Next: kadm5_get_policy
Up: Functions
Previous: kadm5_delete_policy
Contents
kadm5_ret_t
kadm5_modify_policy(void *server_handle,
kadm5_policy_ent_t policy, u_int32 mask);
Modify an existing policy. Note that modifying a policy has no affect
on a principal using the policy until the next time the principal's
password is changed.
AUTHORIZATION REQUIRED: modify
- Return KADM5_BAD_POLICY if the policy name contains illegal
characters.
- Check to see if mask is legal, if not return KADM5_BAD_MASK error.
- Check to see if policy exists, if not return
KADM5_UNK_POLICY error.
- If the PW_MIN_CLASSES bit is set and pw_min_classes is not 1, 2,
3, 4, or 5, return KADM5_BAD_CLASS.
- Update the fields specified in the mask.
RETURN CODES:
- KADM5_BAD_POLICY
- The policy name contains illegal characters.
- KADM5_UNK_POLICY
- Policy not found.
- KADM5_BAD_MASK
- The mask is not valid for a modify
operation.
- KADM5_BAD_CLASS
- The specified number of character classes
is invalid.
Autobuild
2006-06-16