QsySetDigitalIDConfig()--Set Digital ID Configuration Information
Syntax for QsySetDigitalIDConfig:
#include <qsydigid.h>
void QsySetDigitalIDConfig
(char *Configuration_information,
int Length_of_configuration_information,
char *Format_name,
void *Error_code);
Service Program: QSYDIGIDDefault Public Authority: *USE
Threadsafe: Yes
The Set Digital ID Configuration Information (QsySetDigitalIDConfig) API will set digital ID configuration information. This is the information that defines the Lightweight Directory Access Protocol (LDAP) server for where to store digital certificates, and connection information for the server.
Authorities and Locks
- QSYDIGID Validation List Object
- *CHANGE
- QUSRSYS Library
- *EXECUTE
Required Parameter Group
- Configuration information
- INPUT; CHAR(*)
The configuration information that is being set. See SDCI0100 Format for the definition of the fields for this parameter.
- Length of configuration information
- INPUT; BINARY(4)
The length of the configuration information. This area must be as large as the format specified.
- Format name
- INPUT; CHAR(8)
The format of the configuration information.
The following format name may be used:
SDCI0100 Digital ID configuration information. - Error code
- I/O; CHAR(*)
The structure in which to return error information. For the format of the structure, see Error code parameter.
SDCI0100 Format
The following table shows the information that must be specified in the configuration information parameter when format SDCI0100 is specified. For a detailed description of each field, see Field Descriptions.
| Offset | Type | Field | |
|---|---|---|---|
| Dec | Hex | ||
| 0 | 0 | CHAR(1) | Enabled indicator |
| 1 | 1 | CHAR(1) | Use SSL indicator |
| 2 | 2 | CHAR(2) | Reserved |
| 4 | 4 | BINARY(4) | Port number |
| 8 | 8 | BINARY(4) | Offset to server name |
| 12 | C | BINARY(4) | Length of server name |
| 16 | 10 | BINARY(4) | Offset to directory DN |
| 20 | 14 | BINARY(4) | Length of directory DN |
| 24 | 18 | BINARY(4) | Offset to bind DN |
| 28 | 1C | BINARY(4) | Length of bind DN |
| 32 | 20 | BINARY(4) | Offset to bind password |
| 36 | 24 | BINARY(4) | Length of bind password |
| CHAR(*) | Server name | ||
| CHAR(*) | Directory DN | ||
| CHAR(*) | Bind DN | ||
| CHAR(*) | Bind password | ||
Field Descriptions
Bind DN. The Distinguished Name (DN) used when binding to the LDAP server. The DN that is specified must have sufficient LDAP authorization to create objects and modify objects in the specified directory DN.
Bind password. The password to use in association with the bind DN.
Directory DN. The DN for where in the LDAP server the user certificates are to be stored.
Enabled indicator. Specifies whether or not the configuration information is enabled for use.
| blank | The value does not change. |
| 0 | The configuration information is not enabled. Digital certificates for users will be stored locally. |
| 1 | The configuration information is enabled. If Enterprise Identity Mapping (EIM) is configured and operational, then digital certificates for users will be stored in LDAP and the mapping from the certificate to a user profile will be stored in EIM. |
Length of bind DN. The length of the field that contains the bind distinguished name (DN).
| -1 | The current value is not changed. |
| 0 | The current value is removed. |
| 1 - 1000 | The current value is changed to the specified value. |
Length of bind password. The length of the field that contains the bind password.
| -1 | The current value is not changed. |
| 0 | The current value is removed. |
| 1 - 600 | The current value is changed to the specified value. |
Length of directory DN. The length of the field that contains the directory distinguished name (DN).
| -1 | The current value is not changed. |
| 0 | The current value is removed. |
| 1 - 1000 | The current value is changed to the specified value. |
Length of server name. The length of the field that contains the server name.
| -1 | The current value is not changed. |
| 0 | The current value is removed. |
| 1 - 1000 | The current value is changed to the specified value. |
Port number. The port number to use when connecting to the LDAP server. The suggested port number for non-secure access is 389. The suggested port number for secure access is 636. A value of -1 indicates that the port number does not change.
Offset to bind DN. The offset to the field that contains the bind distinguished name (DN). If the Length of bind DN is -1 or 0, then this value must be 0.
Offset to bind password. The offset to the field that contains the bind password. If the Length of bind password is -1 or 0, then this value must be 0.
Offset to directory DN. The offset to the field that contains the directory distinguished name (DN). If the Length of directory DN is -1 or 0, then this value must be 0.
Offset to server name. The offset to the field that contains the server name. If the Length of server name is -1 or 0, then this value must be 0.
Reserved. Reserved data. This value must be hexadecimal zero.
Server name. The domain name of the LDAP server on which to store user certificates.
Use SSL indicator. Specifies whether or not Secure Sockets Layer (SSL) is used for secure access when connecting to the LDAP server.
| blank | The value does not change. |
| 0 | A secure connection using SSL is not used when connecting to the LDAP server. |
| 1 | A secure connection using SSL is used when connecting to the LDAP server. Digital Certificate Manager (DCM) must be used to assign a certificate to the IBM® Directory Server client (QIBM_GLD_DIRSRV_CLIENT) application. |
Error Messages
| Message ID | Error Message Text |
|---|---|
| CPFA0AA E | Error occurred while attempting to obtain space. |
| CPF22F0 E | Unexpected errors occurred during processing. |
| CPF226D E | Not all information stored. |
| CPF3BFF E | Required option &1 is not available. |
| CPF3CF1 E | Error code parameter not valid. |
| CPF3C21 E | Format name &1 is not valid. |
| CPF3C3B E | Value for parameter &2 for API &1 not valid. |
| CPF3C3C E | Value for parameter &1 not valid. |
| CPF3C39 E | Value for reserved field not valid. |
| CPF3C90 E | Literal value cannot be changed. |
| CPF9801 E | Object &2 in library &3 not found. |
| CPF9802 E | Not authorized to object &2 in &3. |
| CPF9803 E | Cannot allocate object &2 in library &3. |
| CPF9804 E | Object &2 in library &3 damaged. |
| CPF9872 E | Program or service program &1 in library &2 ended. Reason code &3. |
API introduced: V5R3
[ Back to top | Security APIs | APIs by category ]