describes a Solaris group

Fully describes a Solaris group, contains group name, group id, group members.

Specifies the group name.

Specifies the Gid of the group.

Specifies the members of the group.

describes a Solaris user

Fully describes a Solaris user, contains account, home directory and security attributes associated with a user. See man passwd(4), shadow(4), userattr(4) for more info on fields.

username for the account.

UID for the account.

GID for the account.

gecos info for the account.

homedirectory location for the account.

default shell for the account.

Number of inactivity days allowed for the account.

Minimum number of days between password changes for the account.

Maximum cemunber of days the password is valid for the account.

Number of days before password expires the user is warned.

The date after which login will not be allowed for the account. The date format is %y-%m-%d %H:%M:%S.

Specifies whether the account is locked after failed logins execeeds the allowable limit.

Specifies per-user always audit pre-selection flags.

Specifies per-user never-audit pre-selection flags.

specifies whether account is role or user.

specifies the default project for the account.

Specifies the max label at which the user can operate.

Specifies the min labelthat the user can login .

Specifies whether the account user role or user password for role authentication.

Specifies when the desktop session for the user gets locked.

Specifies the idle time before the idlecmd is executed.

Specifies the status of the account.

Specifies the roles that have been assigned to the account.

Specifies the profiles that have been assigned to the account.

Specifies the authenticated profiles that have been assigned to the account.

Specifies the authorizations that have been assigned to the account.

Specifies the default set of privileges assigned to user at login.

Specifies the maximum set of privileges the user or process started by the user can obtain.

Specifies the supplemental groups that have been assigned to the account.

Keeps track of all the fields that have been changed in the user object.

Keeps track of all the fields that have been changed in the user object. For every field that has been changed in the User object the respective changeField will be set to true.

User Manager api error types

Name service scope types

Set of operations that can be performed on users and roles.

Lists users.

Lists the users present in the selected scope based on the filter options. READERROR - when unable to read user after

Lists groups.

Lists the groups present in the selected scope. READERROR - when unable to read the groups database.

Lists shells.

Lists the set of available shells that can be set as default shell for users. READERROR - when unable to read the default shells.

Lists user defaults.

Lists the default values for groups, basedir, project, shell, skel, inactive, expire, auths, profiles, roles, limitPriv, defaultPriv, lockAfterRetries used for creation of users and roles. READERROR - when unable to read default user properties.

Lists scopes.

Lists the set of name service repositories that can be administered. READERROR - when unable to read the name services that can be managed.

Lists assigned roles.

Lists the roles assigned to a user. READERROR - when unable to read user roles

Lists assigned profiles.

Lists the profiles assigned to a user. READERROR - when unable to read user profiles.

Lists assigned authorizations.

Lists the authorizations assigned to a user. READERROR - when unable to read user authorizations.

Lists default privileges.

Lists the default privileges assigned to a user. READERROR - when unable to read user's default privileges.

Lists limit privileges.

Lists the limit privileges assigned to a user. READERROR - when unable to read user's limit privileges.

Lists supplemental groups.

Lists the supplemental groups that the user is a member of. READERROR - when unable to read user's supplemental groups.

Lists Assigned Audit Classes.

Lists the audit classes that are assigned to the user. READERROR - when unable to read user's assigned audit classes.

Lists users PAM configuration files.

Lists the per-user PAM configuration files. READERROR - when unable to read user specific PAM configuration files.

gets User information for a given username.

Gets the user information for a given username from the name service repository based on the filter options. READERROR - when unable to read user

Specifies the username for which the account information is to be retrieved.

Add user or role.

Adds a user or role to the selected name service repository based on the filter options. Applies the properties set in the user object as the account, password, security attributes. Sets INVALIDDATA error when arguments are not valid. Sets PASSERROR error when password update fails. Sets READERROR error when unable to read user after successful addition of new user. Sets USEREXISTS error user already exists with same username. INVALIDDATA - when arguments are not valid. INVALIDDATA - when arguments are not valid. READERROR - when unable to read user after adding new user.

user object which contains attributes of new user account to be created.

password to be set for the new user account.

Modify user or role.

Modifies users or roles present in the selected scope based on the filter options. Applies the changed fields in the user object to the user or role attributes. Sets INVALIDDATA error when arguments are not valid. Sets PASSERROR error when password update fails. Sets READERROR error when unable to read user after successful modification of user. INVALIDDATA - when arguments are not valid. INVALIDDATA - when arguments are not valid. READERROR - when unable to read user after adding new user.

user object which contains user attributes to be modified.

password to be set for the new user account.

Indicates which fields have been modified in the user object by the client.

Delete user.

Deletes user or role based on username present in the selected scope based on the filter options. Sets READERROR error on failure. READERROR - when unable to read user

username of account that needs to be deleted.

sets the name-service repository scope.

Sets the name-service repository scope. All subsequent operations will use the specified scope.

Specifies the name-service scope to be used for managing users.

Sets the filter options.

Sets the filter options which are used for all the subsequent operations. The options are user or role and search string. The default search string is empty string ("").

Specifies if users or roles will be managed.

Specifies the string to match against user or role names to be managed.

Checks if System is Labeled.

Checks if the Trusted Extensions feature is enabled on the system. Returns true if successful and sets Sets READERROR error on failure. READERROR - when checking if Trusted Extensions is enabled fails.

Gets the user type.

Checks if the user is role or normal user. Returns UserType set to role or normal user. Sets READERROR error on failure. READERROR - when checking if Trusted Extensions is enabled fails.

Specifies user name to check for user or role.