next up previous contents
Next: kadm5_get_policy Up: Functions Previous: kadm5_delete_policy   Contents

kadm5_modify_policy

kadm5_ret_t
kadm5_modify_policy(void *server_handle,
                         kadm5_policy_ent_t policy, u_int32 mask);

Modify an existing policy. Note that modifying a policy has no affect on a principal using the policy until the next time the principal's password is changed.

AUTHORIZATION REQUIRED: modify

  1. Return KADM5_BAD_POLICY if the policy name contains illegal characters.
  2. Check to see if mask is legal, if not return KADM5_BAD_MASK error.
  3. Check to see if policy exists, if not return KADM5_UNK_POLICY error.
  4. If the PW_MIN_CLASSES bit is set and pw_min_classes is not 1, 2, 3, 4, or 5, return KADM5_BAD_CLASS.
  5. Update the fields specified in the mask.

RETURN CODES:

KADM5_BAD_POLICY
The policy name contains illegal characters.
KADM5_UNK_POLICY
Policy not found.
KADM5_BAD_MASK
The mask is not valid for a modify operation.
KADM5_BAD_CLASS
The specified number of character classes is invalid.



Autobuild 2006-06-16