2N/A * The contents of this file are subject to the terms of the 2N/A * Common Development and Distribution License (the "License"). 2N/A * You may not use this file except in compliance with the License. 2N/A * See the License for the specific language governing permissions 2N/A * and limitations under the License. 2N/A * When distributing Covered Code, include this CDDL HEADER in each 2N/A * If applicable, add the following below this CDDL HEADER, with the 2N/A * fields enclosed by brackets "[]" replaced with your own identifying 2N/A * information: Portions Copyright [yyyy] [name of copyright owner] 2N/A * Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved. 2N/A/* Search Referral Option */ 2N/A * BE VERY CAREFUL. DO NOT USE FLAG NS_LDAP_KEEP_CONN UNLESS YOU MUST 2N/A * IN libsldap.so.1 THERE IS NO CONNECTION GARBAGE COLLECTION AND IF 2N/A * THIS FLAG GETS USED THERE MIGHT BE A CONNECTION LEAK. CURRENTLY THIS 2N/A * IS ONLY SUPPORTED FOR LIST AND INTENDED FOR APPLICATIONS LIKE AUTOMOUNTER 2N/A * NS_LDAP_NOT_CVT_DN is needed when attribute mapping is used 2N/A * to retrieve the DN in LDAP and DN is not to be converted when 2N/A * being passed back to the application. See __ns_ldap_uid2dn() 2N/A * and __ns_ldap_host2dn() for such usage. 2N/A * NS_LDAP_UPDATE_SHADOW is for a privileged caller of the 2N/A * __ns_ldap_repAttr() to update the shadow database on the 2N/A * NS_LDAP_READ_SHADOW is for a privileged caller of __ns_ldap_list() 2N/A * and __ns_ldap_firstEntry() to read the shadow database on the 2N/A * This flag is used by __ns_ldap_addTypedEntry to distinguish 2N/A * between adding and modifying key-value attr fields. 2N/A * NS_LDAP_BASE64_BINARY_ATTR_VALUE requests any binary attribute values 2N/A * to be base64-encoded and tagged with NS_LDAP_BASE64_TAG, i.e., 2N/A * \1{base64}NXv+wO0EAA== 2N/A * The first character '\1' is for covering the case where a non-binary 2N/A * value starts with "{base64}". 2N/A * This flag is used to stop new connection from get directory capabilities 2N/A * from the the root DSE. This is for private use in libsldap. 2N/A * Authentication Information 2N/A * Configuration Information 2N/A * NS_LDAP_TRANSPORT_SEC_P is only left in for backward compatibility 2N/A * with version 1 clients and their configuration files. The only 2N/A * supported value is NS_LDAP_SEC_NONE. No application should be 2N/A * using this parameter type (either through getParam or setParam. 2N/A * The following entry (max ParamIndexType) is an internal 2N/A * placeholder. It must be the last (and highest value) 2N/A * entry in this eNum. Please update accordingly. 2N/A * MIXED - self / SASL/GSSAPI is mixed with other types of configuration 2N/A * __ns_ldap_*() return codes 2N/A =
9 /* success, with info in errorp */ 2N/A * Detailed error code for NS_LDAP_CONFIG 2N/A * Detailed error code for NS_LDAP_PARTIAL 2N/A * For use by __ns_ldap_addTypedEntry() for publickey serivicetype 2N/A * Detailed password status 2N/A /* about to expire */ 2N/A /* changed immediately */ 2N/A /* account is locked */ 2N/A /* by the administrator */ 2N/A /* new password has */ 2N/A /* invalid syntax -- */ 2N/A /* trivial password: same */ 2N/A /* value as attr, cn, sn, */ 2N/A /* or strong password */ 2N/A /* policies check */ 2N/A /* new password has */ 2N/A /* less chars than */ 2N/A /* reuse old password */ 2N/A /* within minimum age */ 2N/A * Password management information structure 2N/A * This structure is different from AcctUsableResponse_t structure in 2N/A * that this structure holds result of users account mgmt information when 2N/A * an ldap bind is done with user name and user password. 2N/A /* valid if status is */ 2N/A /* NS_PASSWD_ABOUT_TO_EXPIRE */ 2N/A * LDAP V3 control flag for account management - Used for account management 2N/A * when no password is provided 2N/A * Structure for holding the response returned by server for 2N/A * NS_LDAP_ACCOUNT_USABLE_CONTROL control when account is not available. 2N/A * Structure used to hold the response from the server for 2N/A * NS_LDAP_ACCOUNT_USABLE_CONTROL control. The ASN1 notation is as below: 2N/A * ACCOUNT_USABLE_RESPONSE::= CHOICE { 2N/A * is_available [0] INTEGER, seconds before expiration 2N/A * is_not_available [1] More_info 2N/A * More_info::= SEQUENCE { 2N/A * inactive [0] BOOLEAN DEFAULT FALSE, 2N/A * reset [1] BOOLEAN DEFAULT FALSE, 2N/A * expired [2] BOOLEAN DEFAULT FALSE, 2N/A * remaining_grace [3] INTEGER OPTIONAL, 2N/A * seconds_before_unlock[4] INTEGER OPTIONAL 2N/A * This structure is different from ns_ldap_passwd_mgmt_t structure in 2N/A * that this structure holds result of users account mgmt information when 2N/A * pam_ldap doesn't have the users password and proxy agent is used for 2N/A * obtaining the account management information. 2N/A * Simplified LDAP Naming API result structure 2N/A /* management info */ 2N/A * structures for the conversion routines used by typedAddEntry() 2N/A * return values for the callback function in __ns_ldap_list() 2N/A * Input values for the type specified in __ns_ldap_addTypedEntry() 2N/A * and __ns_ldap_delTypedEntry() 2N/A * Internal operational attribute maintained by libsldap, 2N/A * only one for now, __ns_ldap_op_attr_server_type. This 2N/A * attribute is returned in the extra_info ns_ldap_entry_t 2N/A * entry by the APIs that support it. Similar to the 2N/A * operational attributes returned by LDAP servers, they 2N/A * are used to provided extra information about the search 2N/A * results. __ns_ldap_op_attr_server_type is used to 2N/A * requested the type of the LDAP server where the search 2N/A * Value of the userPassword attribute representing NO Unix password 2N/A * A special keyword used to check if schema mapping is configured for 2N/A * a particular database. Callers can call __ns_ldap_getOrigAttribute 2N/A * with this keyword to find out if a database has any objectclass or 2N/A * attribute mapping defined. 2N/A/* Opaque handle for batch API */ 2N/A * The type of standalone configuration specified by a client application. 2N/A * The meaning of the requests is as follows: 2N/A * NS_CACHEMGR: libsldap will request all the configuration via door_call(3C) 2N/A * NS_LDAP_SERVER: the consumer application has specified a directory server 2N/A * to communicate to. 2N/A * NS_PREDEFINED: reserved for internal use 2N/A * This structure describes an LDAP server specified by a client application. 2N/A /* Default value is 389 */ 2N/A /* by the specified server. */ 2N/A /* Default value is the local */ 2N/A /* Default value is 'default' */ 2N/A /* during subsequent connections */ 2N/A char *
cred;
/* A credential level to be used */ 2N/A /* along with the authentication info */ 2N/A /* subsequent LDAP Bind requests */ 2N/A /* subsequent LDAP Bind requests */ 2N/A * This structure contains information describing an LDAP server. 2N/A * This function "informs" libsldap that a client application has specified 2N/A * a directory to use. The function obtains a DUAProfile, credentials, 2N/A * and naming context. During all further operations on behalf 2N/A * of the application requested a standalone schema libsldap will use 2N/A * the information obtained by __ns_ldap_initStandalone() instead of 2N/A * door_call(3C)ing ldap_cachemgr(1M). 2N/A * A structure describing where and in which way to obtain all the 2N/A * configuration describing how to communicate to a choosen LDAP directory. 2N/A * An error object describing an error occured. 2N/A * This function obtains the directory's base DN and a DUAProfile 2N/A * from a specified server. 2N/A * Specifies the selected directory sever. 2N/A * Contains an authentication information and credential required to 2N/A * establish a connection. 2N/A * If not NULL, a new configuration basing on a DUAProfile specified in the 2N/A * server parameter will be create and returned. 2N/A * If not NULL, the directory's base DN will be returned. 2N/A * Describes an error, if any. 2N/A * This function obtains the root DSE from a specified server. 2N/A * An adress of a server to be connected to. 2N/A * Returns the type of the server returning the root DSE. 2N/A * A buffer containing the root DSE in the ldap_cachmgr door call format. 2N/A * Describes an error, if any. 2N/A * If set to 1 and establishing a connection fails, __s_api_getRootDSE() 2N/A * will try once again using anonymous credentials. 2N/A * This function iterates through the list of the configured LDAP servers 2N/A * and "pings" those which are marked as removed or if any error occurred 2N/A * during the previous receiving of the server's root DSE. If the 2N/A * function is able to reach such a server and get its root DSE, it 2N/A * marks the server as on-line. Otherwise, the server's status is set 2N/A * For each server the function tries to connect to, it fires up 2N/A * a separate thread and then waits until all the threads finish. 2N/A * The function returns NS_LDAP_INTERNAL if the Standalone mode was not 2N/A * initialized or was canceled prior to an invocation of 2N/A * __ns_ldap_pingOfflineServers(). 2N/A * This function cancels the Standalone mode and destroys the list of root DSEs. 2N/A * This function initializes an ns_auth_t structure provided by a caller 2N/A * according to a specified authentication mechanism. 2N/A * Simplified LDAP Naming APIs 2N/A#
endif /* _NS_SLDAP_H */