Next: kadm5_delete_policy
Up: Functions
Previous: kadm5_get_principals
Contents
kadm5_ret_t
kadm5_create_policy(void *server_handle,
kadm5_policy_ent_t policy, u_int32 mask);
Create a new policy.
AUTHORIZATION REQUIRED: add
- Check to see if mask is valid, if not return KADM5_BAD_MASK error.
- Return KADM5_BAD_POLICY if the policy name contains illegal
characters.
- Check to see if the policy already exists, if so return
KADM5_DUP error.
- If the PW_MIN_CLASSES bit is set and pw_min_classes is not 1, 2,
3, 4, or 5, return KADM5_BAD_CLASS.
- Create a new policy setting the appropriate fields determined
by the mask.
RETURN CODES:
- KADM5_DUP
- Policy already exists
- KADM5_BAD_MASK
- The mask is not valid for a create
operation.
- KADM5_BAD_CLASS
- The specified number of character classes
is invalid.
- KADM5_BAD_POLICY
- The policy name contains illegal characters.
Autobuild
2009-09-05