Use SmDirValidateUserPolicyRelationship() to validate the relationship between policy objects. Determine whether the user distinguished name has the specified relationship to the policy distinguished name. The relationship is passed in through nPolicyResolution.
For example:
Syntax
int SM_EXTERN SmDirValidateUserPolicyRelationship ( const Sm_Api_Context_t* lpApiContext, void* pHandle, void* pInstanceHandle, const char* lpszUserDN, const Sm_PolicyResolution_t nPolicyResolution, const int bRecursive, const char* lpszPolicyDN, const char* lpszPolicyClass );
Parameter |
I/O |
Description |
---|---|---|
lpApiContext |
I |
Pointer to the API context structure. |
pHandle |
I |
The address of the pointer returned by SmDirInit(). |
pInstanceHandle |
I |
The address of a pointer to the user instance handle. |
lpszUserDN |
I |
Buffer containing the user DN for which you must validate the relationship. |
nPolicyResolution |
I |
The relationship between the user distinguished name and the policy distinguished name should match what is specified in nPolicyResolution. Specific policy resolutions are enumerated in Sm_PolicyResolution_t. For more information on Sm_PolicyResolution_t see Sm_PolicyResolution_t. |
bRecursive |
I |
Whether the directory supports recursion (for example, nested groups). Suppose that the value of nPolicyResolution is Sm_PolicyResolution_UserGroup, the User DN is Bill Collector, and the Policy DN is Accounting. If your custom directory supports recursion, you will need to search down any hierarchy of groups to find the user. Bill Collector may be in a group called AR, which may be in the group Accounting. |
lpszPolicyDN |
I |
Distinguished names of the object, such as users, groups or roles, bound to the policy. |
lpszPolicyClass |
I |
Class of the object named in lpszPolicyDN. For example, the class could be Group. |
Returns
Returns 0 if successful or -1 if not successful.
Copyright © 2014 CA.
All rights reserved.
|
|