|
|
|
CHARACTER AccessCode
|
/** This is an encrypted access-code-phrase that is used to validate the identity and
integrity of any CLIENT-PRINCIPLE issued by the Authentication System represented
by this domain.
The access-code-phrase is an encrypted string consisting of printable characters
with a null terminator (including embedded spaces and tabs).
The pass phrase is case sensitive and will be used to generate and validate
[MD5] MAC seals in CLIENT-PRINCIPAL objects.
Note that this field is encrypted for security purposes and the encryption
method used must be understood by the 4GL / PVM as it must know how to decrypt
the access code to validate it. The server will default to use
AUDIT-POLICY:ENCRYPT-AUDIT-MAC-KEY(AccessCode).
Setting the IDataAdminService PasswordPolicy:PreEncodeDomainAccessCode to true
will tell the server side to avoid the encryption Assuming it is done by the user
before being assigned to this property */
|
|
|
|
CHARACTER AuditingContext
|
/** This text will provide the Audit record context value when a _client-session record
is recorded to the database. It should describe the domain's Authentication System,
location, and any other identifying characteristics.
While this value is optional for auditing, it is recommended that a value be filled in. */
|
|
|
|
CHARACTER AuthenticationActions
|
/* Defines authentication actions (PAM actions ) applicable to the the domain */
|
|
|
|
OpenEdge.DataAdmin.IAuthenticationSystem AuthenticationSystem
|
/** The Authentication System of the domain _oeusertable, LDAP, RSA, KERBOS, KEON, internal etc*/
|
|
|
|
CHARACTER Comments
|
/** Comments about the domain - can hold custom specific authentication details */
|
|
|
|
CHARACTER Description
|
/** A free text description of the domain primarily for reporting purposes */
|
|
|
|
LOGICAL IsBuiltin
|
/** Returns true if the Domain is builtin */
|
|
|
|
LOGICAL IsEnabled
|
/** This logical property facilitates disabling of the Domian without deleting it.
If set to NO then authentication for this domain will be disabled.
The default is YES to enable authentication for this domain. */
|
|
|
|
CHARACTER Name
|
/** The name and unique idnetifier of a single Authentication System (domain) that
can be used to authenticate or validate the authentication of a user account.
The 4GL or SQL will refer to this name when it begins a user authentication
process or it is validating the CLIENT-PRINCIPAL object that was produced by
an authentication operation performed in this domain.
The domain name may be used to fully qualify a user's identity by suffixing it to
the user's id using a "@" delimiter (ex: fred@ldap). */
|
|
|
|
CHARACTER RuntimeOptions
|
/** Used to define a comma delimited list of Run time options for the ABL runtime.
The valid runtime options will depend on the Authentication System */
|
|
|
|
CHARACTER SystemOptions
|
/** Defines SystemOptions (PAM options) applicable to the Authentication System */
|
|
|
|
OpenEdge.DataAdmin.ITenant Tenant
|
/** The Tenant of the Domain */
|
|
|
|
OpenEdge.DataAdmin.IUserSet Users
|
/** Collection of OpenEdge Users of the Domain */
|