Previous section.

DCE 1.1: Authentication and Security Services
Copyright © 1997 The Open Group

NAME

sec_rgy_properties_get_info-Returns registry properties

SYNOPSIS

#include <dce/policy.h>

void sec_rgy_properties_get_info(
    sec_rgy_handle_t context,
    sec_rgy_properties_t *properties,
    error_status_t *status);

PARAMETERS

Input

context

An opaque handle bound to a registry server. Use sec_rgy_site_open() to acquire a bound handle.

Output

properties

A pointer to a sec_rgy_properties_t structure to receive the returned property information. A registry's property information contains information such as the default and minimum lifetime and other restrictions on privilege attribute certificates, the realm authentication name, and whether or not this replica of the registry supports updates.

status

A pointer to the completion status. On successful completion, the routine returns error_status_ok. Otherwise, it returns an error.

DESCRIPTION

The sec_rgy_properties_get_info() routine returns a list of the registry properties.

The property information consists of the following:

read_version

A stamp specifying the earliest version of the registry server software that can read from this registry.

write_version

A stamp specifying the earliest version of the registry server software that can write to this registry.

minimum_ticket_lifetime

The minimum period of time for which an authentication ticket remains valid.

default_certificate_lifetime

The default period of time for which an authentication certificate (ticket-granting ticket) remains valid. A process can request an authentication certificate with a longer lifetime. Note that the maximum lifetime for an authentication certificate cannot exceed the lifetime established by the effective policy for the requesting account.

low_unix_id_person

The lowest UNIX ID that can be assigned to a principal in the registry.

low_unix_id_group

The lowest UNIX ID that can be assigned to a group in the registry.

low_unix_id_org

The lowest UNIX ID that can be assigned to an organization in the registry.

max_unix_id

The maximum UNIX ID that can be used for any item in the registry.

realm

A character string naming the cell controlled by this registry.

realm_uuid

The UUID of the cell controlled by this registry.

flags

Flags indicating whether:

sec_rgy_prop_readonly

If TRUE, the registry database is read-only.

sec_rgy_prop_auth_cert_unbound

If TRUE, privilege attribute certificates can be generated for use at any site.

sec_rgy_prop_shadow_passwd

If FALSE, passwords can be distributed over the network. If this flag is TRUE, passwords will be stripped from the returned data to the sec_rgy_acct_lookup(), and other calls that return an account's encoded password.

sec_rgy_prop_embedded_unix_id

All registry UUIDs contain embedded UNIX IDs. This implies that the UNIX ID of any registry object cannot be changed, since UUIDs are immutable.

Permissions Required
The sec_rgy_properties_get_info() routine requires the r (read) permission on the policy object from which the property information is to be returned.

FILES

/usr/include/dce/policy.idl

The idl file from which dce/policy.h was derived.

ERRORS

error_status_ok

The call was successful.

sec_rgy_server_unavailable

The DCE Registry Server is unavailable.

SEE ALSO

Functions: sec_rgy_properties_set_info().
Please note that the html version of this specification may contain formatting aberrations. The definitive version is available as an electronic publication on CD-ROM from The Open Group.

Contents Next section Index