friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14ed2849c6
ibm-information-center/dist/eclipse/plugins/i5OS.ic.apis_5.4.0.1/eimaddaccess.htm

568 lines
18 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
<title>eimAddAccess()--Add EIM Access</title>
<!-- Begin header records -->
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<!-- Change History: -->
<!-- YYMMDD USERID Change description -->
<!-- Created by Carol Budnik on 17 July 2001 -->
<!-- Edited by Kersten Jan 02 -->
<!-- End Header Records -->
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
</head>
<body>
<!--Java sync-link-->
<script type="text/javascript" language="javascript" src="../rzahg/synch.js">
</script>
<a name="Top_Of_Page"></a>
<!-- ============================================================== -->
<!-- -->
<!-- -->
<!-- ============================================================== -->
<h2>eimAddAccess()--Add EIM
Access</h2>
<!-- ============================================================== -->
<!-- -->
<!-- S Y N T A X / P A R M T A B L E -->
<!-- -->
<!-- ============================================================== -->
<div class="box" style="width: 80%;">
<br>
&nbsp;&nbsp;Syntax
<pre>
#include &lt;eim.h&gt;
int eimAddAccess(EimHandle * <em>eim</em>,
EimAccessUser * <em>accessUser</em>,
enum EimAccessType <em>accessType</em>,
char * <em>registryName</em>,
EimRC * <em>eimrc</em>)
</pre>
&nbsp;&nbsp;Service Program Name: QSYS/QSYEIM<br>
<!-- iddvc RMBR -->
<br>
&nbsp;&nbsp;Default Public Authority: *USE<br>
<!-- iddvc RMBR -->
<br>
&nbsp;&nbsp;Threadsafe: Yes<br>
<!-- iddvc RMBR -->
<br>
</div>
<!-- ============================================================== -->
<!-- -->
<!-- D E S C R I P T I O N -->
<!-- -->
<!-- ============================================================== -->
<p>The <strong>eimAddAccess()</strong> function adds the user to the EIM access
group identified by the access type.</p>
<br>
<!-- ============================================================== -->
<!-- -->
<!-- A U T H O R I T I E S A N D L O C K S -->
<!-- -->
<!-- ============================================================== -->
<h3>Authorities and Locks</h3>
<dl>
<dt><em>EIM Data</em></dt>
<dd>Access to EIM data is controlled by EIM access groups. LDAP administrators
also have access to EIM data. The access groups whose members have authority to
the EIM data for this API follow:
<ul>
<li>EIM Administrator</li>
</ul>
</dd>
</dl>
<br>
<!-- ============================================================== -->
<!-- -->
<!-- P A R A M E T E R S -->
<!-- -->
<!-- ============================================================== -->
<h3>Parameters</h3>
<dl><!-- ============================================================== -->
<!-- eim -->
<!-- ============================================================== -->
<dt><strong>eim</strong> (Input)</dt>
<dd>The EIM handle returned by a previous call to eimCreateHandle(). A valid
connection is required for this function.<br>
<br>
</dd>
<!-- ============================================================== -->
<!-- accessUser -->
<!-- ============================================================== -->
<dt><strong>accessUser</strong> (Input)</dt>
<dd>A structure that contains the user information for which to add access.
<p>EIM_ACCESS_LOCAL_USER indicates a local user name on the system that the API
is run. The local user name will be converted to the appropriate access id for
this system.</p>
<p>EIM_ACCESS_KERBEROS indicates a kerberos principal. The kerberos principal
will be converted to the appropriate access id. For example, petejones@therealm
will be converted to ibm-kn=petejones@therealm.</p>
<p>The EimAccessUser structure layout follows:</p>
<pre>
enum EimAccessUserType {
EIM_ACCESS_DN,
EIM_ACCESS_KERBEROS,
EIM_ACCESS_LOCAL_USER
};
typedef struct EimAccessUser
{
union {
char * dn;
char * kerberosPrincipal;
char * localUser;
} user;
enum EimAccessUserType userType;
} EimAccessUser;
</pre>
</dd>
<!-- ============================================================== -->
<!-- accessType -->
<!-- ============================================================== -->
<dt><strong>accessType</strong> (Input)</dt>
<dd>The type of access to add. Valid values are:<br>
<br>
<table cellpadding="5">
<!-- cols="35 65" -->
<tr>
<td align="left" valign="top"><em>EIM_ACCESS_ADMIN (0)</em></td>
<td align="left" valign="top">Administrative authority to the entire EIM
domain.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIM_ACCESS_REG_ADMIN (1)</em></td>
<td align="left" valign="top">Administrative authority to all registries in the
EIM domain.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIM_ACCESS_REGISTRY (2)</em></td>
<td align="left" valign="top">Administrative authority to the registry
specified in the <em>registryName</em> parameter.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIM_ACCESS_IDENTIFIER_ADMIN (3)</em></td>
<td align="left" valign="top">Administrative authority to all of the
identifiers in the EIM domain.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIM_ACCESS_MAPPING_LOOKUP (4)</em></td>
<td align="left" valign="top">Authority to perform mapping lookup
operations.</td>
</tr>
<tr>
<td align="left" valign="top"><em><img src="delta.gif" alt="Start of change">EIM_ACCESS_CREDENTIAL_DATA (5)</em></td>
<td align="left" valign="top">Authority to retrieve credential data.<img src="deltaend.gif" alt="End of change"></td>
</tr>
</table>
</dd>
<dd><br>
<!-- ============================================================== -->
<!-- registryName -->
<!-- ============================================================== -->
</dd>
<dt><strong>registryName</strong> (Input)</dt>
<dd>The name of the registry for which to add access. This parameter is only
used if EimAccessType is EIM_ACCESS_REGISTRY. If EimAccessType is anything
other than EIM_ACCESS_REGISTRY, this parameter must be NULL.<br>
<br>
</dd>
<!-- ============================================================== -->
<!-- eimrc -->
<!-- ============================================================== -->
<dt><strong>eimrc</strong> (Input)</dt>
<dd>The structure in which to return error code information. If the return
value is not 0, eimrc is set with additional information. This parameter may be
NULL. For the format of the structure, see <a href="eimrc.htm">EimRC--EIM
Return Code Parameter</a>.<br>
<br>
</dd>
</dl>
<br>
<!-- ============================================================== -->
<!-- -->
<!-- R E T U R N V A L U E -->
<!-- -->
<!-- ============================================================== -->
<h3>Return Value</h3>
<p>The return value from the API. Following each return value is the list of
possible values for the <samp>messageCatalogMessageID</samp> field in the
<em>eimrc</em> parameter for that value.</p>
<dl><!-- ============================================================== -->
<!-- 0 -->
<!-- ============================================================== -->
<dt><strong>0</strong></dt>
<dd>Request was successful.<br>
<br>
</dd>
<!-- ============================================================== -->
<!-- EACCES -->
<!-- ============================================================== -->
<dt><strong>EACCES</strong></dt>
<dd>Access denied. Not enough permissions to access data.<br>
<br>
<table cellpadding="5">
<!-- cols="25 75" -->
<tr>
<td align="left" valign="top"><em>EIMERR_ACCESS (1)</em></td>
<td align="left" valign="top">Insufficient access to EIM data.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- EBADDATA -->
<!-- ============================================================== -->
<dt><strong>EBADDATA</strong></dt>
<dd>eimrc is not valid.<br>
<br>
</dd>
<!-- ============================================================== -->
<!-- EBUSY -->
<!-- ============================================================== -->
<dt><strong>EBUSY</strong></dt>
<dd>Unable to allocate internal system object.<br>
<br>
<table cellpadding="5">
<!-- cols="25 75" -->
<tr>
<td align="left" valign="top"><em>EIMERR_NOLOCK (26)</em></td>
<td align="left" valign="top">Unable to allocate internal system object.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- ECONVERT -->
<!-- ============================================================== -->
<dt><strong>ECONVERT</strong></dt>
<dd>Data conversion error.<br>
<br>
<table cellpadding="5">
<!-- cols="35 65" -->
<tr>
<td align="left" valign="top"><em>EIMERR_DATA_CONVERSION (13)</em></td>
<td align="left" valign="top">Error occurred when converting data between code
pages.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- EINVAL -->
<!-- ============================================================== -->
<dt><strong>EINVAL</strong></dt>
<dd>Input parameter was not valid.<br>
<br>
<table cellpadding="5">
<!-- cols="40 60" -->
<tr>
<td align="left" valign="top"><em>EIMERR_ACCESS_TYPE_INVAL (2)</em></td>
<td align="left" valign="top">Access type is not valid.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_ACCESS_USERTYPE_INVAL (3)</em></td>
<td align="left" valign="top">Access user type is not valid.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_HANDLE_INVAL (17)</em></td>
<td align="left" valign="top">EimHandle is not valid.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_PARM_REQ (34)</em></td>
<td align="left" valign="top">Missing required parameter. Please check API
documentation.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_PTR_INVAL (35)</em></td>
<td align="left" valign="top">Pointer parameter is not valid.</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_REG_MUST_BE_NULL (55)</em></td>
<td align="left" valign="top">Registry name must be NULL when access type is
not EIM_ACCESS_REGISTRY.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- ENOMEM -->
<!-- ============================================================== -->
<dt><strong>ENOMEM</strong></dt>
<dd>Unable to allocate required space.<br>
<br>
<table cellpadding="5">
<!-- cols="25 75" -->
<tr>
<td align="left" valign="top"><em>EIMERR_NOMEM (27)</em></td>
<td align="left" valign="top">No memory available. Unable to allocate required
space.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- ENOTCONN -->
<!-- ============================================================== -->
<dt><strong>ENOTCONN</strong></dt>
<dd>LDAP connection has not been made.<br>
<br>
<table cellpadding="5">
<!-- cols="25 75" -->
<tr>
<td align="left" valign="top"><em>EIMERR_NOT_CONN (31)</em></td>
<td align="left" valign="top">Not connected to LDAP. Use eimConnect() API and
try the request again.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- EROFS -->
<!-- ============================================================== -->
<dt><strong>EROFS</strong></dt>
<dd>LDAP connection is for read only. Need to connect to master.<br>
<br>
<table cellpadding="5">
<!-- cols="25 75" -->
<tr>
<td align="left" valign="top"><em>EIMERR_READ_ONLY (36)</em></td>
<td align="left" valign="top">LDAP connection is for read only. Use
eimConnectToMaster() to get a write connection.</td>
</tr>
</table>
<br>
</dd>
<!-- ============================================================== -->
<!-- EUNKNOWN -->
<!-- ============================================================== -->
<dt><strong>EUNKNOWN</strong></dt>
<dd>Unexpected exception.<br>
<br>
<table cellpadding="5">
<!-- cols="25 75" -->
<tr>
<td align="left" valign="top"><em>EIMERR_LDAP_ERR (23)</em></td>
<td align="left" valign="top">Unexpected LDAP error. %s</td>
</tr>
<tr>
<td align="left" valign="top"><em>EIMERR_UNKNOWN (44)</em></td>
<td align="left" valign="top">Unknown error or unknown system state.</td>
</tr>
</table>
</dd>
</dl>
<br>
<!-- ============================================================== -->
<!-- -->
<!-- U S A G E N O T E S -->
<!-- -->
<!-- ============================================================== -->
<!-- ============================================================== -->
<!-- -->
<!-- R E L A T E D I N F O R M A T I O N -->
<!-- -->
<!-- ============================================================== -->
<h3>Related Information</h3>
<ul class="noindent">
<li><a href="eimremoveaccess.htm">eimRemoveAccess()</a> --Remove EIM Access<br>
<br>
</li>
<li><a href="eimlistaccess.htm">eimListAccess()</a> --List EIM Access<br>
<br>
</li>
<li><a href="eimlistuseraccess.htm">eimListUserAccess()</a> --List EIM User
Access<br>
<br>
</li>
<li><a href="eimqueryaccess.htm">eimQueryAccess()</a> --Query EIM Access<br>
<br>
</li>
</ul>
<br>
<!-- ============================================================== -->
<!-- -->
<!-- E X A M P L E -->
<!-- -->
<!-- ============================================================== -->
<h3>Example</h3>
<p>See <a href="../apiref/aboutapis.htm#codedisclaimer">Code disclaimer information</a>
for information pertaining to code examples.</p>
<p>The following example adds users to access groups.</p>
<pre>
#include &lt;eim.h&gt;
#include &lt;stdio.h&gt;
int main(int argc, char *argv[])
{
int rc;
char eimerr[100];
EimRC * err;
EimHandle * handle;
EimAccessUser user;
<em>/* Get eim handle from input arg. */</em>
<em>/* This handle is already connected to EIM. */</em>
handle = (EimHandle *)argv[1];
<em>/* Set up error structure. */</em>
memset(eimerr,0x00,100);
err = (EimRC *)eimerr;
err-&gt;memoryProvidedByCaller = 100;
<em>/* Set up access user information */</em>
user.userType = EIM_ACCESS_DN;
user.user.dn=&quot;cn=pete,o=ibm,c=us&quot;;
<em>/* Add access for this user. */</em>
if (0 != (rc = eimAddAccess(handle,
&amp;user,
EIM_ACCESS_ADMIN,
NULL,
err)))
{
printf(&quot;Add access error = %d&quot;, rc);
return -1;
}
<em>/* Set up access user information */</em>
user.userType = EIM_ACCESS_LOCAL_USER;
user.user.dn=&quot;mjjones&quot;;
<em>/* Add access for this user. */</em>
if (0 != (rc = eimAddAccess(handle,
&amp;user,
EIM_ACCESS_REGISTRY,
&quot;MyRegistry&quot;,
err)))
{
printf(&quot;Add access error = %d&quot;, rc);
return -1;
}
return 0;
}
</pre>
<br>
<!-- ============================================================== -->
<!-- -->
<!-- F O O T E R -->
<!-- -->
<!-- ============================================================== -->
<hr>
API introduced: V5R2
<hr>
<center>
<table cellpadding="2" cellspacing="2">
<tr align="center">
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> | <a href=
"sec.htm">Security APIs</a> | <a href="aplist.htm">APIs by category</a></td>
</tr>
</table>
</center>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink