Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ sec_rgy_pgo_add_member(3sec) — DCE 3.1

Media Vault

Software Library

Restoration Projects

Artifacts Sought

sec_rgy_pgo_add_member(3sec)  —  Subroutines

NAME

sec_rgy_pgo_add_member — Adds a principal to a group or organization

Synopsis

void sec_rgy_pgo_add_member(
sec_rgy_handle_t context,
sec_rgy_domain_t name_domain,
sec_rgy_name_t go_name,
sec_rgy_name_t principal_name,
error_status_t ∗status);

Parameters

Input

contextAn opaque handle bound to a registry server.  Use sec_rgy_site_open() to acquire a bound handle. 

name_domain
This variable identifies the type of the principal, group, or organization (PGO) item identified by the given name.  The valid values are as follows:

sec_rgy_domain_group
The go_name parameter identifies a group. 

sec_rgy_domain_org
The go_name parameter identifies an organization. 

go_nameA character string (type sec_rgy_name_t) containing the name of the group or organization to which the specified principal will be added. 

principal_name
A character string (type sec_rgy_name_t) containing the name of the principal to be added to the membership list of the group or organization specified by go_name. You must use fully qualified names to add foreign principals as members of a group.  (Only local principals can be added as members of an organization.) 

Output

statusA pointer to the completion status.  On successful completion, the routine returns error_status_ok.  Otherwise, it returns an error. 

Description

The sec_rgy_pgo_add_member() routine adds a member to the membership list of a  group or organization in the registry database.   For this call to succeed when adding a principal from a foreign cell to a group, the Security Server (secd) must be running in the foreign cell. 

Permissions Required

The sec_rgy_pgo_add_member() routine requires the M (Member_list) permission on the group or organization item specified by go_name.  If go_name specifies a group, the routine also requires the g (groups) permission on the principal identified by principal_name. 

Notes

An account can be added to the registry database only when all its constituent PGO items are already in the database, and the appropriate membership relationships between them are established.  For example, to establish an account with principal name tom, group name writers, and organization name hp, all three names must exist as independent PGO items in the database.  Furthermore, tom must be a member of writers, which must be a member of hp.  (See the sec_rgy_acct_add() routine to add an account to the registry.) 

Files

/usr/include/dce/pgo.idl
The idl file from which dce/pgo.h was derived. 

Errors

The following describes a partial list of errors that might be returned.  Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages. 

sec_rgy_not_authorized
The client program is not authorized to add members to the specified group or organization.

sec_rgy_bad_domain
An invalid domain was specified.  A member can be added only to a group or organization, not a principal.

sec_rgy_object_not_found
The registry server could not find the specified name.

sec_rgy_server_unavailable
The DCE registry server is unavailable.

error_status_ok
The call was successful.

Related Information

Functions: sec_intro(3sec), sec_rgy_pgo_add(3sec), sec_rgy_pgo_delete_member(3sec), sec_rgy_pgo_get_members(3sec), sec_rgy_pgo_is_member(3sec). 

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026