|
VMS Help DCE, DCE_SECURITY, API Routines, sec_rgy_properties_set_info *Conan The Librarian |
NAME
sec_rgy_properties_set_info - Sets registry properties
SYNOPSIS
#include <dce/policy.h>
void sec_rgy_properties_set_info(
sec_rgy_handle_t context,
sec_rgy_properties_t *properties,
error_status_t *status);
PARAMETERS
Input
context
The registry server handle. An opaque handle bound to a
registry server. Use sec_rgy_site_open() to acquire a bound
handle.
properties
A pointer to a sec_rgy_properties_t structure containing the
registry property information to be set. A registry's property
information contains information such as the default and
minimum lifetime and other restrictions on privilege attribute
certificates, the realm authentication name, and whether or not
this replica of the registry supports updates.
Output
status
A pointer to the completion status. On successful completion,
the routine returns error_status_ok. Otherwise, it returns an
error.
DESCRIPTION
The sec_rgy_properties_set_info() routine sets the registry properties.
The property information consists of the following:
read_version
A stamp specifying the earliest version of the registry server
software that can read from this registry.
write_version
A stamp specifying the earliest version of the registry server
software that can write to this registry.
minimum_ticket_lifetime
The minimum period of time for which an authentication ticket
remains valid.
default_certificate_lifetime
The default period of time for which an authentication
certificate (ticket-granting ticket) remains valid. A process
can request an authentication certificate with a longer
lifetime. Note that the maximum lifetime for an authentication
certificate cannot exceed the lifetime established by the
effective policy for the requesting account.
low_unix_id_person
The lowest UNIX ID that can be assigned to a principal in the
registry.
low_unix_id_group
The lowest UNIX ID that can be assigned to a group in the
registry.
low_unix_id_org
The lowest UNIX ID that can be assigned to an organization in
the registry.
max_unix_id
The maximum UNIX ID that can be used for any item in the
registry.
realm A character string naming the cell controlled by this registry.
realm_uuid
The UUID of the cell controlled by this registry.
flags Flags indicating whether
sec_rgy_prop_readonly
If TRUE, the registry database is read-only.
sec_rgy_prop_auth_cert_unbound
If TRUE, privilege attribute certificates can be
generated for use at any site.
sec_rgy_prop_shadow_password
If FALSE, passwords can be distributed over the
network. If this flag is TRUE, passwords will be
stripped from the returned data to the
sec_rgy_acct_lookup(), and other calls that return
an account's encoded password.
sec_rgy_prop_embedded_unix_id
All registry UUIDs contain embedded UNIX IDs. This
implies that the UNIX ID of any registry object
cannot be changed, since UUIDs are immutable.
Permissions Required
The sec_rgy_properties_set_info() routine requires the m (mgmt_info)
permission on the policy object for which the property information is
to be set.
FILES
SYS$COMMON:[DCE$LIBRARY]POLICY.IDL
The idl file from which dce/policy.h was derived.
ERRORS
sec_rgy_not_authorized
The user is not authorized to change the registry
properties.
sec_rgy_server_unavailable
The DCE Registry Server is unavailable.
error_status_ok
The call was successful.
RELATED INFORMATION
Functions: sec_intro
sec_rgy_properties_get_info
|
|