AFS
view release on metacpan or search on metacpan
pod/v2/afsperlkas.pod view on Meta::CPAN
=item B<$ok = $kas-E<gt>ChangePassword(UNAME, UINST, OKEY, NKEY);>
Changes the password for the user entry UNAME.UINST in the
Authentication Database to NKEY. OKEY and NKEY must be instances of
AFS::KTC_EKEY. OEKY is never used, so you can put in any key
(randomkey). It calls the AFS system library function
'ka_ChangePassword'.
=item B<$ok = $kas-E<gt>create(UNAME, UINST, NKEY);>
=item B<$ok = $kas-E<gt>KAM_CreateUser(UNAME, UINST, NKEY);>
Adds the user entry UNAME.UINST to the Authentication Database and sets
its password key to NKEY. NKEY must be an instance of AFS::KTC_EKEY.
This call requires a connection encrypted with an AdminTicket. It calls
the AFS system library function 'KAM_CreateUser'.
=item B<$entry = $kas-E<gt>debug;>
=item B<$entry = $kas-E<gt>KAM_Debug(VERSION);>
Returns information about the Authentication Database, the key cache,
and the state of the AuthServer. The return value is a reference to a
hash table containing the values from the C structure C<ka_debugInfo>.
Possible values for VERSION are
&AFS::KAMAJORVERSION
It calls the AFS system library function'KAM_Debug'.
=item B<$ok = $kas-E<gt>delete(UNAME, UINST);>
=item B<$ok = $kas-E<gt>KAM_DeleteUser(UNAME, UINST);>
Removes the user entry UNAME.UINST from the Authentication Database. It
requires a connection encrypted with an AdminTicket.
It calls the AFS system library function 'KAM_DeleteUser'.
=item B<$entry = $kas-E<gt>getentry(UNAME, UINST);>
=item B<$entry = $kas-E<gt>KAM_Getentry(UNAME, UINST);>
Returns information from the Authentication Database entry for the
user entry UNAME.UINST. The return value is a reference to a hash
table containing the values from the C structure C<kaentryinfo>. The
hash table has the following keys
change_password_time flags keyCheckSum
key_version max_ticket_lifetime minor_version
misc_auth_bytes modification_time modification_user
user_expiration
It calls the AFS system library function 'KAM_GetEntry'.
=item B<($num_admins, $kasstats, $kadstats) = $kas-E<gt>getstats;>
=item B<($num_admins, $kasstats, $kadstats) = $kas-E<gt>KAM_GetStats(VERSION);>
Returns statistics about the AuthServer and its database. If VERSION
does not match that used by the server, the call returns an error
code. The return values are references to the hash tables containing
the values from the C structures C<kasstats> and C<kadstats>. This
call requires a connection encrypted with an AdminTicket. Possible
values for VERSION are
&AFS::KAMAJORVERSION
It calls the AFS system library function 'KAM_Getstats'.
=item B<$token = $kas-E<gt>GetToken(SNAME, SINST, STIME, ETIME, AUTH_TOKEN [, AUTH_CELL]);>
Return a token for the specified service SNAME.SINST. The desired
ticket lifetime is specified by STIME and ETIME (given in 5 minute
intervals). AUTH_TOKEN must be a ticket for the ticketgranting
service (an instance of AFS::KTC_TOKEN) in the cell AUTH_CELL (default
null). It assumes that a connection to the AuthServer has already been
established. It calls the AFS system library function 'ka_GetToken'.
=item B<($name, $inst) = $kas-E<gt>listentry(PREV, INDX, COUNT);>
=item B<($name, $inst) = $kas-E<gt>KAM_ListEntry(PREV, INDX, COUNT);>
Returns the name and instance of an entry in the database. It provides
a way to step through all the entries in the database. The first call
should be made with previous index PREV set to zero. The method updates
COUNT, which is an estimate of the number of entries remaining to be
returned, and INDX, which should be passed in as previous index on the
next call. A negative COUNT or a nonzero return code indicates that an
error occurred. A zero INDX means there were no more entries. A zero
COUNT means the last entry has been returned. This call requires a
connection encrypted with an AdminTicket. It calls the AFS system
library function 'KAM_ListEntry'.
=item B<$rkey = $kas-E<gt>randomkey;>
=item B<$rkey = $kas-E<gt>KAM_GetRandomKey;>
Returns a random DES key (an instance of AFS::KTC_EKEY) and is preferred
over a calling routine just inventing a key. It calls the AFS system
library function 'KAM_GetRandomKey'.
=item B<$ok = $kas-E<gt>setpassword(UNAME, UINST, KVNO, NKEY);>
=item B<$ok = $kas-E<gt>KAM_SetPassword(UNAME, UINST, KVNO, NKEY);>
Sets the key NKEY and key version number KVNO of the user entry
UNAME.UINST to the given values. NKEY must be an instance of
AFS::KTC_EKEY. This call requires a connection encrypted with an
AdminTicket. It calls the AFS system library function
'KAM_SetPassword'.
=item B<$ok = $kas-E<gt>setfields(UNAME, UINST, FLAGS, EXPIRE, LIFETIME, MAXASSOC, PACKED);>
=item B<$ok = $kas-E<gt>KAM_SetFields(UNAME, UINST, FLAGS, EXPIRE, LIFETIME, MAXASSOC, PACKED);>
This function alters the miscellaneous parameters associated with the
user entry UNAME.UINST. The FLAGS argument can be set to the following values
&AFS::KAFNORMAL regular user
&AFS::KAFADMIN an administrator
&AFS::KAFNOTGS not allow principal to get or use TGT
&AFS::KAFNOSEAL not allow principal as server in GetTicket
&AFS::KAFNOCPW not allow principal to change its own key
&AFS::KAFNEWASSOC allow user to create associates
EXPIRE is the epoch time after which attempts to authenticate as this user
will fail. The LIFETIME can be set to limit the lifetime of an
authentication ticket created for a user (unit is secs). MAXASSOC
defaults to -1. PACKED is an array of four bytes. It contains
PACKED[0]: password lifetime; range must be [0..254] days; 0 = infinity
PACKED[1]: password reuse; [1 = yes], [2 = no], [0 = not changed]
PACKED[2]: numb of failed logins; (fail - 1) tries are allowed; 0 = infinity
PACKED[3]: lock time, must be set in units of 8.5 minutes; 0 = infinity
This call requires a connection encrypted with an AdminTicket. It
calls the AFS system library function 'KAM_SetFields'.
=back
=head1 CURRENT AUTHOR
Norbert E. Gruener E<lt>nog@MPA-Garching.MPG.deE<gt>
=head1 AUTHOR EMERITUS
Roland Schemers E<lt>schemers@slapshot.stanford.eduE<gt>
=head1 COPYRIGHT AND LICENSE
( run in 1.712 second using v1.01-cache-2.11-cpan-39bf76dae61 )