ibm-information-center/dist/eclipse/plugins/i5OS.ic.apis_5.4.0.1/eimcreatedomain.htm

598 lines
19 KiB
HTML

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
<title>eimCreateDomain()--Create an EIM Domain Object</title>
<!-- Begin header records -->
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<!-- Change History: -->
<!-- YYMMDD USERID Change description -->
<!-- Created by Therese Dalton on 17 July 2001 -->
<!--File edited for Tidy July 2001 -->
<!-- Edited by Kersten Jan 02 -->
<!-- End Header Records -->
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
</head>
<body>
<!--Java sync-link-->
<script type="text/javascript" language="javascript" src="../rzahg/synch.js">
</script>
<a name="Top_Of_Page"></a>
<!-- ============================================================== -->
<!-- -->
<!-- -->
<!-- ============================================================== -->
<h2>eimCreateDomain()--Create an EIM
Domain Object</h2>
<!-- ============================================================== -->
<!-- -->
<!-- S Y N T A X / P A R M T A B L E -->
<!-- -->
<!-- ============================================================== -->
<div class="box" style="width: 80%;">
<br>
&nbsp;&nbsp;Syntax
<pre>
#include &lt;eim.h&gt;
int eimCreateDomain(char * <em>ldapURL</em>,
EimConnectInfo <em>connectInfo</em>,
char * <em>description</em>,
EimRC * <em>eimrc</em>)
</pre>
&nbsp;&nbsp;Service Program Name: QSYS/QSYEIM<br>
<!-- iddvc RMBR -->
<br>
&nbsp;&nbsp;Default Public Authority: *USE<br>
<!-- iddvc RMBR -->
<br>
&nbsp;&nbsp;Threadsafe: Yes<br>
<!-- iddvc RMBR -->
<br>
</div>
<!-- ============================================================== -->
<!-- -->
<!-- D E S C R I P T I O N -->
<!-- -->
<!-- ============================================================== -->
<p>The <strong>eimCreateDomain()</strong> function creates an EIM domain object
on the specified EIM domain controller.</p>
<br>
<!-- ============================================================== -->
<!-- -->
<!-- A U T H O R I T I E S A N D L O C K S -->
<!-- -->
<!-- ============================================================== -->
<h3>Authorities and Locks</h3>
<dl>
<dt><em>EIM Data</em></dt>
<dd>LDAP administrators have the authority to create an EIM domain.</dd>
</dl>
<br>
<!-- ============================================================== -->
<!-- -->
<!-- P A R A M E T E R S -->
<!-- -->
<!-- ============================================================== -->
<h3>Parameters</h3>
<dl><!-- ============================================================== -->
<!-- ldapURL -->
<!-- ============================================================== -->
<dt><strong>ldapURL</strong>&nbsp;&nbsp;(Input)</dt>
<dd>A uniform resource locator (URL) that contains the EIM host information.
This URL has the following format:
<pre>
ldap://host:port/dn
or
ldaps://host:port/dn
</pre>
<p>where:</p>
<ul>
<li><samp>host:port</samp> is the name of the host on which the EIM domain
controller is running with an optional port number.</li>
<li><samp>dn</samp> is the distinguished name of the domain to create.</li>
<li><samp>ldaps</samp> indicates that this host/port combination uses SSL and
TLS.</li>
</ul>
<p>Examples:</p>
<ul>
<li>ldap://systemx:389/ibm-eimDomainName=myEimDomain,o=myCompany,c=us</li>
<li>ldaps://systemy:636/ibm-eimDomainName=thisEimDomain</li>
</ul>
<br>
</dd>
<!-- ============================================================== -->
<!-- connectInfo -->
<!-- ============================================================== -->
<dt><strong>connectInfo</strong>&nbsp;&nbsp;(Input)</dt>
<dd>Connect information. EIM uses ldap. This parameter provides the information
required to bind to ldap.
<p>If the system is configured to connect to a secure port, EimSSLInfo is
required.</p>
<p>For EIM_SIMPLE connect type, the <samp>creds</samp> field should contain the
EimSimpleConnectInfo structure with a binddn and password. EimPasswordProtect
is used to determine the level of password protection on the ldap bind.</p>
<table cellpadding="5">
<!-- cols="40 60" -->
<tr>
<td align="left" valign="top"><em>EIM_PROTECT_NO (0)</em></td>
<td align="left" valign="top">The clear-text password is sent on the bind.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIM_PROTECT_CRAM_MD5 (1)</em></td>
<td align="left" valign="top">The protected password is sent on the bind. The
server side must support cram-md5 protocol to send the protected password.</td>
</tr>
<tr>
<td align="left" valign="top" nowrap><em>EIM_PROTECT_CRAM_MD5_OPTIONAL (2)</em></td>
<td align="left" valign="top">The protected password is sent on the bind if the
cram-md5 protocol is supported. Otherwise, the clear-text password is
sent.</td>
</tr>
</table>
<p>For EIM_KERBEROS, the default logon credentials are used. The <samp>kerberos
creds</samp> field must be NULL.</p>
<p>For EIM_CLIENT_AUTHENTICATION, the <samp>creds</samp> field is ignored.
EimSSLInfo must be provided.</p>
<p>The structure layouts follow:</p>
<pre>
enum EimPasswordProtect {
EIM_PROTECT_NO,
EIM_PROTECT_CRAM_MD5,
EIM_PROTECT_CRAM_MD5_OPTIONAL
};
enum EimConnectType {
EIM_SIMPLE,
EIM_KERBEROS,
EIM_CLIENT_AUTHENTICATION
};
typedef struct EimSimpleConnectInfo
{
enum EimPasswordProtect protect;
char * bindDn;
char * bindPw;
} EimSimpleConnectInfo;
typedef struct EimSSLInfo
{
char * keyring;
char * keyring_pw;
char * certificateLabel;
} EimSSLInfo;
typedef struct EimConnectInfo
{
enum EimConnectType type;
union {
gss_cred_id_t * kerberos;
EimSimpleConnectInfo simpleCreds;
} creds;
EimSSLInfo * ssl;
} EimConnectInfo;
</pre>
</dd>
<!-- ============================================================== -->
<!-- description -->
<!-- ============================================================== -->
<dt><strong>description</strong>&nbsp;&nbsp;(Input)</dt>
<dd>Textual description for the new EIM domain entry. This parameter may be
NULL.<br>
<br>
</dd>
<!-- ============================================================== -->
<!-- eimrc -->
<!-- ============================================================== -->
<dt><strong>eimrc</strong>&nbsp;&nbsp;(Input/Output)</dt>
<dd>The structure in which to return error code information. If the return
value is not 0, eimrc is set with additional information. This parameter may be
NULL. For the format of the structure, see <a href="eimrc.htm">EimRC--EIM
Return Code Parameter</a>.<br>
<br>
</dd>
</dl>
<!-- ============================================================== -->
<!-- -->
<!-- R E T U R N V A L U E -->
<!-- -->
<!-- ============================================================== -->
<h3>Return Value</h3>
<p>The return value from the API. Following each return value is the list of
possible values for the <samp>messageCatalogMessageID</samp> field in the
<em>eimrc</em> parameter for that value.</p>
<dl><!-- ============================================================== -->
<!-- 0 -->
<!-- ============================================================== -->
<dt><strong>0</strong></dt>
<dd>Request was successful.<br>
<br>
</dd>
<!-- ============================================================== -->
<!-- EACCES -->
<!-- ============================================================== -->
<dt><strong>EACCES</strong></dt>
<dd>Access denied. Not enough permissions to access data.<br>
<br>
<table cellpadding="5">
<!-- cols="25 75" -->
<tr>
<td align="left" valign="top"><em>EIMERR_ACCESS (1)</em></td>
<td align="left" valign="top">Insufficient access to EIM data.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- EBADDATA -->
<!-- ============================================================== -->
<dt><strong>EBADDATA</strong></dt>
<dd>eimrc is not valid.<br>
<br>
</dd>
<!-- ============================================================== -->
<!-- ECONVERT -->
<!-- ============================================================== -->
<dt><strong>ECONVERT</strong></dt>
<dd>Data conversion error.<br>
<br>
<table cellpadding="5">
<!-- cols="35 65" -->
<tr>
<td align="left" valign="top"><em>EIMERR_DATA_CONVERSION (13)</em></td>
<td align="left" valign="top">Error occurred when converting data between code
pages.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- EEXIST -->
<!-- ============================================================== -->
<dt><strong>EEXIST</strong></dt>
<dd>EIM domain already exists.<br>
<br>
<table cellpadding="5">
<!-- cols="30 70" -->
<tr>
<td align="left" valign="top"><em>EIMERR_DOMAIN_EXISTS (14)</em></td>
<td align="left" valign="top">EIM domain already exists in EIM.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- EINVAL -->
<!-- ============================================================== -->
<dt><strong>EINVAL</strong></dt>
<dd>Input parameter was not valid.<br>
<br>
<table cellpadding="5">
<!-- cols="35 65" -->
<tr>
<td align="left" valign="top"><em>EIMERR_CHAR_INVAL (21)</em></td>
<td align="left" valign="top">A restricted character was used in the object
name. Check the API for a list of restricted characters.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_CONN_INVAL (54)</em></td>
<td align="left" valign="top">Connection type is not valid.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_NOT_SECURE (32)</em></td>
<td align="left" valign="top">The system is not configured to connect to a
secure port. Connection type of EIM_CLIENT_AUTHENTICATION is not valid.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_PARM_REQ (34)</em></td>
<td align="left" valign="top">Missing required parameter. Please check API
documentation.</td>
</tr>
<tr>
<td align="left" valign="top" nowrap><em>EIMERR_PROTECT_INVAL (22)</em></td>
<td align="left" valign="top">The protect parameter in EimSimpleConnectInfo is
not valid.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_PTR_INVAL (35)</em></td>
<td align="left" valign="top">Pointer parameter is not valid.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_SSL_REQ (42)</em></td>
<td align="left" valign="top">The system is configured to connect to a secure
port. EimSSLInfo is required.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_URL_NODN (45)</em></td>
<td align="left" valign="top">URL has no dn (required).</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_URL_NODOMAIN (46)</em></td>
<td align="left" valign="top">URL has no domain (required).</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_URL_NOHOST (47)</em></td>
<td align="left" valign="top">URL does not have a host.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_URL_NOTLDAP (49)</em></td>
<td align="left" valign="top">URL does not begin with ldap.</td>
</tr>
<tr>
<td align="left" valign="top"><em> EIMERR_INVALID_DN (66)</em></td>
<td align="left" valign="top">Distinguished Name (DN) is not valid.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- ENOMEM -->
<!-- ============================================================== -->
<dt><strong>ENOMEM</strong></dt>
<dd>Unable to allocate required space.<br>
<br>
<table cellpadding="5">
<!-- cols="25 75" -->
<tr>
<td align="left" valign="top"><em>EIMERR_NOMEM (27)</em></td>
<td align="left" valign="top">No memory available. Unable to allocate required
space.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- ENOTSUP -->
<!-- ============================================================== -->
<dt><strong>ENOTSUP</strong></dt>
<dd>Connection type is not supported.<br>
<br>
<table cellpadding="5">
<!-- cols="25 75" -->
<tr>
<td align="left" valign="top"><em>EIMERR_CONN_NOTSUPP (12)</em></td>
<td align="left" valign="top">Connection type is not supported.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- EROFS -->
<!-- ============================================================== -->
<dt><strong>EROFS</strong></dt>
<dd>LDAP connection is for read only. Need to connect to master.<br>
<br>
<table cellpadding="5">
<!-- cols="30 70" -->
<tr>
<td align="left" valign="top"><em>EIMERR_URL_READ_ONLY (50)</em></td>
<td align="left" valign="top">LDAP connection can only be made to a replica
ldap server. Change the connection information and try the request again.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- EUNKNOWN -->
<!-- ============================================================== -->
<dt><strong>EUNKNOWN</strong></dt>
<dd>Unexpected exception.<br>
<br>
<table cellpadding="5">
<!-- cols="25 75" -->
<tr>
<td align="left" valign="top"><em>EIMERR_LDAP_ERR (23)</em></td>
<td align="left" valign="top">Unexpected LDAP error. %s</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_UNKNOWN (44)</em></td>
<td align="left" valign="top">Unknown error or unknown system state.</td>
</tr>
</table>
</dd>
</dl>
<br>
<!-- ============================================================== -->
<!-- -->
<!-- U S A G E N O T E S -->
<!-- -->
<!-- ============================================================== -->
<h3>Restrictions</h3>
<p>There is a restriction on the characters allowed for domain name.</p>
<p>The following characters are special characters that are not allowed in
object names. They also should not be used in object attributes that would be
used for a search operation.</p>
<pre>
, = + &lt; &gt; # ; \ * &quot;
</pre>
<!-- ============================================================== -->
<!-- -->
<!-- R E L A T E D I N F O R M A T I O N -->
<!-- -->
<!-- ============================================================== -->
<h3>Related Information</h3>
<ul>
<li><a href="eimdeletedomain.htm">eimDeleteDomain()</a>--Delete an EIM Domain
Object<br>
<br>
</li>
<li><a href="eimchangedomain.htm">eimChangeDomain()</a>--Change an EIM Domain
Object<br>
<br>
</li>
<li><a href="eimlistdomains.htm">eimListDomains()</a>--List EIM Domain
Objects</li>
</ul>
<br>
<!-- ============================================================== -->
<!-- -->
<!-- E X A M P L E -->
<!-- -->
<!-- ============================================================== -->
<h3>Example</h3>
<p>See <a href="../apiref/aboutapis.htm#codedisclaimer">Code disclaimer information</a>
for information pertaining to code examples.</p>
<p>The following example creates an EIM domain by the name of myEIMDomain. The
distinguished name for the domain after it is created will be:
"ibm-eimDomainName=myEIMDomain,o=mycompany,c=us".</p>
<pre>
#include &lt;eim.h&gt;
#include &lt;stdio.h&gt;
int main(int argc, char *argv[])
{
int rc;
char eimerr[100];
EimRC * err;
char * ldapURL = "ldap://eimsystem:389/ibm-eimDomainName=myEimDomain,o=mycompany,c=us";
EimConnectInfo con;
<em>/* Set up connection information */</em>
con.type = EIM_SIMPLE;
con.creds.simpleCreds.protect = EIM_PROTECT_NO;
con.creds.simpleCreds.bindDn = "cn=admin";
con.creds.simpleCreds.bindPw = "secret";
con.ssl = NULL;
<em>/* Set up error structure. */</em>
memset(eimerr,0x00,100);
err = (EimRC *)eimerr;
err-&gt;memoryProvidedByCaller = 100;
<em>/* Create a new EIM domain */</em>
if (0 != (rc = eimCreateDomain(ldapURL,
con,
NULL,
err)))
printf("Create domain error = %d", rc);
return 0;
}
</pre>
<br>
<!-- ============================================================== -->
<!-- -->
<!-- F O O T E R -->
<!-- -->
<!-- ============================================================== -->
<hr>
API introduced: V5R2
<hr>
<center>
<table cellpadding="2" cellspacing="2">
<tr align="center">
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> | <a href=
"sec.htm">Security APIs</a> | <a href="aplist.htm">APIs by category</a></td>
</tr>
</table>
</center>
</body>
</html>