#include <eim.h> int eimChangeRegistryUser(EimHandle * eim, char * registryName, char * registryUserName, enum EimRegistryUserAttr attrName, char * attrValue, enum EimChangeType changeType, EimRC * eimrc)Service Program Name: QSYS/QSYEIM
The eimChangeRegistryUser() function changes the attributes of a registry user entry. A registry user is implicitly added to a registry when a target association for an identity in that registry is added. However, the attribute fields are not set at that time.
There are situations when more than one user can be returned on a mapping lookup operation. Applications can choose to use information in the additional information field to distinguish between which returned target identity to use. For example, assume Joe has two identities in a specific registry X, joeuser and joeadmin. An application provider can tell the administrator to add additional information, for example, "appname-admin," to the appropriate registry user -- in this case, joeadmin. The application can provide this additional information on the lookup APIs, eimGetTargetFromSource() and eimGetTargetFromIdentifier().
Must be a member of EIM Administrator or have EIM authority to an individual registry to change the EIM_REGUSER_PASSWORD_CRED (2), EIM_REGUSER_PWD_CRED_STATUS (3), and EIM_REGUSER_IDCTX_CRED (4) attributes.
Note that if the registry existed prior to EIM Version 3, the first time credential information is added to a user in that registry, it must be added by a member of EIM Administrator. After the first credential information is added, then EIM authority to an individual registry is sufficient to change or remove credential information for any user in the registry.
EIM_REGISTRYUSER_DESCRIPTION (0) | Change the registry description. Valid changeType is EIM_CHG (0). |
EIM_REGISTRYUSER_ADDL_INFO (1) | Add or remove additional information for this user. Valid changeType is EIM_ADD (1) and EIM_RMV (2). |
EIM_REGUSER_PASSWORD_CRED (2) | Change the password credential associated with the registry user. Valid changeType is EIM_CHG (0) and EIM_RMV (2). EIM version 3 must be supported by the local EIM APIs to specify this attribute (see eimGetVersion()--Get EIM Version). |
EIM_REGUSER_PWD_CRED_STATUS (3) | Change the status of the password credential associated with the registry user. Valid changeType is EIM_ENABLE (3) and EIM_DISABLE (4). This attribute has no affect if the EIM_REGUSER_PASSWORD_CRED (2) attribute does not exist for the registry user. EIM version 3 must be supported by the local EIM APIs to specify this attribute (see eimGetVersion()--Get EIM Version). |
EIM_REGUSER_IDCTX_CRED (4) | Change the identity context credential associated with the registry user. Valid changeType is EIM_CHG (0) and EIM_RMV (2). EIM version 3 must be supported by the local EIM APIs to specify this attribute (see eimGetVersion()--Get EIM Version). |
If the attribute being changed is EIM_REGUSER_PASSWORD_CRED or EIM_REGUSER_IDCTX_CRED and the changeType is EIM_RMV (2), or the attribute being changed is EIM_REGUSER_PWD_CRED_STATUS, this value must be NULL.
If the attribute being changed is EIM_REGUSER_IDCTX_CRED and the changeType is EIM_CHG (0), then this value must be a pointer to an EimBinaryData structure. The layout of the EimBinaryData structure follows:
typedef struct EimBinaryData { int length; unsigned char * data; } EimBinaryData;
The return value from the API. Following each return value is the list of possible values for the messageCatalogMessageID field in the eimrc parameter for that value.
EIMERR_ACCESS (1) | Insufficient access to EIM data. |
EIMERR_NOREG (28) | EIM Registry not found or insufficient access to EIM data. |
EIMERR_NOREGUSER (29) | Registry user not found or insufficient access to EIM data. |
EIMERR_NOLOCK (26) | Unable to allocate internal system object. |
EIMERR_DATA_CONVERSION (13) | Error occurred when converting data between code pages. |
EIMERR_ATTR_INVAL (5) | Attribute name is not valid. |
EIMERR_CHGTYPE_INVAL (9) | This change type is not valid with the requested attribute. Please check the API documentation. |
EIMERR_HANDLE_INVAL (17) | EimHandle is not valid. |
EIMERR_PARM_REQ (34) | Missing required parameter. Please check API documentation. |
EIMERR_PTR_INVAL (35) | Pointer parameter is not valid. |
EIMERR_FUNCTION_NOT_SUPPORTED (70) | The specified function is not supported by the EIM version. |
EIMERR_NOMEM (27) | No memory available. Unable to allocate required space. |
EIMERR_NOT_CONN (31) | Not connected to LDAP. Use eimConnect() API and try the request again. |
EIMERR_READ_ONLY (36) | LDAP connection is for read only. Use eimConnectToMaster() to get a write connection. |
EIMERR_LDAP_ERR (23) | Unexpected LDAP error. %s |
EIMERR_UNEXP_OBJ_VIOLATION (56) | Unexpected object violation. |
EIMERR_UNKNOWN (44) | Unknown error or unknown system state. |
The following example changes the description and adds additional information for the target registry user.
Note: By using the code examples, you agree to the terms of the Code license and disclaimer information.
#include <eim.h> #include <stdio.h> int main(int argc, char *argv[]) { int rc; char eimerr[100]; EimRC * err; EimHandle * handle; /* Get eim handle from input arg. */ /* This handle is already connected to EIM. */ handle = (EimHandle *)argv[1]; /* Set up error structure. */ memset(eimerr,0x00,100); err = (EimRC *)eimerr; err->memoryProvidedByCaller = 100; /* Change the registry user's description */ if (0 != (rc = eimChangeRegistryUser(handle, "MyRegistry", "mjjones", EIM_REGISTRYUSER_DESCRIPTION, "cool customer", EIM_CHG, err))) { printf("Change registry user error = %d", rc); return -1; } /* Add additional information to the registry user*/ if (0 != (rc = eimChangeRegistryUser(handle, "MyRegistry", "mjjones", EIM_REGISTRYUSER_ADDL_INFO, "security officer", EIM_ADD, err))) { printf("Change registry user error = %d", rc); return -1; } /* Add additional information to the registry user*/ if (0 != (rc = eimChangeRegistryUser(handle, "MyRegistry", "mjjones", EIM_REGISTRYUSER_ADDL_INFO, "administrator", EIM_ADD, err))) { printf("Change registry user error = %d", rc); return -1; } return 0; }
[ Back to top | Security APIs | APIs by category ]