rsec_pwd_mgmt_str

rsec_pwd_mgmt_str_chk(3sec)

Strength-checks a password

Synopsis

#include <dce/rsec_pwd_mgmt.h>

boolean32 rsec_pwd_mgmt_str_chk(
handle_t handle,
sec_rgy_name_t princ,
sec_passwd_rec_t *pwd,
signed32 pwd_val_type,
unsigned32 plcy_args,
sec_attr_t plcy[ ],
sec_bytes_t str_info_in,
sec_bytes_t *str_info_out,
error_status_t *stp);

Parameters

Input

handle
An RPC binding handle to the password management server exporting this operation.

princ
The name of the principal requesting the generated passwords.

pwd
A pointer to the password to be strength checked.

pwd_val_type
The value of the user's password validation type (as stored in the pwd_val_type ERA).

plcy_args
The size of the plcy array.

plcy
An array of extended registry attributes, each specifying a password management policy of some sort. The contents of this array are as follows:

plcy[0]
Effective registry password minimum length for the principal.

plcy[1]
Effective registry password policy flags for the principal, describing limitations on password characters.

str_info_in
An NDR pickle containing additional information needed to strength check the password. There are currently no encoding types defined.

Output

str_info_out
An NDR pickle containing additional information returned by the password management server. There are currently no encoding types defined.

stp
A pointer to the completion status. On successful completion, the routine returns error_status_ok. Otherwise, it returns an error.

Notes
This function is not intended to be called by application programmers. The registry server provides all the functionality necessary to strength check passwords. This reference page is provided for programmers who wish to write their own password management servers.

This network interface is called on the client side via secd(8). Developers are responsible for implementing the server side of this interface. (pwd_strengthd(8sec) is provided as a sample implementation.)

(The plcy[ ] parameter is intended to be expandable to allow administrators to attach new password policy ERAs to a principal. This feature is, however, currently unsupported, and the plcy[ ] parameter consists only of the entries described in this reference page.)

Description
The rsec_pwd_mgmt_str_chk( ) routine strength checks a password.

Return Value
The rsec_pwd_mgmt_str_chk( ) routine returns TRUE if the user's password passes the server's strength checking algorithm and FALSE if it does not.

Files

/usr/include/dce/sec_pwd_mgmt.idl
The idl file from which dce/sec_pwd_mgmt.h was derived.

Errors

The following describes a partial list of errors that might be returned. Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages.

sec_pwd_mgmt_str_check_failed
The password failed the server's strength checking algorithm.

sec_pwd_mgmt_not_authorized
The user is not authorized to call this API.

sec_pwd_mgmt_svr_error
Password Management Server generic error. Additional information is usually logged by the password management server.

error_status_ok
The call was successful

Related Information
Functions:

sec_intro(3sec)

rsec_pwd_mgmt_gen_pwd(3sec)

pwd_strengthd(8sec)