next up previous contents
Next: kadm5_delete_policy Up: Functions Previous: kadm5_get_principals   Contents

kadm5_create_policy

kadm5_ret_t
kadm5_create_policy(void *server_handle,
                         kadm5_policy_ent_t policy, u_int32 mask);

Create a new policy.

AUTHORIZATION REQUIRED: add

  1. Check to see if mask is valid, if not return KADM5_BAD_MASK error.
  2. Return KADM5_BAD_POLICY if the policy name contains illegal characters.

  3. Check to see if the policy already exists, if so return KADM5_DUP error.
  4. If the PW_MIN_CLASSES bit is set and pw_min_classes is not 1, 2, 3, 4, or 5, return KADM5_BAD_CLASS.
  5. Create a new policy setting the appropriate fields determined by the mask.

RETURN CODES:

KADM5_DUP
Policy already exists
KADM5_BAD_MASK
The mask is not valid for a create operation.
KADM5_BAD_CLASS
The specified number of character classes is invalid.
KADM5_BAD_POLICY
The policy name contains illegal characters.



Autobuild 2009-09-05