VMS Help
DCE_SECURITY, API Routines, sec_rgy_auth_plcy_get_effective

 *Conan The Librarian (sorry for the slow response - running on an old VAX)

 NAME
   sec_rgy_auth_plcy_get_effective - Returns the effective
                                     authentication policy for an
                                     account

 SYNOPSIS

   #include <dce/policy.h>

   void sec_rgy_auth_plcy_get_effective(
           sec_rgy_handle_t context,
           sec_rgy_login_name_t *account,
           sec_rgy_plcy_auth_t *auth_policy,
           error_status_t *status);

 PARAMETERS

   Input

   context
          An opaque handle bound to a registry server.  Use
          sec_rgy_site_open() to acquire a bound handle.

   account
          A pointer to the account login name (type sec_rgy_login_name_t).
          A login name is composed of three character strings, containing
          the principal, group, and organization (PGO) names corresponding
          to the account. If all three fields contain empty strings, the
          authentication policy returned is that of the registry.

   Output

   auth_policy
          A pointer to the sec_rgy_plcy_auth_t structure to receive the
          authentication policy. The authentication policy structure
          contains the maximum lifetime for an authentication ticket,
          and the maximum amount of time for which one can be renewed.

   status
          A pointer to the completion status.  On successful completion,
          the routine returns error_status_ok. Otherwise, it returns an
          error.

 DESCRIPTION

   The sec_rgy_auth_plcy_get_effective() routine returns the effective
   authentication policy for the specified  account.  The authentication
   policy in effect is the more restrictive of the registry and the account
   policies for each policy category.  If no account is specified, the
   registry's authentication policy is returned.

   Permissions Required

   The sec_rgy_auth_plcy_get_effective() routine requires the r (read)
   permission on the policy object from which the data is to be returned.
   If an account is specified and an account policy exists, the routine
   also requires the r (read) permission on the account principal.

 FILES

   SYS$COMMON:[DCE$LIBRARY]POLICY.IDL
                The idl file from which dce/policy.h was derived.

 ERRORS

   sec_rgy_object_not_found
                The specified account could not be found.

   sec_rgy_server_unavailable
                The DCE Registry Server is unavailable.

   error_status_ok
                The call was successful.

 RELATED INFORMATION

   Functions: sec_intro
              sec_rgy_auth_plcy_get_info
              sec_rgy_auth_plcy_set_info
  Close     HLB-list     TLB-list     Help  

[legal] [privacy] [GNU] [policy] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.