The AddAdmin method adds an administrator to the domain.
Syntax
The AddAdmin method has the following format:
Netegrity::PolicyMgtDomain‑>AddAdmin(admin)
Parameters
The AddAdmin method accepts the following parameter:
admin (type)
Specifies the administrator to add to the domain.
Return Value
The AddAdmin method returns one of the following values:
Remarks
Administrators can create, edit, and delete SiteMinder objects within the domain.
You cannot use the Policy Management API to create an administrator for a particular domain. However, if you use the Administrative UI to create an administrator for a domain, you can add that administrator to another domain by calling the PolicyMgtAffDomain‑>AddAdmin method.
The AddUserDir method associates a user directory with the domain.
Syntax
The AddUserDir method has the following format:
Netegrity::PolicyMgtDomain‑>AddUserDir(userDir)
Parameters
The AddUserDir method accepts the following parameter:
userDir (PolicyMgtUserDir)
Specifies the user directory to associate with the domain.
Return Value
The AddUserDir method returns one of the following values:
Remarks
During user authentication, the user's supplied credentials are checked against the credentials stored in this user directory.
The directory object is appended to the end of the search order. To change the search order, call the PolicyMgtAffDomain‑>SetUserDirSearchOrder method.
The CreatePolicy method creates and configures a policy in the domain.
Syntax
The CreatePolicy method has the following format:
Netegrity::PolicyMgtDomain‑>CreatePolicy(policyName [, policyDesc] [, enableFlag] [, activeExpr])
Parameters
The CreatePolicy method accepts the following parameters:
policyName (string)
Specifies the name of the policy.
policyDesc (string)
(Optional) Specifies the description of the policy.
enableFlag (int)
(Optional) Specifies whether to enable (1) or disable (0) the policy. Default is enabled.
activeExpr (string)
(Optional) Specifies the active expression of the policy.
Return Value
The CreatePolicy method returns one of the following values:
The CreateRealm method creates and configures a top-level realm in the domain.
Syntax
The CreateRealm method has the following format:
Netegrity::PolicyMgtDomain‑>CreateRealm(realmName, agent, authScheme [, realmDesc] [, resFilter] [, procAuthEvents] [, procAzEvents] [, protectAll] [, maxTimeout] [, idleTimeout] [, syncAudit] [, azUserDir] [, regScheme])
Parameters
The CreateRealm method accepts the following parameters:
realmName (string)
Specifies the name of the realm.
agent (PolicyMgtAgent)
Specifies the agent or agent group that protects the realm.
authScheme (PolicyMgtAuthScheme)
Specifies the authentication scheme to associate with the realm.
realmDesc (string)
(Optional) Specifies the realm description.
resFilter (string)
(Optional) Specifies the resource filter for the realm.
procAuthEvents (int)
(Optional) Specifies whether to process authentication events -- 1 to enable or 0 to disable. Default is enabled. Authentication event processing affects performance. If no rules in the realm are to be triggered by authentication events, set this flag to 0.
procAzEvents (int)
(Optional) Specifies whether to process authorization events -- 1 to enable or 0 to disable. Default is enabled. Authorization event processing affects performance. If no rules in the realm are to be triggered by authorization events, set this flag to 0.
protectAll (int)
(Optional) Specifies whether to activate default resource protection -- 1 to enable or 0 to disable. Default is enabled.
maxTimeout (int)
(Optional) Specifies the maximum time, in seconds, a user can access the realm before re-authentication is required. Default is 7200 (2 hours).
idleTimeout (int)
(Optional) Specifies the maximum time, in seconds, a user can remain inactive in the realm before re-authentication is required. Default is 3600 (1 hour).
syncAudit (int)
(Optional) Specifies lag for enabling synchronous auditing -- 1 to enable or 0 to disable. When this flag is enabled, SiteMinder logs Policy Server and agent actions before it allows access to resources. Default is disabled.
azUserDir (PolicyMgtUserDir)
(Optional) Specifies The directory where users in the realm will be authorized. Default is the default directory.
regScheme (type)
(Optional) Specifies the registration scheme used to register new users accessing resources in the realm.
Return Value
The CreateRealm method returns one of the following values:
Remarks
This method creates a realm that is configured for non-persistent sessions. To configure the realm for SiteMinder 5.0 persistent sessions, edit the realm in the Administrative UI.
Note: The Policy Management API only manipulates realms that are direct descendants of the object whose method has been called, as follows:
The CreateResponse method creates a response.
Syntax
The CreateResponse method has the following format:
Netegrity::PolicyMgtDomain‑>CreateResponse(resName, agentType [, resDesc])
Parameters
The CreateResponse method accepts the following parameters:
resName (string)
Specifies the name of the response.
agentType (PolicyMgtAgentType)
Specifies the agent type associated with the response. Call the PolicyMgtSession‑>GetAgentType method to get the agent type object.
resDesc (string)
(Optional) Specifies the description of the response.
Return Value
The CreateResponse method returns one of the following values:
Remarks
The agent returns responses based on certain events. For example, if an unauthorized user attempts to access a protected Web page, a response can redirect the user to an HTML page that displays an appropriate message.
The CreateResponseGroup method creates a response group for the domain.
Syntax
The CreateResponseGroup method has the following format:
Netegrity::PolicyMgtDomain‑>CreateResponseGroup(groupName, agentType, [, groupDesc])
Parameters
The CreateResponseGroup method accepts the following parameters:
groupName (string)
Specifies the name of the group.
agentType (PolicyMgtAgentType)
Specifies the agent type associated with this response group. Call the PolicyMgtSession‑>GetAgentType method to get the agent type object.
groupDesc (string)
(Optional) Specifies the description of the group.
Return Value
The CreateResponseGroup method returns one of the following values:
The CreateRuleGroup method creates a rule group for the domain.
Syntax
The CreateRuleGroup method has the following format:
Netegrity::PolicyMgtDomain‑>CreateRuleGroup(groupName, agentType [, groupDesc])
Parameters
The CreateRuleGroup method accepts the following parameters:
groupName (string)
Specifies the name of the group.
agentType (PolicyMgtAgentType)
Specifies the agent type associated with this rule group. Call the PolicyMgtSession‑>GetAgentType method to get the agent type object.
groupDesc (string)
(Optional) Specifies the description of the group.
Return Value
The CreateRuleGroup method returns one of the following values:
The DeleteGroup method deletes the specified group in the domain.
Syntax
The DeleteGroup method has the following format:
Netegrity::PolicyManagementDomain‑>DeleteGroup(group)
Parameters
The DeleteGroup method accepts the following parameter:
group (PolicyMgrGroup)
Specifies the group to delete.
Return Value
The DeleteGroup method returns one of the following values:
The DeletePolicy method deletes a policy.
Syntax
The DeletePolicy method has the following format:
Netegrity::PolicyMgtDomain‑>DeletePolicy(policy)
Parameters
The DeletePolicy method accepts the following parameter:
policy (PolicyMgtPolicy)
Specifies the policy to delete.
Return Value
The DeletePolicy method returns one of the following values:
The DeleteRealm method deletes a top-level realm in the domain.
Syntax
The DeleteRealm method has the following format:
Netegrity::PolicyMgtDomain‑>DeleteRealm(realm)
Parameters
The DeleteRealm method accepts the following parameter:
realm (PolicyMgtRealm)
Specifies the realm to delete.
Return Value
The DeleteRealm method returns one of the following values:
The DeleteResponse method deletes a response.
Syntax
The DeleteResponse method has the following format:
Netegrity::PolicyMgtDomain‑>DeleteResponse(response)
Parameters
The DeleteResponse method accepts the following parameter:
response (PolicyMgtResponse)
Specifies the response to delete.
Return Value
The DeleteResponse method returns one of the following values:
The Description method sets or retrieves the description of the domain.
Syntax
The Description method has the following format:
Netegrity::PolicyMgtDomain‑>Description([domainDesc])
Parameters
The Description method accepts the following parameter:
domainDesc (string)
(Optional) Specifies the description to set.
Return Value
The Description method returns one of the following values:
The GetAllPolicies method retrieves all policies associated the domain.
Syntax
The GetAllPolicies method has the following format:
Netegrity::PolicyMgtDomain‑>GetAllPolicies( )
Parameters
The GetAllPolicies method accepts no parameters.
Return Value
The GetAllPolicies method returns one of the following values
The GetAllRealms method Retrieves all top-level realms in the domain.
Syntax
The GetAllRealms method has the following format:
Netegrity::PolicyMgtDomain‑>GetAllRealms( )
Parameters
The GetAllRealms method accepts no parameters.
Return Value
The GetAllRealms method returns one of the following values
Remarks
To retrieve all top-level realms under a realm, call the PolicyMgtRealm‑>GetAllChildRealms method.
The GetAllResponseGroups method retrieves all of the response groups associated with the domain.
Syntax
The GetAllResponseGroups method has the following format:
Netegrity::PolicyMgtDomain‑>GetAllResponseGroups( )
Parameters
The GetAllResponseGroups method accepts no parameters.
Return Value
The GetAllResponseGroups method returns one of the following values
The GetAllResponses method retrieves all responses associated with the domain.
Syntax
The GetAllResponses method has the following format:
Netegrity::PolicyMgtDomain‑>GetAllResponses()
Parameters
The GetAllResponses method accepts no parameters.
Return Value
The GetAllResponses method returns one of the following values
The GetAllRuleGroups method retrieves all rule groups associated with the domain.
Syntax
The GetAllRuleGroups method has the following format:
Netegrity::PolicyMgtDomain‑>GetAllRuleGroups( )
Parameters
The GetAllRuleGroups method accepts no parameters.
Return Value
The GetAllRuleGroups method returns one of the following values:
The GetPolicy method retrieves a policy in the domain.
Syntax
The GetPolicy method has the following format:
Netegrity::PolicyMgtDomain‑>GetPolicy(policyName)
Parameters
The GetPolicy method accepts the following parameter:
policyName (string)
Specifies the policy to retrieve.
Return Value
The GetPolicy method returns one of the following values
The GetRealm method retrieves a top-level realm in the domain.
Syntax
The GetRealm method has the following format:
Netegrity::PolicyMgtDomain‑>GetRealm(realmName)
Parameters
The GetRealm method accepts the following parameter:
realmName (string)
Specifies the realm to retrieve.
Return Value
The GetRealm method returns one of the following values:
The GetResponse method retrieves a response associated with the domain.
Syntax
The GetResponse method has the following format:
Netegrity::PolicyMgtDomain‑>GetResponse(resName)
Parameters
The GetResponse method accepts the following parameter:
resName (string)
Specifies the response to retrieve.
Return Value
The GetResponse method returns one of the following values:
The GetResponseGroup method retrieves the specified response group.
Syntax
The GetResponseGroup method has the following format:
Netegrity::PolicyMgtDomain‑>GetResponseGroup(groupName)
Parameters
The GetResponseGroup method accepts the following parameter:
groupName (string)
Specifies the name of the response group to retrieve.
Return Value
The GetResponseGroup method returns one of the following values:
The GetRuleGroup method retrieves the specified rule group.
Syntax
The GetRuleGroup method has the following format:
Netegrity::PolicyMgtDomain‑>GetRuleGroup(groupName)
Parameters
The GetRuleGroup method accepts the following parameter:
groupName (string)
Specifies the name of the group to retrieve.
Return Value
The GetRuleGroup method returns one of the following values:
The GetUserDirSearchOrder method retrieves user directory objects associated with the domain.
Syntax
The GetUserDirSearchOrder method has the following format:
Netegrity::PolicyMgtDomain‑>GetUserDirSearchOrder( )
Parameters
The GetUserDirSearchOrder method accepts no parameters:
Return Value
The GetUserDirSearchOrder method returns one of the following values:
Remarks
The order of the returned objects is the same order that SiteMinder uses when querying the directories. To change the search order, call the PolicyMgtAffDomain‑>SetUserDirSearchOrder method.
The GlobalPoliciesApply method sets or retrieves the flag indicating whether the domain is enabled for global policies. If the domain is enabled for global policies, both global and domain-specific policies can apply to the domain.
Syntax
The GlobalPoliciesApply method has the following format:
Netegrity::PolicyMgtDomain‑>GlobalPoliciesApply([globalFlag])
Parameters
The GlobalPoliciesApply method accepts the following parameter:
globalFlag (int)
(Optional) Specifies whether to enable the domain for global polices:
Return Value
The GlobalPoliciesApply method returns one of the following values:
The Name method sets or retrieves the domain name.
Syntax
The Name method has the following format:
Netegrity::PolicyMgtDomain‑>Name([domainName])
Parameters
The Name method accepts the following parameter:
domainName (string)
(Optional) Specifies the name to assign to the domain.
Return Value
The Name method returns one of the following values:
The RemoveAdmin method disassociates an administrator from the domain.
Syntax
The RemoveAdmin method has the following format:
Netegrity::PolicyMgtDomain‑>RemoveAdmin(admin)
Parameters
The RemoveAdmin method accepts the following parameter:
admin (PolicyMgtAdmin)
Specifies the administrator to remove from the domain.
Return Value
The RemoveAdmin method returns one of the following values:
Remarks
See also the PolicyMgtSession‑>DeleteAdmin method to delete an administrator from the policy store.
You cannot use the Policy Management API to create an administrator for a particular domain. However, if an administrator is associated with a domain either through the Administrative UI or the PolicyMgtAffDomain‑>AddAdmin method, you can remove that administrator from the domain by calling the RemoveAdmin method.
The RemoveUserDir method disassociates the user directory from the domain.
Syntax
The RemoveUserDir method has the following format:
Netegrity::PolicyMgtDomain‑>RemoveUserDir(userDir)
Parameters
The RemoveUserDir method accepts the following parameter:
userDir (PolicyMgtUserDir)
Specifies the user directory to disassociate from the domain.
Return Value
The RemoveUserDir method returns one of the following values:
The SetUserDirSearchOrder method rearranges the search order of the user directory objects associated with the domain.
Syntax
The SetUserDirSearchOrder method has the following format:
Netegrity::PolicyMgtDomain‑>SetUserDirSearchOrder(dirArray)
Parameters
The SetUserDirSearchOrder method accepts the following parameter:
dirArray ()
Specifies a reference to an array of user directory objects (for example: \@myarray).
Return Value
The SetUserDirSearchOrder method returns one of the following values:
Copyright © 2014 CA.
All rights reserved.
|
|