sec_login_newgroups-Restrict group membership information of a login context
#include <dce/sec_login.h> boolean32 sec_login_newgroups ( sec_login_handle_t login_context, sec_login_flags_t flags, unsigned32 count, sec_id_t groups[], sec_login_handle_t *restricted_login_context, error_status_t *status );
Input
- login_context
Login context whose group membership information is to be changed.
- flags
Flag word indicating attributes of the modified login context.
- count
Number of local groups in the array groups.
- groups[]
Array of groups to include in the modified login context.
Output
- restricted_login_context
The restricted login context.
- status
The completion status.
Thesec_login_newgroups() routine restricts the group membership information of a (validated) login context, to, effectively, the intersection of its existing group membership information and the information supplied in the groups array. Thus, groups can be viewed as the maximum group membership privilege that will be claimed by an RPC annotated (seerpc_binding_set_auth_info() ) with the restricted login context.The restricted login context remains validated.
This routine returns non-0 (TRUE) upon success, 0 (FALSE) upon failure.
- error_status_ok
- sec_login_s_auth_local
- sec_login_s_default_use
- sec_login_s_groupset_invalid
Functions:sec_login_get_groups() .
Contents | Next section | Index |