Chat now with support
Chat mit Support

Privilege Manager for Unix 7.2.1 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

syslog

Syntax
syslog ( string format [, expression expr, ...])
Description

syslog sends a formatted message to syslog as a LOG_INFO message.

For more information about configuring syslog messages, see the syslog(3) man page.

Example
syslog("Accepted request from %s@%s", user, submithost);

LDAP functions

These are the built-in LDAP functions available to use within the pmpolicy file.

Table 37: LDAP functions
Name Description
ldap_ bind Bind an LDAP connection to the given credentials.
ldap_count_entries Count the number of entries returned by ldap_search.
ldap_dn2ufn Convert a DN to a user-friendly format.
ldap_explode_dn Return the elements of a DN.
ldap_first_attribute Obtain the first attribute in an LDAP entry.
ldap_first_entry Obtain the first entry returned by ldap_search.
ldap_get_attributes Return all attribute names in an LDAP entry.
ldap_get_dn Return the DN of an entry.
ldap_get_values Return a list of the values for an attribute.
ldap_next_attribute Return the next attribute in an LDAP entry.
ldap_next_entry Return the next entry returned by ldap_search.
ldap_open Open a connection to an LDAP server.
ldap_search Search the LDAP directory.

ldap_unbind

Close the LDAP connection.

ldap_ bind

Syntax
int ldap_bind(integer ldapid, string userdn [, string password [, boolean trace]] )
Description

ldap_ bind binds an LDAP connection to the specified credentials. The LDAP ID must be a valid LDAP connection ID returned by ldap_open. You can require an optional password.

If the optional trace parameter is set to true, any errors or warnings from the LDAP function are written to stdout.

If successful, it returns 0; otherwise it returns non-zero or an undefined variable.

Example
rc=ldap_bind(ldapid, "cn=admin", "Secretpassword"); 
if ((!defined rc) || (rc != 0)) 
{ 
   reject "Bind to ldap directory failed"; 
}

ldap_count_entries

Syntax
int ldap_count_entries(int ldapid, ldapresult searchresult[, boolean trace] )
Description

ldap_count_entries returns the number of LDAP entries found by a previous call to ldap_search.

If the optional trace parameter is set to true, any errors or warnings from the LDAP function are written to stdout.

Example
# search for all Users at base level 
searchresults= ldap_search( ldapid, 'ou=Users,dn=ldap,dn=domain,dn=com', 
   'onelevel', '(objectClass=*)' ); 
if (ldap_count_entries(ldapid, searchresults) == 0) 
{ 
   reject "Found no users"; 
}
Related Topics

ldap_dn2ufn

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen