NAME

pam_sm_get_mapped_username - get valid matched identity in new domain

SYNOPSIS

#include <security/pam_appl.h>
#include <security/pam_modules.h>

int pam_sm_get_mapped_username (
    pam_handle_t    *pamh,
    char            *src_username,
    char            *src_module_type,
    char            *src_authn_domain,
    char            *target_module_type,
    char            *target_authn_domain,
    char           **target_module_username,
    int              argc,
    const char     **argv
);

DESCRIPTION

The pam_sm_get_mapped_username() function is used to obtain a valid identity in a new domain that matches the input identity. target_module_type and target_authn_domain are used to query the mapping database and extract the target_username.

The arguments for pam_sm_get_mapped_username() are:

pamh (in)

The PAM authentication handle, which has been returned from a previous call to pam_start().

src_username (in,out)

The source username used for the mapping. It this is NULL, then the value is obtained from the pam_hamdle. If a zero length string is specified, it is used to query the mapping service and the value is returned if found.

src_module_type (in)

The source authentication type; for example, DCE.

src_authn_domain (in)

The source domain; for example, the DCE cell name.

target_module_type (in)

The target authentication type; for example, UNIX.

target_authn_domain (in)

The target domain; for example, UNIX hostname.

target_module_username (out)

The target username which matches the input src_username.

argc (in)

The argc argument represents the number of module options defined in the PAM configuration.

argv (in)

Specifies the module options, which are interpreted and processed by the mapping module. If an unknown option is passed in, an error should be logged and the option ignored.

RETURN VALUE

The following PAM status codes shall be returned:

[PAM_SUCCESS]

Successful completion.

[PAM_USER_UNKNOWN]

The username supplied is not recognized.

[PAM_MODULE_UNKNOWN]

The mapping service does not support this module type.

[PAM_DOMAIN_UNKNOWN]

The mapping service does not support this module's domain.

[PAM_SERVICE_ERR]

The mapping service failed in reading/writing data.

[PAM_IGNORE]

Ignore underlying session module regardless of whether the control flag is required, optional or sufficient.

[PAM_PERM_DENIED]

The caller does not possess the required authority.

[PAM_SYSTEM_ERR]

System error.

[PAM_BUF_ERR]

Memory buffer error.

[PAM_CONV_ERR]

Conversation error.

[??] Some characters or strings that appear in the printed document are not easily representable using HTML.