KCML_Impersonate
Purpose
Impersonate a user
Definition
DEFSUB 'KCML_Impersonate(user$, password$, newpassword$, BYREF msg$) AS KCML_AUTH_ENUM
Parameters
| user | User's account name. |
| password | Password. |
| newpassword | New passowrd. Only used if the current one has expired. |
| msg | Buffer receive any PAM messages. |
Return
Returns an KCML_AUTH_ENUM indicating success, failure or if further action needs to be taken.
Description
Verify a username and password using Unix PAM. If the username & password are correct then _KCML_AUTH_OK will be returned. If the user's password is about to expire, and the account has been configured to issue a warning, then that message will be returned in msg$. If the user's password has expired, and newPassWord$ is blank then _KCML_AUTH_EXPIRED will be returned and msg$ will contain the expiry message from the password database. The expired password can be changed by calling 'KCML_Impersonate() with newPassWord$ set. The strength of the password will have to satisfy the policy of the password database. If it does not _KCML_AUTH_EXPIRED will still be returned and msg$ will return the password database's reason for rejection, eg Password is too simple. If the new password has been accepted _KCML_AUTH_OK is returned and a record of this reported to the audit log.
See also
Internal KCML Functions, Internally defined structures and Internally defined enumerations and constants.