Directory API Reference

The following diagrams outline the order of function calls for procedures that perform operations on the directory and possibly perform operations on a directory entry (user). For example, using the stmndr Administrative UI to search for a particular user in a custom directory requires both operations on the directory and operations on a directory entry (user). Some procedures involve only operations on the directory. For example, using the stmndr Administrative UI only to view the properties of a custom user directory requires only operations on the directory.
sm1252sp1
The following diagrams outline the order of function calls for procedures that perform operations on the directory and possibly perform operations on a directory entry (user). For example, using the
CA Single Sign-On
Administrative UI to search for a particular user in a custom directory requires both operations on the directory and operations on a directory entry (user). Some procedures involve only operations on the directory. For example, using the
CA Single Sign-On
Administrative UI only to view the properties of a custom user directory requires only operations on the directory.
This second diagram shows an additional sequence that occurs only if directory entry (user) operations occur.
Graphic showing the additional sequence of function calls for procedures performing operations on a directory entry
To authenticate a user, the
CA Single Sign-On
Policy Server requests a username from the user. SmDirValidateUsername() is called to translate the user-supplied username into the internal user ID key used by the directory as the primary key to the user’s data. The username from the credentials is supplied in the
lpszUsername
parameter. If SmDirValidateUsername() is not implemented, the user-supplied username is passed into
lpszUserDN
.
If SmDirValidateUsername() is implemented, it should return the user’s ID in the
lpszNewUsername
parameter. The value returned by
lpszNewUsername
becomes the
lpszUserDN
parameter value.
The
lpszUserDN
parameter value is passed into many other functions, such as SmDirValidateUserDN() and SmDirAuthenticateUser().