types * `--username ` - Username(s) of event originator * `--to-username ` - Username of event target * `--record-uid ` - Record UID * `--shared-folder-uid ` - Shared folder UID **Event Types:** Common audit event types include: * `login` * `logout` * `record_add` * `record_update` * `record_delete` **Date Format:** * Absolute: `YYYY-MM-DD` or `YYYY-MM-DD HH:MM:SS` * Relative: `today`, `yesterday`, `last_7_days`, `last_30_days`, `last_90_days` **Example:** ```bash # Recent events audit-report --limit 50 audit-report --limit 100 --order desc # Filter by user audit-report --username user@example.com --limit 200 audit-report --to-username target@example.com # Filter by event type audit-report --event-type login,logout audit-report --event-type record_add,record_update,record_delete --limit 500 ```

DotNet SDK

**Function:** GetAvailableEvents() ```csharp public static async Task GetAvailableEvents(this IAuthentication auth) ``` **Example:** ```csharp var auditEvents = await context.Enterprise.Auth.GetAvailableEvents(); ```

PowerCommander

Not Implemented

Python CLI

**Command**: `audit-report` **Options**: * `--syntax-help` - Display help * `--report-type` - Report type: `raw`, `dim`, `hour`, `day`, `week`, `month`, `span` * `--report-format` - Output format (raw reports only): `message` (default) or `fields` * `--column` - Column name. Can be repeated. (ignored for raw reports) * `--aggregate` - Aggregated value. Can be repeated. (ignored for raw reports): `occurrences`, `first_created`, `last_created` * `--timezone` - Return results for specific timezone * `--limit` - Maximum number of returned rows (set to -1 to get all rows for raw report-type) * `--order` - Sort order: `desc` or `asc` * `--created` - Filter: Created date. Predefined filters: `today`, `yesterday`, `last_7_days`, `last_30_days`, `month_to_date`, `last_month`, `year_to_date`, `last_year` * `--event-type` - Filter: Audit Event Type. Can be repeated. * `--username` - Filter: Username of event originator. Can be repeated. * `--to-username` - Filter: Username of event target. Can be repeated. * `--ip-address` - Filter: IP Address(es). Can be repeated. * `--record-uid` - Filter: Record UID. Can be repeated. * `--shared-folder-uid` - Filter: Shared Folder UID. Can be repeated. * `--geo-location` - Filter: Geo location * `--device-type` - Filter: Device type * `--format` - Output format: `json`, `table`, `csv` * `--output` - Output filename

Python SDK

**Function:** execute\_audit\_report() ```bash raw_report = audit_report.RawAuditReport(KeeperAuth) raw_report.execute_audit_report() ```

#### Report Types * **raw**: Returns individual events. All event properties are returned. * **dim**: Returns event property description or distinct values. * **hour/day/week/month**: Aggregates audit event by created date. * **span**: Aggregates audit event without date aggregation. ### Create User Command The `create-user` command creates a new enterprise user, assigns them to a node, and can store their credentials in a specified folder. It also supports one-time secure sharing of the credentials.

DotNet CLI

**Command:** **Flag:** ```bash ```

DotNet SDK

**Command:** **Flag:** ```bash ```

PowerCommander

**Command:** **Flag:** ```bash ```

Python CLI

**Command**: `create-user email ` **Alias:** `ecu` **Parameters**: `email` - User email (required) **Options**: * `--name`, `--full-name` - User name * `--node` - Node name or node ID * `--folder` - Folder name or UID to store password record * `-v`, `--verbose` - Print verbose information **Example:** ```bash My Vault> create-user user@example.com --name "John Doe" --node "Engineering" ```

Python SDK

**Function:** create\_user()

from keepersdk.enterprise.enterprise_user_management import (
    EnterpriseUserManager,
    CreateUserRequest,
    CreateUserResponse
)

CreateUserResponse response;
user_manager = EnterpriseUserManager(
        loader=context.enterprise_loader,
        auth_context=context.auth
    )
request = CreateUserRequest(
        email=email,
        display_name=display_name,
        node_name=node_name,
        node_id=node_id,
        password_length=password_length,
        suppress_email_invite=suppress_email_invite
    )
 response = user_manager.create_user(request)