usermgr-1 - API for user and group administration
#include <rad/client/1/usermgr.h> cc [ flag... ] file... -lusermgr1_client [ library... ] interface UserMgr usermgr_User_t ** users ; (ro) usermgr_Group_t ** groups ; (ro) const char ** shells ; (ro) usermgr_User_t * defaultUser ; (ro) const char ** scopes ; (ro) const char ** roles ; (ro) const char ** profiles ; (ro) const char ** auths ; (ro) const char ** defaultPrivs ; (ro) const char ** limitPrivs ; (ro) const char ** supplGroups ; (ro) const char ** auditClasses ; (ro) const char ** pamUserConfFiles ; (ro) const char ** pamServices ; (ro) const char ** projects ; (ro) rc_err_t usermgr_UserMgr_getUser(rc_instance_t *inst, const char *username, usermgr_User_t **result, usermgr_UserMgrError_t **error); rc_err_t usermgr_UserMgr_addUser(rc_instance_t *inst, usermgr_User_t *user, const char *password, boolean_t *hashed, usermgr_User_t **result, usermgr_UserMgrError_t **error); rc_err_t usermgr_UserMgr_modifyUser(rc_instance_t *inst, usermgr_User_t *user, usermgr_UserChangeFields_t *changeFields, const char *password, boolean_t *hashed, usermgr_User_t **result, usermgr_UserMgrError_t **error); rc_err_t usermgr_UserMgr_deleteUser(rc_instance_t *inst, const char *username, usermgr_UserMgrError_t **error); rc_err_t usermgr_UserMgr_selectScope(rc_instance_t *inst, usermgr_ScopeType_t scope); rc_err_t usermgr_UserMgr_setFilter(rc_instance_t *inst, usermgr_UserType_t usertype, const char *searchstring, boolean_t *localAttrs); rc_err_t usermgr_UserMgr_setQualifier(rc_instance_t *inst, const char *qualifier); rc_err_t usermgr_UserMgr_isSystemLabeled(rc_instance_t *inst, boolean_t *result, usermgr_UserMgrError_t **error); rc_err_t usermgr_UserMgr_getUserType(rc_instance_t *inst, const char *username, usermgr_UserType_t *result, usermgr_UserMgrError_t **error); Enumerated Types enum UserMgrErrorType typedef enum usermgr_UserMgrErrorType { UUMET_INVALIDDATA = 0, UUMET_USEREXISTS = 1, UUMET_PERMDENIED = 2, UUMET_READERROR = 3, UUMET_LASTADMIN = 4, UUMET_ROOTADMIN = 5, UUMET_PASSERROR = 6, } usermgr_UserMgrErrorType_t; enum ScopeType typedef enum usermgr_ScopeType { UST_FILES = 0, UST_LDAP = 1, } usermgr_ScopeType_t; enum UserType typedef enum usermgr_UserType { UUT_NORMAL = 0, UUT_ROLE = 1, } usermgr_UserType_t; Structured Types struct Group typedef struct usermgr_Group usermgr_Group_t; struct usermgr_Group { char *ug_groupName; unsigned int ug_groupID; char **ug_groupMembers; int ug_groupMembers_count; }; void usermgr_Group_free(usermgr_Group_t *in); struct User typedef struct usermgr_User usermgr_User_t; struct usermgr_User { char *uu_username; unsigned int uu_userID; unsigned int uu_groupID; char *uu_groupName; char *uu_description; char *uu_homeDirectory; char *uu_defaultShell; int uu_inactive; int uu_min; int uu_max; int uu_warn; char *uu_expire; char *uu_lockAfterRetries; char *uu_alwaysAuditFlags; char *uu_neverAuditFlags; char *uu_type; char *uu_defaultProj; char *uu_clearance; char *uu_minLabel; char *uu_roleAuth; char *uu_idleCmd; char *uu_idleTime; char *uu_accountStatus; char **uu_roles; int uu_roles_count; char **uu_profiles; int uu_profiles_count; char **uu_authProfiles; int uu_authProfiles_count; char **uu_auths; int uu_auths_count; char **uu_defaultPriv; int uu_defaultPriv_count; char **uu_limitPriv; int uu_limitPriv_count; char **uu_groups; int uu_groups_count; char **uu_alwaysAudit; int uu_alwaysAudit_count; char **uu_neverAudit; int uu_neverAudit_count; char *uu_pamPolicy; char *uu_unlockAfter; char **uu_accessTimes; int uu_accessTimes_count; char *uu_accessTZ; char *uu_tpd; char *uu_annotation; char *uu_zfsHome; }; void usermgr_User_free(usermgr_User_t *in); struct UserChangeFields typedef struct usermgr_UserChangeFields usermgr_UserChangeFields_t; struct usermgr_UserChangeFields { boolean_t *uucf_gidChanged; boolean_t *uucf_groupNameChanged; boolean_t *uucf_descChanged; boolean_t *uucf_homedirChanged; boolean_t *uucf_defShellChanged; boolean_t *uucf_profilesChanged; boolean_t *uucf_authProfilesChanged; boolean_t *uucf_rolesChanged; boolean_t *uucf_authsChanged; boolean_t *uucf_defaultPrivChanged; boolean_t *uucf_limitPrivChanged; boolean_t *uucf_groupsChanged; boolean_t *uucf_lockAfterRetriesChanged; boolean_t *uucf_alwaysAuditChanged; boolean_t *uucf_neverAuditChanged; boolean_t *uucf_typeChanged; boolean_t *uucf_defaultProjChanged; boolean_t *uucf_minLabelChanged; boolean_t *uucf_roleAuthChanged; boolean_t *uucf_idleCmdChanged; boolean_t *uucf_idleTimeChanged; boolean_t *uucf_expireChanged; boolean_t *uucf_minChanged; boolean_t *uucf_maxChanged; boolean_t *uucf_warnChanged; boolean_t *uucf_uidChanged; boolean_t *uucf_accessTimesChanged; boolean_t *uucf_accessTZChanged; boolean_t *uucf_pamPolicyChanged; boolean_t *uucf_clearanceChanged; boolean_t *uucf_inactiveChanged; boolean_t *uucf_unlockAfterChanged; boolean_t *uucf_accountStatusChanged; boolean_t *uucf_tpdChanged; boolean_t *uucf_annotationChanged; boolean_t *uucf_zfsHomeChanged; }; void usermgr_UserChangeFields_free(usermgr_UserChangeFields_t *in); struct UserMgrError typedef struct usermgr_UserMgrError usermgr_UserMgrError_t; struct usermgr_UserMgrError { usermgr_UserMgrErrorType_t uume_errorCode; char *uume_errmsg; }; void usermgr_UserMgrError_free(usermgr_UserMgrError_t *in);
USERMGR-1(3rad) RAD Module Definitions USERMGR-1(3rad) NAME usermgr - API for user and group administration SYNOPSIS #include <rad/client/1/usermgr.h> cc [ flag... ] file... -lusermgr1_client [ library... ] interface UserMgr usermgr_User_t ** users ; (ro) usermgr_Group_t ** groups ; (ro) const char ** shells ; (ro) usermgr_User_t * defaultUser ; (ro) const char ** scopes ; (ro) const char ** roles ; (ro) const char ** profiles ; (ro) const char ** auths ; (ro) const char ** defaultPrivs ; (ro) const char ** limitPrivs ; (ro) const char ** supplGroups ; (ro) const char ** auditClasses ; (ro) const char ** pamUserConfFiles ; (ro) const char ** pamServices ; (ro) const char ** projects ; (ro) rc_err_t usermgr_UserMgr_getUser(rc_instance_t *inst, const char *username, usermgr_User_t **result, usermgr_UserMgrError_t **error); rc_err_t usermgr_UserMgr_addUser(rc_instance_t *inst, usermgr_User_t *user, const char *password, boolean_t *hashed, usermgr_User_t **result, usermgr_UserMgrError_t **error); rc_err_t usermgr_UserMgr_modifyUser(rc_instance_t *inst, usermgr_User_t *user, usermgr_UserChangeFields_t *changeFields, const char *password, boolean_t *hashed, usermgr_User_t **result, usermgr_UserMgrError_t **error); rc_err_t usermgr_UserMgr_deleteUser(rc_instance_t *inst, const char *username, usermgr_UserMgrError_t **error); rc_err_t usermgr_UserMgr_selectScope(rc_instance_t *inst, usermgr_ScopeType_t scope); rc_err_t usermgr_UserMgr_setFilter(rc_instance_t *inst, usermgr_UserType_t usertype, const char *searchstring, boolean_t *localAttrs); rc_err_t usermgr_UserMgr_setQualifier(rc_instance_t *inst, const char *qualifier); rc_err_t usermgr_UserMgr_isSystemLabeled(rc_instance_t *inst, boolean_t *result, usermgr_UserMgrError_t **error); rc_err_t usermgr_UserMgr_getUserType(rc_instance_t *inst, const char *username, usermgr_UserType_t *result, usermgr_UserMgrError_t **error); Enumerated Types enum UserMgrErrorType typedef enum usermgr_UserMgrErrorType { UUMET_INVALIDDATA = 0, UUMET_USEREXISTS = 1, UUMET_PERMDENIED = 2, UUMET_READERROR = 3, UUMET_LASTADMIN = 4, UUMET_ROOTADMIN = 5, UUMET_PASSERROR = 6, } usermgr_UserMgrErrorType_t; enum ScopeType typedef enum usermgr_ScopeType { UST_FILES = 0, UST_LDAP = 1, } usermgr_ScopeType_t; enum UserType typedef enum usermgr_UserType { UUT_NORMAL = 0, UUT_ROLE = 1, } usermgr_UserType_t; Structured Types struct Group typedef struct usermgr_Group usermgr_Group_t; struct usermgr_Group { char *ug_groupName; unsigned int ug_groupID; char **ug_groupMembers; int ug_groupMembers_count; }; void usermgr_Group_free(usermgr_Group_t *in); struct User typedef struct usermgr_User usermgr_User_t; struct usermgr_User { char *uu_username; unsigned int uu_userID; unsigned int uu_groupID; char *uu_groupName; char *uu_description; char *uu_homeDirectory; char *uu_defaultShell; int uu_inactive; int uu_min; int uu_max; int uu_warn; char *uu_expire; char *uu_lockAfterRetries; char *uu_alwaysAuditFlags; char *uu_neverAuditFlags; char *uu_type; char *uu_defaultProj; char *uu_clearance; char *uu_minLabel; char *uu_roleAuth; char *uu_idleCmd; char *uu_idleTime; char *uu_accountStatus; char **uu_roles; int uu_roles_count; char **uu_profiles; int uu_profiles_count; char **uu_authProfiles; int uu_authProfiles_count; char **uu_auths; int uu_auths_count; char **uu_defaultPriv; int uu_defaultPriv_count; char **uu_limitPriv; int uu_limitPriv_count; char **uu_groups; int uu_groups_count; char **uu_alwaysAudit; int uu_alwaysAudit_count; char **uu_neverAudit; int uu_neverAudit_count; char *uu_pamPolicy; char *uu_unlockAfter; char **uu_accessTimes; int uu_accessTimes_count; char *uu_accessTZ; char *uu_tpd; char *uu_annotation; char *uu_zfsHome; }; void usermgr_User_free(usermgr_User_t *in); struct UserChangeFields typedef struct usermgr_UserChangeFields usermgr_UserChangeFields_t; struct usermgr_UserChangeFields { boolean_t *uucf_gidChanged; boolean_t *uucf_groupNameChanged; boolean_t *uucf_descChanged; boolean_t *uucf_homedirChanged; boolean_t *uucf_defShellChanged; boolean_t *uucf_profilesChanged; boolean_t *uucf_authProfilesChanged; boolean_t *uucf_rolesChanged; boolean_t *uucf_authsChanged; boolean_t *uucf_defaultPrivChanged; boolean_t *uucf_limitPrivChanged; boolean_t *uucf_groupsChanged; boolean_t *uucf_lockAfterRetriesChanged; boolean_t *uucf_alwaysAuditChanged; boolean_t *uucf_neverAuditChanged; boolean_t *uucf_typeChanged; boolean_t *uucf_defaultProjChanged; boolean_t *uucf_minLabelChanged; boolean_t *uucf_roleAuthChanged; boolean_t *uucf_idleCmdChanged; boolean_t *uucf_idleTimeChanged; boolean_t *uucf_expireChanged; boolean_t *uucf_minChanged; boolean_t *uucf_maxChanged; boolean_t *uucf_warnChanged; boolean_t *uucf_uidChanged; boolean_t *uucf_accessTimesChanged; boolean_t *uucf_accessTZChanged; boolean_t *uucf_pamPolicyChanged; boolean_t *uucf_clearanceChanged; boolean_t *uucf_inactiveChanged; boolean_t *uucf_unlockAfterChanged; boolean_t *uucf_accountStatusChanged; boolean_t *uucf_tpdChanged; boolean_t *uucf_annotationChanged; boolean_t *uucf_zfsHomeChanged; }; void usermgr_UserChangeFields_free(usermgr_UserChangeFields_t *in); struct UserMgrError typedef struct usermgr_UserMgrError usermgr_UserMgrError_t; struct usermgr_UserMgrError { usermgr_UserMgrErrorType_t uume_errorCode; char *uume_errmsg; }; void usermgr_UserMgrError_free(usermgr_UserMgrError_t *in); DESCRIPTION API com.oracle.solaris.rad.usermgr [1] INTERFACES interface UserMgr Set of operations that can be performed on users and roles. UserMgr Properties usermgr_User_t ** users (read-only) -- Lists users. Lists the users present in the selected scope based on the filter options. rc_err_t usermgr_UserMgr_get_users(rc_instance_t *inst, usermgr_User_t ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read user after Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read user after usermgr_Group_t ** groups (read-only) -- Lists groups. Lists the groups present in the selected scope. rc_err_t usermgr_UserMgr_get_groups(rc_instance_t *inst, usermgr_Group_t ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read the groups database. Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read the groups database. const char ** shells (read-only) -- Lists shells. Lists the set of available shells that can be set as default shell for users. rc_err_t usermgr_UserMgr_get_shells(rc_instance_t *inst, char ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read the default shells. Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read the default shells. usermgr_User_t * defaultUser (read-only) -- Lists user defaults. Lists the default values for each of the fields in the User structure. rc_err_t usermgr_UserMgr_get_defaultUser(rc_instance_t *inst, usermgr_User_t **result, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned error o READERROR - when unable to read default user properties. Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read default user properties. const char ** scopes (read-only) -- Lists scopes. Lists the set of name service repositories that can be administered. rc_err_t usermgr_UserMgr_get_scopes(rc_instance_t *inst, char ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read the name services that can be managed. Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read the name services that can be managed. const char ** roles (read-only) -- Lists available roles. Lists the available roles. rc_err_t usermgr_UserMgr_get_roles(rc_instance_t *inst, char ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read user roles Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read user roles const char ** profiles (read-only) -- Lists available profiles. Lists the available profiles. rc_err_t usermgr_UserMgr_get_profiles(rc_instance_t *inst, char ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read user profiles. Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read user profiles. const char ** auths (read-only) -- Lists available authorizations. Lists the available authorizations. rc_err_t usermgr_UserMgr_get_auths(rc_instance_t *inst, char ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read user authorizations. Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read user authorizations. const char ** defaultPrivs (read-only) -- Lists default privileges. Lists the default privileges assigned to a user. rc_err_t usermgr_UserMgr_get_defaultPrivs(rc_instance_t *inst, char ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read user's default privileges. Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read user's default privileges. const char ** limitPrivs (read-only) -- Lists limit privileges. Lists the limit privileges assigned to a user. rc_err_t usermgr_UserMgr_get_limitPrivs(rc_instance_t *inst, char ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read user's limit privileges. Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read user's limit privileges. const char ** supplGroups (read-only) -- Lists supplemental groups. Lists the groups present in the selected scope. rc_err_t usermgr_UserMgr_get_supplGroups(rc_instance_t *inst, char ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read the groups database. Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read the groups database. const char ** auditClasses (read-only) -- Lists available audit classes. Lists the available audit classes. rc_err_t usermgr_UserMgr_get_auditClasses(rc_instance_t *inst, char ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read user's assigned audit classes. Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read user's assigned audit classes. const char ** pamUserConfFiles (read-only) -- Lists available PAM configuration files. Lists the per-user PAM configuration files. rc_err_t usermgr_UserMgr_get_pamUserConfFiles(rc_instance_t *inst, char ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read user specific PAM configuration files. Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read user specific PAM configuration files. const char ** pamServices (read-only) -- Lists available PAM service names. Lists available PAM services names. rc_err_t usermgr_UserMgr_get_pamServices(rc_instance_t *inst, char ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read PAM service names. Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read PAM service names. const char ** projects (read-only) -- Lists available projects. Lists the available projects. rc_err_t usermgr_UserMgr_get_projects(rc_instance_t *inst, char ***result, int *result_cnt, usermgr_UserMgrError_t **error); Get property value. Arguments: inst -- RAD instance result -- Property value returned result_cnt -- Number of items in result array error o READERROR - when unable to read projects database. Read Error: usermgr_UserMgrError_t ** o READERROR - when unable to read projects database. UserMgr Methods rc_err_t usermgr_UserMgr_getUser(rc_instance_t *inst, const char *username, usermgr_User_t **result, usermgr_UserMgrError_t **error); gets User information for a given username. Gets the user information for a given username from the name service repository based on the filter options. Arguments: inst -- RAD instance username -- Specifies the username for which the account information is to be retrieved. result error o READERROR - when unable to read user rc_err_t usermgr_UserMgr_addUser(rc_instance_t *inst, usermgr_User_t *user, const char *password, boolean_t *hashed, usermgr_User_t **result, usermgr_UserMgrError_t **error); Add user or role. Adds a user or role to the selected name service repository based on the filter options. Applies the properties set in the user object as the account, password, security attributes. Sets INVALIDDATA error when arguments are not valid. Sets PASSERROR error when password update fails. Sets READERROR error when unable to read user after successful addition of new user. Sets USEREXISTS error user already exists with same username. Arguments: inst -- RAD instance user -- user object which contains attributes of new user account to be created. password (nullable) -- password to be set for the new user account. hashed (nullable) -- true indicates password has already been hashed. result error o INVALIDDATA - when arguments are not valid. o PERMDENIED - when user is not authorized to add account o READERROR - when unable to read user after adding new user. rc_err_t usermgr_UserMgr_modifyUser(rc_instance_t *inst, usermgr_User_t *user, usermgr_UserChangeFields_t *changeFields, const char *password, boolean_t *hashed, usermgr_User_t **result, usermgr_UserMgrError_t **error); Modify user or role. Modifies users or roles present in the selected scope based on the filter options. Applies the changed fields in the user object to the user or role attributes. Sets INVALIDDATA error when arguments are not valid. Sets PASSERROR error when password update fails. Sets READERROR error when unable to read user after successful modification of user. Arguments: inst -- RAD instance user -- user object which contains user attributes to be modified. changeFields -- Indicates which fields have been modified in the user object by the client. password (nullable) -- password to be set for the new user account. hashed (nullable) -- true indicates password has already been hashed. result error o INVALIDDATA - when arguments are not valid. o INVALIDDATA - when arguments are not valid. o READERROR - when unable to read user after adding new user. rc_err_t usermgr_UserMgr_deleteUser(rc_instance_t *inst, const char *username, usermgr_UserMgrError_t **error); Delete user. Deletes user or role based on username present in the selected scope based on the filter options. Sets READERROR error on failure. Arguments: inst -- RAD instance username -- username of account that needs to be deleted. error o READERROR - when unable to read user rc_err_t usermgr_UserMgr_selectScope(rc_instance_t *inst, usermgr_ScopeType_t scope); sets the name-service repository scope. Sets the name-service repository scope. All subsequent operations will use the specified scope. Arguments: inst -- RAD instance scope -- Specifies the name-service scope to be used for managing users. rc_err_t usermgr_UserMgr_setFilter(rc_instance_t *inst, usermgr_UserType_t usertype, const char *searchstring, boolean_t *localAttrs); Sets the filter options. Sets the filter options which are used for all the subsequent operations. The options are user or role and search string. The default search string is empty string (""). Arguments: inst -- RAD instance usertype -- Specifies if users or roles will be managed. searchstring -- Specifies the string to match against user or role names to be managed. localAttrs (nullable) -- true indicates to manage file-scoped attributes instead of the account scope. rc_err_t usermgr_UserMgr_setQualifier(rc_instance_t *inst, const char *qualifier); Sets the LDAP qualifier Sets the qualifier for user_attr entries that are maintained in the LDAP scope. Arguments: inst -- RAD instance qualifier -- Specifies the string to use for match qualified user_attr entries. rc_err_t usermgr_UserMgr_isSystemLabeled(rc_instance_t *inst, boolean_t *result, usermgr_UserMgrError_t **error); Checks if System is Labeled. Checks if the Trusted Extensions feature is enabled on the system. Returns true if successful and sets Sets READERROR error on failure. Arguments: inst -- RAD instance result error o READERROR - when checking if Trusted Extensions is enabled fails. rc_err_t usermgr_UserMgr_getUserType(rc_instance_t *inst, const char *username, usermgr_UserType_t *result, usermgr_UserMgrError_t **error); Gets the user type. Checks if the user is role or normal user. Returns UserType set to role or normal user. Sets READERROR error on failure. Arguments: inst -- RAD instance username -- Specifies user name to check for user or role. result error o READERROR - when checking if Trusted Extensions is enabled fails. o INVALIDDATA - when arguments are not valid. UserMgr Retrieve rc_err_t usermgr_UserMgr__rad_get_name(adr_name_t **result, int n, ...); Obtain RAD name of a UserMgr object. Arguments: result -- RAD name n -- Number of key-value pairs provided as variadic arguments ... -- Optional key-value pairs that compose the primary key rc_err_t usermgr_UserMgr__rad_lookup(rc_conn_t *c, boolean_t strict, rc_instance_t **result, int n, ...); Lookup a UserMgr instance. Construct a RAD name for the interface based on the provided key-value pairs and perform a lookup. If successful, instance reference is returned in the result. Arguments: c -- RAD connection handle strict -- Strict (B_TRUE) or relaxed (B_FALSE) versioning result -- RAD instance n -- Number of key-value pairs provided as variadic arguments ... -- Optional key-value pairs that compose the primary key rc_err_t usermgr_UserMgr__rad_list(rc_conn_t *c, boolean_t strict, adr_pattern_scheme_t scheme, adr_name_t ***result, int *result_count, int n, ...); List RAD names of a available UserMgr instances. Returns an array and array size of matching object names. Arguments: c -- RAD connection handle strict -- Strict (B_TRUE) or relaxed (B_FALSE) versioning scheme -- Apply glob (NS_GLOB) or regex (NS_REGEX) matching result -- Array of RAD names result_count -- Number of names in result array n -- Number of key-value pairs provided as variadic arguments ... -- Optional key-value pairs that compose the primary key ENUMERATED TYPES enum UserMgrErrorType -- User Manager api error types typedef enum usermgr_UserMgrErrorType { UUMET_INVALIDDATA = 0, UUMET_USEREXISTS = 1, UUMET_PERMDENIED = 2, UUMET_READERROR = 3, UUMET_LASTADMIN = 4, UUMET_ROOTADMIN = 5, UUMET_PASSERROR = 6, } usermgr_UserMgrErrorType_t; UUMET_INVALIDDATA (0) UUMET_USEREXISTS (1) UUMET_PERMDENIED (2) UUMET_READERROR (3) UUMET_LASTADMIN (4) UUMET_ROOTADMIN (5) UUMET_PASSERROR (6) enum ScopeType -- Name service scope types typedef enum usermgr_ScopeType { UST_FILES = 0, UST_LDAP = 1, } usermgr_ScopeType_t; UST_FILES (0) UST_LDAP (1) enum UserType typedef enum usermgr_UserType { UUT_NORMAL = 0, UUT_ROLE = 1, } usermgr_UserType_t; UUT_NORMAL (0) UUT_ROLE (1) STRUCTURED TYPES struct Group -- describes a Solaris group typedef struct usermgr_Group usermgr_Group_t; struct usermgr_Group { char *ug_groupName; unsigned int ug_groupID; char **ug_groupMembers; int ug_groupMembers_count; }; void usermgr_Group_free(usermgr_Group_t *in); Fully describes a Solaris group, contains group name, group id, group members. Fields: ug_groupName -- Specifies the group name. ug_groupID -- Specifies the Gid of the group. ug_groupMembers -- Specifies the members of the group. ug_groupMembers_count struct User -- describes a Solaris user typedef struct usermgr_User usermgr_User_t; struct usermgr_User { char *uu_username; unsigned int uu_userID; unsigned int uu_groupID; char *uu_groupName; char *uu_description; char *uu_homeDirectory; char *uu_defaultShell; int uu_inactive; int uu_min; int uu_max; int uu_warn; char *uu_expire; char *uu_lockAfterRetries; char *uu_alwaysAuditFlags; char *uu_neverAuditFlags; char *uu_type; char *uu_defaultProj; char *uu_clearance; char *uu_minLabel; char *uu_roleAuth; char *uu_idleCmd; char *uu_idleTime; char *uu_accountStatus; char **uu_roles; int uu_roles_count; char **uu_profiles; int uu_profiles_count; char **uu_authProfiles; int uu_authProfiles_count; char **uu_auths; int uu_auths_count; char **uu_defaultPriv; int uu_defaultPriv_count; char **uu_limitPriv; int uu_limitPriv_count; char **uu_groups; int uu_groups_count; char **uu_alwaysAudit; int uu_alwaysAudit_count; char **uu_neverAudit; int uu_neverAudit_count; char *uu_pamPolicy; char *uu_unlockAfter; char **uu_accessTimes; int uu_accessTimes_count; char *uu_accessTZ; char *uu_tpd; char *uu_annotation; char *uu_zfsHome; }; void usermgr_User_free(usermgr_User_t *in); Fully describes a Solaris user, contains account, home directory and security attributes associated with a user. See man passwd(5), shadow(5), user_attr(5) for more info on fields. Fields: uu_username -- username for the account. uu_userID -- UID for the account. uu_groupID -- GID for the account. uu_groupName -- default group for the account. uu_description -- gecos info for the account. uu_homeDirectory -- homedirectory location for the account. uu_defaultShell -- default shell for the account. uu_inactive -- Number of inactivity days allowed for the account. uu_min -- Minimum number of days between password changes for the account. uu_max -- Maximum number of days the password is valid for the account. uu_warn -- Number of days before password expires the user is warned. uu_expire -- The date after which login will not be allowed for the account. The date format is %y-%m-%d %H:%M:%S. uu_lockAfterRetries -- Specifies whether the account is locked after failed logins execeeds the allowable limit. uu_alwaysAuditFlags -- Obsolete. Use alwaysAudit which is a list type. uu_neverAuditFlags -- Obsolete. Use neverAudit which is a list type. uu_type -- specifies whether account is role or user. uu_defaultProj -- specifies the default project for the account. uu_clearance -- Specifies the max label at which the user can operate. uu_minLabel -- Specifies the min labelthat the user can login . uu_roleAuth -- Specifies whether the account user role or user password for role authentication. uu_idleCmd -- Specifies when the desktop session for the user gets locked. uu_idleTime -- Specifies the idle time before the idlecmd is executed. uu_accountStatus -- Specifies the status of the account. uu_roles -- Specifies the roles that have been assigned to the account. uu_roles_count uu_profiles -- Specifies the profiles that have been assigned to the account. uu_profiles_count uu_authProfiles -- Specifies the authenticated profiles that have been assigned to the account. uu_authProfiles_count uu_auths -- Specifies the authorizations that have been assigned to the account. uu_auths_count uu_defaultPriv -- Specifies the default set of privileges assigned to user at login. uu_defaultPriv_count uu_limitPriv -- Specifies the maximum set of privileges the user or process started by the user can obtain. uu_limitPriv_count uu_groups -- Specifies the supplemental groups that have been assigned to the account. uu_groups_count uu_alwaysAudit -- Specifies per-user always audit pre-selection flags as a list. uu_alwaysAudit_count uu_neverAudit -- Specifies per-user never-audit pre-selection flags as list. uu_neverAudit_count uu_pamPolicy -- Specifies name of per-user PAM stack. uu_unlockAfter -- Specifies when the account is unlocked after failed logins execeeds the allowable limit. uu_accessTimes -- Specifies when services are available. uu_accessTimes_count uu_accessTZ -- Specifies the time zone for access times. uu_tpd -- Specifies whether user can access Trusted Path Domain uu_annotation -- Specifies whether session annotation is required. uu_zfsHome -- Specifies whether the user has a ZFS based home directory. [yes | no | nodelegation] struct UserChangeFields -- Keeps track of all the fields that have been changed in the user object. typedef struct usermgr_UserChangeFields usermgr_UserChangeFields_t; struct usermgr_UserChangeFields { boolean_t *uucf_gidChanged; boolean_t *uucf_groupNameChanged; boolean_t *uucf_descChanged; boolean_t *uucf_homedirChanged; boolean_t *uucf_defShellChanged; boolean_t *uucf_profilesChanged; boolean_t *uucf_authProfilesChanged; boolean_t *uucf_rolesChanged; boolean_t *uucf_authsChanged; boolean_t *uucf_defaultPrivChanged; boolean_t *uucf_limitPrivChanged; boolean_t *uucf_groupsChanged; boolean_t *uucf_lockAfterRetriesChanged; boolean_t *uucf_alwaysAuditChanged; boolean_t *uucf_neverAuditChanged; boolean_t *uucf_typeChanged; boolean_t *uucf_defaultProjChanged; boolean_t *uucf_minLabelChanged; boolean_t *uucf_roleAuthChanged; boolean_t *uucf_idleCmdChanged; boolean_t *uucf_idleTimeChanged; boolean_t *uucf_expireChanged; boolean_t *uucf_minChanged; boolean_t *uucf_maxChanged; boolean_t *uucf_warnChanged; boolean_t *uucf_uidChanged; boolean_t *uucf_accessTimesChanged; boolean_t *uucf_accessTZChanged; boolean_t *uucf_pamPolicyChanged; boolean_t *uucf_clearanceChanged; boolean_t *uucf_inactiveChanged; boolean_t *uucf_unlockAfterChanged; boolean_t *uucf_accountStatusChanged; boolean_t *uucf_tpdChanged; boolean_t *uucf_annotationChanged; boolean_t *uucf_zfsHomeChanged; }; void usermgr_UserChangeFields_free(usermgr_UserChangeFields_t *in); Keeps track of all the fields that have been changed in the user object. For every field that has been changed in the User object the respective changeField will be set to true. These field names must match the corresponding field names in the User object with the suffix "Changed" appended. Fields: uucf_gidChanged uucf_groupNameChanged uucf_descChanged uucf_homedirChanged uucf_defShellChanged uucf_profilesChanged uucf_authProfilesChanged uucf_rolesChanged uucf_authsChanged uucf_defaultPrivChanged uucf_limitPrivChanged uucf_groupsChanged uucf_lockAfterRetriesChanged uucf_alwaysAuditChanged uucf_neverAuditChanged uucf_typeChanged uucf_defaultProjChanged uucf_minLabelChanged uucf_roleAuthChanged uucf_idleCmdChanged uucf_idleTimeChanged uucf_expireChanged uucf_minChanged uucf_maxChanged uucf_warnChanged uucf_uidChanged uucf_accessTimesChanged uucf_accessTZChanged uucf_pamPolicyChanged uucf_clearanceChanged uucf_inactiveChanged uucf_unlockAfterChanged uucf_accountStatusChanged uucf_tpdChanged uucf_annotationChanged uucf_zfsHomeChanged struct UserMgrError typedef struct usermgr_UserMgrError usermgr_UserMgrError_t; struct usermgr_UserMgrError { usermgr_UserMgrErrorType_t uume_errorCode; char *uume_errmsg; }; void usermgr_UserMgrError_free(usermgr_UserMgrError_t *in); Fields: uume_errorCode uume_errmsg VERSION 1.1 ATTRIBUTES See attributes(7) for descriptions of the following attributes: +--------------------+------------------------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +--------------------+------------------------------------------+ |Availability | system/management/rad/module/rad-usermgr | +--------------------+------------------------------------------+ |Interface Stability | Private | +--------------------+------------------------------------------+ SEE ALSO rad(8) NOTES 1. Accessing Python documentation for this module: $ pydoc rad.bindings.com.oracle.solaris.rad.usermgr_1 Solaris 11.4 2020-03-05 USERMGR-1(3rad)