These are the built-in password functions available to use within the pmpolicy file.
Name | Description |
---|---|
getgrouppasswd | Request a name and password of someone in the specified group on the policy server or agent. |
getstringpasswd | Request a password from the user to match one generated using pmpasswd. |
Request a user’s password on the policy server or agent. |
int getgrouppasswd ( string group [, int attempts])
The getgrouppasswd function prompts you for a user name in the user group group on the policy server and then prompts for that user’s password and authenticates the user on the policy server. The user may try up to attempts times to correctly enter the password before the function exits. The default number of allowed attempts is 3.
By default, this function authenticates the user on the policy server. Set the value of getpasswordfromrun in pm.settings to yes to authenticate the user on the client instead.
Returns true if the user successfully authenticates on the policy server, otherwise returns false if the user fails to authenticate after attempts tries.
if (getgrouppasswd("admin", 2) == false) { reject; }
int getstringpasswd ( string password [, string prompt] [, int attempts] )
getstringpasswd prompts you for a "code word" which has been encrypted using the pmpasswd program and specified in the configuration file. You can also specify an optional prompt, which defaults to "Password:". And, you can specify the number of attempts to allow; the default is 3.
Returns true if the user enters the correct codeword; otherwise false.
if (getstringpasswd("GhDByC9JGIRFI", "Enter password now: ", 4) == false) { reject ; }
int getuserpasswd ( int user [, string prompt] [, int attempts] )
getuserpasswd prompts the specified user for a password. You can specify an optional prompt, which defaults to "Password:". And you can specify the number of attempts to allow; the default is 3.
By default, this function authenticates the user on the policy server. Set the value of getpasswordfromrun in pm.settings to yes to authenticate the user on the client instead.
Returns true if the user enters the correct codeword; otherwise false.
if (getuserpasswd("admin", "Password: ", 1) == false ) { reject; }
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center