#include <eim.h>
int eimListUserAccess(EimHandle * eim,
EimAccessUser * accessUser,
unsigned int lengthOfListData,
EimList * listData,
EimRC * eimrc)
Service Program Name: QSYS/QSYEIMThe eimListUserAccess() function lists the access groups of which this user is a member.
The list returned contains only the information that the user has authority to access.
| EIM_ACCESS_LOCAL_USER | Indicates a local user name on the system that the API is run. The local user name will be converted to the appropriate access id for this system. |
| EIM_ACCESS_KERBEROS | Indicates a kerberos principal. The kerberos principal will be converted to the appropriate access id. For example, petejones@therealm will be converted to ibm-kn=petejones@threalm. |
The EimAccessUser structure layout follows:
enum EimAccessUserType {
EIM_ACCESS_DN,
EIM_ACCESS_KERBEROS,
EIM_ACCESS_LOCAL_USER
};
typedef struct EimAccessUser
{
union {
char * dn;
char * kerberosPrincipal;
char * localUser;
} user;
enum EimAccessUserType userType;
} EimAccessUser;
The EimList structure contains information about the returned data. The API will return as much data as space has been provided. The data returned is a linked list of EimUserAccess structures. firstEntry is used to get to the first EimUserAccess structure in the linked list.
EimList structure:
typedef struct EimList
{
unsigned int bytesReturned; /* Number of bytes actually returned
by the API. */
unsigned int bytesAvailable; /* Number of bytes of available data
that could have been returned by
the API. */
unsigned int entriesReturned; /* Number of entries actually
returned by the API. */
unsigned int entriesAvailable; /* Number of entries available to be
returned by the API. */
unsigned int firstEntry; /* Displacement to the first linked
list entry. This byte offset is
relative to the start of the
EimList structure. */
} EimList;
EimUserAccess structure:
typedef struct EimUserAccess
{
unsigned int nextEntry; /* Displacement to next entry. This
byte offset is relative to the
start of this structure. */
enum EimAccessIndicator eimAdmin;
enum EimAccessIndicator eimRegAdmin;
enum EimAccessIndicator eimIdenAdmin;
enum EimAccessIndicator eimMappingLookup;
EimSubList registries; /* EimRegistryName sublist */
enum EimAccessIndicator eimCredentialData;
} EimUserAccess;
The registries EimSubList gives addressability to a linked list of EimRegistryName structures.
EimRegistryName structure:
typedef struct EimRegistryName
{
unsigned int nextEntry; /* Displacement to next entry. This
byte offset is relative to the
start of this structure. */
EimListData name; /* Name */
} EimRegistryName;
EimSubList structure:
typedef struct EimSubList
{
unsigned int listNum; /* Number of entries in the list */
unsigned int disp; /* Displacement to sublist. This
byte offset is relative to the
start of the parent structure;
that is, the structure containing
this structure. */
} EimSubList;
EimListData structure:
typedef struct EimListData
{
unsigned int length; /* Length of data */
unsigned int disp; /* Displacement to data. This byte
offset is relative to the start of
the parent structure; that is, the
structure containing this
structure. */
} EimListData;
The return value from the API. Following each return value is the list of possible values for the messageCatalogMessageID field in the eimrc parameter for that value.
| EIMERR_ACCESS (1) | Insufficient access to EIM data. |
| EIMERR_NOLOCK (26) | Unable to allocate internal system object. |
| EIMERR_DATA_CONVERSION (13) | Error occurred when converting data between code pages. |
| EIMERR_ACCESS_USERTYPE_INVAL (3) | Access user type is not valid. |
| EIMERR_EIMLIST_SIZE (16) | Length of EimList is not valid. EimList must be at least 20 bytes in length. |
| EIMERR_HANDLE_INVAL (17) | EimHandle is not valid. |
| EIMERR_PARM_REQ (34) | Missing required parameter. Please check API documentation. |
| EIMERR_PTR_INVAL (35) | Pointer parameter is not valid. |
| EIMERR_SPACE (41) | Unexpected error accessing parameter. |
| EIMERR_NOMEM (27) | No memory available. Unable to allocate required space. |
| EIMERR_NOT_CONN (31) | Not connected to LDAP. Use eimConnect() API and try the request again. |
| EIMERR_LDAP_ERR (23) | Unexpected LDAP error. %s |
| EIMERR_UNKNOWN (44) | Unknown error or unknown system state. |
The following example lists all registries found.
Note: By using the code examples, you agree to the terms of the Code license and disclaimer information.
#include <eim.h>
#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
void printListResults(EimList * list);
void printSubListData(char * fieldName,
void * entry,
int offset);
void printListData(char * fieldName,
void * entry,
int offset);
int main(int argc, char *argv[])
{
int rc;
char eimerr[100];
EimRC * err;
EimHandle * handle;
EimAccessUser user;
char listData[5000];
EimList * list = (EimList * ) listData;
/* Get eim handle from input arg. */
/* This handle is already connected to EIM. */
handle = (EimHandle *)argv[1];
/* Set up error structure. */
memset(eimerr,0x00,100);
err = (EimRC *)eimerr;
err->memoryProvidedByCaller = 100;
/* Set up access user information */
user.userType = EIM_ACCESS_DN;
user.user.dn="cn=pete,o=ibm,c=us";
/* Get user accesses */
if (0 != (rc = eimListUserAccess(handle,
&user,
5000,
list,
err)))
{
printf("List user access error = %d", rc);
return -1;
}
/* Print the results */
printListResults(list);
return 0;
}
void printListResults(EimList * list)
{
int i;
EimUserAccess * entry;
EimListData * listData;
EimRegistryName * registry;
printf("___________\n");
printf(" bytesReturned = %d\n", list->bytesReturned);
printf(" bytesAvailable = %d\n", list->bytesAvailable);
printf(" entriesReturned = %d\n", list->entriesReturned);
printf(" entriesAvailable = %d\n", list->entriesAvailable);
printf("\n");
if (list->entriesReturned > 1)
printf("Unexpected number of entries returned.\n");
entry = (EimUserAccess *)((char *)list + list->firstEntry);
if (EIM_ACCESS_YES == entry->eimAdmin)
printf(" EIM Admin.\n");
if (EIM_ACCESS_YES == entry->eimRegAdmin)
printf(" EIM Reg Admin.\n");
if (EIM_ACCESS_YES == entry->eimIdenAdmin)
printf(" EIM Iden Admin.\n");
if (EIM_ACCESS_YES == entry->eimMappingLookup)
printf(" EIM Mapping Lookup.\n");
if (EIM_ACCESS_YES == entry->eimCredentialData)
printf(" EIM Credential Data.\n");
printf(" Registries:\n");
printSubListData("Registry names",
entry,
offsetof(EimUserAccess, registries));
printf("\n");
}
void printSubListData(char * fieldName,
void * entry,
int offset)
{
int i;
EimSubList * subList;
EimRegistryName * subentry;
/* Address the EimSubList object */
subList = (EimSubList *)((char *)entry + offset);
if (subList->listNum > 0)
{
subentry = (EimRegistryName *)((char *)entry + subList->disp);
for (i = 0; i < subList->listNum; i++)
{
/* Print out results */
printListData(fieldName,
subentry,
offsetof(EimRegistryName, name));
/* advance to next entry */
subentry = (EimRegistryName *)((char *)subentry +
subentry->nextEntry);
}
}
}
void printListData(char * fieldName,
void * entry,
int offset)
{
EimListData * listData;
char * data;
int dataLength;
printf(" %s = ",fieldName);
/* Address the EimListData object */
listData = (EimListData *)((char *)entry + offset);
/* Print out results */
data = (char *)entry + listData->disp;
dataLength = listData->length;
if (dataLength > 0)
printf("%.*s\n",dataLength, data);
else
printf("Not found.\n");
}
[ Back to top | Security APIs | APIs by category ]