next up previous contents
Next: About this document ... Up: Functions Previous: kadm5_free_key_data   Contents

kadm5_get_privs

kadm5_ret_t
kadm5_get_privs(void *server_handle, u_int32 *privs);

Return the caller's admin server privileges in the integer pointed to by the argument. The Admin API does not define any way for a principal's privileges to be set. Note that this function will probably be removed or drastically changed in future versions of this system.

The returned value is a bitmask indicating the caller's privileges:

Privilege Symbol Value
Get KADM5_PRIV_GET 0x01
Add KADM5_PRIV_ADD 0x02
Modify KADM5_PRIV_MODIFY 0x04
Delete KADM5_PRIV_DELETE 0x08
List KADM5_PRIV_LIST 0x10
Changepw KADM5_PRIV_CPW 0x20

There is no guarantee that a caller will have a privilege indicated by this function for any length of time or for any particular target; applications using this function must still be prepared to handle all possible KADM5_AUTH_* error codes.

In the initial MIT Kerberos version of the admin server, permissions depend both on the caller and the target; this function returns a bitmask representing all privileges the caller can possibly have for any possible target.


next up previous contents
Next: About this document ... Up: Functions Previous: kadm5_free_key_data   Contents
Autobuild 2009-09-05