Sm_PolicyApi_UserDir_t
Defines a stmndr user directory object.
casso127
Defines a
CA Single Sign-On
user directory object.Syntax
typedef struct Sm_PolicyApi_UserDir_s{int iStructId;char pszOid[BFSIZE];char pszName[BFSIZE];/* Required */char pszDesc[BFSIZE];char pszNamespace[BFSIZE];/* Required */char pszServer[BFSIZE];/* Required */char pszSearchRoot[BFSIZE];char pszUserLookupStart[BFSIZE];char pszUserLookupEnd[BFSIZE];char pszUsername[BFSIZE];char pszPassword[BFSIZE];int nSearchResults;/* Required */int nSearchScope;/* Required */int nSearchTimeout;/* Required */bool bSecureConnection;/* Required */bool bRequireCredentials;/* Required */char pszDisabledAttr[BFSIZE];char pszUniversalIDAttr[BFSIZE];char pszODBCQuerySchemeOid[BFSIZE];char pszAnonymousId[BFSIZE];char pszPasswordData[BFSIZE];char pszPasswordAttribute[BFSIZE];char pszEmailAddressAttr[BFSIZE];char pszChallengeRespAttr[BFSIZE];struct Sm_PolicyApi_UserDir_s* next;} Sm_PolicyApi_UserDir_t;
Field | Description |
iStructId
| User directory data structure ID, defined in Sm_PolicyApi_Structs_t. |
pszOid
| The object identifier of the user directory object. |
pszName
| Name of the user directory. |
pszDesc
| Brief description of the user directory. |
pszNamespace
| Mandatory field that designates the specific directory service being connected to (for example, LDAP:, ODBC:, WinNT:, AD:, or Custom:). |
pszServer
| Mandatory field. This is an overloaded field whose contents depend upon the namespace: ODBC - Data source name. NT - Domain name. LDAP or AD - An IP address or an IP address and port number in the format IP_address:port_number . The port number 389 is assumed if no port number is specified.Custom - Library name. |
pszSearchRoot
| One of the following values: With LDAP directories, the location in the LDAP tree that serves as the starting point for the directory connection-typically, an organization (o) or organizational unit (ou). The Policy Server begins searching at the root when locating a user. With custom directories, any parameters to pass to the custom library. |
pszUserLookupStart
| The User DN Lookup Start allows users to authenticate by entering only a part of the user name, without having to enter an entire DN string. Identifying unique and non-unique segments of the user DN string does this. Use this field with LDAP directories only. |
pszUserLookupEnd
| The User DN Lookup End allows users to authenticate by entering only a part of the user name, without having to enter an entire whole DN string. Use this field with LDAP directories only. |
pszUsername
| The user name needed to access a user directory. |
pszPassword
| The password needed to access a user directory. |
nSearchResults
| The maximum number of records that can be returned from a search of an LDAP or custom directory. |
nSearchScope
| The extent to which CA Single Sign-On looks forusers and user groups below pszSearchRoot in an LDAP directory - all levels below the root (subtree) or just one level below the root.Specify 1 for one level down or 2 for subtree. |
nSearchTimeout
| The maximum amount of time, in seconds, that CA Single Sign-On will query an LDAP or custom directory. |
bSecureConnection
| This flag must be enabled when accessing an LDAP or custom directory over SSL. Enabling Secure Connect means that CA Single Sign-On performs secure authentication and encrypted transmissions. |
bRequireCredentials
| Flag to specify credentials necessary to authenticate against a user directory |
pszDisabledAttr
| Name of the user directory attribute that CA Single Sign-On uses to keep track of a user's enabled or disabled state.Applies to LDAP and ODBC directories, and possibly to custom directories. |
pszUniversalIDAttr
| Name of the user directory attribute that has been designated as the Universal ID. Typically, the Universal ID differs from the user's login ID, and the Universal ID is used to look up user information. Applies to LDAP, ODBC, and WinNT directories, and possibly to custom directories. |
pszODBCQuerySchemeOid
| The object identifier for a set of ODBC queries that CA Single Sign-On uses to query the ODBC directory. |
pszAnonymousId
| Name of the user directory attribute that is designated as the anonymous user DN. This DN is defined in the anonymous authentication scheme. Anonymous users impersonate this DN to gain access to the resources associated with the anonymous authentication scheme. Applies to LDAP directories, and possibly to custom directories. |
pszPasswordData
| Name of the user directory attribute that CA Single Sign-On uses to store password policy information.Applies to LDAP and ODBC directories, and possibly to custom directories. |
pszPasswordAttribute
| Name of the user directory attribute that contains the user's password, as defined using Password Services. Applies to LDAP and ODBC directories, and possibly to custom directories. |
pszEmailAddressAttr
| Reserved for future use. |
pszChallengeRespAttr
| Name of the user directory attribute that contains a response to return to the user, such as a hint for a forgotten password. Applies to LDAP directories, and possibly to custom directories. |
next
| Pointer to the next directory structure. |
Remarks
Fields apply to all types of directories (LDAP, ODBC, WinNT, and custom) unless individual directory types are specified.
Fields that apply to LDAP directories also apply to Active Directories.