HELPLIB.HLB  —  DCE  DCE_SECURITY, API Routines, sec_rgy_properties_get_info
 NAME
   sec_rgy_properties_get_info - Returns registry properties

 SYNOPSIS

 #include <dce/policy.h>

 void sec_rgy_properties_get_info(
         sec_rgy_handle_t context,
         sec_rgy_properties_t *properties,
         error_status_t *status);

 PARAMETERS

 Input

 context
        An opaque handle bound to a registry server.  Use
        sec_rgy_site_open() to acquire a bound handle.

 Output

 properties
        A pointer to a sec_rgy_properties_t structure to receive the
        returned property information. A registry's property information
        contains information such as the default and minimum lifetime
        and other restrictions on privilege attribute certificates, the
        realm authentication name, and whether or not this replica of
        the registry supports updates.

 status
        A pointer to the completion status.  On successful completion,
        the routine returns error_status_ok.  Otherwise, it returns an
        error.

 DESCRIPTION

 The sec_rgy_properties_get_info() routine returns a list of the registry
 properties.

 The property information consists of the following:

 read_version
        A stamp specifying the earliest version of the registry server
        software that can read from this registry.

 write_version
        A stamp specifying the earliest version of the registry server
        software that can write to this registry.

 minimum_ticket_lifetime
        The minimum period of time for which an authentication ticket
        remains valid.

 default_certificate_lifetime
        The default period of time for which an authentication
        certificate (ticket-granting ticket) remains valid.  A process
        can request an authentication certificate with a longer
        lifetime.  Note that the maximum lifetime for an authentication
        certificate cannot exceed the lifetime established by the
        effective policy for the requesting account.

 low_unix_id_person
        The lowest UNIX ID that can be assigned to a principal in the
        registry.

 low_unix_id_group
        The lowest UNIX ID that can be assigned to a group in the
        registry.

 low_unix_id_org
        The lowest UNIX ID that can be assigned to an organization in
        the registry.

 max_unix_id
        The maximum UNIX ID that can be used for any item in the
        registry.

 realm  A character string naming the cell controlled by this registry.

 realm_uuid
        The UUID of the cell controlled by this registry.

 flags  Flags indicating whether

        sec_rgy_prop_readonly
                   If TRUE, the registry database is read-only.

        sec_rgy_prop_auth_cert_unbound
                   If TRUE, privilege attribute certificates can be
                   generated for use at any site.

        sec_rgy_prop_shadow_password
                   If FALSE, passwords can be distributed over the
                   network.  If this flag is TRUE, passwords will be
                   stripped from the returned data to the
                   sec_rgy_acct_lookup(), and other calls that return
                   an account's encoded password.

        sec_rgy_prop_embedded_unix_id
                   All registry UUIDs contain embedded UNIX IDs. This
                   implies that the UNIX ID of any registry object
                   cannot be changed, since UUIDs are immutable.

 Permissions Required

 The sec_rgy_properties_get_info() routine requires the r (read)
 permission on the policy object from which the property information
 is to be returned.

 FILES

 SYS$COMMON:[DCE$LIBRARY]POLICY.IDL
              The idl file from which dce/policy.h was derived.

 ERRORS

 sec_rgy_server_unavailable
              The DCE Registry Server is unavailable.

 error_status_ok
              The call was successful.

 RELATED INFORMATION

 Functions: sec_intro
            sec_rgy_properties_set_info
Close Help