59     krb5_error_code             st=0;
77     st = krb5_ldap_name_to_policydn (context, policy->name, &policy_dn);
78     if (st != 0)
84         st = EINVAL;
85         krb5_set_error_message(context, st, gettext("Invalid password policy DN syntax"));
90     if ((st=krb5_add_str_mem_ldap_mod(&mods, "cn", LDAP_MOD_ADD, strval)) != 0)
94     if ((st=krb5_add_str_mem_ldap_mod(&mods, "objectclass", LDAP_MOD_ADD, strval)) != 0)
97     if (((st=krb5_add_int_mem_ldap_mod(&mods, "krbmaxpwdlife", LDAP_MOD_ADD,
99         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbminpwdlife", LDAP_MOD_ADD,
101         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdmindiffchars", LDAP_MOD_ADD,
103         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdminlength", LDAP_MOD_ADD,
105         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdhistorylength", LDAP_MOD_ADD,
107         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdmaxfailure", LDAP_MOD_ADD,
109         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdfailurecountinterval", LDAP_MOD_ADD,
111         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdlockoutduration", LDAP_MOD_ADD,
116     if ((st=ldap_add_ext_s(ld, policy_dn, mods, NULL, NULL)) != LDAP_SUCCESS) {
117         st = set_ldap_error (context, st, OP_ADD);
129     return(st);
140     krb5_error_code             st=0;
157     st = krb5_ldap_name_to_policydn (context, policy->name, &policy_dn);
158     if (st != 0)
161     if (((st=krb5_add_int_mem_ldap_mod(&mods, "krbmaxpwdlife", LDAP_MOD_REPLACE,
163         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbminpwdlife", LDAP_MOD_REPLACE,
165         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdmindiffchars", LDAP_MOD_REPLACE,
167         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdminlength", LDAP_MOD_REPLACE,
169         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdhistorylength", LDAP_MOD_REPLACE,
171         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdmaxfailure", LDAP_MOD_REPLACE,
173         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdfailurecountinterval", LDAP_MOD_REPLACE,
175         || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdlockoutduration", LDAP_MOD_REPLACE,
185     if ((st=ldap_modify_ext_s(ld, policy_dn, mods, NULL, NULL)) != LDAP_SUCCESS) {
186         st = set_ldap_error (context, st, OP_MOD);
195     return(st);
205     int st = 0;
224     st = krb5_ldap_get_reference_count (context, pol_dn, "krbPwdPolicyReference",
230     if (st != 0) {
235     return st;
243     krb5_error_code             st=0, tempst=0;
264         st = ENOMEM;
279         if ((st = populate_policy(context, ld, ent, pol_name, *policy)) != 0)
289         st = krb5_ldap_get_reference_count (context,
299     if (st != 0) {
307     return st;
318     krb5_error_code             st = 0;
326         st = EINVAL;
330     st = krb5_ldap_name_to_policydn(context, name, &policy_dn);
331     if (st != 0)
334     st = krb5_ldap_get_password_policy_from_dn(context, name, policy_dn, policy, cnt);
339     return st;
347     krb5_error_code             st=0;
363     st = krb5_ldap_name_to_policydn (context, policy, &policy_dn);
364     if (st != 0)
368     if ((st=checkattributevalue(ld, policy_dn, "objectclass", class, &mask)) != 0)
372         st = KRB5_KDB_NOENTRY;
376     if ((st=ldap_delete_ext_s(ld, policy_dn, NULL, NULL)) != LDAP_SUCCESS) {
377         st = set_ldap_error (context, st, OP_DEL);
386     return st;
396     krb5_error_code             st=0, tempst=0;
410         st = EINVAL;
418         st = krb5_ldap_get_string(ld, ent, "cn", &policy, &attr_present);
419         if (st != 0)
427         if ((st = populate_policy(context, ld, ent, policy, entry)) != 0)
440         st = krb5_ldap_get_reference_count (context,
459     return st;

Indexes created Tue Jul 24 14:28:13 CEST 2018