|
|
|
The SiteMinder Policy Server calls SmDirAddMemberToRole() so that you can assign a role to a user or to a group.
For example, in Oracle, a role is a set of object or system privileges that can be granted to a user. A group is a set of users. If you want everyone that performs collections to be able to update the AR table and select from the CUSTOMER table, you could create a role named COLLECTIONS. You could then assign the COLLECTIONS role to each of the individual users who perform collections, or even to a group such as Accounts Receivable.
If you want to add either a user or group to an existing group, use SmDirAddMemberToGroup(). The difference between a group and a role is defined by the provider of the custom directory.
For some providers, there will be no difference between a role and a group.
Syntax
int SM_EXTERN SmDirAddMemberToRole ( const Sm_Api_Context_t* lpApiContext, void* pHandle, void* pInstanceHandle, const char* lpszMemberDN, const char* lpszRoleDN );
|
Parameter |
I/O |
Description |
|---|---|---|
|
lpApiContext |
I |
Pointer to the API context structure. |
|
pHandle |
I |
The address of the pointer returned by SmDirInit(). |
|
pInstanceHandle |
I |
The address of a pointer to the directory instance handle. |
|
lpszMemberDN |
I |
Buffer containing the distinguished name for the user or group being added to the existing role. |
|
lpszRoleDN |
I |
Buffer containing the distinguished name for the role to which the member is being added. |
Returns
Returns 0 if successful or -1 if not successful.
Remarks
This function is called when Delegated Management Services is used to assign a role to a user or a group.
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |