598 lines
19 KiB
HTML
598 lines
19 KiB
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
|
|
<title>eimCreateDomain()--Create an EIM Domain Object</title>
|
|
<!-- Begin header records -->
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<!-- Change History: -->
|
|
<!-- YYMMDD USERID Change description -->
|
|
<!-- Created by Therese Dalton on 17 July 2001 -->
|
|
<!--File edited for Tidy July 2001 -->
|
|
<!-- Edited by Kersten Jan 02 -->
|
|
<!-- End Header Records -->
|
|
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
|
|
</head>
|
|
<body>
|
|
<!--Java sync-link-->
|
|
<script type="text/javascript" language="javascript" src="../rzahg/synch.js">
|
|
</script>
|
|
|
|
<a name="Top_Of_Page"></a>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
|
|
<h2>eimCreateDomain()--Create an EIM
|
|
Domain Object</h2>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- S Y N T A X / P A R M T A B L E -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
<div class="box" style="width: 80%;">
|
|
<br>
|
|
Syntax
|
|
|
|
<pre>
|
|
#include <eim.h>
|
|
|
|
int eimCreateDomain(char * <em>ldapURL</em>,
|
|
EimConnectInfo <em>connectInfo</em>,
|
|
char * <em>description</em>,
|
|
EimRC * <em>eimrc</em>)
|
|
|
|
</pre>
|
|
|
|
Service Program Name: QSYS/QSYEIM<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
Default Public Authority: *USE<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
Threadsafe: Yes<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
</div>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- D E S C R I P T I O N -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
<p>The <strong>eimCreateDomain()</strong> function creates an EIM domain object
|
|
on the specified EIM domain controller.</p>
|
|
|
|
<br>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- A U T H O R I T I E S A N D L O C K S -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
|
|
<h3>Authorities and Locks</h3>
|
|
|
|
<dl>
|
|
<dt><em>EIM Data</em></dt>
|
|
|
|
<dd>LDAP administrators have the authority to create an EIM domain.</dd>
|
|
</dl>
|
|
|
|
<br>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- P A R A M E T E R S -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
|
|
<h3>Parameters</h3>
|
|
|
|
<dl><!-- ============================================================== -->
|
|
<!-- ldapURL -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>ldapURL</strong> (Input)</dt>
|
|
|
|
<dd>A uniform resource locator (URL) that contains the EIM host information.
|
|
This URL has the following format:
|
|
|
|
<pre>
|
|
ldap://host:port/dn
|
|
or
|
|
ldaps://host:port/dn
|
|
</pre>
|
|
|
|
<p>where:</p>
|
|
|
|
<ul>
|
|
<li><samp>host:port</samp> is the name of the host on which the EIM domain
|
|
controller is running with an optional port number.</li>
|
|
|
|
<li><samp>dn</samp> is the distinguished name of the domain to create.</li>
|
|
|
|
<li><samp>ldaps</samp> indicates that this host/port combination uses SSL and
|
|
TLS.</li>
|
|
</ul>
|
|
|
|
<p>Examples:</p>
|
|
|
|
<ul>
|
|
<li>ldap://systemx:389/ibm-eimDomainName=myEimDomain,o=myCompany,c=us</li>
|
|
|
|
<li>ldaps://systemy:636/ibm-eimDomainName=thisEimDomain</li>
|
|
</ul>
|
|
|
|
<br>
|
|
</dd>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- connectInfo -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>connectInfo</strong> (Input)</dt>
|
|
|
|
<dd>Connect information. EIM uses ldap. This parameter provides the information
|
|
required to bind to ldap.
|
|
|
|
<p>If the system is configured to connect to a secure port, EimSSLInfo is
|
|
required.</p>
|
|
|
|
<p>For EIM_SIMPLE connect type, the <samp>creds</samp> field should contain the
|
|
EimSimpleConnectInfo structure with a binddn and password. EimPasswordProtect
|
|
is used to determine the level of password protection on the ldap bind.</p>
|
|
|
|
<table cellpadding="5">
|
|
<!-- cols="40 60" -->
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIM_PROTECT_NO (0)</em></td>
|
|
<td align="left" valign="top">The clear-text password is sent on the bind.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIM_PROTECT_CRAM_MD5 (1)</em></td>
|
|
<td align="left" valign="top">The protected password is sent on the bind. The
|
|
server side must support cram-md5 protocol to send the protected password.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" nowrap><em>EIM_PROTECT_CRAM_MD5_OPTIONAL (2)</em></td>
|
|
<td align="left" valign="top">The protected password is sent on the bind if the
|
|
cram-md5 protocol is supported. Otherwise, the clear-text password is
|
|
sent.</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<p>For EIM_KERBEROS, the default logon credentials are used. The <samp>kerberos
|
|
creds</samp> field must be NULL.</p>
|
|
|
|
<p>For EIM_CLIENT_AUTHENTICATION, the <samp>creds</samp> field is ignored.
|
|
EimSSLInfo must be provided.</p>
|
|
|
|
<p>The structure layouts follow:</p>
|
|
|
|
<pre>
|
|
enum EimPasswordProtect {
|
|
EIM_PROTECT_NO,
|
|
EIM_PROTECT_CRAM_MD5,
|
|
EIM_PROTECT_CRAM_MD5_OPTIONAL
|
|
};
|
|
enum EimConnectType {
|
|
EIM_SIMPLE,
|
|
EIM_KERBEROS,
|
|
EIM_CLIENT_AUTHENTICATION
|
|
};
|
|
|
|
typedef struct EimSimpleConnectInfo
|
|
{
|
|
enum EimPasswordProtect protect;
|
|
char * bindDn;
|
|
char * bindPw;
|
|
} EimSimpleConnectInfo;
|
|
|
|
typedef struct EimSSLInfo
|
|
{
|
|
char * keyring;
|
|
char * keyring_pw;
|
|
char * certificateLabel;
|
|
} EimSSLInfo;
|
|
|
|
typedef struct EimConnectInfo
|
|
{
|
|
enum EimConnectType type;
|
|
union {
|
|
gss_cred_id_t * kerberos;
|
|
EimSimpleConnectInfo simpleCreds;
|
|
} creds;
|
|
EimSSLInfo * ssl;
|
|
} EimConnectInfo;
|
|
</pre>
|
|
</dd>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- description -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>description</strong> (Input)</dt>
|
|
|
|
<dd>Textual description for the new EIM domain entry. This parameter may be
|
|
NULL.<br>
|
|
<br>
|
|
</dd>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- eimrc -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>eimrc</strong> (Input/Output)</dt>
|
|
|
|
<dd>The structure in which to return error code information. If the return
|
|
value is not 0, eimrc is set with additional information. This parameter may be
|
|
NULL. For the format of the structure, see <a href="eimrc.htm">EimRC--EIM
|
|
Return Code Parameter</a>.<br>
|
|
<br>
|
|
</dd>
|
|
</dl>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- R E T U R N V A L U E -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
<h3>Return Value</h3>
|
|
|
|
<p>The return value from the API. Following each return value is the list of
|
|
possible values for the <samp>messageCatalogMessageID</samp> field in the
|
|
<em>eimrc</em> parameter for that value.</p>
|
|
|
|
<dl><!-- ============================================================== -->
|
|
<!-- 0 -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>0</strong></dt>
|
|
|
|
<dd>Request was successful.<br>
|
|
<br>
|
|
</dd>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- EACCES -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>EACCES</strong></dt>
|
|
|
|
<dd>Access denied. Not enough permissions to access data.<br>
|
|
<br>
|
|
<table cellpadding="5">
|
|
<!-- cols="25 75" -->
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_ACCESS (1)</em></td>
|
|
<td align="left" valign="top">Insufficient access to EIM data.</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<br>
|
|
</dd>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- EBADDATA -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>EBADDATA</strong></dt>
|
|
|
|
<dd>eimrc is not valid.<br>
|
|
<br>
|
|
</dd>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- ECONVERT -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>ECONVERT</strong></dt>
|
|
|
|
<dd>Data conversion error.<br>
|
|
<br>
|
|
<table cellpadding="5">
|
|
<!-- cols="35 65" -->
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_DATA_CONVERSION (13)</em></td>
|
|
<td align="left" valign="top">Error occurred when converting data between code
|
|
pages.</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<br>
|
|
</dd>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- EEXIST -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>EEXIST</strong></dt>
|
|
|
|
<dd>EIM domain already exists.<br>
|
|
<br>
|
|
<table cellpadding="5">
|
|
<!-- cols="30 70" -->
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_DOMAIN_EXISTS (14)</em></td>
|
|
<td align="left" valign="top">EIM domain already exists in EIM.</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<br>
|
|
</dd>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- EINVAL -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>EINVAL</strong></dt>
|
|
|
|
<dd>Input parameter was not valid.<br>
|
|
<br>
|
|
<table cellpadding="5">
|
|
<!-- cols="35 65" -->
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_CHAR_INVAL (21)</em></td>
|
|
<td align="left" valign="top">A restricted character was used in the object
|
|
name. Check the API for a list of restricted characters.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_CONN_INVAL (54)</em></td>
|
|
<td align="left" valign="top">Connection type is not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_NOT_SECURE (32)</em></td>
|
|
<td align="left" valign="top">The system is not configured to connect to a
|
|
secure port. Connection type of EIM_CLIENT_AUTHENTICATION is not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_PARM_REQ (34)</em></td>
|
|
<td align="left" valign="top">Missing required parameter. Please check API
|
|
documentation.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" nowrap><em>EIMERR_PROTECT_INVAL (22)</em></td>
|
|
<td align="left" valign="top">The protect parameter in EimSimpleConnectInfo is
|
|
not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_PTR_INVAL (35)</em></td>
|
|
<td align="left" valign="top">Pointer parameter is not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_SSL_REQ (42)</em></td>
|
|
<td align="left" valign="top">The system is configured to connect to a secure
|
|
port. EimSSLInfo is required.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_URL_NODN (45)</em></td>
|
|
<td align="left" valign="top">URL has no dn (required).</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_URL_NODOMAIN (46)</em></td>
|
|
<td align="left" valign="top">URL has no domain (required).</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_URL_NOHOST (47)</em></td>
|
|
<td align="left" valign="top">URL does not have a host.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_URL_NOTLDAP (49)</em></td>
|
|
<td align="left" valign="top">URL does not begin with ldap.</td>
|
|
</tr>
|
|
|
|
|
|
<tr>
|
|
<td align="left" valign="top"><em> EIMERR_INVALID_DN (66)</em></td>
|
|
<td align="left" valign="top">Distinguished Name (DN) is not valid.</td>
|
|
</tr>
|
|
|
|
|
|
|
|
</table>
|
|
|
|
<br>
|
|
</dd>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- ENOMEM -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>ENOMEM</strong></dt>
|
|
|
|
<dd>Unable to allocate required space.<br>
|
|
<br>
|
|
<table cellpadding="5">
|
|
<!-- cols="25 75" -->
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_NOMEM (27)</em></td>
|
|
<td align="left" valign="top">No memory available. Unable to allocate required
|
|
space.</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<br>
|
|
</dd>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- ENOTSUP -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>ENOTSUP</strong></dt>
|
|
|
|
<dd>Connection type is not supported.<br>
|
|
<br>
|
|
<table cellpadding="5">
|
|
<!-- cols="25 75" -->
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_CONN_NOTSUPP (12)</em></td>
|
|
<td align="left" valign="top">Connection type is not supported.</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<br>
|
|
</dd>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- EROFS -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>EROFS</strong></dt>
|
|
|
|
<dd>LDAP connection is for read only. Need to connect to master.<br>
|
|
<br>
|
|
<table cellpadding="5">
|
|
<!-- cols="30 70" -->
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_URL_READ_ONLY (50)</em></td>
|
|
<td align="left" valign="top">LDAP connection can only be made to a replica
|
|
ldap server. Change the connection information and try the request again.</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<br>
|
|
</dd>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- EUNKNOWN -->
|
|
<!-- ============================================================== -->
|
|
<dt><strong>EUNKNOWN</strong></dt>
|
|
|
|
<dd>Unexpected exception.<br>
|
|
<br>
|
|
<table cellpadding="5">
|
|
<!-- cols="25 75" -->
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_LDAP_ERR (23)</em></td>
|
|
<td align="left" valign="top">Unexpected LDAP error. %s</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top"><em>EIMERR_UNKNOWN (44)</em></td>
|
|
<td align="left" valign="top">Unknown error or unknown system state.</td>
|
|
</tr>
|
|
</table>
|
|
</dd>
|
|
</dl>
|
|
|
|
<br>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- U S A G E N O T E S -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
|
|
|
|
<h3>Restrictions</h3>
|
|
|
|
<p>There is a restriction on the characters allowed for domain name.</p>
|
|
|
|
<p>The following characters are special characters that are not allowed in
|
|
object names. They also should not be used in object attributes that would be
|
|
used for a search operation.</p>
|
|
|
|
<pre>
|
|
, = + < > # ; \ * "
|
|
</pre>
|
|
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- R E L A T E D I N F O R M A T I O N -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
|
|
<h3>Related Information</h3>
|
|
|
|
<ul>
|
|
<li><a href="eimdeletedomain.htm">eimDeleteDomain()</a>--Delete an EIM Domain
|
|
Object<br>
|
|
<br>
|
|
</li>
|
|
|
|
<li><a href="eimchangedomain.htm">eimChangeDomain()</a>--Change an EIM Domain
|
|
Object<br>
|
|
<br>
|
|
</li>
|
|
|
|
<li><a href="eimlistdomains.htm">eimListDomains()</a>--List EIM Domain
|
|
Objects</li>
|
|
</ul>
|
|
|
|
<br>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- E X A M P L E -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
|
|
<h3>Example</h3>
|
|
<p>See <a href="../apiref/aboutapis.htm#codedisclaimer">Code disclaimer information</a>
|
|
for information pertaining to code examples.</p>
|
|
<p>The following example creates an EIM domain by the name of myEIMDomain. The
|
|
distinguished name for the domain after it is created will be:
|
|
"ibm-eimDomainName=myEIMDomain,o=mycompany,c=us".</p>
|
|
|
|
<pre>
|
|
#include <eim.h>
|
|
#include <stdio.h>
|
|
|
|
int main(int argc, char *argv[])
|
|
{
|
|
int rc;
|
|
char eimerr[100];
|
|
EimRC * err;
|
|
|
|
char * ldapURL = "ldap://eimsystem:389/ibm-eimDomainName=myEimDomain,o=mycompany,c=us";
|
|
|
|
EimConnectInfo con;
|
|
|
|
<em>/* Set up connection information */</em>
|
|
con.type = EIM_SIMPLE;
|
|
con.creds.simpleCreds.protect = EIM_PROTECT_NO;
|
|
con.creds.simpleCreds.bindDn = "cn=admin";
|
|
con.creds.simpleCreds.bindPw = "secret";
|
|
con.ssl = NULL;
|
|
|
|
<em>/* Set up error structure. */</em>
|
|
memset(eimerr,0x00,100);
|
|
err = (EimRC *)eimerr;
|
|
err->memoryProvidedByCaller = 100;
|
|
|
|
<em>/* Create a new EIM domain */</em>
|
|
if (0 != (rc = eimCreateDomain(ldapURL,
|
|
con,
|
|
NULL,
|
|
err)))
|
|
printf("Create domain error = %d", rc);
|
|
|
|
return 0;
|
|
}
|
|
</pre>
|
|
|
|
<br>
|
|
<!-- ============================================================== -->
|
|
<!-- -->
|
|
<!-- F O O T E R -->
|
|
<!-- -->
|
|
<!-- ============================================================== -->
|
|
|
|
<hr>
|
|
API introduced: V5R2
|
|
|
|
<hr>
|
|
<center>
|
|
<table cellpadding="2" cellspacing="2">
|
|
<tr align="center">
|
|
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> | <a href=
|
|
"sec.htm">Security APIs</a> | <a href="aplist.htm">APIs by category</a></td>
|
|
</tr>
|
|
</table>
|
|
</center>
|
|
</body>
|
|
</html>
|
|
|