eimConnectToMaster()--Connect to EIM Master Domain
Syntax
#include <eim.h> int eimConnectToMaster(EimHandle * eim, EimConnectInfo connectInfo, EimRC * eimrc)Service Program Name: QSYS/QSYEIM
Default Public Authority: *USE
Threadsafe: Yes
The eimConnectToMaster() function is used to connect to the EIM master domain controller. This API should be used if an earlier API invocation returned a referral error (EROFS). A referral error indicates that the current EIM connection is to a replication system. An explicit connection must be made to the master system in order to make updates.
The ldap configuration file is used to retrieve information for the master host, master port, and secure port. If the host system is not a replica then the master information retrieved is the same as the host and port defined in the handle.
Authorities and Locks
None.
Parameters
- eim (Input)
- The EIM handle returned by a previous call to eimCreateHandle().
- connectInfo (Input)
- Connect information. EIM uses ldap. This parameter provides the information
required to bind to ldap. This parameter is passed by value.
If the system is configured to connect to a secure port, EimSSLInfo is required.
For EIM_SIMPLE connect type, the creds field should contain the EimSimpleConnectInfo structure with a binddn and password. EimPasswordProtect is used to determine the level of password protection on the ldap bind.
EIM_PROTECT_NO (0) The clear-text password is sent on the bind. EIM_PROTECT_CRAM_MD5 (1) The protected password is sent on the bind. The server side must support cram-md5 protocol to send the protected password. EIM_PROTECT_CRAM_MD5_OPTIONAL (2) The protected password is sent on the bind if the cram-md5 protocol is supported. Otherwise, the clear-text password is sent. For EIM_KERBEROS, the default logon credentials are used. The kerberos creds field must be NULL.
For EIM_CLIENT_AUTHENTICATION, the creds field is ignored. EimSSLInfo must be provided.
The structure layouts follow:
enum EimPasswordProtect { EIM_PROTECT_NO, EIM_PROTECT_CRAM_MD5, EIM_PROTECT_CRAM_MD5_OPTIONAL }; enum EimConnectType { EIM_SIMPLE, EIM_KERBEROS, EIM_CLIENT_AUTHENTICATION }; typedef struct EimSimpleConnectInfo { enum EimPasswordProtect protect; char * bindDn; char * bindPw; } EimSimpleConnectInfo; typedef struct EimSSLInfo { char * keyring; char * keyring_pw; char * certificateLabel; } EimSSLInfo; typedef struct EimConnectInfo { enum EimConnectType type; union { gss_cred_id_t * kerberos; EimSimpleConnectInfo simpleCreds; } creds; EimSSLInfo * ssl; } EimConnectInfo;
- eimrc (Input/Output)
- The structure in which to return error code information. If the return
value is not 0, eimrc is set with additional information. This parameter may be
NULL. For the format of the structure, see EimRC--EIM
Return Code Parameter.
Return Value
The return value from the API. Following each return value is the list of possible values for the messageCatalogMessageID field in the eimrc parameter for that value.
- 0
- Request was successful.
- EACCES
- Access denied. Not enough permissions to access data.
EIMERR_ACCESS (1) Insufficient access to EIM data.
- EBADDATA
- eimrc is not valid.
- EBUSY
- Unable to allocate internal system object.
EIMERR_NOLOCK (26) Unable to allocate internal system object.
- ECONVERT
- Data conversion error.
EIMERR_DATA_CONVERSION (13) Error occurred when converting data between code pages.
- EINVAL
- Input parameter was not valid.
EIMERR_CONN_INVAL (54) Connection type is not valid. EIMERR_HANDLE_INVAL (17) EimHandle is not valid. EIMERR_NOT_SECURE (32) The system is not configured to connect to a secure port. Connection type of EIM_CLIENT_AUTHENTICATION is not valid. EIMERR_PARM_REQ (34) Missing required parameter. Please check API documentation. EIMERR_PROTECT_INVAL (22) The protect parameter in EimSimpleConnectInfo is not valid. EIMERR_PTR_INVAL (35) Pointer parameter is not valid. EIMERR_SSL_REQ (42) The system is configured to connect to a secure port. EimSSLInfo is required.
- EISCONN
- A connection has already been established.
EIMERR_CONN (11) Connection already exists.
- ENOMEM
- Unable to allocate required space.
EIMERR_NOMEM (27) No memory available. Unable to allocate required space.
- ENOTSUP
- Connection type is not supported.
EIMERR_CONN_NOTSUPP (12) Connection type is not supported.
- EUNKNOWN
- Unexpected exception.
EIMERR_LDAP_ERR (23) Unexpected LDAP error. %s EIMERR_UNKNOWN (44) Unknown error or unknown system state.
Related Information
- eimCreateHandle()--Create an EIM
Handle
- eimDestroyHandle()--Destroy an EIM
Handle
- eimGetAttribute()--Get EIM Attributes
- eimSetAttribute()--Set EIM Attributes
- eimConnect()--Connect to EIM Domain
Example
The following example will connect to an EIM master domain.
Note: By using the code examples, you agree to the terms of the Code license and disclaimer information.
#include <eim.h> #include <stdio.h> int main(int argc, char *argv[]) { int rc; char eimerr[100]; EimRC * err; EimHandle * handle; EimConnectInfo con; /* Get eim handle from input arg. */ /* This handle should not be connected to */ /* the master system. */ handle = (EimHandle *)argv[1]; /* Set up error structure. */ memset(eimerr,0x00,100); err = (EimRC *)eimerr; err->memoryProvidedByCaller = 100; /* Set up connection information */ con.type = EIM_SIMPLE; con.creds.simpleCreds.protect = EIM_PROTECT_NO; con.creds.simpleCreds.bindDn = "cn=admin"; con.creds.simpleCreds.bindPw = "secret"; con.ssl = NULL; /* Connect to master system. */ if (0 != (rc = eimConnectToMaster(handle, con, err))) printf("Connect error = %d", rc); return 0; }
API introduced: V5R2
[ Back to top | Security APIs | APIs by category ]