Type string READONLY
The Active Directory domain name for the submit user if Authentication Services is configured and the client is able to determine the domain name. Otherwise this variable is set to an empty string.
# reject if the user is not in the uxwheel AD group if (vas_user_is_member(samaccount, "uxwheel", domainname) == false) reject "user is not in uxwheel group";
Type list READONLY
env contains the list of environment variables configured in the environment where the submit user submitted the request.
index=search(env, "APPL_HOME"); if (index > -1) { aval=env[index]; if (dirname(aval ) != "/usr") { printf("You are not permitted to run this application from:%s\n", dirname(aval)); } }
Type integer READONLY
false contains the constant value 0.
adminusers = {"dan","robyn","cory"}; if ((user in adminusers) == false) reject;
Type integer READONLY
Read-only constant used with the feature_enabled() function to determine whether LDAP features are available on a particular policy server.
if (!feature_enabled(FEATURE_LDAP) print("LDAP support is not available on this policy server");
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy