The CreateDataManager method creates a data manager object. The data manager is responsible for exporting and importing all policy store objects. The data manager object specifies the temporary files used in the import and export operations.
If objects are exported to one set of temporary files and imported from another set of temporary files, then two instances of the data manager are required. However, if objects are exported to and imported from the same set of temporary files, only one instance of the data manager is required. For more information, see the methods PolicyMgtDataMgr‑>Export and PolicyMgtDataMgr‑>Import.
Note: To migrate policy store objects from one version of SiteMinder to another, you must use the SiteMinder tools smobjexport and smobjimport. For more information, see the Policy Server Installation Guide.
Syntax
The CreateDataManager method has the following format:
Netegrity::PolicyMgtSession‑>CreateDataManager([difFileName][, cfgFileName][, fileOverwriteFlag])
Parameters
The CreateDataManager method accepts the following parameters:
difFileName (string)
(Optional) Specifies the filename and optional path of the temporary file that stores the policy store data.
Default: migration.smdif
Note: The data is stored in the SiteMinder Data Interchange Format (DIF), the standard for sharing data between policy stores.
cfgFileName (string)
(Optional) Specifies the filename and optional path of the configuration file.
Default: migration.cfg.
Note: The configuration file is a text file that stores information needed for the export and import operations, such as the IP address, redirection URLs, shared secrets, and logging settings. This information is separated by tabs and can be copied to a Microsoft Excel spreadsheet.
fileOverwriteFlag (int)
(Optional) Specifies whether to overwrite existing objects in the temporary file in an export operation:
Specifies that the export objects overwrite all existing objects in the temporary file.
Specifies that the existing objects in the temporary file are not overwritten and that any new export objects are added to the temporary file.
Return Value
The CreateDataManager method returns one of the following values:
The CreateDomain method creates a policy domain object.
Syntax
The CreateDomain method has the following format:
Netegrity::PolicyMgtSession‑>CreateDomain(domName[, domDesc][, globalPoliciesApply])
Parameters
The CreateDomain method accepts the following parameters:
domName (string)
Specifies the name of the domain.
domDesc (string)
(Optional) Specifies the description of the domain.
globalPoliciesApply (int)
(Optional) Specifies whether the domain can accept global policies:
Specifies that the domain can accept global policies.
Specifies that the domain cannot accept global policies.
Return Value
The CreateDomain method returns one of the following values:
The CreateExactCertMap method creates a certificate map object whose Subject DN attributes match the corresponding user directory attributes exactly. When the certificate map object is created, the following flags are set to FALSE:
Note: To change the value of this flag, call the method PolicyMgtCertMap‑>CertRequired.
Note: To change the value of this flag, call the method PolicyMgtCertMap‑>UseDistributionPoints.
Note: To change the value of this flag, call the method PolicyMgtCertMap‑>VerifySignature.
Note: To change the value of this flag, call the method PolicyMgtCertMap‑>EnableCRL.
Note: To change the value of this flag, call the method PolicyMgtCertMap‑>CacheCRL.
Syntax
The CreateExactCertMap method has the following format:
Netegrity::PolicyMgtSession‑>CreateExactCertMap(IssuerDN[, DirectoryType])
Parameters
The CreateExactCertMap method accepts the following parameters:
IssuerDN (string)
Specifies the distinguished name of the certificate issuer.
DirectoryType (int)
(Optional) Specifies one of the following user directory types used for authentication:
Return Value
The CreateExactCertMap method returns one of the following values:
The CreateGlobalPolicy method creates a policy that has a global scope.
Syntax
The CreateGlobalPolicy method has the following format:
Netegrity::PolicyMgtSession‑>CreateGlobalPolicy(policyName[, enableFlag][, activeExpr][, policyDesc])
Parameters
The CreateGlobalPolicy method accepts the following parameters:
policyName (string)
Specifies the global policy's name.
enableFlag (type)
(Optional) Specifies whether to enable the global policy:
Specifies that the global policy is enabled.
Specifies that the global policy is disabled.
activeExpr (string)
(Optional) Specifies ...
policyDesc (string)
(Optional) Specifies the global policy's description.
Return Value
The CreateGlobalPolicy method returns one of the following values:
The CreateGlobalResponse method creates a response that has a global scope.
Syntax
The CreateGlobalResponse method has the following format:
Netegrity::PolicyMgtSession‑>CreateGlobalResponse(respName, agentType[, respDesc])
Parameters
The CreateGlobalResponse method accepts the following parameters:
respName (string)
Specifies the global response's name.
agentType (PolicyMgtAgentType object)
Specifies the type of agent associated with the global response.
Note: To retrieve the agent type object, call the method PolicyMgtSession‑>GetAgentType.
respDesc (string)
(Optional) Specifies the global response's description.
Return Value
The CreateGlobalResponse method returns one of the following values:
The CreateGlobalResponseGroup method creates a rule group that is specific to a particular domain.
Syntax
The CreateGlobalResponseGroup method has the following format:
Netegrity::PolicyMgtSession‑>CreateGlobalResponseGroup(groupName, agentType, domain)
Parameters
The CreateGlobalResponseGroup method accepts the following parameters:
groupName (string)
Specifies the global rule group name.
agentType (PolicyMgtAgentType)
Specifies the type of agent.
domain (PolicyMgtDomain)
Specifies the domain for which the rule group applies.
Return Value
The CreateGlobalResponseGroup method returns one of the following values:
The CreateGlobalRule method creates a rule that has a global scope.
Syntax
The CreateGlobalRule method has the following format:
Netegrity::PolicyMgtSession‑>CreateGlobalRule(ruleName, resource, event, agent[, ruleDesc][, allowAccess][, regexMatch][, activeExpr][, isEnabled])
Parameters
The CreateGlobalRule method accepts the following parameters:
ruleName (string)
Specifies the global rule's name.
resource (string)
Specifies the filter for the resource that the global rule is protecting.
event (string)
Specifies the type of event that the global rule is executing.
agent (PolicyMgtAgent | PolicyMgtGroup)
Specifies the agent or agent group associated with the global rule.
ruleDesc (string)
(Optional) Specifies the global rule's description.
allowAccess (int)
(Optional) Specifies whether to allow or deny access to the resource protected by the rule:
Specifies allowing access.
Specifies denying access.
regexMatch (int)
(Optional) Specifies whether to perform regular expression pattern matching:
Specifies performing regular expression pattern matching.
Specifies not performing regular expression pattern matching.
activeExpr (string)
(Optional) Specifies the global rule's active expression.
isEnabled (int)
(Optional) Specifies whether to enable or disable the global rule:
Specifies that the global rule is enabled.
Specifies that the global rule is disabled.
Return Value
The CreateGlobalRule method returns one of the following values:
The CreateGlobalRuleGroup method creates a rule group that is specific to a particular domain.
Syntax
The CreateGlobalRuleGroup method has the following format:
Netegrity::PolicyMgtSession‑>CreateGlobalRuleGroup(groupName, agentType, domain)
Parameters
The CreateGlobalRuleGroup method accepts the following parameters:
groupName (string)
Specifies the global rule group name.
agentType (PolicyMgtAgentType)
Specifies the type of agent.
domain (PolicyMgtDomian)
Specifies the domain for which the rule group applies.
Return Value
The CreateGlobalRuleGroup method returns one of the following values:
The CreateHostConfig method creates a host configuration object.
Syntax
The CreateHostConfig method has the following format:
Netegrity::PolicyMgtSession‑>CreateHostConfig(hostConfigName[, hostConfDesc][, enableFailover][, maxSocketsPerPort][, minSocketsPerPort][, newSocketstep][, requestTimeout])
Parameters
The CreateHostConfig method accepts the following parameters:
hostConfigName (string)
Specifies the name of the host configuration object.
hostConfDesc (string)
(Optional) Specifies the description of the host configuration object.
enableFailover (int)
(Optional) Specifies whether to use failover or round-robin communication between the Policy Server and the agent:
Specifies failover communication.
Specifies round-robin communication.
maxSocketsPerPort (int)
(Optional) Specifies the maximum number of TCP/IP sockets that can be opened between an agent and the Policy Server.
minSocketsPerPort (int)
(Optional) Specifies the minimum number of TCP/IP sockets that can be opened between an agent and the Policy Server.
newSocketstep (int)
(Optional) Specifies how many sockets to open when additional sockets are required.
requestTimeout (int)
(Optional) Specifies how long, in seconds, an agent can wait for a response from the Policy Server.
Return Value
The CreateHostConfig method returns one of the following values:
The CreateODBCQueryScheme method creates and configures an ODBC query scheme. ODBC query schemes are also called SQL query schemes.
Note: Create a unique data source for each ODBC query scheme.
Syntax
The CreateODBCQueryScheme method has the following format:
Netegrity::PolicyMgtSession‑>CreateODBCQueryScheme(schemeName[, schemeDesc][, queryEnumerate][, queryGetObjInfo][, queryLookup][, queryInitUser][, queryAuthenticateUser][, queryGetUserProp][, querySetUserProp][, queryGetUserProps][, queryLookupUser][, queryGetGroups][, queryIsGroupMember][, queryGetGroupProp][, querySetGroupProp][, queryGetGroupProps][, queryLookupGroup][, querySetPassword])
Parameters
The CreateODBCQueryScheme method accepts the following parameters:
schemeName (string)
Specifies the ODBC query scheme's name.
schemeDesc (string)
(Optional) Specifies the ODBC query scheme's description.
queryEnumerate (string)
(Optional) Specifies a query that lists the names of user objects in the directory.
Note: For more information, see the method PolicyMgtODBCQueryScheme‑>QueryEnumerate.
queryGetObjInfo (string)
(Optional) Specifies a query that fetches the object's class.
Note: For more information, see the method PolicyMgtODBCQueryScheme‑>QueryGetObjInfo.
queryLookup (string)
(Optional) Specifies a query that returns objects based on the value of an attribute in a group table.
Note: For more information, see the method PolicyMgtODBCQueryScheme‑>QueryLookup.
queryInitUser (string)
(Optional) Specifies a query that determines if a user with a given name exists in the database.
Note: For more information, see the method PolicyMgtODBCQueryScheme‑>QueryInitUser.
queryAuthenticateUser (string)
(Optional) Specifies a query that retrieves the user's password.
Note: For more information, see the method PolicyMgtODBCQueryScheme‑>QueryAuthenticateUser.
queryGetUserProp (string)
(Optional) Specifies a query that retrieves the value of a user property.
Note: The property must be listed in the queryGetUserProps parameter string. For more information, see the method PolicyMgtODBCQueryScheme‑>QueryGetUserProp.
querySetUserProp (string)
(Optional) Specifies a query that sets the value of a user property.
Note: The property must be listed in the queryGetUserProps parameter string. For more information, see the method PolicyMgtODBCQueryScheme‑>QuerySetUserProp.
queryGetUserProps (string)
(Optional) Specifies a comma-separated list of user attributes that reside in the same table as the user name.
Note: For more information, see the method PolicyMgtODBCQueryScheme‑>QueryGetUserProps.
queryLookupUser (string)
(Optional) Specifies a query that retrieves a user name through an attribute of the user table.
Note: For more information, see the method PolicyMgtODBCQueryScheme‑>QueryLookupUser.
queryGetGroups (string)
(Optional) Specifies a query that retrieves the names of the groups to which the user belongs.
Note: For more information, see the method PolicyMgtODBCQueryScheme‑>QueryGetGroups.
queryIsGroupMember (string)
(Optional) Specifies a query that determines whether a particular user is a member of a group.
Note: For more information, see the method PolicyMgtODBCQueryScheme‑>QueryIsGroupMember.
queryGetGroupProp (string)
(Optional) Specifies a query that returns the value of a group property.
Note: The property must be listed in the queryGetGroupProps parameter string. For more information, see the method PolicyMgtODBCQueryScheme‑>QueryGetGroupProp.
querySetGroupProp (string)
(Optional) Specifies a query that sets the value of a group property.
Note: The property must be listed in the queryGetGroupProps parameter string. For more information, see the method PolicyMgtODBCQueryScheme‑>QuerySetGroupProp.
queryGetGroupProps (string)
(Optional) Specifies a comma-separated list of group attributes.
Note: For more information, see the method PolicyMgtODBCQueryScheme‑>QueryGetGroupProps.
queryLookupGroup (string)
(Optional) Specifies a query that retrieves a group name through an attribute of the group table.
Note: For more information, see the method PolicyMgtODBCQueryScheme‑>QueryLookupGroup.
querySetPassword (string)
(Optional) Specifies a query that changes a user's password.
Note: For more information, see the method PolicyMgtODBCQueryScheme‑>QuerySetPassword.
Return Value
The CreateODBCQueryScheme method returns one of the following values:
The CreatePwdPolicy method creates and configures a password policy.
Syntax
The CreatePwdPolicy method has the following format:
Netegrity::PolicyMgtSession‑>CreatePwdPolicy(pwdPolName, userDir[, pwdPolDesc][, enabledFlag][, entireDirFlag][, path][, class][, allowNestedGroups][, maxLoginFailures][, maxLoginInactive][, expDelay][, expWarningDays][, dicName][, dicMatchLength][, userwait][, pwdSvcRedirect][maxPwdLength][, minPwdLength][, maxPwdRepeatChar][, minPwdAlphaNum][, minPwdAlpha][, minPwdNonAlpha][, minPwdNonPrint][, minPwdNum][, minPwdPunc][, pwdReuseCount][, pwdReuseDelay][, pwdPctDiff][, pwdIgnoreSeq][, profileAttrMatch])
Parameters
The CreatePwdPolicy method accepts the following parameters:
pwdPolName (string)
Specifies the name of the password policy.
userDir (PolicyMgtUserDir object)
Specifies the user directory to which the password policy applies.
pwdPolDesc (string)
(Optional) Specifies the description of the password policy.
enabledFlag (int)
(Optional) Specifies whether the password policy is enabled.
entireDirFlag (int)
(Optional) Specifies whether the password policy applies to the entire LDAP directory or only part of the directory.
Specifies that the password policy applies to the entire LDAP directory.
Specifies that the password policy only applies to part of the LDAP directory.
Note: For part of the LDAP directory, specify the directory path in the path parameter and the class in the class parameter.
path (string)
(Optional) Specifies the part of the directory to which the password policy applies.
Note: Include this parameter when the entireDirFlag parameter is set to 0.
class (string)
(Optional) Specifies the class to which the password policy applies.
Note: Include this parameter when the entireDirFlag parameter is set to 0.
allowNestedGroups (int)
(Optional) Specifies whether the password policy is associated with the nested groups in the LDAP directory.
Note: Include this parameter when the entireDirFlag parameter is set to 0.
maxLoginFailures (int)
(Optional) Specifies the maximum number of login failures allowed before the user's account is disabled.
maxLoginInactive (int)
(Optional) Specifies the maximum number of days of inactivity allowed before the user's password expires.
expDelay (int)
(Optional) Specifies the number of days a password can be unchanged before it expires.
expWarningDays (int)
(Optional) Specifies the number of days in advance to notify the user that the password is due to expire.
dicName (string)
(Optional) Specifies the location of the dictionary file that lists the words that cannot be used in a password.
dicMatchLength (int)
(Optional) Specifies the minimum number of letters required for dictionary checking.
userwait (int)
(Optional) Specifies the number of minutes an account is disabled before the account is enabled and the user is allowed to attempt logging in again.
pwdSvcRedirect (string)
(Optional) Specifies the URL where the user is redirected when an invalid password is entered.
Note: This must be the URL of the Password Services CGI.
maxPwdLength (int)
(Optional) Specifies the maximum length of a user password.
Note: This value must be greater than the value specified by the parameter minPwdLength.
minPwdLength (int)
(Optional) Specifies the minimum length of a user password.
maxPwdRepeatChar (int)
(Optional) Specifies the maximum number of identical characters that can appear consecutively in a password.
minPwdAlphaNum (int)
(Optional) Specifies the minimum number of alphanumeric characters (A-Z, a-z, 0-9) that a password must contain.
minPwdAlpha (int)
(Optional) Specifies the minimum number of alphabetic characters (A-Z, a-z) that a password must contain.
minPwdNonAlpha (int)
(Optional) Specifies the minimum number of non-alphanumeric characters that a password must contain.
Note: The following are examples of non-alphanumeric characters: "@", "$", and "*".
minPwdNonPrint (int)
(Optional) Specifies the minimum number of non-printable characters that a password must contain.
Note: Non-printable characters are not displayed on a computer screen.
minPwdNum (int)
(Optional) Specifies the minimum number of numeric characters (0-9) that a password must contain.
minPwdPunc (int)
(Optional) Specifies the minimum number of punctuation marks that a password must contain.
Note: Punctuation marks include periods, commas, exclamation points, slashes, hyphens, and dashes.
pwdReuseCount (int)
(Optional) Specifies the number of new passwords that must be used before an old one can be reused.
pwdReuseDelay (int)
(Optional) Specifies the number of days a user must wait before reusing a password.
pwdPctDiff (int)
(Optional) Specifies the percentage of characters contained in a new password that must differ from the characters in the previous password.
Note: A value of 100 specifies that the new password cannot contain any of the characters in the previous password. For more information, see the parameter pwdIgnoreSeq.
pwdIgnoreSeq (int)
(Optional) Specifies whether character position is ignored when the new password is compared to the previous password and the percentage of characters that are different is calculated.
Specifies that character sequence is ignored.
Specifies that character sequence is considered.
Example: If the character "c" is in both the new and previous passwords, but its position in each password is different, then it is considered to be two different characters when the percentage is calculated.
profileAttrMatch (int)
(Optional) Specifies that the minimum character sequence that SiteMinder checks when checking the password against attributes in the user's directory entry.
Return Value
The CreatePwdPolicy method returns one of the following values:
The CreateRegScheme method creates and configures a registration scheme.
Syntax
The CreateRegScheme method has the following format:
Netegrity::PolicyMgtSession‑>CreateRegScheme(regName, userDir[, regDesc][, welcomeURL][, templatePath][, enableLogging])
Parameters
The CreateRegScheme method accepts the following parameters:
regName (string)
Specifies the registration scheme's name.
userDir (string)
Specifies the user directory associated with the registration scheme.
regDesc (string)
(Optional) Specifies the registration scheme's description.
welcomeURL (string)
(Optional) Specifies the URL for the welcome page.
Note: Users are redirected to this page after successfully registering.
Example: http://my.acme.com/hr/welcome.htm
templatePath (string)
(Optional) Specifies the path where the registration templates are located.
Note: For more information about the templePath parameter, see Remarks.
enableLogging (int)
(Optional) Specifies whether to enable logging.
Specifies enabling logging.
Specifies disabling logging.
Return Value
The CreateRegScheme method returns one of the following values:
Remarks
When you install a SiteMinder Web Agent, the registration templates are installed in the samples/selfreg subdirectory of the Web Agent installation directory by default. During SiteMinder installation, the virtual directory /siteminderagent is created and pointed to the samples directory in the Web Agent installation directory. Therefore, when using the default directory, specify templePath as follows: /siteminderagent/selfreg (without the final slash).
If you are using SSL for registration, you must provide the absolute path for the registration templates. The default paths are as follows:
The CreateSAMLAffiliation method creates a SAML 2.0 affiliation object. A SAML 2.0 affiliation is a set of entities that share a single federated namespace of unique Name IDs for principals. To modify the properties of an existing SAML affiliation, call the method PolicyMgtSAMLAffiliation‑>Property.
Syntax
The CreateSAMLAffiliation method has the following format:
Netegrity::PolicyMgtSession‑>CreateSAMLAffiliation(propsHash_ref)
Parameters
The CreateSAMLAffiliation method accepts the following parameter:
propsHash_ref (hash)
Specifies a reference to a hashtable of metadata properties for the SAML 2.0 affiliation.
Example: \%myhash
Return Value
The CreateSAMLAffiliation method returns one of the following values:
Remarks
The SAML 2.0 affiliation properties are grouped as follows:
SAML_NAME
SAML_DESCRIPTION
SAML_KEY_AFFILIATION_ID
SAML_MAJOR_VERSION
SAML_MINOR_VERSION
SAML_OID
SAML_SP_NAMEID_FORMAT
SAML_SP_NAMEID_TYPE
SAML_SP_NAMEID_STATIC
SAML_SP_NAMEID_ATTRNAME
SAML_SP_NAMEID_DNSPEC
SAML_IDP_XPATH
SAML_IDP_LDAP_SEARCH_SPEC
SAML_IDP_ODBC_SEARCH_SPEC
SAML_IDP_WINNT_SEARCH_SPEC
SAML_IDP_CUSTOM_SEARCH_SPEC
SAML_IDP_AD_SEARCH_SPEC
For more information, see the SAML 2.0 Property Reference in this guide.
The CreateSAMLAuthScheme method creates a SAML 2.0 authentication scheme object with its properties set to specified values. There are two types of properties associated with the object: authentication scheme properties and metadata properties.
Authentication Scheme Properties
The authentication scheme properties are based on the SAML 2.0 template and have the following initial values:
Default: smauthsaml
Default: FALSE
Default: FALSE
Default: FALSE
Default: FALSE
Default: TRUE
Default: 5
Note: You can modify the default protection level by calling the CreateSAMLAuthScheme method with the optional protLevel parameter set to a new value.
Metadata Properties
The metadata properties are the properties of the Identity Provider associated with the SAML 2.0 authentication scheme and are stored with the authentication scheme. To specify them, pass the reference to the hashtable of metadata properties to the CreateSAMLAuthScheme method in the propsHash_ref parameter. To update the metadata properties of an existing SAML 2.0 authentication scheme, call the method PolicyMgtSession‑>SAMLAuthSchemeProperties.
Syntax
The CreateSAMLAuthScheme method has the following format:
Netegrity::PolicyMgtSession‑>CreateSAMLAuthScheme(schemeName, propsHash_ref[, schemeDesc][, protLevel])
Parameters
The CreateSAMLAuthScheme method accepts the following parameters:
schemeName (string)
Specifies the name of the authentication scheme.
propsHash_ref (hash)
Specifies a reference to a hashtable of metadata properties to associate with the SAML 2.0 authentication scheme.
Example: \%myhash
Note: For a complete list of metadata properties, see Remarks.
schemeDesc (string)
(Optional) Specifies the description of the authentication scheme.
protLevel (int)
(Optional) Specifies the protection level of the authentication scheme.
Return Value
The CreateSAMLAuthScheme method returns one of the following values:
Remarks
The metadata properties associated with the SAML 2.0 authentication scheme are listed following.
SAML_NAME
SAML_DESCRIPTION
SAML_IDP_SPID
SAML_KEY_IDPID
SAML_MAJOR_VERSION
SAML_MINOR_VERSION
SAML_SKEWTIME
SAML_DISABLE_SIGNATURE_PROCESSING
SAML_DSIG_VERINFO_ISSUER_DN
SAML_DSIG_VERINFO_SERIAL_NUMBER
SAML_IDP_XPATH
SAML_IDP_LDAP_SEARCH_SPEC
SAML_IDP_ODBC_SEARCH_SPEC
SAML_IDP_WINNT_SEARCH_SPEC
SAML_IDP_CUSTOM_SEARCH_SPEC
SAML_IDP_AD_SEARCH_SPEC
SAML_AFFILIATION
SAML_IDP_SSO_REDIRECT_MODE
SAML_IDP_SSO_DEFAULT_SERVICE
SAML_AUDIENCE
SAML_IDP_SSO_TARGET
SAML_ENABLE_SSO_ARTIFACT_BINDING
SAML_KEY_IDP_SOURCEID
SAML_IDP_ARTIFACT_RESOLUTION_DEFAULT_SERVICE
SAML_IDP_BACKCHANNEL_AUTH_TYPE
SAML_IDP_SPNAME
SAML_IDP_PASSWORD
SAML_ENABLE_SSO_POST_BINDING
SAML_IDP_SSO_ENFORCE_SINGLE_USE_POLICY
SAML_SSOECPPROFILE
SAML_IDP_SIGN_AUTHNREQUESTS
SAML_SLO_REDIRECT_BINDING
SAML_SLO_SERVICE_VALIDITY_DURATION
SAML_SLO_SERVICE_URL
SAML_SLO_SERVICE_RESPONSE_URL
SAML_SLO_SERVICE_CONFIRM_URL
SAML_IDP_REQUIRE_ENCRYPTED_ASSERTION
SAML_IDP_REQUIRE_ENCRYPTED_NAMEID
SAML_IDP_SAMLREQ_ENABLE
SAML_IDP_SAMLREQ_REQUIRE_SIGNED_ASSERTION
SAML_IDP_SAMLREQ_ATTRIBUTE_SERVICE
SAML_IDP_SAMLREQ_GET_ALL_ATTRIBUTES
SAML_IDP_SAMLREQ_NAMEID_FORMAT
SAML_IDP_SAMLREQ_NAMEID_TYPE
SAML_IDP_SAMLREQ_NAMEID_STATIC
SAML_IDP_SAMLREQ_NAMEID_ATTR_NAME
SAML_IDP_SAMLREQ_NAMEID_DN_SPEC
SAML_IDP_SAMLREQ_NAMEID_ALLOW_NESTED
SAML_SP_PLUGIN_CLASS
SAML_SP_PLUGIN_PARAMS
SAML_IDP_REDIRECT_URL_USER_NOT_FOUND
SAML_IDP_REDIRECT_MODE_USER_NOT_FOUND
SAML_IDP_REDIRECT_URL_FAILURE
SAML_IDP_REDIRECT_MODE_FAILURE
SAML_IDP_REDIRECT_URL_INVALID
SAML_IDP_REDIRECT_MODE_INVALID
The CreateSingleCertMap method creates a certificate map between a single attribute in the certificate's Subject DN and the corresponding user attribute in the user directory. For authentication to succeed, the attribute's value in the Subject DN must match the value of the corresponding user attribute in the user directory.
Syntax
The CreateSingleCertMap Method method has the following format:
Netegrity::PolicyMgtSession‑>CreateSingleCertMap(IssuerDN, Attribute[, DirectoryType])
Parameters
The CreateSingleCertMap Method method accepts the following parameters:
IssuerDN (string)
Specifies the distinguished name of the certificate issuer.
Attribute (string)
Specifies the name of the attribute whose values in the certificate's Subject DN and in the user directory must match.
Syntax: %{attribute_name}
Example: %{uid}
DirectoryType (int)
(Optional) Specifies the type of the user directory specified for authentication.
Return Value
The CreateSingleCertMap Method method returns one of the following values:
Remarks
When a certificate map is created, the following flags are set to false, the default value:
For information on changing the value of these flags, see the method PolicyMgtSession‑>CreateExactCertMap.
The CreateSAMLAuthScheme method creates a trusted host object in the policy store, registers the trusted host with the Policy Server, and if registration is successful, creates the local registration file. Use this method when the Policy Server is connected to the agent host. When there is no connection between the Policy Server and the agent host, call the method PolicyMgtSession‑>AddTrustedHost instead.
Syntax
The CreateTrustedHost method has the following format:
Netegrity::PolicyMgtSession‑>CreateTrustedHost(trustedHostName [,ipAddress][, adminName][, adminPassword][, hostConfigName][, registrationDataFileName])
Parameters
The CreateTrustedHost method accepts the following parameters:
trustedHostName (string)
Specifies the name of the trusted host.
ipAddress (string)
(Optional) Specifies the IP address of the Policy Server.
adminName (string)
(Optional) Specifies the name of a Policy Server administrator.
adminPassword (string)
(Optional) Specifies the administrator's password.
hostConfigName (string)
(Optional) Specifies the name of the host configuration object.
registrationDataFileName (string)
(Optional) Specifies the name of the file where registration data is written when the host is successfully registered with the Policy Server.
Note: This filename is specified by calling the Agent API method Connect. The file is stored and managed by SiteMinder.
Return Value
The CreateTrustedHost method returns one of the following values:
The CreateUserDir method creates and configures a user directory object.
Syntax
The CreateUserDir method has the following format:
Netegrity::PolicyMgtSession‑>CreateUserDir(dirName, namespace, server[, ODBCQueryScheme][, domDesc][, searchRoot][, usrLookStart][, usrLookEnd][, username][, password][, searchResults][, searchScope][, searchTimeout][, secureConn][, requireCreds][, disabledAttr][, UIDAttr][, anonID][, pwdData][, pwdAttr][, emailAttr][, chalRespAttr])
Parameters
The CreateUserDir method accepts the following parameters:
dirName (string)
Specifies the user directory object's name.
namespace (string)
Specifies the user directory's namespace:
server (string)
Specifies one of the following directory-dependent values:
Specifies the IP address and port number of the LDAP server.
Syntax: IP_address:port_number
Note: The default port number is 389.
Specifies the data source name.
Specifies the domain name.
Specifies the name of the library that corresponds to the custom directory.
ODBCQueryScheme (PolicyMgtODBCQueryScheme object)
(Optional) Specifies a set of queries that SiteMinder uses to query the ODBC directory.
Note: If the user directory is not an ODBC directory, this parameter's value is undef.
domDesc (string)
(Optional) Specifies the description of the user directory.
searchRoot (string)
(Optional) Specifies one of the following directory-dependent values:
Specifies the location in the LDAP tree that is the starting point for the directory connection, for example, the organization (o) or organizational unit (ou). This location, called the search root, is the point where the Policy Server starts the search for a user.
Note: For more information about this parameter, see the parameter searchScope.
Specifies a string of parameters to pass to the custom library.
usrLookStart (string)
(Optional) Specifies the start value for a user DN lookup in an LDAP directory.
usrLookEnd (string)
(Optional) Specifies the end value for a user DN lookup in an LDAP directory.
Note: Specifying values for the user DN lookup starting point and endpoint allows users to enter part of the DN string when authenticating. In the following example, the user only needs to specify the string "JSmith" and not the whole DN string when logging in:
username (string)
(Optional) Specifies the user name needed for accessing the user directory.
Note: When using this parameter, set requireCreds to 1.
password (string)
(Optional) Specifies the password required for accessing the user directory.
Note: When using this parameter, set requireCreds to 1.
searchResults (int)
(Optional) Specifies the maximum number of results to return from a search of an LDAP or custom directory.
searchScope (int)
(Optional) Specifies how many levels SiteMinder searches when looking for users or user groups in an LDAP directory:
Specifies searching the root and all levels below.
Specifies searching the root and one level below.
Note: For more information, see the searchRoot parameter.
searchTimeout (int)
(Optional) Specifies the maximum time, in seconds, allowed for searching an LDAP or custom directory.
secureConn (int)
(Optional) Specifies whether an LDAP or custom user directory connection is secured by SSL:
Specifies a connection secured by SSL.
Specifies a connection that is not secure.
Note: When this flag is enabled, SiteMinder authentication is secure and transmissions are encrypted. Enable this flag when using SSL.
requireCreds (int)
(Optional) Specifies whether user credentials are required for authentication:
Specifies that credentials are required.
Specifies that credentials are not required.
disabledAttr (string)
(Optional) Specifies the name of the user directory attribute that contains the user's disabled state.
Note: This parameter applies to LDAP and ODBC directories and some custom directories.
UIDAttr (string)
(Optional) Specifies the name of the user directory's universal ID attribute.
Note: The universal ID is different from the user's login ID and is used to look up user information. This parameter applies to LDAP, ODBC, and WinNT directories and to some custom directories.
anonID (string)
(Optional) Specifies the name of the user directory's anonymous user DN attribute.
Note: The DN, which is defined in the anonymous authentication scheme, gives anonymous users access to resources protected by the anonymous authentication scheme. This parameter applies to LDAP directories and some custom directories.
pwdData (string)
(Optional) Specifies the name of the user directory's password data attribute.
Note: This parameter applies to LDAP and ODBC directories and some custom directories.
pwdAttr (string)
(Optional) Specifies the name of the user directory's password attribute.
Note: This parameter applies to LDAP and ODBC directories and some custom directories.
emailAttr (string)
Note: This optional parameter is reserved for future use.
chalRespAttr (string)
(Optional) Specifies the name of the user directory's challenge/response attribute.
Example: The challenge/response can be a hint that SiteMinder sends the user when the user forgets the password.
Note: This parameter applies to LDAP directories and some custom directories.
Return Value
The CreateUserDir method returns one of the following values:
The CreateWSFEDAuthScheme method creates an instance of a WS-Federation authentication scheme and sets the authentication scheme's properties.
Syntax
The CreateWSFEDAuthScheme method has the following format:
Netegrity::PolicyMgtSession‑>CreateWSFEDAuthScheme(name, propsHash[, desc][, level])
Parameters
The CreateWSFEDAuthScheme method accepts the following parameters:
name (string)
Specifies the name of the WS-Federation authentication scheme.
propsHash (hashtable)
Specifies a reference to the hashtable of WS-Federation authentication scheme properties to set.
Note: For a complete list of WS-Federation authentication scheme properties, see Remarks.
desc (string)
(Optional) Specifies a description of the authentication scheme.
level (int)
(Optional) Specifies the authentication scheme level.
Return Value
The CreateWSFEDAuthScheme method returns one of the following values:
Remarks
The WS-Federation authentication scheme properties are grouped in the FSS Administrative UI as follows:
WSFED_NAME
WSFED_DESCRIPTION
WSFED_KEY_APID
WSFED_RPID
WSFED_SKEW_TIME
WSFED_DISABLE_SIGNATURE_PROCESSING
WSFED_DSIG_VERINFO_ALIAS
WSFED_AP_XPATH
WSFED_AP_LDAP_SEARCH_SPEC
WSFED_AP_ODBC_SEARCH_SPEC
WSFED_AP_WINNT_SEARCH_SPEC
WSFED_AP_CUSTOM_SEARCH_SPEC
WSFED_AP_ADD_SEARCH_SPEC
WSFED_AP_SSO_REDIRECT_MODE
WSFED_AP_SSO_DEFAULT_SERVICE
WSFED_AP_SSO_TARGET
WSFED_ENFORCE_SINGLE_USE_POLICY
WSFED_AP_SLO_ENABLED
WSFED_AP_SIGNOUT_URL
WSFED_AP_PLUGIN_CLASS
WSFED_AP_PLUGIN_PARAMS
WSFED_AP_USER_NOT_FOUND_REDIRECT_URL
WSFED_AP_USER_NOT_FOUND_REDIRECT_MODE
WSFED_AP_FAILURE_REDIRECT_URL
WSFED_AP_FAILURE_REDIRECT_MODE
WSFED_AP_INVALID_REDIRECT_URL
WSFED_AP_INVALID_REDIRECT_MODE
The DeleteAdmin method deletes an administrator from the policy store.
Syntax
The DeleteAdmin method has the following format:
Netegrity::PolicyMgtSession‑>DeleteAdmin(admin)
Parameters
The DeleteAdmin method accepts the following parameter:
admin (PolicyMgtAdmin object)
Specifies the administrator object to delete.
Return Value
The DeleteAdmin method returns one of the following values:
Specifies that the method is successful or that the administrator is not found.
Specifies that the method is unsuccessful.
Remarks
To remove an administrator from a particular domain, see the method PolicyMgtAffDomain‑>RemoveAdmin.
The DeleteAffDomain method deletes an affiliate domain.
Syntax
The DeleteAffDomain method has the following format:
Netegrity::PolicyMgtSession‑>DeleteAffDomain(affDomain)
Parameters
The DeleteAffDomain method accepts the following parameter:
affDomain (PolicyMgtAffDomain object)
Specifies the affiliate domain object to delete.
Return Value
The DeleteAffDomain method returns one of the following values:
Specifies that the method is successful or that the affiliate domain is not found.
Specifies that the method is unsuccessful.
The DeleteAgent method deletes an agent.
Syntax
The DeleteAgent method has the following format:
Netegrity::PolicyMgtSession‑>DeleteAgent(agent)
Parameters
The DeleteAgent method accepts the following parameter:
agent (PolicyMgtAgent object)
Specifies the agent object to delete.
Return Value
The DeleteAgent method returns one of the following values:
Specifies that the method is successful or that the agent is not found.
Specifies that the method is unsuccessful.
The DeleteAgentConfig method deletes an agent configuration object.
Syntax
The DeleteAgentConfig method has the following format:
Netegrity::PolicyMgtSession‑>DeleteAgentConfig(AgentConfig)
Parameters
The DeleteAgentConfig method accepts the following parameter:
AgentConfig (PolicyMgtAgentConfig object)
Specifies the agent configuration object to delete.
Return Value
The DeleteAgentConfig method returns one of the following values:
Specifies that the method is successful or that the agent configuration object was not found.
Specifies that the method is unsuccessful.
The DeleteAuthAzMap method deletes an authentication and authorization map.
Syntax
The DeleteAuthAzMap method has the following format:
Netegrity::PolicyMgtSession‑>DeleteAuthAzMap(map)
Parameters
The DeleteAuthAzMap method accepts the following parameter:
map (PolicyMgtAuthAzMap object)
Specifies the authentication and authorization map object to delete.
Return Value
The DeleteAuthAzMap method returns one of the following values:
Specifies that the method is successful or that the authentication and authorization map is not found.
Specifies that the method is unsuccessful.
The DeleteAuthScheme method deletes an authentication scheme.
Syntax
The DeleteAuthScheme method has the following format:
Netegrity::PolicyMgtSession‑>DeleteAuthScheme(authScheme)
Parameters
The DeleteAuthScheme method accepts the following parameter:
authScheme (PolicyMgtAuthScheme object)
Specifies the authentication scheme object to delete.
Return Value
The DeleteAuthScheme method returns one of the following values:
Specifies that the method is successful or that the authentication scheme is not found.
Specifies that the method is unsuccessful.
The DeleteCertMap method deletes a certificate map.
Syntax
The DeleteCertMap method has the following format:
Netegrity::PolicyMgtSession‑>DeleteCertMap(map)
Parameters
The DeleteCertMap method accepts the following parameter:
map (PolicyMgtCertMap object)
Specifies the certificate map object to delete.
Return Value
The DeleteCertMap method returns one of the following values:
Specifies that the method is successful or that the certificate map is not found.
Specifies that the method is unsuccessful.
The DeleteDomain method deletes a policy domain.
Syntax
The DeleteDomain method has the following format:
Netegrity::PolicyMgtSession‑>DeleteDomain(domain)
Parameters
The DeleteDomain method accepts the following parameter:
domain (PolicyMgtDomain object)
Specifies the domain object to delete.
Return Value
The DeleteDomain method returns one of the following values:
Specifies that the method is successful or that the domain is not found.
Specifies that the method is unsuccessful.
The DeleteGlobalPolicy method deletes a global policy.
Syntax
The DeleteGlobalPolicy method has the following format:
Netegrity::PolicyMgtSession‑>DeleteGlobalPolicy(policy)
Parameters
The DeleteGlobalPolicy method accepts the following parameter:
policy (PolicyMgtPolicy object)
Specifies the global policy object to delete.
Return Value
The DeleteGlobalPolicy method returns one of the following values:
Specifies that the method is successful.
Specifies that the method is unsuccessful.
The DeleteGlobalResponse method deletes a global response.
Syntax
The DeleteGlobalResponse method has the following format:
Netegrity::PolicyMgtSession‑>DeleteGlobalResponse(response)
Parameters
The DeleteGlobalResponse method accepts the following parameter:
response (PolicyMgtResponse object)
Specifies the global response object to delete.
Return Value
The DeleteGlobalResponse method returns one of the following values:
Specifies that the method is successful.
Specifies that the method is unsuccessful.
The DeleteGlobalRule method deletes a global rule.
Syntax
The DeleteGlobalRule method has the following format:
Netegrity::PolicyMgtSession‑>DeleteGlobalRule(rule)
Parameters
The DeleteGlobalRule method accepts the following parameter:
rule (PolicyMgtRule object)
Specifies the global rule object to delete.
Return Value
The DeleteGlobalRule method returns one of the following values:
Specifies that the method is successful.
Specifies that the method is unsuccessful.
The DeleteGroup method deletes an agent group.
Syntax
The DeleteGroup method has the following format:
Netegrity::PolicyMgtSession‑>DeleteGroup(group)
Parameters
The DeleteGroup method accepts the following parameter:
group (PolicyMgtGroup object)
Specifies the agent group object to delete.
Return Value
The DeleteGroup method returns one of the following values:
Specifies that the method is successful or that the agent group is not found.
Specifies that the method is unsuccessful.
The DeleteHostConfig method deletes a host configuration object.
Syntax
The DeleteHostConfig method has the following format:
Netegrity::PolicyMgtSession‑>DeleteHostConfig(HostConfig)
Parameters
The DeleteHostConfig method accepts the following parameter:
HostConfig (PolicyMgtHostConfig object)
Specifies the host configuration object to delete.
Return Value
The DeleteHostConfig method returns one of the following values:
Specifies that the method is successful or that the host configuration object is not found.
Specifies that the method is unsuccessful.
The DeleteODBCQueryScheme method deletes an ODBC query scheme.
Syntax
The DeleteODBCQueryScheme method has the following format:
Netegrity::PolicyMgtSession‑>DeleteODBCQueryScheme(scheme)
Parameters
The DeleteODBCQueryScheme method accepts the following parameter:
scheme (PolicyMgtODBCQueryScheme object)
Specifies the ODBC query scheme object to delete.
Return Value
The DeleteODBCQueryScheme method returns one of the following values:
Specifies that the method is successful or that the ODBC query scheme is not found.
Specifies that the method is unsuccessful.
The DeletePwdPolicy method deletes a password policy.
Syntax
The DeletePwdPolicy method has the following format:
Netegrity::PolicyMgtSession‑>DeletePwdPolicy(pwdPolicy)
Parameters
The DeletePwdPolicy method accepts the following parameter:
pwdPolicy (PolicyMgtPwdPolicy object)
Specifies the password policy object to delete.
Return Value
The DeletePwdPolicy method returns one of the following values:
Specifies that the method is successful or that the password policy is not found.
Specifies that the method is unsuccessful.
The DeleteRegScheme method deletes a registration scheme.
Syntax
The DeleteRegScheme method has the following format:
Netegrity::PolicyMgtSession‑>DeleteRegScheme(regScheme)
Parameters
The DeleteRegScheme method accepts the following parameter:
regScheme (PolicyMgtRegScheme object)
Specifies the registration scheme object to delete.
Return Value
The DeleteRegScheme method returns one of the following values:
Specifies that the method is successful or that the registration scheme is not found.
Specifies that the method is unsuccessful.
The DeleteSAMLAffiliation method deletes a SAML 2.0 affiliation object.
Syntax
The DeleteSAMLAffiliation method has the following format:
Netegrity::PolicyMgtSession‑>DeleteSAMLAffiliation(SAMLAffil)
Parameters
The DeleteSAMLAffiliation method accepts the following parameter:
SAMLAffil (PolicyMgtSAMLAffiliation object)
Specifies the SAML 2.0 affiliation object to delete.
Return Value
The DeleteSAMLAffiliation method returns one of the following values:
Specifies that the method is successful or that the SAML affiliation object is not found.
Specifies that the method is unsuccessful.
The DeleteTrustedHost method deletes a trusted host.
Syntax
The DeleteTrustedHost method has the following format:
Netegrity::PolicyMgtSession‑>DeleteTrustedHost(TrustedHost)
Parameters
The DeleteTrustedHost method accepts the following parameter:
TrustedHost (PolicyMgtTrustedHost object)
Specifies the trusted host object to delete.
Return Value
The DeleteTrustedHost method returns one of the following values:
Specifies that the method is successful or that the trusted host is not found.
Specifies that the method is unsuccessful.
The DeleteUserDir method
Syntax
The DeleteUserDir method has the following format:
Netegrity::PolicyMgtSession‑>DeleteUserDir(userdir)
Parameters
The DeleteUserDir method accepts the following parameter:
userdir (PolicyMgtUserDir object)
Specifies the user directory object to delete.
Return Value
The DeleteUserDir method returns one of the following values:
Specifies that the method is successful or that the user directory is not found.
Specifies that the method is unsuccessful.
The GetAdmin method retrieves the specified administrator.
Syntax
The GetAdmin method has the following format:
Netegrity::PolicyMgtSession‑>GetAdmin(adminName)
Parameters
The GetAdmin method accepts the following parameter:
adminName (string)
Specifies the name of the administrator to retrieve.
Return Value
The GetAdmin method returns one of the following values:
The GetAffDomain method retrieves the specified affiliate domain.
Syntax
The GetAffDomain method has the following format:
Netegrity::PolicyMgtSession‑>GetAffDomain(domName)
Parameters
The GetAffDomain method accepts the following parameter:
domName (string)
Specifies the name of the affiliate domain to retrieve.
Return Value
The GetAffDomain method returns one of the following values:
The GetAgent method retrieves the specified agent.
Syntax
The GetAgent method has the following format:
Netegrity::PolicyMgtSession‑>GetAgent(agentName)
Parameters
The GetAgent method accepts the following parameter:
agentName (string)
Specifies the name of the agent to retrieve.
Return Value
The GetAgent method returns one of the following values:
The GetAgentConfig method retrieves the specified agent configuration object.
Syntax
The GetAgentConfig method has the following format:
Netegrity::PolicyMgtSession‑>GetAgentConfig(acName)
Parameters
The GetAgentConfig method accepts the following parameter:
acName (string)
Specifies the name of the agent configuration object to retrieve.
Return Value
The GetAgentConfig method returns one of the following values:
The GetAgentGroup method retrieves the specified agent group.
Syntax
The GetAgentGroup method has the following format:
Netegrity::PolicyMgtSession‑>GetAgentGroup(agentGroup)
Parameters
The GetAgentGroup method accepts the following parameter:
agentGroup (string)
Specifies the name of the agent group to retrieve.
Return Value
The GetAgentGroup method returns one of the following values:
The GetAgentType method retrieves the specified agent type.
Syntax
The GetAgentType method has the following format:
Netegrity::PolicyMgtSession‑>GetAgentType(agentTypeName)
Parameters
The GetAgentType method accepts the following parameter:
agentTypeName (string)
Specifies one of the following pre-defined agent types to retrieve:
Return Value
The GetAgentType method returns one of the following values:
The GetAllAdmins method retrieves a list of all administrators configured on the Policy Server.
Syntax
The GetAllAdmins method has the following format:
Netegrity::PolicyMgtSession‑>GetAllAdmins()
Parameters
The GetAllAdmins method accepts no parameters.
Return Value
The GetAllAdmins method returns one of the following values:
The GetAllAffDomains method retrieves a list of all configured affiliate domains.
Syntax
The GetAllAffDomains method has the following format:
Netegrity::PolicyMgtSession‑>GetAllAffDomains()
Parameters
The GetAllAffDomains method accepts no parameters.
Return Value
The GetAllAffDomains method returns one of the following values:
The GetAllAgentConfigs method retrieves a list of all agent configuration objects.
Syntax
The GetAllAgentConfigs method has the following format:
Netegrity::PolicyMgtSession‑>GetAllAgentConfigs()
Parameters
The GetAllAgentConfigs method accepts no parameters.
Return Value
The GetAllAgentConfigs method returns one of the following values:
The GetAllAgentGroups method retrieves a list of all agent group objects.
Syntax
The GetAllAgentGroups method has the following format:
Netegrity::PolicyMgtSession‑>GetAllAgentGroups()
Parameters
The GetAllAgentGroups method accepts no parameters.
Return Value
The GetAllAgentGroups method returns one of the following values:
The GetAllAgents method retrieves a list of all agents configured on the Policy Server.
Syntax
The GetAllAgents method has the following format:
Netegrity::PolicyMgtSession‑>GetAllAgents()
Parameters
The GetAllAgents method accepts no parameters.
Return Value
The GetAllAgents method returns one of the following values:
The GetAllAuthAzMaps method retrieves a list of all authentication and authorization maps.
Syntax
The GetAllAuthAzMaps method has the following format:
Netegrity::PolicyMgtSession‑>GetAllAuthAzMaps()
Parameters
The GetAllAuthAzMaps method accepts no parameters.
Return Value
The GetAllAuthAzMaps method returns one of the following values:
The GetAllAuthSchemes method retrieves a list of all authentication schemes on the Policy Server.
Syntax
The GetAllAuthSchemes method has the following format:
Netegrity::PolicyMgtSession‑>GetAllAuthSchemes([showTemplates])
Parameters
The GetAllAuthSchemes method accepts the following parameter:
showTemplates (int)
(Optional) Specifies whether to include template schemes in the list of authentication schemes.
Specifies not including template schemes in the list of authentication schemes.
Specifies including template schemes in the list of authentication schemes.
Return Value
The GetAllAuthSchemes method returns one of the following values:
The GetAllCertMaps method retrieves a list of all certificate mapping objects.
Syntax
The GetAllCertMaps method has the following format:
Netegrity::PolicyMgtSession‑>GetAllCertMaps()
Parameters
The GetAllCertMaps method accepts no parameters.
Return Value
The GetAllCertMaps method returns one of the following values:
The GetAllDomains method retrieves a list of all domains configured on the Policy Server.
Syntax
The GetAllDomains method has the following format:
Netegrity::PolicyMgtSession‑>GetAllDomains()
Parameters
The GetAllDomains method accepts no parameters.
Return Value
The GetAllDomains method returns one of the following values:
The GetAllGlobalPolicies method retrieves a list of all global policy objects.
Syntax
The GetAllGlobalPolicies method has the following format:
Netegrity::GetAllGlobalPolicies()
Parameters
The GetAllGlobalPolicies method accepts no parameters.
Return Value
The GetAllGlobalPolicies method returns one of the following values:
The GetAllGlobalResponses method retrieves a list of all global response objects.
Syntax
The GetAllGlobalResponses method has the following format:
Netegrity::PolicyMgtSession‑>GetAllGlobalResponses()
Parameters
The GetAllGlobalResponses method accepts no parameters.
Return Value
The GetAllGlobalResponses method returns one of the following values:
The GetAllGlobalRules method retrieves a list of all global rule objects.
Syntax
The GetAllGlobalRules method has the following format:
Netegrity::PolicyMgtSession‑>GetAllGlobalRules()
Parameters
The GetAllGlobalRules method accepts no parameters.
Return Value
The GetAllGlobalRules method returns one of the following values:
The GetAllHostConfigs method retrieves a list of all host configuration objects.
Syntax
The GetAllHostConfigs method has the following format:
Netegrity::PolicyMgtSession‑>GetAllHostConfigs()
Parameters
The GetAllHostConfigs method accepts no parameters.
Return Value
The GetAllHostConfigs method returns one of the following values:
The GetAllODBCQuerySchemes method retrieves a list of all ODBC query schemes on the Policy Server.
Syntax
The GetAllODBCQuerySchemes method has the following format:
Netegrity::PolicyMgtSession‑>GetAllODBCQuerySchemes()
Parameters
The GetAllODBCQuerySchemes method accepts no parameters.
Return Value
The GetAllODBCQuerySchemes method returns one of the following values:
The GetAllPwdPolicies method retrieves a list of all configured password policies.
Syntax
The GetAllPwdPolicies method has the following format:
Netegrity::PolicyMgtSession‑>GetAllPwdPolicies()
Parameters
The GetAllPwdPolicies method accepts no parameters.
Return Value
The GetAllPwdPolicies method returns one of the following values:
The GetAllRegSchemes method retrieves a list of all registration schemes configured on the Policy Server.
Syntax
The GetAllRegSchemes method has the following format:
Netegrity::PolicyMgtSession‑>GetAllRegSchemes()
Parameters
The GetAllRegSchemes method accepts no parameters.
Return Value
The GetAllRegSchemes method returns one of the following values:
The GetAllSAMLAffiliations method retrieves a list of all SAML 2.0 affiliations.
Syntax
The GetAllSAMLAffiliations method has the following format:
Netegrity::PolicyMgtSession‑>GetAllSAMLAffiliations()
Parameters
The GetAllSAMLAffiliations method accepts no parameters.
Return Value
The GetAllSAMLAffiliations method returns one of the following values:
The GetAllSAMLSchemeAttributes method retrieves a list of all defined SAML 2.0 Requester attributes.
Syntax
The GetAllSAMLSchemeAttributes method has the following format:
Netegrity::PolicyMgtSession‑>GetAllSAMLSchemeAttributes(scheme)
Parameters
The GetAllSAMLSchemeAttributes method accepts the following parameter:
scheme (PolicyMgtAuthScheme object)
Specifies the SAML 2.0 authentication scheme object.
Return Value
The GetAllSAMLSchemeAttributes method returns one of the following values:
The GetAllTrustedHosts method retrieves a list of all trusted host objects.
Syntax
The GetAllTrustedHosts method has the following format:
Netegrity::PolicyMgtSession‑>GetAllTrustedHosts()
Parameters
The GetAllTrustedHosts method accepts no parameters.
Return Value
The GetAllTrustedHosts method returns one of the following values:
The GetAllUserDirs method retrieves a list of all user directories associated with the Policy Server.
Syntax
The GetAllUserDirs method has the following format:
Netegrity::PolicyMgtSession‑>GetAllUserDirs()
Parameters
The GetAllUserDirs method accepts no parameters.
Return Value
The GetAllUserDirs method returns one of the following values:
The GetAllVariableTypes method retrieves a list of all variable type objects configured on the Policy Server.
Syntax
The GetAllVariableTypes method has the following format:
Netegrity::PolicyMgtSession‑>GetAllVariableTypes()
Parameters
The GetAllVariableTypes method accepts no parameters.
Return Value
The GetAllVariableTypes method returns one of the following values:
|
Copyright © 2012 CA.
All rights reserved.
|
|