VMS Help  —  DCE  DCE_SECURITY, API Routines, sec_rgy_auth_plcy_get_effective
 NAME
   sec_rgy_auth_plcy_get_effective - Returns the effective
                                     authentication policy for an
                                     account

 SYNOPSIS

 #include <dce/policy.h>

 void sec_rgy_auth_plcy_get_effective(
         sec_rgy_handle_t context,
         sec_rgy_login_name_t *account,
         sec_rgy_plcy_auth_t *auth_policy,
         error_status_t *status);

 PARAMETERS

 Input

 context
        An opaque handle bound to a registry server.  Use
        sec_rgy_site_open() to acquire a bound handle.

 account
        A pointer to the account login name (type sec_rgy_login_name_t).
        A login name is composed of three character strings, containing
        the principal, group, and organization (PGO) names corresponding
        to the account. If all three fields contain empty strings, the
        authentication policy returned is that of the registry.

 Output

 auth_policy
        A pointer to the sec_rgy_plcy_auth_t structure to receive the
        authentication policy. The authentication policy structure
        contains the maximum lifetime for an authentication ticket,
        and the maximum amount of time for which one can be renewed.

   status
          A pointer to the completion status.  On successful completion,
          the routine returns error_status_ok. Otherwise, it returns an
          error.

 DESCRIPTION

 The sec_rgy_auth_plcy_get_effective() routine returns the effective
 authentication policy for the specified  account.  The authentication
 policy in effect is the more restrictive of the registry and the account
 policies for each policy category.  If no account is specified, the
 registry's authentication policy is returned.

 Permissions Required

 The sec_rgy_auth_plcy_get_effective() routine requires the r (read)
 permission on the policy object from which the data is to be returned.
 If an account is specified and an account policy exists, the routine
 also requires the r (read) permission on the account principal.

 FILES

 SYS$COMMON:[DCE$LIBRARY]POLICY.IDL
              The idl file from which dce/policy.h was derived.

 ERRORS

 sec_rgy_object_not_found
              The specified account could not be found.

 sec_rgy_server_unavailable
              The DCE Registry Server is unavailable.

 error_status_ok
              The call was successful.

 RELATED INFORMATION

 Functions: sec_intro
            sec_rgy_auth_plcy_get_info
            sec_rgy_auth_plcy_set_info
Close Help