| Framework | DirectoryService |
| Declared in | DirServices.h DirServicesTypes.h DirServicesUtils.h ImageCodec.k.h ImageCompression.k.h |
| Companion guides |
This document describes the Directory Services functions, constants and data types for retrieving information stored in directories.
dsAddAttribute
dsAddAttributeValue
dsAddChildPIDToReference
dsAllocAttributeValueEntry
dsAppendStringToListAlloc
dsBuildListFromNodesAlloc
dsBuildFromPath
dsBuildListFromPathAlloc
dsBuildListFromStrings
dsBuildListFromStringsAlloc
dsBuildListFromStringsAllocV
dsCloseAttributeList
dsCloseAttributeValueList
dsCloseDirNode
dsCloseDirService
dsCloseRecord
dsCreateRecord
dsCreateRecordAndOpen
dsDataBufferAllocate
dsDataBufferDeAllocate
dsDataListAllocate
dsDataListCopyList
dsDataListDeallocate
dsDataListGetNodeAlloc
dsDataListGetNodeCount
dsDataListInsertAfter
dsDataListMergeListAfter
dsDataListDeleteThisNode
dsDataNodeAllocateBlock
dsDataNodeAllocateString
dsDataNodeDeAllocate
dsDataNodeGetSize
dsDataNodeGetLength
dsDataNodeSetLength
dsDeallocAttributeEntry
dsDeallocAttributeValueEntry
dsDeallocRecordEntry
dsDeleteRecord
dsDoAttributeValueSearch
dsDoAttributeValueSearchWithData
dsDoDirNodeAuth
dsDoDirNodeAuthOnRecordType
dsDoMultipleAttributeValueSearch
dsDoMultipleAttributeValueSearchWithData
dsDoPlugInCustomCall
dsFindDirNodes
dsFlushRecord
dsGetAttributeEntry
dsGetAttributeValue
dsGetDataLength
dsGetDirNodeCount
dsGetDirNodeCountWithInfo
dsGetDirNodeInfo
dsGetDirNodeList
dsGetDirNodeName
dsGetPathFromList
dsGetRecordAttributeInfo
dsGetRecordAttributeValueByID
dsGetRecordAttributeValueByIndex
dsGetRecordAttributeValueByValue
dsGetRecordEntry
dsGetRecordList
dsGetRecordReferenceInfo
dsGetRecordNameFromEntry
dsGetRecordTypeFromEntry
dsIsDirServiceRunning
dsOpenDirNode
dsOpenDirService
dsOpenDirServiceProxy
dsOpenRecord
dsReleaseContinueData
dsRemoveAttribute
dsRemoveAttributeValue
dsSetAttributeValue
dsSetAttributeValues
dsSetRecordName
dsSetRecordType
dsVerifyDirRefNum
Adds an attribute to a record.
tDirStatus dsAddAttribute ( tRecordReference inRecordReference, tDataNodePtr inNewAttribute, tAccessControlEntryPtr inNewAttributeAccess, tDataNodePtr inFirstAttributeValue );
On input, a value of type tRecordReference obtained by previously calling dsOpenRecord or dsCreateRecordAndOpen that represents the record to which an attribute is to be added.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the name of the attribute that is to be added.
Reserved for this release. On input, set inNewAttributeAccess to NULL.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the value of the attribute that is to be added. If you don’t want to set a value, this parameter can be NULL.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function adds to the specified record an attribute having the name specified by the inNewAttribute parameter and the value pointed to by the inFirstAttributeValue parameter.
To change the value of an attribute, call dsSetAttributeValue or dsSetAttributeValues.
DirServices.hAdds a value to an attribute.
tDirStatus dsAddAttributeValue ( tRecordReference inRecordReference, tDataNodePtr inAttributeType, tDataNodePtr inAttributeValue );
On input, value of type tRecordReference obtained by previously calling dsOpenRecord that represents the record having an attribute to which a value is to be appended.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the type of the attribute to which a value is to be added.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the value that is to be added.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function adds the specified value to the specified attribute. The attribute must be capable of having more than one value.
To change the value of an attribute, call dsSetAttributeValue or dsSetAttributeValues.
DirServices.hAllows the specified process to use a node reference.
tDirStatus dsAddChildPIDToReference ( tDirReference inDirRef, SInt32 inValidChildPID, UInt32 inValidAPIReferenceToGrantChild );
A value of type tDirReference obtained by previously calling dsOpenDirService that identifies the Open Directory session.
A value of type long that specifies the child process ID that is to be granted permission to use the Open Directory reference specified by inDirReference.
A value of type unsigned long containing a node reference obtained by previously calling dsOpenDirNode.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function allows the child process specified by inValidChildPID to use the node reference specified by the inValidAPIReferenceToGrantChild parameter. Calling this function allows a child process that your application forks to use a node reference that the parent process has already acquired.
DirServices.hAllocates an attribute value entry structure having the specified attribute value.
tAttributeValueEntryPtr dsAllocAttributeValueEntry ( tDirReference inDirRef, UInt32 inAttrValueID, void *inAttrValueData, UInt32 inAttrValueDataLen );
On input, a value of type tDirReference obtained by calling dsOpenDirService representing the Open Directory session that is to be associated with the attribute value entry structure, or zero.
On input, a value of type unsigned long containing an attribute value ID.
On input, a pointer an arbitrary value containing the value that is to be incorporated in the attribute value entry structure as an attribute value.
On input, the length of valid data in the value pointed to by inAttrValueData.
A value of type tAttributeEntryPtr that points to the new tAttributeValueEntry structure.
This utility function allocates a structure of type tAttributeValueEntry and returns a pointer to it. The resulting structure can be used to set the value of the attribute identified by inAttrValueID by calling dsSetAttributeValue and passing to it the attribute value entry pointer returned by this function.
The allocated structure contains the attribute value ID specified by inAttrValueID and the attribute value pointed to by inAttrValueData.
To release the memory associated with tAttributeValueEntryPtr, call dsDeallocAttributeValueEntry.
DirServicesUtils.hAppends a string to a data list.
tDirStatus dsAppendStringToListAlloc ( tDirReference inDirReferences, tDataListPtr inDataList, const char *inCString );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy representing the Open Directory session that is associated with this data list, or zero.
On input, a value of type tDataListPtr that points to the data list to which the string specified by inCString is to be appended.
On input, a pointer to a null-terminated string containing the value in UTF-8 format that is to be appended to the data list.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function appends a string to a data list.
DirServicesUtils.hBuilds a data list from a pathname.
tDataListPtr dsBuildFromPath ( tDirReference inDirReference, const char *inPathCString, const char *inPathSeparatorCString );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy that represents the Open Directory session for which the data list is to be built, or zero.
On input, a pointer to a null-terminated string containing a pathname in UTF-8 format.
On input, a pointer to a null-terminated string containing the character that delimits the components of the pathname pointed to by inPathCString.
A value of type tDataListPtr that points to the new data list.
This utility function uses a pathname to build a null-terminated data list and returns a pointer to it. Many Open Directory functions take a pointer to a data list as a parameter. For example, you can pass the resulting data list pointer as a parameter to dsOpenDirNode.
When you no longer need the data list, call dsDataListDeallocate to release the memory associated with it. If the data list is a heap-based data list, you also need to call free().
DirServicesUtils.hFills in a previously allocated data list using one or more data nodes.
tDirStatus dsBuildListFromNodesAlloc ( tDirReference inDirReferences, tDataListPtr inDataList, tDataNodePtr in1stDataNodePtr, ... );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy representing the Open Directory session that is associated with the specified data list, or zero.
On input, a value of type tDataListPtr that points to a data list allocated by calling dsDataListAllocate.
On input, a value of type tDataNodePtr that points to a data node containing data in UTF-8 format. The in1stDataNodePtr parameter may be followed by one or more parameters of type tDataNodePtr, each pointing to a data node. Each data node may have been allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function uses information from one or more data nodes to fill in a previously allocated data list. The resulting data list is null-terminated.
When you no longer need the data list, call dsDataListDeallocate to release the memory associated with it. If the data list is a heap-based data list, you also need to call free().
DirServicesUtils.hBuilds a data list from a pathname using a data list that has already been allocated.
tDirStatus dsBuildListFromPathAlloc ( tDirReference inDirReference, tDataListPtr inDataList, const char *inPathCString, const char *inPathSeparatorCString );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy that represents the Open Directory session for which the data list is to be built, or zero.
On input, a value of type tDataListPtr that points to a data list allocated by calling dsDataListAllocate.
On input, a pointer to a null-terminated string containing a pathname in UTF-8 format.
On input, a pointer to a null-terminated string containing the character that delimits the components of the pathname pointed to by inPathCString.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function uses previously allocated data list and a pathname to build a null-terminated data list and returns a pointer to it. Many Open Directory functions take a pointer to a data list as a parameter. For example, you can pass the resulting data list pointer as a parameter to dsOpenDirNode.
When you no longer need the data list, call dsDataListDeallocate to release the memory associated with it. If the data list is a heap-based data list, you also need to call free().
DirServicesUtils.hBuilds a data list from strings.
tDataListPtr dsBuildListFromStrings ( tDirReference inDirReference, const char *in1stCString, ... );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy representing the Open Directory session for which the data list is being built, or zero.
On input, a pointer to a null-terminated string containing data in UTF-8 format that is to be added to the data list. The in1stCString parameter may be followed by one or more parameters of type char *, each pointing to a C string containing data in UTF-8 format that is to be added to the data list.
A value of type tDataListPtr that points to the tDataList structure that has been created.
This utility function uses one or more null-terminated strings to build a data list and returns a pointer to it.
When you no longer need the data list, call dsDataListDeallocate t o release the memory associated with it. If the data list is a heap-based data list, you also need to call free().
DirServicesUtils.hFills in a previously allocated data list using data from strings.
tDirStatus dsBuildListFromStringsAlloc ( tDirReference inDirReferences, tDataListPtr inDataList, const char *in1stCString, ... );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy representing the Open Directory session that is associated with the specified data list, or zero.
On input, a value of type tDataListPtr that points to a data list allocated by calling dsDataListAllocate.
On input, a pointer to a character string that specifies the name of a data node to add to the data list. The in1stCString parameter may be followed by one or more additional parameters of type char *, each pointing to a C string containing data that is to be added to the data list.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function fills in a data list using the data in UTF-8 format contained by the specified null-terminated strings.
When you no longer need the data list, call dsDataListDeallocate to release the memory associated with it. If the data list is a heap-based data list, you also need to call free().
DirServicesUtils.hFills in a previously allocated data list using data from a list of type va_list.
tDirStatus dsBuildListFromStringsAllocV ( tDirReference inDirRef, tDataList *inDataList, const char *in1stCString, va_list args );
On input, a value of type tDirReference obtained by calling dsOpenDirService representing the Open Directory session that is associated with the specified data list, or zero.
On input, a pointer to a value of type tDataList allocated by calling dsDataListAllocate.
On input, a pointer to a character string that specifies the name of a data node to add to the data list. The in1stCString parameter may be followed by one or more additional parameters of type char *, each pointing to a C string containing data that is to be added to the data list.
On input, a value of type va_list with additional C strings containing data that is to be added to the date list.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function fills in a data list using the data in UTF-8 format contained by the specified null-terminated string and additional strings in the va_list parameter.
When you no longer need the data list, call dsDataListDeallocate to release the memory associated with it.
DirServicesUtils.hDisposes of an attribute list reference.
tDirStatus dsCloseAttributeList ( tAttributeListRef inAttributeListRef );
On input, a value of type tAttributeListRef obtained by a previous call to dsGetDirNodeInfo or dsGetRecordEntry.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function disposes of an attribute list reference that was obtained by a previous call to dsGetDirNodeInfo or dsGetRecordList. You should dispose of an attribute list reference when it is no longer needed.
DirServices.hDisposes of an attribute value list reference.
tDirStatus dsCloseAttributeValueList ( tAttributeValueListRef inAttributeValueListRef );
On input, a value of type tAttributeValueListRef that was obtained by a previous call to dsGetAttributeEntry.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function disposes of an attribute value list reference that was obtained by a previous call to dsGetAttributeEntry. You should dispose of an attribute value list reference when it is no longer needed.
DirServices.hCloses a session with a node.
tDirStatus dsCloseDirNode ( tDirNodeReference inDirNodeReference );
On input, a value of type tDirNodeReference obtained by previously calling dsOpenDirNode or dsOpenDirServiceProxy that identifies the node session that is to be closed.
A value of type tDirStatus indicating success (eDSNoErr) or an error. such as eDSInvalidReference if the tDirNodeReference is invalid. For a list of other possible result codes, see “Result Codes.”
This function closes a session with the node represented by inDirNodeReference.
When the session with the node is closed, inDirNodeReference becomes invalid and cannot be used with any other Open Directory function that takes a node reference as a parameter. Any references that were created with inDirNodeReference as a parameter, such as record references, attribute list references, and attribute value references become invalid when the session represented by inDirNodeReference is closed.
DirServices.hCloses an Open Directory session.
tDirStatus dsCloseDirService ( tDirReference inDirReference );
A value of type tDirReference obtained by previously calling dsOpenDirService or dsOpenDirServiceProxy that identifies the Open Directory session that is to be closed.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function closes the Open Directory session represented by inDirReference. Continuation data and child references, such as node, record, attribute list, and attribute value list references, that were created using inDirReference become invalid when the session is closed and are released implicitly when this function is called. You must deallocate data lists, data nodes, and data buffers yourself by calling dsDataListDeallocate, dsDataNodeDeAllocate, and dsDataBufferDeAllocate respectively.
DirServices.hCloses a open record.
tDirStatus dsCloseRecord ( tRecordReference inRecordReference );
On input, value of type tRecordReference obtained by previously calling dsOpenRecord that identifies the record that is to be closed.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function closes a record that was previously opened by calling dsOpenRecord. Closing the record invalidates the inRecordReference parameter so that it cannot be used as a parameter to any other Open Directory function. Any pending changes to the record are flushed at this time.
DirServices.hCreates a record.
tDirStatus dsCreateRecord ( tDirNodeReference inDirNodeReference, tDataNodePtr inRecordType, tDataNodePtr inRecordName );
On input, a value of type tDirNodeReference, obtained by previously calling dsOpenDirNode that identifies the node in which the record is to be created.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the record type for the record that is to be created. For record type constants, see Standard Record Types.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the name in UTF-8 format for the record that is to be created.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function creates in the node represented by inDirNodeReference a record having the name and type specified by the data nodes pointed to by the inRecordType and inRecordName parameters.
To add attributes to the new record, call dsAddAttribute.
This function does not open the created record. To create a record and open it in one step, call dsCreateRecordAndOpen.
DirServices.hCreates a record and opens it.
tDirStatus dsCreateRecordAndOpen ( tDirNodeReference inDirNodeReference, tDataNodePtr inRecordType, tDataNodePtr inRecordName, tRecordReference *outRecordReference );
On input, a value of type tDirReference, obtained by calling dsOpenDirNode that identifies the node in which the record is to be created.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the record type for the record that is to be created. For record type constants, see Standard Record Types.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the name in UTF-8 format for the record that is to be created.
On input, a pointer to a value of type tRecordReference. On output, outRecordReference points to a record reference for the created record and that can be provided as a parameter to Open Directory functions that operate on opened records.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function creates a record and opens it. On output the outRecordReference parameter is a reference to the newly created record that can be passed as a parameter to Open Directory functions that operate on open records.
To add attributes to the new record, call dsAddAttribute.
To create a record without opening it, call dsCreateRecord.
DirServices.hAllocates an Open Directory data buffer.
tDataBufferPtr dsDataBufferAllocate ( tDirReference inDirReference, UInt32 inBufferSize );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy, or zero.
On input, a value of type unsigned long that specifies the length of the buffer that is to be allocated.
A value of type tDataBufferPtr that points to the allocated tDataBuffer structure.
The utility function allocates an Open Directory data buffer of the specified size and returns a value that points to the allocated buffer.
Open Directory data buffers are used by many Open Directory functions to exchange information between an Open Directory client application and an Open Directory plug-in.
When you no longer need the data buffer, call dsDataBufferDeAllocate to deallocate the memory that is associated with it.
DirServicesUtils.hDeallocates an Open Directory data buffer.
tDirStatus dsDataBufferDeAllocate ( tDirReference inDirReference, tDataBufferPtr inDataBufferPtr );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy for which a data buffer is to be deallocated, or zero.
A value of type tDataBufferPtr that points to the tDataBuffer structure that is to be deallocated.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function appends the specified string to the specified data list.
DirServicesUtils.hAllocates a data list.
tDataListPtr dsDataListAllocate ( tDirReference inDirReference );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy representing the Open Directory session for which the data list is to be allocated, or zero.
A value of type tDataListPtr that points to the allocated tDataList structure. If this function cannot allocate the data list, it returns NULL.
This utility function allocates an empty data list and returns a value of type tDataListPtr that points to it.
Many Open Directory functions return information in a data list and receive information in a data list, such as dsFindDirNodes, dsGetDirNodeInfo, dsGetRecordList, and dsDoAttributeValueSearch.
To add data to the data list, call dsBuildListFromNodesAlloc or dsBuildListFromStringsAlloc.
When you no longer need the data list, call dsDataListDeallocate to release the memory associated with it.
DirServicesUtils.hCopies a data list.
tDataListPtr dsDataListCopyList ( tDirReference inDirReference, const tDataList *inDataListSource );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy representing the Open Directory session that is associated with the specified data list, or zero.
On input, a pointer to a tDataList structure for the data list that is to be copied.
A value of type tDataListPtr that points to the copy of the data list. If this function cannot copy the list, it returns NULL.
This utility function copies a data list and returns a pointer to the copy of the data list.
DirServicesUtils.hDeallocates a data list.
tDirStatus dsDataListDeallocate ( tDirReference inDirReference, tDataListPtr inDataList );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy representing the Open Directory session for which the data list is to be deallocated, or zero.
On input, a value of type tDataListPtr pointing to the tDataList structure that is to be deallocated.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function deallocates a data list previously created by calling dsBuildListFromNodesAlloc, dsBuildFromPath, dsBuildListFromStrings, or dsDataListCopyList.
This utility function does not clean up the header structure associated with the inDataList parameter, so if the inDataList parameter is a true pointer and not the address of a stack variable, you need to call free(inDataList).
DirServicesUtils.hDeletes a data node from a data list.
tDirStatus dsDataListDeleteThisNode ( tDirReference inDirReference, tDataListPtr inDataList, UInt32 inNodeIndex );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy representing the Open Directory session that is associated with the specified data list, or zero.
On input, a value of type tDataListPtr pointing to the data list from which a data node is to be removed.
On input, a value of type unsigned long that identifies the data node to remove. Set inNodeIndex to 1 to remove the first node. Set inNodeIndex to 2 to remove the second node, and so on.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function removes a data node from a data list. The inNodeIndex parameter specifies the index of the data node that is to be removed.
DirServicesUtils.hGets a data node from a data list.
tDirStatus dsDataListGetNodeAlloc ( tDirReference inDirReference, const tDataList *inDataListPtr, UInt32 inNodeIndex, tDataNodePtr *outDataNode );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy representing the Open Directory session that is associated with the specified data list, or zero.
On input, a pointer to a tDataList structure of the data list from which a data node is to be obtained.
On input, a value of type unsigned long that identifies the data node to obtain. Set inNodeIndex to 1 to get the first node. Set inNodeIndex to 2 to get the second node, and so on.
On output, a value of type tDataNodePtr that points to the data node obtained from the data list.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function obtains a data node from a data list.
DirServicesUtils.hGets the number of data nodes in a data list.
UInt32 dsDataListGetNodeCount ( const tDataList *inDataList );
On input, a pointer to a value of type tDataList containing the data nodes that are to be counted.
The number of data nodes in the data list or an error code. For a list of possible result codes, see “Result Codes.”
This utility function returns the number of data nodes in a data list.
DirServicesUtils.hInserts a data node in a data list.
tDirStatus dsDataListInsertAfter ( tDirReference inDirReferences, tDataListPtr inDataList, tDataNodePtr inInsertDataNode, const UInt32 inNodeIndex );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy representing the Open Directory session that is associated with the specified data list, or zero.
On input, a value of type tDataListPtr pointing to a data list containing a list of nodes.
On input, a value of type tDataNodePtr pointing to a data node.
On input, a value of type const unsigned long that specifies the data node in the list after which the data node specified by inInsertDataNode is to be inserted. If inNodeIndex is zero, the data node is inserted at the beginning of the data list.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function inserts a node into a list of nodes in a data list.
DirServicesUtils.hMerges two data lists.
tDirStatus dsDataListMergeListAfter ( tDataListPtr inTargetList, tDataListPtr inSourceList, const UInt32 inNodeIndex );
On input, a value of type tDataListPtr pointing to a data list containing data nodes. When this function returns, inTargetList contains the data nodes it contained before this function was called as well as the data nodes contained by the data list pointed to by inSourceList.
On input, a value of type tDataListPtr pointing to a data list containing data nodes that are to be merged with the data nodes in the data list specified by inTargetList.
On input, a value of type const unsigned long that specifies the index of the node in the data list pointed to by inTargetList after which the data nodes in the list pointed to by inSourceList are to be inserted. If inNodeIndex is zero, the data nodes are inserted at the beginning of the list.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function merges two data lists. The data nodes in the data list pointed by the inSourceList parameter are merged with the data nodes in the data list pointed to by the inTargetList parameter after the data node indicated by the inNodeIndex parameter.
DirServicesUtils.hAllocates an Open Directory data node.
tDataNodePtr dsDataNodeAllocateBlock ( tDirReference inDirReference, UInt32 inDataNodeSize, UInt32 inDataNodeLength, tBuffer inDataNodeBuffer );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy representing the Open Directory session for which the data node is to be allocated, or zero.
On input, a value of type unsigned long that specifies the size of inDataNodeBuffer.
On input, a value of type unsigned long that specifies the length of valid data in inDataNodeBuffer.
On input, a value of type tBuffer containing the value the data node is to contain.
A value of type tDataNodePtr that points to the allocated data node and that can be passed as a parameter to Open Directory functions that require such a value as a parameter. If this function cannot allocate the data node, it returns NULL.
This utility function allocates an Open Directory data node and returns a pointer to it. Use the data node as a convenient way to pass data, such as record names and authentication types, to Open Directory functions.
To release the memory associated with a data node, call dsDataNodeDeAllocate.
To use a C string to allocate a data node, call dsDataNodeAllocateString.
DirServicesUtils.hAllocates an Open Directory data node using a string.
tDataNodePtr dsDataNodeAllocateString ( tDirReference inDirReference, const char *inCString );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy representing the Open Directory session for which the data node is to be allocated. The value of this parameter is actually ignored in Mac OS X.
A pointer to a value of type char that specifies the value the data node is to contain.
A value of type tDataNodePtr that points to the allocated data node and that can be passed as a parameter to Open Directory functions that require such a value as a parameter. If this function cannot allocate the data node, it returns NULL.
This utility function uses a C string to allocate an Open Directory data node and returns a pointer to the allocated data node. Use the data node as a convenient way to pass data, such as record names and authentication types, to Open Directory functions.
To release the memory associated with a data node, call dsDataNodeDeAllocate.
DirServicesUtils.hDeallocates a data node.
tDirStatus dsDataNodeDeAllocate ( tDirReference inDirReference, tDataNodePtr inDataNodePtr );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy, or zero.
On input, a value of type tDataNodePtr that points to the tDataBuffer structure that is to be deallocated.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function deallocates an Open Directory data node that was created by previously calling dsDataNodeAllocateBlock or dsDataNodeAllocateString.
DirServicesUtils.hGets the length of valid data in a data node’s buffer.
UInt32 dsDataNodeGetLength ( tDataNodePtr inDataNodePtr );
On input, a value of type tDataNodePtr that points to the data node for which the length of valid data in the data node’s buffer is to be obtained.
A value of type unsigned long that contains the length of valid data in the data node’s buffer. If this function cannot obtain the length, it returns zero.
This utility function gets the length of valid data in the buffer of the data node pointed to by inDataNodePtr.
DirServicesUtils.hGets the size of a data node’s buffer.
UInt32 dsDataNodeGetSize ( tDataNodePtr inDataNodePtr );
On input, a value of type tDataNodePtr that points to the tDataBuffer structure whose buffer size is to be obtained.
A value of type unsigned long that contains the size of the buffer. If this function cannot obtain the buffer’s size, it returns zero.
This utility function obtains the size of a data node’s buffer.
DirServicesUtils.hSets the length of valid data in a data node’s buffer.
tDirStatus dsDataNodeSetLength ( tDataNodePtr inDataNodePtr, UInt32 inDataNodeLength );
On input, a value of type tDataNodePtr that points to the data node whose buffer size is to be set.
On input, a value of type unsigned long that specifies the length of valid data in the buffer.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function sets the length of valid data in the buffer of the data node pointed to by inDataNodePtr.
DirServicesUtils.hDeallocates an attribute entry structure.
tDirStatus dsDeallocAttributeEntry ( tDirReference inDirRef, tAttributeEntryPtr inAttrEntry );
On input, a value of type tDirReference obtained by calling dsOpenDirService representing the Open Directory session associated with the attribute entry structure that is to be deallocated, or zero.
On input, a value of type tAttributeEntryPtr that points to the tAttributeValueEntry structure that is to be deallocated.
A value of type tDirStatus indicating success or failure.
This utility function deallocates an attribute entry structure and the pointer to it that were allocated in order to call dsGetAttributeEntry or dsGetRecordAttributeInfo.
DirServicesUtils.hDeallocates an attribute value entry structure.
tDirStatus dsDeallocAttributeValueEntry ( tDirReference inDirRef, tAttributeValueEntryPtr inAttrValueEntry );
On input, a value of type tDirReference obtained by calling dsOpenDirService representing the Open Directory session associated with the attribute value entry structure that is to be deallocated, or zero.
On input, a value of type tAttributeValueEntryPtr that points to the tAttributeValueEntry structure that is to be deallocated.
A value of type tDirStatus indicating success or failure.
This utility function deallocates an attribute value entry structure that was previously allocated by calling dsGetAttributeValue, dsGetRecordAttributeValueByID, dsGetRecordAttributeValueByIndex, or dsGetRecordAttributeValueByValue.
DirServicesUtils.hDeallocates a record entry structure.
tDirStatus dsDeallocRecordEntry ( tDirReference inDirRef, tRecordEntryPtr inRecEntry );
A value of type tDirReference obtained by previously calling dsOpenDirService that identifies the Open Directory session for the record entry structure that is to be deallocated, or zero.
On input, a value of type tRecordEntryPtr that points to the tRecordEntry structure that is to be deallocated.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function deallocates the specified record entry structure that was allocated by a previous call to dsGetRecordEntry or dsGetRecordReferenceInfo.
You should always deallocate record entry structures when you no longer need them.
DirServicesUtils.hDeletes a record.
tDirStatus dsDeleteRecord ( tRecordReference inRecordReference );
On input, a value of type tRecordReference obtained by previously calling dsOpenRecord or dsCreateRecordAndOpenthat represents the record that is to be deleted.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function deletes the specified record. Deleting the record invalidates the record reference. Therefore, before deleting a record, be sure to call dsCloseAttributeList and dsCloseAttributeValueList to close any attribute list references and attribute value list references that may have been allocated.
DirServices.hSearches a node for records by attribute value.
tDirStatus dsDoAttributeValueSearch ( tDirNodeReference inDirNodeReference, tDataBufferPtr inOutDataBuffer, tDataListPtr inRecordTypeList, tDataNodePtr inAttributeType, tDirPatternMatch inPatternMatchType, tDataNodePtr inPattern2Match, UInt32 *inOutMatchRecordCount, tContextData *inOutContinueData );
On input, a value of type tDirNodeReference, obtained by calling dsOpenDirNode, that identifies the node that is to be searched.
On input, a value of type tDataBufferPtr created by calling dsDataBufferAllocate that points to the tDataBuffer structure in which this function is to place search results. On output, if inOutMatchRecordCount points to a value greater than zero, call dsGetRecordEntry, dsGetAttributeEntry, and dsGetAttributeValue to get the records, attributes, and attribute values from the data buffer.
On input, a value of type tDataListPtr pointing to a tDataList structure allocated by calling dsDataListAllocate that contains a list of record types to search. Set the record type to kDSStdRecordTypeAll to search all records. See Standard Record Types for other possible values.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains an attribute type to search for. To search all attribute types, set the attribute type to kDSAttributesAll. See the attribute constants described in the “Constants” section for other possible values.
On input, a value of type tDirPatternMatch specifying a pattern type that controls the way in which the pattern specified by inPattern2Match is compared with attribute values. See Pattern Matching Constants for possible values. The pattern type may also be defined by the Open Directory plug-in that handles the directory service represented by inDirNodeReference.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the pattern to match.
On input, a pointer to a value of type unsigned long that specifies the total number of matching records to get across multiple calls to this function. Set this value to zero to get all matching records. On output, inOutRecordMatchCount points to the number of records in the data buffer pointed to by inOutDataBuffer. Once you start a series of dsDoAttributeValueSearch calls, inOutMatchRecordCount is ignored as an input parameter.
On input, a pointer to a value of type tContextData and set to NULL. On output, if the value pointed to by inOutContinueData is not NULL, get more matching records by calling this function again and pass the value pointed to by inOutContinueData. If on output inOutContinueData is NULL, there are no more records to get. If inOutContinueData is not NULL and an error occurs or you don’t want to get any more matching records, you must call dsReleaseContinueData to release the memory associated with inOutContinueData.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function works across multiple calls to obtain a list of all records having attributes whose values match the specified pattern. Set inOutRecordMatchCount to zero to get all matching records. If you want to limit the number of matching records that this function returns, set inOutRecordMatchCount to a positive integer value that specifies the limit.
On output, matching records are returned in the buffer pointed to by inOutDataBuffer with the number of records in that buffer indicated by the value pointed to by inOutMatchRecordCount.
On output, the value pointed to by inOutContinueData indicates whether you should call this function again to obtain more matching records. If inOutContinueData is NULL; you do not need to call this function again. If inOutContinueData is not NULL and you do not want to continue the search, you must call dsReleaseContinueData to deallocate the memory that is associated with inOutContinueData.
If there are too many records to fit in a single buffer, this function returns a non-null value in the value pointed to by inOutContinueData. To get more records, call this function again, passing the pointer to inOutContinueData that was returned by the previous call to this function.
If this function returns eDSBufferTooSmall, the buffer is too small for a record that is to be returned. You should allocate a larger buffer and try again. When this function returns eDSBufferTooSmall, inOutContinueData is also set.
If the value pointed to by inOutContinueData is not NULL and the value returned by this function is zero, more results may be available. Continue calling this function until inOutContinueData points to a NULL value.
To get a record from the data buffer pointed to by inOutDataBuffer, call dsGetRecordEntry. To get information about the record’s attributes, call dsGetAttributeEntry. To get the value of a record’s attribute, call dsGetAttributeValue.
If inOutContinueData is not NULL and you no longer need it, call dsReleaseContinueData to release the memory associated with it.
In a series of calls to this function, the value of inOutRecordEntryCount must be set by the first call. Its value is ignored in the next calls in the series.
See dsDoAttributeValueSearchWithData to get information about other attribute types and their values.
DirServices.hSearches for records by attribute type and attribute value.
tDirStatus dsDoAttributeValueSearchWithData ( tDirNodeReference inDirNodeReference, tDataBufferPtr inOutDataBuffer, tDataListPtr inRecordTypeList, tDataNodePtr inAttributeMatchType, tDirPatternMatch inPatternMatchType, tDataNodePtr inPatternToMatch, tDataListPtr inAttributeTypeRequestList, dsBool inAttributeInfoOnly, UInt32 *inOutMatchRecordCount, tContextData *inOutContinueData );
On input, a value of type tDirNodeReference, obtained by calling dsOpenDirNode, that identifies the node that is to be searched.
On input, a value of type tDataBufferPtr created by calling dsDataBufferAllocate that points to the tDataBuffer structure in which this function is to place search results. On output, if inOutMatchRecordCount points to a value greater than zero, call dsGetRecordEntry, dsGetAttributeEntry, and dsGetAttributeValue to get the records, attributes, and attribute values from the data buffer.
On input, a value of type tDataListPtr pointing to a tDataList structure allocated by calling dsDataListAllocate that contains a list of the record types to search for. Set the record type to kDSStdRecordTypeAll to search all records. For other possible values, see Standard Record Types.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains an attribute type to search for. To search all attribute types, set the attribute type to kDSAttributesAll. For other possible values, see the attribute constants described in the “Constants” section for other possible values.
On input, a value of type tDirPatternMatch specifying a pattern type that controls the way in which the pattern specified by inPattern2Match is compared with attribute values. See Pattern Matching Constants for possible values. The pattern type may also be defined by the Open Directory plug-in that handles the directory service represented by inDirNodeReference.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the pattern to match.
On input, a value of type tDataListPtr pointing to a tDataList structure allocated by calling dsDataListAllocate that specifies the record attribute types that are to be returned.
On input, a value of type dsBool set to TRUE if the calling application only wants information about attributes. To get the values of the attributes as well as information about the attributes, set inAttributeInfoOnly to FALSE.
On input, a pointer to a value of type long that specifies the number of matching records to get. On output, inOutRecordEntryCount points to the number of records in the data buffer pointed to by inOutDataBuffer; the number may be less than the requested number if there were not enough matching records to fill the buffer. The caller cannot change the value of inOutRecordEntryCount across multiple calls to this function using the value pointed to by inOutContinueData.
On input, a pointer to a value of type tContextData and set to NULL. On output, if the value pointed to by inOutContinueData is NULL, there are no new results in the buffer. If the value pointed to by inOutContinueData is not NULL on output, pass the value pointed to by inOutContinueData to this function again to get the next entries. You must call dsReleaseContinueData if you don’t want to get the remaining records.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function stores in the data buffer pointed to by inOutDataBuffer a list of records having attributes of the type specified by the inAttributeMatchType parameter whose values match the specified pattern.
Set inOutRecordEntryCount to point to a positive integer value that represents the number of records that are to be returned. You cannot change the value pointed to by inOutRecordEntryCount if you call this function with inOutContinueData pointing to context data returned by a previous call to this function.
If there are too many records to fit in a single buffer, this function returns a non-null value in the value pointed to by inOutContinueData. To get more records, call this function again, passing the pointer to inOutContinueData that was returned by the previous call to this function.
To get a record from the data buffer pointed to by inOutDataBuffer, call dsGetRecordEntry. To get information about the record’s attributes, call dsGetAttributeEntry. To get the value of a record’s attribute, call dsGetAttributeValue.
When you no longer need inOutContinueData, call dsReleaseContinueData to release the memory associated with it.
DirServices.hPerforms authentication with a node.
tDirStatus dsDoDirNodeAuth ( tDirNodeReference inDirNodeReference, tDataNodePtr inDirNodeAuthName, dsBool inDirNodeAuthOnlyFlag, tDataBufferPtr inAuthStepData, tDataBufferPtr outAuthStepDataResponse, tContextData *inOutContinueData );
On input, a value of type tDirNodeReference obtained by previously calling dsOpenDirNode that representing the node that is to be authenticated.
On input, a value of type tDataNodePtr pointing to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString containing the authentication method to use. Authentication methods vary from user to user. Examples include kDSStdAuthSetPasswd, kDSStdAuthSetPasswdAsRoot, and kDSStdAuthChangePasswd to set or change a password and kDSStdAuthNodeNativeNoClearText to authenticate a user. If changes will be made to the node after authentication, the value of the inDirNodeAuthOnlyFlag parameter should be FALSE. For other possible values, see Authentication Constants.
On input, a value of type dsBool that indicates whether the result of authentication will be used in the future. A file server that is only authenticating a user should set this parameter to TRUE to indicate that once the user is authenticated, the result will not be used in the future. An application that might make changes to the node after authentication would set this parameter to FALSE to indicate that the result may be used in the future.
On input, this parameter contains the data necessary for this step in the authentication process. This parameter is a value of type tDataBufferPtr created by calling dsDataBufferAllocate that points to a tDataBuffer structure.
On output, this parameter contains the plug-in’s response. If the authentication was not successful, the buffer contains a plug-in–defined value. If there are more steps in the authentication process, the buffer contains a plug-in–defined value that is used in the next step of the authentication process. This parameter is a value of type tDataBufferPtr created by calling dsDataBufferAllocate pointing to a tDataBuffer structure.
On input, a pointer to a value of type tContextData and set to NULL. On output, if the value pointed to by inOutContinueData is NULL, there are no more steps in the authentication process. If inOutContinueData is not NULL on output, there are more steps to complete. Call this function again and pass to it the value pointed to by inOutContinueData. Call dsReleaseContinueData if the value pointed to by inOutContinueData is not NULL and you do not want to complete the authentication process.
A value of type tDirStatus indicating successful authentication (eDSNoErr) or an error, such as eDSAuthFailed. Other authentication result codes include eDSAuthMethodNotSupported, eDSAuthInBuffFormatError, eDSAuthNoSuchEntity, eDSAuthBadPassword, eDSAuthContinueDataBad, eDSAuthUnknownUser, eDSAuthCannotRecoverPasswd, eDSAuthFailedClearTextOnly, eDSAuthNoAuthServerFound, eDSAuthServerError, eDSAuthNewPasswordRequired, eDSAuthPasswordExpired, eDSAuthPasswordQualityCheckFailed, eDSAuthAccountDisabled, eDSAuthAccountExpired, and eDSAuthAccountInactive. For an explanation of these result codes, see “Result Codes.”
This function performs a variety of authentication tasks, such as authenticating a user, setting a password, and changing a password, depending on the value of the inDirNodeAuthName parameter.
DirServices.hPerforms authentication using a record type.
tDirStatus dsDoDirNodeAuthOnRecordType ( tDirNodeReference inDirNodeReference, tDataNodePtr inDirNodeAuthName, dsBool inDirNodeAuthOnlyFlag, tDataBufferPtr inAuthStepData, tDataBufferPtr outAuthStepDataResponse, tContextData *inOutContinueData, tDataNodePtr inRecordType );
On input, a value of type tDirNodeReference obtained by previously calling dsOpenDirNode that representing the node that is to be authenticated.
On input, a value of type tDataNodePtr pointing to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString containing the authentication method to use. Authentication methods vary from record to record. Examples include kDSStdAuthSetPasswd, kDSStdAuthSetPasswdAsRoot, and kDSStdAuthChangePasswd to set or change a password and kDSStdAuthNodeNativeNoClearText to authenticate a user. If changes will be made to the node after authentication, the value of the inDirNodeAuthOnlyFlag parameter should be FALSE. For other possible values, see Authentication Constants.
On input, a value of type dsBool that indicates whether the result of authentication will be used in the future. A file server that is only authenticating a user should set this parameter to TRUE to indicate that once the user is authenticated, the result will not be used in the future. An application that might make changes to the node after authentication would set this parameter to FALSE to indicate that the result may be used in the future.
On input, this parameter contains the data necessary for this step in the authentication process. This parameter is a value of type tDataBufferPtr created by calling dsDataBufferAllocate that points to a tDataBuffer structure.
On output, this parameter contains the plug-in’s response. If the authentication was not successful, the buffer contains a plug-in–defined value. If there are more steps in the authentication process, the buffer contains a plug-in–defined value that is used in the next step of the authentication process. This parameter is a value of type tDataBufferPtr created by calling dsDataBufferAllocate pointing to a tDataBuffer structure.
On input, a pointer to a value of type tContextData and set to NULL. On output, if the value pointed to by inOutContinueData is NULL, there are no more steps in the authentication process. If inOutContinueData is not NULL on output, there are more steps to complete. Call this function again and pass to it the value pointed to by inOutContinueData. Call dsReleaseContinueData if the value pointed to by inOutContinueData is not NULL and you do not want to complete the authentication process.
On input, a value of type tDataNodePtr that points to a tDataBuffer structure allocated by calling dsDataBufferAllocate containing the type of the record to use for authentication. Currently, the only record types that are allowed are kDSStdRecordTypeComputers and kDSStdRecordTypeUsers.If this parameter is NULL, dsDoDirNodeAuth is called and a record type of kDSStdRecordTypeUsers is used.
A value of type tDirStatus indicating successful authentication (eDSNoErr) or an error, such as eDSAuthFailed. Other authentication result codes include eDSAuthMethodNotSupported, eDSAuthInBuffFormatError, eDSAuthNoSuchEntity, eDSAuthBadPassword, eDSAuthContinueDataBad, eDSAuthUnknownUser, eDSAuthCannotRecoverPasswd, eDSAuthFailedClearTextOnly, eDSAuthNoAuthServerFound, eDSAuthServerError, eDSAuthNewPasswordRequired, eDSAuthPasswordExpired, eDSAuthPasswordQualityCheckFailed, eDSAuthAccountDisabled, eDSAuthAccountExpired, and eDSAuthAccountInactive. For an explanation of these result codes, see “Result Codes.”
This function uses a record type of kDDStdRecordTypeUsers or kDSStdRecordTypeComputers to perform authentication. Specifying a record type of kDSStdRecordTypeUsers is equivalent to calling dsDoDirNodeAuth. Records of type kDSStdRecordTypeUsers and kDSStdRecordTypeComputers are the only records that can be used for authentication.
Introduced in Mac OS X v10.3.
DirServices.hUses multiple attribute values to search a node for records.
tDirStatus dsDoMultipleAttributeValueSearch ( tDirNodeReference inDirNodeReference, tDataBufferPtr inOutDataBuffer, tDataListPtr inRecordTypeList, tDataNodePtr inAttributeType, tDirPatternMatch inPatternMatchType, tDataListPtr inPatterns2Match, UInt32 *inOutMatchRecordCount, tContextData *inOutContinueData );
On input, a value of type tDirNodeReference, obtained by calling dsOpenDirNode, that identifies the node that is to be searched.
On input, a value of type tDataBufferPtr created by calling dsDataBufferAllocate that points to the tDataBuffer structure in which this function is to place search results. On output, if inOutMatchRecordCount points to a value greater than zero, call dsGetRecordEntry, dsGetAttributeEntry, and dsGetAttributeValue to get the records, attributes, and attribute values from the data buffer.
On input, a value of type tDataListPtr pointing to a tDataList structure allocated by calling dsDataListAllocate that contains a list of record types to search. Set the record type to kDSStdRecordTypeAll to search all records. See Standard Record Types for other possible values.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains an attribute type to search for. To search all attribute types, set the attribute type to kDSAttributesAll. See the attribute constants described in the “Constants” section for other possible values.
On input, a value of type tDirPatternMatch specifying a pattern type that controls the way in which the pattern specified by inPattern2Match is compared with attribute values. See Pattern Matching Constants for possible values. The pattern type may also be defined by the Open Directory plug-in that handles the directory service represented by inDirNodeReference.
On input, a value of type tDataListPtr that points to a list of patterns to match.
On input, a pointer to a value of type unsigned long that specifies the total number of matching records to get across multiple calls to this function. Set this value to zero to get all matching records. On output, inOutRecordMatchCount points to the number of records in the data buffer pointed to by inOutDataBuffer. Once you start a series of dsDoMultipleAttributeValueSearch calls, inOutMatchRecordCount is ignored as an input parameter.
On input, a pointer to a value of type tContextData and set to NULL. On output, if the value pointed to by inOutContinueData is not NULL, get more matching records by calling this function again and pass the value pointed to by inOutContinueData. If on output inOutContinueData is NULL, there are no more records to get. If inOutContinueData is not NULL and an error occurs or you don’t want to get any more matching records, you must call dsReleaseContinueData to release the memory associated with inOutContinueData.
A value of type tDirStatus indicating success (eDSNoErr) or an error. A result code of eDSBufferTooSmall indicates you should allocate a larger buffer and call this function again. For a list of possible result codes, see “Result Codes.”
This function works across multiple calls to obtain a list of all records having an attribute whose value matches one of the patterns specified by inPatters2Match. Set inOutRecordMatchCount to zero to get all matching records. If you want to limit the number of matching records that this function returns, set inOutRecordMatchCount to a positive integer value that specifies the limit.
On output, matching records are returned in the buffer pointed to by inOutDataBuffer with the number of records in that buffer indicated by the value pointed to by inOutDataBuffer.
On output, the value pointed to by inOutContinueData indicates whether you should call this function again to obtain more matching records. If inOutContinueData is NULL; you do not need to call this function again. If inOutContinueData is not NULL and you do not want to continue the search, you must call dsReleaseContinueData to deallocate the memory that is associated with inOutContinueData.
If there are too many records to fit in a single buffer, this function returns a non-null value in the value pointed to by inOutContinueData. To get more records, call this function again, passing the pointer to inOutContinueData that was returned by the previous call to this function.
If the value pointed to by inOutContinueData is not NULL and the value returned by this function is zero, more results may be available. Continue calling this function until inOutContinueData points to a NULL value.
To get a record from the data buffer pointed to by inOutDataBuffer, call dsGetRecordEntry. To get information about the record’s attributes, call dsGetAttributeEntry. To get the value of a record’s attribute, call dsGetAttributeValue.
If inOutContinueData is not NULL and you no longer need it, call dsReleaseContinueData to release the memory associated with it.
In a series of calls to this function, the value of inOutRecordEntryCount must be set by the first call. Its value is ignored in the next calls in the series.
See dsDoAttributeValueSearchWithData to get information about other attribute types and their values.
Introduced in Mac OS X v10.4.
DirServices.hSearches for records by attribute type and multiple attribute values.
tDirStatus dsDoMultipleAttributeValueSearchWithData ( tDirNodeReference inDirNodeReference, tDataBufferPtr inOutDataBuffer, tDataListPtr inRecordTypeList, tDataNodePtr inAttributeMatchType, tDirPatternMatch inPatternMatchType, tDataListPtr inPatternsToMatch, tDataListPtr inAttributeTypeRequestList, dsBool inAttributeInfoOnly, UInt32 *inOutMatchRecordCount, tContextData *inOutContinueData );
On input, a value of type tDirNodeReference, obtained by calling dsOpenDirNode, that identifies the node that is to be searched.
On input, a value of type tDataBufferPtr created by calling dsDataBufferAllocate that points to the tDataBuffer structure in which this function is to place search results. On output, if inOutMatchRecordCount points to a value greater than zero, call dsGetRecordEntry, dsGetAttributeEntry, and dsGetAttributeValue to get the records, attributes, and attribute values from the data buffer.
On input, a value of type tDataListPtr pointing to a tDataList structure allocated on the stack or by calling dsDataListAllocate that contains a list of the record types to search for. Set the record type to kDSStdRecordTypeAll to search all records. For other possible values, see Standard Record Types.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the attribute type to search for. To search all attribute types, set the attribute type to kDSAttributesAll. See the attribute constants described in the “Constants” section for other possible values.
On input, a value of type tDirPatternMatch specifying a pattern type that controls the way in which the pattern specified by inPattern2Match is compared with attribute values. See Pattern Matching Constants for possible values. The pattern type may also be defined by the Open Directory plug-in that handles the directory service represented by inDirNodeReference.
On input, a value of type tDataListPtr that points to a list of patterns to match.
On input, a value of type tDataListPtr pointing to a tDataList structure allocated by calling dsDataListAllocate that specifies the record attribute types that are to be returned.
On input, a value of type dsBool set to TRUE if the calling application only wants information about attributes. To get the values of the attributes as well as information about the attributes, set inAttributeInfoOnly to FALSE.
On input, a pointer to a value of type long that specifies the number of matching records to get. On output, inOutRecordEntryCount points to the number of records in the data buffer pointed to by inOutDataBuffer; the number may be less than the requested number if there were not enough matching records to fill the buffer. The caller cannot change the value of inOutRecordEntryCount across multiple calls to this function using the value pointed to by inOutContinueData.
On input, a pointer to a value of type tContextData and set to NULL. On output, if the value pointed to by inOutContinueData is NULL, there are no new results in the buffer. If the value pointed to by inOutContinueData is not NULL on output, pass the value pointed to by inOutContinueData to this function again to get the next entries. You must call dsReleaseContinueData if you don’t want to get the remaining records.
A value of type tDirStatus indicating success (eDSNoErr) or an error. A result code of eDSBufferTooSmall indicates you should allocate a larger buffer and call this function again. For a list of possible result codes, see “Result Codes.”
This function stores in the data buffer pointed to by inOutDataBuffer a list of records having attributes of the type specified by the inAttributeMatchTypes parameter whose values match the specified pattern.
Set inOutRecordEntryCount to point to a positive integer value that represents the number of records that are to be returned. You cannot change the value pointed to by inOutRecordEntryCount if you call this function with inOutContinueData pointing to context data returned by a previous call to this function.
If there are too many records to fit in a single buffer, this function returns a non-null value in the value pointed to by inOutContinueData. To get more records, call this function again, passing the pointer to inOutContinueData that was returned by the previous call to this function.
To get a record from the data buffer pointed to by inOutDataBuffer, call dsGetRecordEntry. To get information about the record’s attributes, call dsGetAttributeEntry. To get the value of a record’s attribute, call dsGetAttributeValue.
When you no longer need inOutContinueData, call dsReleaseContinueData to release the memory associated with it.
Introduced in Mac OS X v10.4.
DirServices.hExchanges custom information with an Open Directory plug-in.
tDirStatus dsDoPlugInCustomCall ( tDirNodeReference inDirNodeReference, UInt32 inCustomRequestCode, tDataBufferPtr inCustomRequestData, tDataBufferPtr outCustomRequestResponse );
On input, a value of type tDirNodeReference, obtained by calling dsOpenDirNode, that identifies the open node for which custom information is to be exchanged.
On input, a value of type unsigned long, containing a request code that is to be sent to the plug-in.
On input, a value of type tDataBufferPtr created by calling dsDataBufferAllocate that points to a tDataBuffer structure containing data that is to be sent to the plug-in.
On input, a value of type tDataBufferPtr created by calling dsDataBufferAllocate that points to a tDataBuffer structure. On output, the buffer contains the plug-in’s response to the information that was sent.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function exchanges custom information with the Open Directory plug-in for the node represented by inDirNodeReference.
DirServices.hFinds the registered node names that match a pattern.
tDirStatus dsFindDirNodes ( tDirReference inDirReference, tDataBufferPtr inOutDataBufferPtr, tDataListPtr inNodeNamePattern, tDirPatternMatch inPatternMatchType, UInt32 *outDirNodeCount, tContextData *inOutContinueData );
On input, a value of type tDirReference obtained by calling dsOpenDirService.
On input, a value of type tDataBufferPtr created by calling dsDataBufferAllocate that points to a tDataBuffer structure in which the results are to be returned. On output, call dsGetDirNodeName to extract the results from the data buffer pointed to by inOutDataBufferPtr.
On input, a value of type tDataListPtr pointing to a tDataList structure containing the pattern that is to be matched. Set this parameter to NULL and inPatternMatchType to the appropriate constant to get the contacts search node (eDSContactsSearchNodeName), network search node (eDSNetworkSearchNodeName), authentication search node (eDSAuthenticationSearchNodeName), the node for the local NetInfo domain (eDSLocalNodeNames), or locally hosted nodes (eDSLocalHostedNodes).
On input, a value of type tDirPatternMatch specifying a pattern type that controls the way in which the pattern specified by inNodeNamePattern is compared with registered node names. See Pattern Matching Constants for possible values.
On output, a pointer to a value of type unsigned long in which this function has stored the number of registered node names in the data buffer pointed to by inOutDataBufferPtr.
On input, a pointer to a value of type tContextData and set to NULL. On output, if inOutContinueData points to a value that is NULL, there is no more response data to get. If inOutContinueData points to a value that is not NULL, there is more response data, which you can get by calling this function again and passing the context data pointed to by inOutContinueData. If inOutContinueData points to a value that is not NULL and you do not want to get the remaining response data, you must call dsReleaseContinueData to deallocate the memory associated with inOutContinueData.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function searches the list of nodes that have been registered by Open Directory plug-ins for the directory service represented by inDirReference for names that match a pattern. It places the names that match the pattern in the data buffer pointed to by inOutDataBufferPtr. Use the inNodeNamePattern parameter to specify pattern to match and the inPatternMatchType parameter to specify how the pattern is to be matched or to specify that a search node is to be found.
On output, outDirNodeCount contains the number of matching registered node names that this function has found. Call dsGetDirNodeName to extract the names from the data buffer.
On output, if inOutContinueData points to a value that is not NULL, there are more matching registered node names for this function to find even if outDirNodeCount points to a zero value. To get another buffer of matching registered node names, call this function again and pass to it the context data pointed to by inOutContinueData. If you do not want to get another buffer of matching node names, you must call dsReleaseContinueData to deallocate the context data pointed to by inOutContinueData.
DirServices.hWrites a record.
tDirStatus dsFlushRecord ( tRecordReference inRecordReference );
On input, value of type tRecordReference obtained by previously calling dsOpenRecord.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function requests the directory service to write the record. The directory service may comply with the request or may choose to ignore it.
The value returned by this function does not reflect whether the record was actually written.
DirServices.hGets an attribute entry from a data buffer.
tDirStatus dsGetAttributeEntry ( tDirNodeReference inDirNodeReference, tDataBufferPtr inOutDataBuffer, tAttributeListRef inAttributeListRef, UInt32 inAttributeInfoIndex, tAttributeValueListRef *outAttributeValueListRef, tAttributeEntryPtr *outAttributeInfoPtr );
On input, a value of type tDirNodeReference obtained by calling dsOpenDirNode representing the node associated with the data in the buffer pointed to by inOutDataBuffer.
On input, a value of type tDataBufferPtr pointing to a tDataBuffer structure containing data returned, for example, by a previous call to dsGetDirNodeInfo or dsGetRecordList.
On input, a value of type tAttributeListRef obtained by previously calling dsGetDirNodeInfo or dsGetRecordEntry.
On input, a value of type unsigned long. Set inAttributeInfoIndex to 1 to get the first attribute entry. Set inAttributeInfoIndex to 2 to get the second attribute entry, and so on.
On output, a pointer to a value of type tAttributeValueListRef. Pass the pointer to outAttributeValueListRef to dsGetAttributeValue to get the value of the attribute.
On output, a pointer to a value of type tAttributeEntryPtr that points to a tAttributeEntry structure in which this function stores information about the attribute specified by inAttributeInfoIndex. The information includes the number of attribute values, the maximum size of the attribute’s value, and the attribute’s signature.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function uses an attribute list reference to extract an attribute entry from a data buffer previously obtained by calling dsGetDirNodeInfo or dsGetRecordEntry. The function stores the information in the tAttributeEntry structure pointed to by outAttributeInfoPtr.
To get the value(s) of the attribute, call dsGetAttributeValue and pass to it the data buffer pointed to by inOutDataBuffer and the attribute value list reference pointed to by outAttributeValueListRef.
When you no longer need the attribute value list pointed to by outAttributeValueListRef, call dsCloseAttributeValueList.
When you no longer need the outAttributeInfoPtr parameter, call dsDeallocAttributeEntry to deallocate the tAttributeEntry structure and its pointer.
DirServices.hGets the value of an attribute from a data buffer.
tDirStatus dsGetAttributeValue ( tDirNodeReference inDirNodeReference, tDataBufferPtr inOutDataBuffer, UInt32 inAttributeValueIndex, tAttributeValueListRef inAttributeValueListRef, tAttributeValueEntryPtr *outAttributeValue );
On input, a value of type tDirNodeReference obtained by calling dsOpenDirNode that represents the node for which the search was conducted.
On input, a value of type tDataBufferPtr pointing to a tDataBuffer structure that was previously filled in, for example, by calling dsDoAttributeValueSearch, dsGetDirNodeInfo, or dsGetRecordList.
On input, a value of type unsigned long. Set inAttributeValueIndex to 1 to get the first attribute value. Set inAttributeValueIndex to 2 to get the second attribute value, and so on.
On input, a value of type tAttributeValueListRef obtained by calling dsGetAttributeEntry that represents a tAttributeValueEntry structure containing an attribute value ID and the value of the attribute represented by the attribute value ID.
On output, a pointer to a value of type tAttributeValueEntryPtr that points to an application-allocated tAttributeValueEntry structure containing the attribute value ID and the value of the attribute.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function obtains the value of an attribute from a data buffer previously filled in, for example, by calling dsDoAttributeValueSearch or dsGetRecordList, and stores the value in a tAttributeValueEntry structure.
When you no longer need the attribute value list pointed to by inAttributeValueListRef, call dsCloseAttributeValueList. When you no longer need outAttributeValue, call dsDeallocAttributeValueEntry.
DirServices.hGets the length of data in a data list.
UInt32 dsGetDataLength ( const tDataList *inDataList );
On input, a pointer to a value of type tDataList whose length is to be obtained.
The length of data in the specified data list or an error code. For a list of possible result codes, see “Result Codes.”
This utility function obtains the length in bytes of data in a data list.
DirServicesUtils.hGets the total number of registered nodes.
tDirStatus dsGetDirNodeCount ( tDirReference inDirReference, UInt32 *outDirectoryNodeCount );
A value of type tDirReference obtained by previously calling dsOpenDirService or dsOpenDirServiceProxy.
On output, a pointer to a value of type unsigned long containing the total number of registered nodes that are available to the Open Directory session represented by inDirReference.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function gets the total number of registered nodes that are available to the Open Directory session represented by inDirReference. If you need to know whether directory names have changed even if the count has not changed, see dsGetDirNodeCountWithInfo.
DirServices.hGets the total number of registered nodes and a change token.
tDirStatus dsGetDirNodeCountWithInfo ( tDirReference inDirReference, UInt32 *outDirectoryNodeCount, UInt32 *outDirectoryNodeChangeToken );
A value of type tDirReference obtained by previously calling dsOpenDirService or dsOpenDirServiceProxy.
On output, a pointer to a value of type unsigned long containing the total number of registered nodes that are available to the Open Directory session represented by inDirReference.
On output, a pointer to a value of type unsigned long containing the change token. Save the value pointed to by outChangeToken and compare it with the next value received when you call this function again to see if there has been a change.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function gets the total number of registered nodes that are available to the Open Directory session represented by inDirReference, as well as a change token. To learn whether the node names have changed even though the number of registered nodes remains the same, call this function and get another change token. Compare the original and the new change token. The two change tokens will not be equal if there has been a change in the name of a registered node or to the number of registered nodes. If the change tokens are not equal, you may want to call dsGetDirNodeList to get a new list of registered nodes.
The change token is only guaranteed to be different if the node names have changed. Do not assume that the new change token will be incremented or decremented relative to the value of the original change token.
DirServices.hGets information about a node’s attribute types and attribute values.
tDirStatus dsGetDirNodeInfo ( tDirNodeReference inDirNodeReference, tDataListPtr inDirNodeInfoTypeList, tDataBufferPtr inOutDataBuffer, dsBool inAttributeInfoOnly, UInt32 *outAttributeInfoCount, tAttributeListRef *outAttributeListRef, tContextData *inOutContinueData );
On input, a value of type tDirNodeReference, obtained by previously calling dsOpenDirNode, that identifies the node for which information is to be obtained.
On input, a value of type tDataListPtr pointing to a tDataList structure containing the attribute types for which information is requested. To get information about all attribute types, pass a tDataList structure whose list is kDSAttributesAll.
On input, a value of type tDataBufferPtr created by calling dsDataBufferAllocate that points to a tDataBuffer structure. On output, the tDataBuffer structure contains the requested attribute type information for the specified node. If the input value of inAttributeInfoOnly is FALSE, the data buffer also contains attribute values. Call dsGetAttributeEntry to extract attribute information from the buffer. Then call dsGetAttributeValue to get the value of an attribute.
On input, a value of type dsBool set to TRUE if you only want attribute information. To get the values of the requested attributes as well as information about the attributes, set inAttributeInfoOnly to FALSE.
On output, a pointer to a value of type unsigned long containing the number of attribute types in the data buffer pointed to by inOutDataBuffer.
On input, a pointer to a value of type tAttributeListRef. When this function returns, use the attribute list reference pointed to by outAttributeListRef to call dsGetAttributeEntry to get the attribute type information. Use information provided by calling dsGetAttributeEntry to call dsGetAttributeValue to get the value of an attribute.
On input, a pointer to a value of type tContextData and set to NULL. On output, if inOutContinueData points to a value that is NULL, there is no more response data to get. If inOutContinueData points to a value that is not NULL, there is more response data, which you can get by calling this function again and passing the context data pointed to by inOutContinueData. If inOutContinueData points to a value that is not NULL and you do not want to get the remaining response data, you must call dsReleaseContinueData to deallocate the memory associated with inOutContinueData.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function gets attribute type information about a node, which may include attribute types for storing the authentication methods the node supports, the types of records the node contains, kDS1AttrReadOnlyNode, which indicates whether the node supports write operations, kDSNAttrNodePath, which indicates the node’s name, and kDSNAttrSubNodes, which indicates nodes that are children of this node in the hierarchy.
You should call dsCloseAttributeList when you no longer need the attribute list reference pointed to by outAttributeListRef.
DirServices.hGets the names of registered nodes.
tDirStatus dsGetDirNodeList ( tDirReference inDirReference, tDataBufferPtr inOutDataBufferPtr, UInt32 *outDirNodeCount, tContextData *inOutContinueData );
On input, a value of type tDirReference obtained by previously calling dsOpenDirService or dsOpenDirServiceProxy.
On input, a value of type tDataBufferPtr created by calling dsDataBufferAllocate that points to a tDataBuffer structure. On output, the tDataBuffer structure contains the requested list of registered node names. Call dsGetDirNodeName to get a name from the buffer.
On output, a pointer to a value of type unsigned long in which this function has stored the number of registered directory names in the data buffer pointed to by inOutDataBufferPtr.
On input, a pointer to a value of type tContextData and set to NULL. On output, if inOutContinueData points to a value that is NULL, there is no more response data to get. If inOutContinueData points to a value that is not NULL, there is more response data, which you can get by calling this function again and passing the context data pointed to by inOutContinueData. If inOutContinueData points to a value that is not NULL and you do not want to get the remaining response data, you must call dsReleaseContinueData to deallocate the memory associated with inOutContinueData.
A value of type tDirStatus indicating success (eDSNoErr) or an error. A result code of eDSBufferTooSmall indicates you should allocate a larger buffer and call this function again. For a list of possible result codes, see “Result Codes.”
This function fills a data buffer with the names of registered nodes. Call dsGetDirNodeName to extract the names from the buffer.
On output, if inOutContinueData points to a value that is not NULL, there are more registered node names to get even if outDirNodeCount points to a zero value. To get another buffer of registered node names, call this function again and pass to it the context data pointed to by inOutContinueData.
DirServices.hGets node names from a buffer.
tDirStatus dsGetDirNodeName ( tDirReference inDirReference, tDataBufferPtr inOutDataBuffer, UInt32 inDirNodeIndex, tDataListPtr *inOutDataList );
On input, a value of type tDirReference obtained by previously calling dsOpenDirService or dsOpenDirServiceProxy.
On input, a value of type tDataBufferPtr that points to a tDataBuffer structure containing the results of calling dsFindDirNodes or dsGetDirNodeList.
On input, a value of type unsigned long. Set inDirNodeIndex to 1 to get the first name. Set inDirNodeIndex to 2 to get the second name, and so on.
On input, a value of type tDataListPtr pointing to a value that is NULL or that can be overwritten. On output, the data list contains the full pathname of the node specified by inDirNodeIndex. You can reuse the data list for other purposes, but when you no longer need the data list, call dsDataListDeallocate to deallocate it. The data list is heap-based, you also need to call free().
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function parses a buffer of node names obtained by calling dsFindDirNodes or dsGetDirNodeList.
The inOutDataBuffer parameter points to the data buffer that contains node names. The inDirNodeIndex parameter specifies which node name to get, and the inOutDataList parameter specifies the address of the application-defined tDataList structure in which this function is to place the node name.
DirServices.hGets the path from a data list.
char * dsGetPathFromList ( tDirReference inDirReference, const tDataList *inDataList, const char *inDelimiter );
On input, a value of type tDirReference obtained by calling dsOpenDirService or dsOpenDirServiceProxy representing the Open Directory session associated with the data list from which a path is to be obtained, or zero.
On input, a pointer to a value of type tDataList containing the path to get.
On input, a pointer to a character string containing the character that delimits the components of the path in the data list pointed to by the inDataList parameter.
A pointer to a character string that contains the path that was obtained from the data list.
This utility function gets the path from a data list. The path is in UTF-8 format.
DirServicesUtils.hGets information about a record’s attribute.
tDirStatus dsGetRecordAttributeInfo ( tRecordReference inRecordReference, tDataNodePtr inAttributeType, tAttributeEntryPtr *outAttributeInfoPtr );
On input, a value of type tRecordReference obtained by previously calling dsOpenRecord representing the record for which the record’s attribute type information is to be obtained.
On input, a value of type tDataNodePtr that points to a tDataBuffer structure allocated by calling dsDataBufferAllocate containing the attribute type for which information is to be obtained. Call dsGetRecordList to find out the record’s attribute types.
On output, a pointer to a value of type tAttributeEntryPtr that points to an application-allocated tAttributeEntry structure containing the information about the attribute pointed to by inAttributeType.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function gets information about a record’s attribute. The information consists of the number of attribute values, data size, maximum value size, and signature.
When you no longer need the outAttributeInfoPtr parameter, call dsDeallocAttributeEntry to deallocate the tAttributeValueEntry structure and its pointer.
DirServices.hUses an attribute value ID to obtain the value of an attribute.
tDirStatus dsGetRecordAttributeValueByID ( tRecordReference inRecordReference, tDataNodePtr inAttributeType, UInt32 inValueID, tAttributeValueEntryPtr *outEntryPtr );
On input, a value of type tRecordReference obtained by previously calling dsOpenRecord representing the record that has an attribute whose value is to be obtained.
On input, a value of type tDataNodePtr pointing to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the type of the attribute whose value is to be obtained.
On input, a value of type unsigned long containing the attribute value ID of the value to get. Call dsGetAttributeEntry to get an attribute value ID.
On output, a pointer to a value of type tAttributeValueEntryPtr that points to a tAttributeValueEntry structure allocated by calling dsAllocAttributeValueEntry containing the requested attribute value.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function uses an attribute value ID to obtain the value of an attribute for the record represented by inRecordReference.
DirServices.hUses an index to get the value of an attribute.
tDirStatus dsGetRecordAttributeValueByIndex ( tRecordReference inRecordReference, tDataNodePtr inAttributeType, UInt32 inValueIndex, tAttributeValueEntryPtr *outEntryPtr );
On input, a value of type tRecordReference obtained by previously calling dsOpenRecord representing the record that has an attribute whose value is to be obtained.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the type of the attribute whose value is to be obtained.
On input, a value of type unsigned long that specifies the index of the attribute value that is to be obtained. Call dsGetRecordAttributeInfo to find out how many values the attribute has. Set inValueID to 1 to get the first value; set inValueID to 2 to get the second value, and so on.
On output, a value of type tAttributeValueEntryPtr that points to a tAttributeValueEntry structure containing the requested attribute value.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function uses an index to obtain the value of an attribute for the record represented by inRecordReference.
To determine whether an attribute can have multiple values, call dsGetRecordAttributeInfo, which returns a value that points to the attribute’s value count.
DirServices.hVerifies the existence of an attribute value within a record.
tDirStatus dsGetRecordAttributeValueByValue ( tRecordReference inRecordReference, tDataNodePtr inAttributeType, tDataNodePtr inAttributeValue, tAttributeValueEntryPtr *outEntryPtr );
On input, a value of type tRecordReference obtained by previously calling dsOpenRecord representing the record that has an attribute whose value is to be obtained.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the type of the attribute whose value is to be obtained.
On input, a value of type tDataNodePtr that specifies the value that is to be verified.
On output, a value of type tAttributeValueEntryPtr that points to a tAttributeValueEntry structure containing the attribute value.
A value of type tDirStatus indicating that the value was obtained (eDSNoErr); any value other than eDSNoErr indicates failure. For a list of possible result codes, see “Result Codes.”
This function verifies the existence the specified attribute value for the record specified by inRecordReference. It also returns the value’s ID, which is useful if you want to remove this value by calling dsRemoveAttributeValue or change it by calling dsSetAttributeValue.
Introduced in Mac OS X v10.4.
DirServices.hGets the next record from a data buffer.
tDirStatus dsGetRecordEntry ( tDirNodeReference inDirNodeReference, tDataBufferPtr inOutDataBuffer, UInt32 inRecordEntryIndex, tAttributeListRef *outAttributeListRef, tRecordEntryPtr *outRecordEntryPtr );
On input, a value of type tDirNodeReference, obtained by calling dsOpenDirNode, that identifies the node in which the record specified by inRecordEntryIndex resides.
On input, a value of type tDataBufferPtr that points to a tDataBuffer structure containing data obtained by previously calling dsGetRecordList, dsDoAttributeValueSearch, dsDoAttributeValueSearchWithData, dsDoMultipleAttributeValueSearch, or dsDoMultipleAttributeValueSearchWithData.
On input, a value of type unsigned long that specifies the next record to get. Set inRecordEntryIndex to 1 to get the first record. Set inRecordEntryIndex to 2 to get the second record, and so on.
On input, a pointer to a value of type tAttributeListRef. On output, to get information about the record’s attributes, pass the value pointed to by outAttributeListRef as a parameter when calling dsGetAttributeEntry.
On output, outRecordEntryPtr points to a tRecordEntry structure that contains the record entry specified by the inRecordEntryIndex. When you no longer need the record entry structure, call dsDeallocRecordEntry.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function gets the name, type and number of attribute types for a record from the data buffer pointed to by inOutDataBuffer and puts it in the tRecordEntry structure pointed to by outRecordEntryPtr.
This function also returns a pointer to an attribute list reference that can be used to get information about a record’s attributes by calling dsGetAttributeEntry. Calling dsGetAttributeEntry returns an attribute value list reference that can be used to call dsGetAttributeValue to get the value of an attribute.
You should call dsCloseAttributeList when you no longer need the attribute list reference pointed to by outAttributeListRef. You should call dsDeallocRecordEntry when you no longer need the record entry structure pointed to by outRecordEntryPtr.
DirServices.hGets a list of records and puts it in a data buffer.
tDirStatus dsGetRecordList ( tDirNodeReference inDirNodeReference, tDataBufferPtr inOutDataBuffer, tDataListPtr inRecordNameList, tDirPatternMatch inPatternMatchType, tDataListPtr inRecordTypeList, tDataListPtr inAttributeTypeList, dsBool inAttributeInfoOnly, UInt32 *inOutRecordEntryCount, tContextData *inOutContinueData );
On input, a value of type tDirNodeReference obtained by calling dsOpenDirNode.
On input, a value of type tDataBufferPtr created by calling dsDataBufferAllocate that points to a tDataBuffer structure into which this function is to place the requested list of records. If inOutRecordEntryCount points to a positive value greater than zero when this function returns, parse the records in the buffer pointed to by inOutDataBuffer by calling dsGetRecordEntry.
On input, a value of type tDataListPtr specifying the record names to get.
On input, a value of type tDirPatternMatch specifying a pattern type that controls the way in which the pattern specified by inRecordNameList is compared with record names. See Pattern Matching Constants for possible values. The pattern type may also be defined by the Open Directory plug-in that handles the directory service represented by inDirNodeReference. The inPatternMatchType parameter is ignored if inRecordNameList is set to get all records.
On input, a value of type tDataListPtr pointing to an tDataList structure containing the types of records to get. One way to allocate the data list is to call dsDataListAllocate.
On input, a value of type tDataListPtr pointing to a tDataList structure that contains the attribute types of the records that are to be obtained. If you want all attribute types, create the data list using kDSAttributesAll. To get all standard attribute types, create the data list using kDSAttributesStandardAll. To get all native attribute types, create the data list using kDSAttributesNativeAll.
On input, a value of type dsBool. Set inAttributeInfoOnly to TRUE if you only want attribute type information. To get attribute type information as well as attribute values, set inAttributeInfoOnly to FALSE.
On input, a pointer to a value of type unsigned long that specifies the total number of records to get across what may be multiple calls to this function in order to get the complete list of records, or zero if you want to get all matching records. On output, inOutRecordEntryCount points to the number of records this function has stored in the data buffer pointed to by inOutDataBufferPtr. Once you start a series of dsGetRecordList calls, inOutMatchRecordCount is ignored as an input parameter.
On input, a pointer to a value of type tContextData and set to NULL. On output, if the value pointed to by inOutContinueData is NULL, there are no more records to get. On output, if the value pointed to by inOutContinueData is not NULL, fill the data buffer pointed to by inOutDataBuffer with the next records by calling this function again and passing the context data pointed to by inOutContinueData. If you don’t want to get the remaining records, you must call dsReleaseContinueData to deallocate the memory pointed to by inOutContinueData.
A value of type tDirStatus indicating success (eDSNoErr) or an error. An result code of eDSBufferTooSmall occurs if the buffer is too small to fit the first record to be returned. In this case, call this function again after allocating a larger buffer. For a list of other possible result codes, see “Result Codes.”
This function stores in the data buffer pointed to by inOutDataBuffer a list of records having the specified data types and values. Call dsGetRecordEntry to parse the records in the buffer.
Set inOutRecordEntryCount to point to a positive integer value that represents the number of records that are to be returned. You cannot change the value pointed to by inOutRecordEntryCount if you call this function with inOutContinueData pointing to context data returned by a previous call to this function.
If there are too many records to fit in the data buffer pointed to by inOutDataBuffer, inOutContinueData points to a non-null value when this function returns. To get more records, call this function again, passing the pointer to the inOutContinueData parameter that was returned by the previous call to this function. To get all records, continue calling this function until inOutContinueData points to a null value.
If the value pointed to by inOutContinueData is not NULL and you do not want to get more records, call dsReleaseContinueData to release the memory associated with inOutContinueData.
DirServices.hGets the name of a record from a record entry structure.
tDirStatus dsGetRecordNameFromEntry ( tRecordEntryPtr inRecEntryPtr, char **outRecName );
On input, a value of type tRecordEntryPtr that points to the tRecordEntry structure that contains the name that is to be obtained.
On output, a pointer to a value that points to a character string containing the record’s name in UTF-8 format.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function gets the name of the record in a record entry structure.
DirServicesUtils.hGets a record’s name and type and the number of attributes the record has.
tDirStatus dsGetRecordReferenceInfo ( tRecordReference inRecordReference, tRecordEntryPtr *outRecordInfo );
On input, value of type tRecordReference obtained by previously calling dsOpenRecord that represents the record reference information is to be obtained.
On output, a pointer to a value of type tRecordEntryPtr that points to a tRecordEntry structure containing the record information for the specified record. Call dsDeallocRecordEntry when you no longer need the record entry structure.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function gets information about the record represented by inRecordReference and stores it in the tRecordEntry structure pointed to by outRecordInfo.
The information includes the number of attributes the record has and the name and type of the record.
You should call dsDeallocRecordEntry when you no longer need the record entry structure pointed to by outRecordInfo.
DirServices.hGets the type of a record from a record entry structure.
tDirStatus dsGetRecordTypeFromEntry ( tRecordEntryPtr inRecEntryPtr, char **outRecType );
On input, a value of type tRecordEntryPtr that points to the tRecordEntry structure that contains the type that is to be obtained.
On output, a pointer to a value that points to a character string containing the record’s type.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This utility function gets the type of the record in a record entry structure.
DirServicesUtils.hChecks to see if Open Directory is running.
tDirStatus dsIsDirServiceRunning
A value of type tDirStatus indicating that Open Directory is running (eDSNoErr) or that Open Directory is not running (eServerNotRunning).
This function checks to see if Open Directory is running.
Prior to Mac OS X 10.2, Open Directory did not start until when an application called dsOpenDirService. With Mac OS X 10.2, Open Directory starts up when the system starts up and is always running.
Applications that run on Mac OS X 10.0 and Mac OS X 10.1 should call this function before calling dsOpenDirService. If Open Directory is not running, you can display a progress indicator to assure the user that your application is still running while Open Directory starts up, and then call dsOpenDirService.
DirServices.hOpens a session with a node.
tDirStatus dsOpenDirNode ( tDirReference inDirReference, tDataListPtr inDirNodeName, tDirNodeReference *outDirNodeReference );
On input, a value of type tDirReference obtained by previously calling dsOpenDirService or dsOpenDirServiceProxy.
On input, a value of type tDataListPtr that points to a tDataList structure containing the name of the node to open. You can get the name of the node by calling dsGetDirNodeList or by calling, for example, dsBuildListFromStrings to construct the name yourself.
On input, a pointer to a value of type tDirNodeReference. On output, the value pointed to by outDirNodeReference is a node reference that represents the session context for the contents of the opened node. Provide it as a parameter to Open Directory functions that manipulate nodes, such as dsGetDirNodeInfo, dsDoDirNodeAuth, dsGetRecordList, dsGetRecordEntry, dsOpenRecord, and dsGetAttributeEntry.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function opens a session with the node whose name is specified in the tDataList structure pointed to by the inDirNodeName parameter. Opening a session with a node allows you to perform operations on the opened node, such as creating, listing, and deleting records.
DirServices.hOpens an Open Directory session.
tDirStatus dsOpenDirService ( tDirReference *outDirReference );
On input, a pointer to a value of type tDirReference. On output, the value pointed to by outDirReference identifies this session and is passed as a parameter to many Open Directory functions.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
When this function returns, use the value pointed to by outDirReference when calling Open Directory functions that require an Open Directory reference as a parameter.
With Mac OS X 10.2, Open Directory starts up when the system starts up and is always running. Prior to Mac OS X 10.2, the DirectoryService daemon was not started until an application called this function for the first time. Applications that run on Mac OS X 10.0 and Mac OS X 10.1 should call dsIsDirServiceRunning to learn whether Open Directory is running. If it’s not running, you can display a progress indicator while Open Directory starts up and then call this function.
You can establish multiple Open Directory sessions by calling this function multiple times.
DirServices.hOpens a remote Open Directory session.
tDirStatus dsOpenDirServiceProxy ( tDirReference *outDirRef, const char *inIPAddress, UInt32 inIPPort, tDataNodePtr inAuthMethod, tDataBufferPtr inAuthStepData, tDataBufferPtr outAuthStepDataResponse, tContextData *ioContinueData );
On input, a pointer to a value of type tDirReference. On output, the value pointed to by outDirReference identifies this session and is passed as a parameter to many Open Directory functions.
On input, a pointer to a null-terminated string contain the fully qualified domain name or the IP address in dotted decimal format of the Open Directory machine with which a TCP/IP connection is to be established.
On input, a value of type unsigned long containing the port number on which the connection is to be made, or zero which allows the default port number to be used. The default port number is 625.
On input, a value of type tDataNodePtr pointing to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString containing the authentication method to use. You can expect these authentication methods to be supported by any plug-in that handles authentication: kDSStdAuthNodeNativeNoClearText and kDSStdAuthNodeNativeClearTextOK. For other possible values, see Authentication Constants.
On input, a value of type tDataBufferPtr created by calling dsDataBufferAllocate pointing to a tDataBuffer structure that contains the data necessary for this step in the authentication process. For the first step in the authentication process, inAuthStepData typically consists of four bytes specifying the length of a username, followed by the user name in UTF-8 encoding, followed by four bytes specifying the length of the password, followed by the password in UTF-8 encoding.
On output, a value of type tDataBufferPtr created by calling dsDataBufferAllocate pointing to a tDataBuffer structure that contains the authentication response.
On input, a pointer to a value of type tContextData and set to NULL. On output, if the value pointed to by inOutContinueData is NULL, there are no more steps in the authentication process. If inOutContinueData is not NULL on output, there are more steps to complete. Call this function again and pass to it the value pointed to by inOutContinueData. Call dsReleaseContinueData if the value pointed to by inOutContinueData is not NULL and you do not want to complete the authentication process.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function opens a remote Open Directory session on another machine running Mac OS X 10.2 or later. When the authentication process completes successfully, this function returns an Open Directory reference that can be used for all subsequent calls to Open Directory functions, such as dsOpenDirNode and dsFindDirNodes, on the remote machine. These calls will be dispatched automatically over the TCP connection to the remote DirectoryService daemon. Any calls using child references obtained by calling functions such as dsFindDirNodes will also be sent to the remote DirectoryService daemon.
You can establish multiple remote Open Directory sessions by calling this function multiple times.
Available in Mac OS X v10.2 and later.
DirServices.hOpens a record.
tDirStatus dsOpenRecord ( tDirNodeReference inDirNodeReference, tDataNodePtr inRecordType, tDataNodePtr inRecordName, tRecordReference *outRecordReference );
On input, a node reference obtained by calling dsOpenDirNode.
On input, a value of type tDataNodePtr that points to a tDataBuffer structure allocated by calling dsDataBufferAllocate containing the type of the record to open. For possible values, see Standard Record Types.
On input, a value of type tDataNodePtr that points to a tDataBuffer structure allocated by calling dsDataBufferAllocate containing the name in UTF-8 format of the record to open.
On output, a pointer to a value of type tRecordReference that you can pass to other Open Directory functions that operate on records, such as dsGetRecordReferenceInfo, dsFlushRecord, dsSetRecordName, and dsCloseRecord.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function opens a record and returns in the value pointed to by the outRecordReference parameter a record reference that you can use in subsequent calls to Open Directory functions that manipulate records.
A record must be open before you can perform operations on the record, such as setting its name, adding attributes, setting attribute values, and deleting the record.
To close an open record, call dsCloseRecord.
DirServices.hReleases memory allocated for continuation data.
tDirStatus dsReleaseContinueData ( tDirReference inDirReference, tContextData inContinueData );
On input, a value of type tDirReference if the inContinueData parameter was generated by, for example, dsGetRecordList, dsGetDirNodeInfo, dsDoAttributeValueSearch, or dsDoAttributeValueSearchWithData. This parameter is a value of type tDirReference if the inContinueData parameter was generated by, for example, dsGetDirNodeList or dsFindDirNodes.
On input, a value of type tContextData that is to be released.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function releases the memory allocated for continuation data. Continuation data is returned when any Open Directory function cannot return all of the requested information in one call, such as dsDoDirNodeAuth, dsFindDirNodes, dsGetDirNodeInfo, dsGetDirNodeList, dsGetRecordList, dsDoAttributeValueSearch, or dsDoAttributeValueSearchWithData.
If your application does not call again the function that returned the continuation data and provide to it the continuation data, your application should call dsReleaseContinueData to free the memory allocated to the continuation data.
DirServices.hRemoves an attribute from a record.
tDirStatus dsRemoveAttribute ( tRecordReference inRecordReference, tDataNodePtr inAttribute );
On input, a value of type tRecordReference obtained by previously calling dsOpenRecord.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the name of the attribute that is to be removed.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function removes the specified attribute from the specified record. Any attribute value list references, attribute value entry structures, and attribute entry structures that have been created for this attribute are still valid because they use a buffer that has already been filled with data. Calling dsGetRecordAttributeValueByID, dsGetRecordAttributeValueByIndex, or dsGetRecordAttributeValueByValue after the attribute has been removed generates an error because the attribute no longer exists.
DirServices.hRemoves an attribute value.
tDirStatus dsRemoveAttributeValue ( tRecordReference inRecordReference, tDataNodePtr inAttributeType, UInt32 inAttributeValueID );
On input, a value of type tRecordReference obtained by previously calling dsOpenRecord that represents the record having an attribute whose value is to be removed.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the type of the attribute whose value is to be removed.
On input, a value of type unsigned long that specifies the attribute value ID of the attribute whose value is to be removed. Call dsGetAttributeValue to get the attribute value ID.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function removes the value of the attribute that has the type specified by the data node pointed to by inAttributeType and the attribute value ID specified by inAttributeValueID for the record represented by inRecordReference. Any attribute value list references, attribute value entry structures, and attribute entry structures that have been created for the removed attribute are still valid because they manage offsets into a buffer that already contains data. Calling dsGetRecordAttributeValueByID, dsGetRecordAttributeValueByIndex, or dsGetRecordAttributeValueByValue after the attribute has been removed generates an error because the attribute no longer exists.
DirServices.hSets the value of an attribute.
tDirStatus dsSetAttributeValue ( tRecordReference inRecordReference, tDataNodePtr inAttributeType, tAttributeValueEntryPtr inAttributeValuePtr );
On input, value of type tRecordReference obtained by previously calling dsOpenRecord representing the record that has an attribute whose value is to be set.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the type of the attribute whose value is to be set.
On input, a value of type tAttributeValueEntryPtr that points to a tAttributeValueEntry structure created by calling dsAllocAttributeValueEntry that contains the value that is to be set and its attribute value ID. The attribute value ID is the ID of an existing value of this attribute for the record specified by inRecordReference obtained by calling dsGetRecordAttributeValueByIndex, dsGetRecordAttributeValueByValue, or dsGetAttributeValue.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function uses an attribute value ID to replace an existing attribute value with a new value. If the attribute is a multi-value attribute, this function sets only the value of the attribute specified by the attribute value ID without affecting any other values. Unlike dsSetAttributeValues, this function does not create an attribute if it does not already exist.
The inAttributeType parameter points to a data node that specifies the type of the attribute whose value is to be set, and inAttributeValuePtr points to an attribute entry structure that contains the value that is to be set and the value’s attribute value ID.
When you no longer need inAttributeValuePtr, you should call dsDeallocAttributeValueEntry to release the memory associated with it.
DirServices.hSets multiple values for an attribute.
tDirStatus dsSetAttributeValues ( tRecordReference inRecordReference, tDataNodePtr inAttributeType, tDataListPtr inAttributeValuesPtr );
On input, value of type tRecordReference obtained by previously calling dsOpenRecord representing the record whose values are to be set.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString that contains the type of the attribute whose values are to be set.
On input, a value of type tDataListPtr that points to the list of values that are to be set.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function sets multiple values for the attribute specified by inAttributeType for the record specified by inRecordReference. This function replaces all of the values of the attribute with a new list of values. If the attribute does not exist, it is created with the specified list of values.
The inAttributeType parameter points to a data node that specifies the type of the attribute whose values are to be set, and inAttributeValuesPtr points to a list of values that are to be set.
You should call dsDeallocAttributeValueEntry to release the memory associated with inAttributeValuesPtr when you no longer need it.
When you no longer need it, call dsDataListDeallocate to release the memory associated with inAttributeValuesPtr. If inAttributeValuesPtr is heap-based, you also need to call free().
Introduced in Mac OS X v10.4.
DirServices.hSets the name of a record.
tDirStatus dsSetRecordName ( tRecordReference inRecordReference, tDataNodePtr inNewRecordName );
On input, value of type tRecordReference obtained by previously calling dsOpenRecord or dsCreateRecordAndOpen that represents the record whose name is to be set.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString containing the record name in UTF-8 format that is to be set.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function sets the name of a record.
DirServices.hSets the type of a record.
tDirStatus dsSetRecordType ( tRecordReference inRecordReference, tDataNodePtr inNewRecordType );
On input, value of type tRecordReference obtained by previously calling dsOpenRecord that represents the record whose type is to be set.
On input, a value of type tDataNodePtr that points to a tDataNode structure allocated by calling dsDataNodeAllocateBlock or dsDataNodeAllocateString containing the record type that is to be set.
A value of type tDirStatus indicating success (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This deprecated function sets a record’s type. For record type constants, see Pattern Matching Constants. Not all plug-ins support setting a record’s type.
Deprecated in Mac OS X v10.2.
DirServices.hVerifies that a tDirReference is valid.
tDirStatus dsVerifyDirRefNum ( tDirReference inDirReference );
On input, the tDirReference that is to be verified.
A value of type tDirStatus indicating that the tDirReference is valid (eDSNoErr) or an error. For a list of possible result codes, see “Result Codes.”
This function verifies that a tDirReference is valid.
DirServices.hInitializes the plug-in.
ComponentResult ADD_IMAGECODEC_BASENAME() Initialize
Value of type long. If the Initialize routine completes successfully, it should return eDSNoErr. If it encounters an error, it should return ePlugInInitError.
The DirectoryService daemon calls a plug-in’s Initialize entry point so that the plug-in can initialize and prepare itself to run. The plug-in might, for example, open network ports and any files it requires.
An Open Directory plug-in’s Initialize routine is called only once after all Open Directory plug-ins that can be loaded are loaded. If the plug-in cannot initialize itself and returns ePlugInInitError, the plug-in remains in the “failed to init” state.
ImageCodec.k.hPerforms a periodic task.
long PeriodicTask (void);
Value of type long. If the PeriodicTask routine completes successfully, it should return eDSNoErr. If it encounters an error, it should return ePlugInPeriodicTaskError.
The DirectoryService daemon calls a plug-in’s PeriodicTask entry point every two minutes. The plug-in can use its PeriodicTask routine to perform tasks that need to be performed on a recurring basis. If a plug-in has no tasks for its PeriodicTask routine to perform, the PeriodicTask routine should immediately return a result code of eDSNoErr.
Plug-ins that do not implement their own thread management may want to use the PeriodicTask routine to perform a task on a regular basis.
For another way of setting timers, see sHeader.
Processes requests.
long ProcessRequest (void *inData);
Pointer to an arbitrary value containing the request that is to be processed.
Value of type long. If the ProcessRequest routine completes successfully, it should return eDSNoErr. If it encounters an error, it should return an appropriate result code as described in “Result Codes.”
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point when Open Directory client applications make requests for directory service. The inData parameter points to the request, which consists of a structure whose first byte always identifies the type of request. The remaining fields of the structure vary depending on the request type.
Sets the plug-in’s state.
long SetPluginState (unsigned long inNewState);
A value of type unsigned long that describes the plug-in’s new state. See the ePluginState Constants enumeration for appropriate values.
Value of type long. If the SetPluginState routine completes successfully, it should return eDSNoErr. If it encounters an error, it should return an appropriate result code as described in “Result Codes.”
The DirectoryService daemon calls a plug-in’s SetPluginState entry point to inform the plug-in that its state has changed to the state specified by the inNewState parameter.
Prepares the plug-in for shut down.
long Shutdown (void);
Value of type long. If the Shutdown routine completes successfully, it should return eDSNoErr. If it encounters an error, it should return an appropriate result code as described in “Result Codes.”
The DirectoryService daemon calls a plug-in’s Shutdown entry point so that the plug-in can prepare itself for shut down. The plug-in should close any files that it opened, close network connections that it opened, and deallocate memory that it allocated for its use while it was running.
Validates the plug-in.
ComponentResult ADD_GRAPHICSIMPORT_BASENAME() Validate
Value of type unsigned long that uniquely identifies the plug-in.
Value of type long. If the Validate routine completes successfully, it should return eDSNoErr. If it encounters an error, it should return an appropriate result code as described in “Result Codes.”
The DirectoryService daemon calls a plug-in’s Validate routine after the plug-in loads in order to pass to the plug-in a unique signature. The plug-in uses the signature to identify itself when it calls any of the Open Directory callback routines, which are described in the section PeriodicTask.
ImageCompression.k.hThis section describes Open Directory callback routines that Open Directory plug-ins can call.
Writes information in the log file.
sInt32 DSDebugLog ( const char *inFormat, va_list inArgs);
Pointer to a character array that specifies the format that is to be used to write the data. For additional information, see sprintf(3).
Value of type va_list that specifies the values that are to be written in the format specified by inFormat.
Value of type sInt32. If the DSDebugLog callback routine completes successfully, it returns eDSNoErr. If the DSDebugLog callback routine cannot complete successfully, it returns an appropriate result code as described in “Result Codes.”
The DSDebugLog callback routine writes the data specified by inArgs using the format specified by inFormat in the Open Directory log file, /Library/Logs/DirectoryService/DirectoryService.debug.log.
A wrapper function, CShared:LogIt, is also available writing to the log file. See the sample code for an example of its use.
Registers a node.
long DSRegisterNode ( unsigned long inSignature, tDataList *inNode, eDirNodeType inNodeType);
Value of type unsigned long obtained by the plug-in when its Validate routine was called and that uniquely identifies the plug-in.
Pointer to a value of type tDataList that specifies the name of the node that is to be registered.
Value of type eDirNodeType that specifies the type of the node that is to be registered. See the Discussion section below for possible values.
Value of type unsigned long. If the DSRegisterNode callback routine completes successfully, it returns eDSNoErr. If the DSRegisterNode callback routine cannot complete successfully (for example, if the specified node is already registered or if inNode contains a node name that has invalid characters), it returns an appropriate result code as described in “Result Codes.”
The DSRegisterNode callback routine registers the specified node.
The eDirNodeType enumeration defines values for the inNodeType parameter:
typedef enum { kUnknownNodeType= 0x00000000, kDirNodeType = 0x00000001, kLocalNodeType = 0x00000002 } eDirNodeType; |
The local node (kLocalNodeType) is queried by default in response to an Open Directory request and is always the first node that is queried. Only one node can be registered as the local node at any one time. A directory node (kDirNodeType) is any other node that is to be registered for Open Directory.
Registrations are valid for the period of time that Open Directory is running. If Open Directory stops and is started again, the node must be registered again.
The plug-in is responsible for keeping the list of registered nodes accurate. It can use the PeriodicTask entry point to update the list on a regular basis.
Unregisters a node.
long DSUnregisterNode ( unsigned long inSignature, tDataList *inNode);
Value of type unsigned long obtained by the plug-in when its Validate routine was called and that uniquely identifies the plug-in.
Pointer to a value of type tDataList that specifies the name of the node that is to be unregistered.
Value of type unsigned long. If the DSUnregisterNode callback routine completes successfully, it returns eDSNoErr. If the DSUnregisterNode callback routine cannot complete successfully, it returns an error.
The DSUnregisterNode callback routine unregisters the specified node.
This section describes structures used by the Open Directory client.
A structure used to store information about an attribute.
typedef struct
{
unsigned long fReserved1;
tAccessControlEntry fReserved2;
unsigned long fAttributeValueCount;
unsigned long fAttributeDataSize;
unsigned long fAttributeValueMaxSize;
tDataNode fAttributeSignature;
} tAttributeEntry;
typedef tAttributeEntry *tAttributeEntryPtr;
fReserved1Reserved.
fReserved2Reserved.
fAttributeValueCountNumber of values associated with this attribute.
fAttributeDataSizeTotal byte count of all attribute values.
fAttributeValueMaxSizeMaximum size of a value of this attribute type.
fAttributeSignatureByte sequence that uniquely represents this attribute type. The byte sequence is typically a collection of Unicode characters.
DirServicesTypes.hA structure used to get and set the value of an attribute by attribute value ID.
typedef struct
{
unsigned long fAttributeValueID;
tDataNode fAttributeValueData;
} tAttributeValueEntry;
fAttributeValueIDUnique ID for this attribute value.
fAttributeValueDataValue of type tDataNode containing the value of this attribute.
DirServicesTypes.hA structure that provides a standard format for passing information between Open Directory and applications.
typedef struct
{
unsigned long fBufferSize;
unsigned long fBufferLength;
char fBufferData[1];
} tDataBuffer;
fBufferSizeNumber of bytes allocated for this structure. The value of fBufferSize should be set when tDataBuffer is created.
fBufferLengthNumber of meaningful bytes in fBufferData. You should call dsDataNodeSetLength to adjust this value each time you change the value of the fBufferData field.
fBufferDataArray of characters.
A tDataBuffer structure is typically used to exchange strings, node names, and attribute types. Call dsDataBufferAllocate to allocate a data buffer. Call dsDataBufferDeAllocate to release the memory associated with a data buffer when it is no longer needed.
DirServicesTypes.hAn ordered list of tDataNode structures.
typedef struct
{
unsigned long fDataNodeCount;
tDataNodePtr fDataListHead;
} tDataList;
fDataNodeCountNumber of data nodes in this data list structure.
fDataListHeadFirst pointer to a data node in this data list structure.
This structure is used to represent lists of items, such as nodes, full pathnames, attribute type lists, and lists of record names. All items in a data list must be in UTF-8 format.
Do not manipulate tDataList structures directly. Instead, use the data list utility functions such as dsBuildFromPath, dsDataListAllocate, dsDataListGetNodeAlloc, dsAppendStringToListAlloc, and dsDataListDeallocate.
See also tDataListPtr.
DirServicesTypes.hA structure used to store information about a record, including its name, type, and number of attributes.
typedef struct
{
unsigned long fReserved1;
tAccessControlEntry fReserved2;
unsigned long fRecordAttributeCount;
tDataNode fRecordNameAndType;
} tRecordEntry;
fReserved1Reserved.
fReserved2Reserved.
fRecordAttributeCountNumber of attribute types.
fRecordNameAndTypeValue of type tDataNode containing the record’s primary name in UTF-8 format and its type.
DirServicesTypes.hData types used by the Open Directory Client.
A pointer to a tAttributeEntry structure.
typedef tAttributeEntry *tAttributeEntryPtr;
DirServicesTypes.hA reference used to get attribute entries.
typedef unsigned long tAttributeListRef;
You receive a tAttributeListRef by calling dsGetDirNodeInfo or dsGetRecordEntry.Pass the reference to dsGetAttributeEntry. Dispose of the reference by calling dsCloseAttributeList.
DirServicesTypes.hA pointer to a tAttributeValueEntry structure.
typedef tAttributeValueEntry *tAttributeValueEntryPtr;
DirServicesTypes.hA reference used to get attribute value entries.
typedef unsigned long tAttributeValueListRef;
You receive a tAttributeValueListRef when you call dsGetAttributeEntry. Pass the reference to dsGetAttributeValue. Dispose of the reference by calling dsCloseAttributeValueList.
DirServicesTypes.hA pointer to an arbitrary value used to create data nodes.
typedef void * tBuffer;
The tBuffer data type is used by dsDataNodeAllocateBlock to create data nodes.
DirServicesTypes.hA pointer to an arbitrary value used to exchange continuation data.
typedef void * tContextData;
When the results of calling an Open Directory function exceed the size of the response buffer, the function returns a value of type tContextData. Your application can get the next buffer of results by calling the function again and passing the continuation data as a parameter.
DirServicesTypes.hA pointer to a value of type tDataBuffer.
typedef tDataBuffer *tDataBufferPtr;
DirServicesTypes.hA pointer to a value of type tDataList.
typedef tDataList *tDataListPtr;
To allocate a data list, call dsDataListAllocate. To build a data list from one or more data nodes, call dsBuildListFromNodesAlloc; to build a data list from one or more C strings, call dsBuildListFromStrings. Or copy a data list by calling dsDataListCopyList.
To release the memory associated with a data list when it is no longer needed, call dsDataListDeallocate. If the data list is heap-based, you also need to call free().
DirServicesTypes.hA value of type tDataBuffer.
typedef tDataBuffer tDataNode;
The tDataNode data type provides a standard format for passing information to Open Directory functions. It is typically used to contain strings, nodes, and attribute types that are exchanged between Open Directory and an Open Directory client.
See also tDataNodePtr.
DirServicesTypes.hA pointer to a value of type tDataNode.
typedef tDataNode tDataNodePtr;
Call dsDataNodeAllocateBlock or dsDataNodeAllocateString to allocate a data node.
Call dsDataNodeDeAllocate to release the memory associated with a data node when it is no longer needed.
DirServicesTypes.hA value returned when a node is opened.
typedef unsigned long tDirNodeReference;
Open Directory functions that operate on nodes, records, and attributes require a tDirNodeReference as a parameter. Call dsOpenDirNode to open a node. Call dsCloseDirNode to close the node and dispose of the reference when you no longer need it.
DirServicesTypes.hA value returned when an Open Directory session is opened.
typedef unsigned long tDirReference;
You receive a tDirReference by calling by dsOpenDirService or dsOpenDirServiceProxy to open an Open Directory session. You call dsCloseDirService to close the session and dispose of the reference when you no longer need it.
DirServicesTypes.hA pointer to a value of type tRecordEntry.
typedef tRecordEntry *tRecordEntryPtr;
DirServicesTypes.hA value returned when a record is opened.
typedef unsigned long tRecordReference;
You receive a tRecordReference by calling dsCreateRecordAndOpen or dsOpenRecord. Closing the record causes the record reference to be invalidated.
DirServicesTypes.hThis section describes the structures that Open Directory passes to a plug-in’s ProcessRequest entry point in order to work with directory nodes.
Structure received when an Open Directory client calls dsAddAttribute.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReference fInRecRef;
tDataNodePtr fInNewAttr;
tAccessControlEntryPtrfInNewAttrAccess;
tDataNodePtr fInFirstAttrValue;
} sAddAttribute;
fTypeAlways kAddAttribute.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to add the attribute. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference representing the record to which the attribute is to be added. The record must have been previously opened when the plug-in’s routine for processing sOpenRecord structures was called.
fInNewAttrValue of type tDataNodePtr that points to a value of type tDataNode containing the name of the attribute that is to be added.
fInNewAttrAccessReserved for this release. Client applications are advised to set this value to NULL. For this release, plug-ins should ignore the value of this field.
fInFirstAttrValueValue of type tDataListPtr that points to a value of type tDataNode containing the first value of the attribute that is being added. The tDataNode may contain an empty string or fInFirsAttrValue may be NULL to indicate that the client application does not want to set the attribute’s value.
When an Open Directory plug-in receives an sAddAttribute structure, it uses the fInRecRef field of the sAddAttribute structure to determine the record to which an attribute is to be added, the fInNewAttr field to obtain the name of the attribute that is to be added, and the fInFirstAttrValue field as the added attribute’s first value.
If the plug-in can the add the attribute, it adds the attribute, sets its first value, sets fResult to eDSNoErr, and returns.
If the plug-in cannot add the attribute, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure when an Open Directory client calls dsAddAttributeValue.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReferencefInRecRef;
tDataNodePtr fInAttrType;
tDataNodePtr fInAttrValue;
} sAddAttributeValue;
fTypeAlways kAddAttributeValue.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to add the value to the attribute. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference representing the record for which a value is to be add to an attribute.
fInAttrTypeValue of type tDataNodePtr that points to a value of type tDataNode containing the type of the attribute to which a value is to be added.
fInAttrValueValue of type tDataNodePtr that points to a value of type tDataNode containing the value that is to be added.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sAddAttributeValue structure when an Open Directory client calls dsAddAttributeValue.
The plug-in should verify that the attribute is capable of having multiple values. It then uses the fInRecRef field of the sAddAttributeValue structure to determine the record that has the attribute to which a value is to be added, the fInAttrType field to determine the type of the attribute to which a value is to be added, and the fInAttrValue field to get the value to that is to be added.
If the plug-in can add the specified value to the specified attribute, it adds the value and creates a unique attribute value ID for it, sets fResult to eDSNoErr, and returns.
If the plug-in cannot add the value to the attribute, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsCloseAttributeList.
typedef struct {
uInt32 fType;
sInt32 fResult;
tAttributeListReffInAttributeListRef;
} sCloseAttributeList;
fTypeAlways kCloseAttributeList.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to close the specified attribute list reference. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInAttributeListRefValue of type tAttributeListRef representing the attribute list reference that is to be closed.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sCloseAttributeList structure when an Open Directory client calls dsCloseAttributeList to dispose of an attribute list reference.
If the attribute value list is valid, the plug-in disposes of it, sets fResult to eDSNoErr, and returns. If the attribute list reference is invalid, the plug-in sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsCloseAttributeValueList.
typedef struct {
uInt32 fType;
sInt32 fResult;
tAttributeValueListReff InAttributeValueListRef;
} sCloseAttributeValueList;
fTypeAlways kCloseAttributeValueList.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to close the specified attribute value list reference. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInAttributeValueListRefValue of type tAttributeValueListRef representing the attribute value list reference that is to be closed.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sCloseAttributeValueList structure when an Open Directory client calls dsCloseAttributeValueList to dispose of an attribute value list reference.
If the attribute value list reference is valid, the plug-in disposes of it, sets fResult to eDSNoErr, and returns. If the attribute value list reference is invalid, the plug-in sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsCloseDirNode.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirReference fInNodeRef;
} sCloseDirNode;
fTypeAlways kCloseDirNode.
fResultValue of type sInt32s that the plug-in sets to eDSNoErr before returning to indicate that it was able to close the directory node session specified by fInNodeRef. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInNodeRefValue of type tDirReference that identifies the directory node session that is to be closed. The directory node reference was created when the client application opened the directory node session that is to be closed.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sCloseDirNode structure when an Open Directory client calls dsCloseDirNode to close a session with a directory node.
When an Open Directory plug-in receives a request to close a directory node session, it uses the fInNodeRef field to determine whether fInNodeRef represents a valid directory node that the client application has opened.
If the directory node reference is valid, the plug-in invalidates all record references, attribute references, attribute value references, and continuation data values that are associated with the directory node reference specified by fInNodeRef. The plug-in sets fResult to eDSNoErr and returns.
If the plug-in cannot close the node (for example, because it is invalid), it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client application calls dsCloseRecord.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReferencefInRecRef;
} sCloseRecord;
fTypeAlways kCloseRecord.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to close the record. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference representing the record that is to be closed. The plug-in created the value of fInRecRef when it was called to process a request to open the record.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sCloseRecord structure when an Open Directory client calls dsCloseRecord to close a record.
If the record can be closed, the plug-in ensures that any changes for the record that are cached in memory are saved to disk, invalidates the record reference specified in the fInRecRef field, invalidates any attribute list references and any attribute value list references associated with the record, sets fResult to eDSNoErr, and returns.
If the plug-in cannot close the record, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsCreateRecord or dsCreateRecordAndOpen.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirNodeReference fInNodeRef;
tDataNodePtr fInRecType;
tDataNodePtr fInRecName;
bool fInOpen;
tRecordReference fOutRecRef;
} sCreateRecord;
fTypeAlways kCreateRecord or kCreateRecordAndOpen.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to create the record. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInNodeRefValue of type tDirNodeReference that identifies the directory node in which the record is to be created. The directory node reference was created when the client application opened a session with the directory node.
fInRecTypeValue of type tDataNodePtr that points to a tDataNode structure containing the type that is to be assigned to the created record.
fInRecNameValue of type tDataNodePtr that points to a tDataNode structure containing the name that is to be assigned to the record that is created.
fInOpenBoolean whose value is TRUE if the client application wants to create the record and open it. Otherwise, the value of fInOpen is FALSE to indicate that the client application wants to create the record without opening it.
fOutRecRefValue of type tRecordReference assigned by the DirectoryService daemon and that the plug-in associates with the internal structure the plug-in uses to maintain information about the reference.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sCreateRecord structure when an Open Directory client calls dsCreateRecordor dsCreateRecordAndOpen to create a record.
The plug-in uses the fInNodeRef field of the sCreateRecord structure to determine the directory node in which the record is to be created, the fInRecType field to set the type of the record that is to be created, and the fInRecName field to set the name of the record that is to be created.
If the plug-in can create the new record, it sets fResult to eDSNoErr, and returns.
If the plug-in cannot create the new record, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsDeleteRecord.
typedef struct {
uInt32 fType
sInt32 fResult;
tRecordReferencefInRecRef;
} sDeleteRecord;
fTypeAlways kDeleteRecord.
fResultValue of type uInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to delete the record. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference representing the record that is to be deleted. The plug-in created the value of fInRecRef when it was called to process a request to open the record.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sDeleteRecord structure when an Open Directory client calls dsDeleteRecord to delete a record.
The plug-in uses the fInRecRef field of the sDeleteRecord structure to determine the record that is to be deleted. If the plug-in can delete the record, it invalidates the record reference specified by the fInRecRef field, invalidates any attribute list references and any attribute value list references associated with the record, sets fResult to eDSNoErr, and returns.
If the plug-in cannot delete the record, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsDoAttributeValueSearch.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirNodeReferencefInNodeRef;
tDataBufferPtr fOutDataBuff;
tDataListPtr fInRecTypeList;
tDataNodePtr fInAttrType;
tDirPatternMatchfInPattMatchType;
tDataNodePtr fInPatt2Match;
unsigned long fInOutMatchRecordCount;
tContextData fIOContinueData;
} sDoAttrValueSearch;
fTypeAlways kDoAttributeValueSearch.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to search for the attribute values. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.” If no matches are found, the plug-in should set fResult to eDSNoErr, fInOutMatchRecordCount to zero, and fIOContinueData to NULL.
fInNodeRefValue of type tDirNodeReference that identifies the directory node for which the search is to be conducted. The directory node reference was created when the client application opened the directory node session.
fOutDataBuffValue of type tDataBufferPtr that points to the tDataBuffer structure in which the plug-in is to place search results.
fInRecTypeListValue of type tDataListPtr pointing to a tDataList structure containing the record types that are to be searched. See Standard Record Types and Meta Record Type Constants for possible values. If NULL, set fResult to eDSEmptyRecordTypeList and return.
fInAttrTypeValue of type tDataNodePtr pointing to a tDataNode structure containing the attribute types that are to be searched for. See the attribute constants described in the “Constants” section for possible values. If NULL, set fResult to eDSEmptyAttributeType and return.
fInPattMatchTypeValue of type tDirPatternMatch that describes the way in which the pattern specified by fInPatt2Match is to be matched. The pattern match type can be a value that the plug-in and application agree upon or a constant defined by Open Directory, as described in the section Pattern Matching Constants.
fInPatt2MatchValue of type tDataNodePtr pointing to a tDataNode structure containing the pattern that is to be matched.
fInOutMatchRecordCountValue of type unsigned long. The first time the client application calls dsDoAttributeValueSearch, fInOutMatchRecordCount is zero to receive all matching records or is a positive integer value that specifies the total number of records the client application wants to receive across what may be a series of dsDoAttributeValueSearch calls. If the latter, the plug-in should use the initial input value of fInOutMatchRecordCount to limit the total number of matching records it returns. Before returning, the plug-in should set fInOutMatchRecordCount to the number of records it has placed in the buffer pointed to by fOutDataBuff. The plug-in should ignore the input value of fInOutMatchRecordCount whenever it is processing a sDoAttrValueSearch structure that has an fIOContinueData field that is not NULL.
fIOContinueDataValue of type tContextData containing continuation data. For the first in a series of calls to dsDoAttributeValueSearch, the input value is NULL. If the plug-in can store all of the matching records in the buffer pointed to by fOutDataBuff, it sets fIOContinueData to NULL before returning. If there more records than can be stored in the buffer, the plug-in stores as much data as possible and sets fIOContinueData to a plug-in–defined value that the plug-in can use when the client application calls dsDoAttributeValueSearch again to get another buffer of data. You may want to include a timestamp in the continuation data and return an error if you determine that fOutContinueData is out of date.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sDoAttrValueSearch structure when an Open Directory client calls dsDoAttributeValueSearch to search for records that have attributes whose values match a pattern.
The plug-in uses the fInNodeRef field of the sDoAttrValueSearch structure to determine the directory node in which the search is to be conducted, the fInRecTypeList field to determine the record types that are to be searched, the fInAttrType field to determine the attribute types that are to be searched, the fInPatt2Match field to get the pattern to match, and the fInPattMatchType field to determine the way in which the pattern is to be compared. If this is the first in what may be a series of calls to get the complete search results, the fIOContinueData field is NULL. Otherwise, fIOContinueData contains a plug-in–defined value that the plug-in uses to provide the context required to resume filling the buffer pointed to by fOutDataBuff with search results.
Depending on the size of the data buffer pointed to by fOutDataBuff and the length of the search results, the plug-in’s routine for processing sDoAttrValueSearch structures may be called multiple times in order to return all of the search results. The first time the plug-in’s routine for processing sDoAttrValueSearch structures is called, the input value of fIOContinueData is NULL and input value of fInOutRecEntryCount specifies the total number of records that the plug-in should return even if the plug-in’s routine for processing sDoAttrValueSearch structures must be called more than once.
If there are records that match the search criteria specified by fInRecTypeList, fInAttrType, fInPattMatchType, and fInPatt2Match, the plug-in puts the record entries, attribute entries, and attribute values in the buffer pointed to by fOutDataBuff. It also sets fInOutMatchRecordCount to the number of records that have been placed in fOutDataBuff and sets fResult to eDSNoErr. If the buffer pointed to by fOutDataBuff is too small to hold all of the data, the plug-in sets fIOContinueData to a plug-in–defined value that the plug-in can use when the client application calls dsDoAttributeValueSearch again to get another buffer of data. If the buffer pointed to by fOutDataBuff contains all of the records or contains the last records in the record list, the plug-in sets fIOContinueData to NULL.
If the plug-in returns before it gets search results to place in the buffer pointed to by fOutDataBuff, it should set fInOutMatchRecordCount to zero, set fResult to eDSNoErr, and set fIOContinueData to a plug-in–defined value that is not NULL. These settings indicate to the client application that it should call dsDoAttributeValueSearch again to get the search results.
If there are no matching records, the plug-in sets fInOutMatchRecordCount to zero, fIOContinueData to NULL, sets fResult to eDSNoErr, and returns.
Structure received when an Open Directory client calls dsDoAttributeValueSearchWithData.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirNodeReferencefInNodeRef;
tDataBufferPtr fOutDataBuff;
tDataListPtr fInRecTypeList;
tDataNodePtr fInAttrType;
tDirPatternMatchfInPattMatchType;
tDataNodePtr fInPatt2Match;
unsigned long fInOutMatchRecordCount;
tContextData fIOContinueData;
tDataListPtr fInAttrTypeRequestList;
bool fInAttrInfoOnly;
} sDoAttrValueSearchWithData;
fTypeAlways kDoAttributeValueSearchWithData.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to search for the attribute values. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.” If no matches are found, the plug-in should set fResult to eDSNoErr, fInOutMatchRecordCount to zero, and fIOContinueData to NULL.
fInNodeRefValue of type tDirNodeReference that identifies the directory node for which the search is to be conducted. The directory node reference was created when the client application opened the directory node session.
fOutDataBuffValue of type tDataBufferPtr that points to the tDataBuffer structure in which the plug-in is to place search results.
fInRecTypeListValue of type tDataListPtr pointing to a tDataList structure containing the record types that are to be searched. See Standard Record Types and Meta Record Type Constants for possible values. If NULL, set fResult to eDSEmptyRecordTypeList and return.
fInAttrTypeValue of type tDataNodePtr pointing to a tDataNode structure containing the attribute types that are to be searched for. See the attribute constants described in the “Constants” section for possible values. If NULL, set fResult to eDSEmptyAttributeType and return.
fInPattMatchTypeValue of type tDirPatternMatch that describes the way in which the pattern specified by fInPatt2Match is to be matched. The pattern match type can be a value that the plug-in and application agree upon or a constant defined by Open Directory, as described in the section Pattern Matching Constants.
fInPatt2MatchValue of type tDataNodePtr pointing to a tDataNode structure containing the pattern that is to be matched.
fInOutMatchRecordCountValue of type unsigned long. The first time the client application calls dsDoAttributeValueSearchWithData, fInOutMatchRecordCount is zero to receive all matching records or is a positive integer value that specifies the total number of records the client application wants to receive across what may be a series of dsDoAttributeValueSearchWithData calls. If the latter, the plug-in should use the initial input value o ffInOutMatchRecordCount to limit the total number of matching records it returns. Before returning, the plug-in should set fInOutMatchRecordCount to the number of records it has placed in the buffer pointed to by fOutDataBuff. The plug-in should ignore the input value of fInOutMatchRecordCount whenever it is processing a sDoAttributeValueSearchWithData structure that has an fIOContinueData field that is not NULL.
fIOContinueDataValue of type tContextData containing continuation data. For the first in a series of calls to dsDoAttributeValueSearchWithData, the input value is NULL. If the plug-in can store all of the matching records in the buffer pointed to by fOutDataBuff, it sets fIOContinueData to NULL before returning. If there more records than can be stored in the buffer, the plug-in stores as much data as possible and sets fIOContinueData to a plug-in–defined value that the plug-in can use when the client application calls dsDoAttributeValueSearchWithData again to get another buffer of data. You may want to include a timestamp in the continuation data and return an error if you determine that fOutContinueData is out of date.
fInAttrTypeRequestListValue of type tDataListPtr pointing to a tDataList structure containing attribute types that are to be returned if matches are found. See the attribute constants described in the “Constants” section for possible values. If NULL, set fResult to eDSEmptyAttributeTypeList and return.
fInAttrInfoOnlyBoolean value set to TRUE if the plug-in is only to provide information about attributes or set to FALSE if the plug-in is to provide the values of the attributes as well as information about the attributes.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sDoAttrValueSearchWithData structure when an Open Directory client calls dsDoAttributeValueSearchWithData to search for records. Matches are based on the value of fInAttrType, fInPattMatchType, and fInPatt2Match. For records that match, the fInAttrTypeRequestList field determines which attributes to return.
The plug-in uses the fInNodeRef field of the sDoAttrValueSearchWithData structure to determine the directory node in which the search is to be conducted, the fInRecTypeList field to determine the record types that are to be searched, the fInAttrType field to determine the attribute types that are to be searched, the fInPatt2Match field to get the pattern to match, and the fInPattMatchType field to determine the way in which the pattern is to be compared. If this is the first in what may be a series of calls to get the complete search results, the fIOContinueData field is NULL. Otherwise, fIOContinueData contains a plug-in–defined value that the plug-in uses to provide the context required to resume filling the buffer pointed to by fOutDataBuff with search results.
The sDoAttrValueSearchWithData structure differs from the sDoAttrValueSearch structure in that the sDoAttrValueSearchWithData structure has two additional fields: fInAttrTypeRequestList, which specifies the type of attributes for which information is to be returned when a match is found, and fInAttrInfoOnly, which indicates whether attribute information or attribute information and attribute values are to be returned when a match is found.
Depending on the size of the data buffer pointed to by fOutDataBuff and the length of the search results, the plug-in’s routine for processing sDoAttrValueSearchWithData structures may be called multiple times in order to return all of the search results. The first time the plug-in’s routine for processing sDoAttrValueSearchWithData structures is called, the input value of fIOContinueData is NULL and input value of fInOutRecEntryCount specifies the total number of records that the plug-in should return even if the plug-in’s routine for processing sDoAttrValueSearchWithData structures must be called more than once.
If there are records that match the search criteria specified by fInRecTypeList, fInAttrType, fInPattMatchType, and fInPatt2Match, plug-in puts the record entries, attribute entries, and attribute values in the buffer pointed to by fOutDataBuff. It also sets fInOutMatchRecordCount to the number of records that have been placed in fOutDataBuff and sets fResult to eDSNoErr. If the buffer pointed to by fOutDataBuff is too small to hold all of the data, the plug-in sets fIOContinueData to a plug-in–defined value that the plug-in can use when the client application calls dsDoAttributeValueSearchWithData again to get another buffer of data. If the buffer pointed to by fOutDataBuff contains all of the records or contains the last records in the record list, the plug-in sets fIOContinueData to NULL.
If the plug-in returns before it gets search results to place in the buffer pointed to by fOutDataBuff, it should set fInOutMatchRecordCount to zero, set fResult to eDSNoErr, and set fIOContinueData to a plug-in–defined value that is not NULL. These settings indicate to the client application that it should call dsDoAttributeValueSearchWithData again to get the search results.
If there are no matching records, the plug-in sets fInOutMatchRecordCount to zero, fIOContinueData to NULL, sets fResult to eDSNoErr, and returns.
Structure received when an Open Directory client calls dsDoDirNodeAuth.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirNodeReference fInNodeRef;
tDataNodePtr fInAuthMethod;
bool fInDirNodeAuthOnlyFlag;
tDataBufferPtr fInAuthStepData;
tDataBufferPtr fOutAuthStepDataResponse;
tContextData fIOContinueData;
} sDoDirNodeAuth;
fTypeAlways kDoDirNodeAuth.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to authenticate the session. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInNodeRefValue of type tDirNodeReference that identifies the directory node session that is to be authenticated. The directory node reference was created when the client application opened the session with the directory node.
fInAuthMethodValue of type tDataNodePtr that points to a tDataNode structure containing the authentication task that is to be performed.Examples include kDSStdAuthSetPasswd, kDSStdAuthSetPasswdAsRoot, and kDSStdAuthChangePasswd to set or change a password and kDSStdAuthClearText and kDSStdAuth2WayRandom to authenticate a user for a directory node session. See the attribute constants described in the “Constants” section for possible values.
fInDirNodeAuthOnlyFlagBoolean value that is TRUE if the client application does not want the result of this authentication to be used to grant or deny access for subsequent operations pertaining to this node. When the value of fInDirNodeAuthOnlyFlag is FALSE, the client application wants the result of this authentication to be applied to other operations that pertain to this directory node.
fInAuthStepDataValue of type tDataBufferPtr pointing to a tDataBuffer structure that contains a value that identifies the step in the authentication process for which the plug-in ProcessRequest routine has been called.
fOutAuthStepDataResponseValue of type tDataBufferPtr that points to the tDataBuffer structure in which the plug-in is to place its response.
fIOContinueDataValue of type tContextData. If this the first step in the authentication process, fIOContinueData is NULL. If this is any other step, fIOContinueData should contain a value that the plug-in returned to the client application when the client previously called dsDoDirNodeAuth. The plug-in can use fIOContinueData to maintain context information about the authentication process as it progresses through the various steps required by the authentication method. You may want to include a timestamp in fIOContinueData and fail the next step in the authentication process if fIOContinueData is too old.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sDoDirNoteAuth structure when an Open Directory client calls dsDoDirNodeAuth to perform an authentication task.
The plug-in uses the fInNodeRef field of the sDoDirNodeAuth structure to determine the directory node for which the authentication task is to be perform and the fInAuthMethod field to determine the authentication task. The plug-in also uses the fInDirNodeAuthOnlyFlag field to determine whether to apply the results of the authentication to other Open Directory calls the client application may make, and the fInAuthStepData field indicates the current step in the authentication process.
If this step in the authentication process is successful, the plug-in sets fResult to eDSNoErr. If there are additional steps in the authentication process, the plug-in sets fOutAuthStepDataResponse to a value that is appropriate for this authentication method and sets fIOContinueData to a plug-in–defined value before returning. If this is the last step in the authentication process, the plug-in sets fIOContinueData to NULL.
If this step in the authentication process was not successful, the plug-in sets fResult to an appropriate result code as described in “Result Codes,” sets fIOContinueData to NULL, and returns.
Structure received when an Open Directory client calls dsDoMultipleAttributeValueSearch.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirNodeReferencefInNodeRef;
tDataBufferPtr fOutDataBuff;
tDataListPtr fInRecTypeList;
tDataNodePtr fInAttrType;
tDirPatternMatchfInPattMatchType;
tDataListPtr fInPatterns2MatchList;
unsigned long fInOutMatchRecordCount;
tContextData fIOContinueData;
} sDoMultiAttrValueSearch;
fTypeAlways kDoMultipleAttributeValueSearch.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to search for the attribute values. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.” If no matches are found, the plug-in should set fResult to eDSNoErr, fInOutMatchRecordCount to zero, and fIOContinueData to NULL.
fInNodeRefValue of type tDirNodeReference that identifies the directory node for which the search is to be conducted. The directory node reference was created when the client application opened the directory node session.
fOutDataBuffValue of type tDataBufferPtr that points to the tDataBuffer structure in which the plug-in is to place search results.
fInRecTypeListValue of type tDataListPtr pointing to a tDataList structure containing the record types that are to be searched. See Standard Record Types and Meta Record Type Constants for possible values. If NULL, set fResult to eDSEmptyRecordTypeList and return.
fInAttrTypeValue of type tDataNodePtr pointing to a tDataNode structure containing the attribute types that are to be searched for. See the attribute constants described in the “Constants” section for possible values. If NULL, set fResult to eDSEmptyAttributeType and return.
fInPattMatchTypeValue of type tDirPatternMatch that describes the way in which the pattern specified by fInPatt2Match is to be matched. The pattern match type can be a value that the plug-in and application agree upon or a constant defined by Open Directory, as described in the section Pattern Matching Constants.
fInPatterns2MatchListValue of type tDataListPtr pointing to a tDataList structure containing a list of patterns to be matched.
fInOutMatchRecordCountValue of type unsigned long. The first time the client application calls dsDoAttributeValueSearch, fInOutMatchRecordCount is zero to receive all matching records or is a positive integer value that specifies the total number of records the client application wants to receive across what may be a series of dsDoAttributeValueSearch calls. If the latter, the plug-in should use the initial input value of fInOutMatchRecordCount to limit the total number of matching records it returns. Before returning, the plug-in should set fInOutMatchRecordCount to the number of records it has placed in the buffer pointed to by fOutDataBuff. The plug-in should ignore the input value of fInOutMatchRecordCount whenever it is processing a sDoMultiAttrValueSearch structure that has anfIOContinueData field that is not NULL.
fIOContinueDataValue of type tContextData containing continuation data. For the first in a series of calls to dsDoAttributeValueSearch, the input value is NULL. If the plug-in can store all of the matching records in the buffer pointed to by fOutDataBuff, it sets fIOContinueData to NULL before returning. If there more records than can be stored in the buffer, the plug-in stores as much data as possible and sets fIOContinueData to a plug-in–defined value that the plug-in can use when the client application calls dsDoAttributeValueSearch again to get another buffer of data. You may want to include a timestamp in the continuation data and return an error if you determine that fOutContinueData is out of date.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sDoMultiAttrValueSearch structure when an Open Directory client calls dsDoMultipleAttributeValueSearch to search for records that have attributes whose values match one of multiple specified patterns.
The plug-in uses the fInNodeRef field of the sDoMultiAttrValueSearch structure to determine the directory node in which the search is to be conducted, the fInRecTypeList field to determine the type of records that are to be searched, the fInAttrType field to determine the attributes that are to be searched, the fInPatterns2MatchList field to get the patterns to match, and the fInPattMatchType field to determine the way in which the patterns are to be compared. If this is the first in what may be a series of calls to get the complete search results, the fIOContinueData field is NULL. Otherwise, fIOContinueData contains a plug-in–defined value that the plug-in uses to provide the context required to resume filling the buffer pointed to by fOutDataBuff with search results.
Depending on the size of the data buffer pointed to by fOutDataBuff and the length of the search results, the plug-in’s routine for processing sDoMultiAttrValueSearch structures may be called multiple times in order to return all of the search results. The first time the plug-in’s routine for processing the sDoMultiAttrValueSearch structure is called, the input value of fIOContinueData is NULL and input value of fInOutRecEntryCount specifies the total number of records that the plug-in should return even if the plug-in’s routine for processing sDoMultiAttrValueSearch structures must be called more than once.
If there are records that match the search criteria specified by fInRecTypeList, fInAttrType, fInPattMatchType, and fInPattern2MatchList, the plug-in puts the record entries, attribute entries, and attribute values in the buffer pointed to by fOutDataBuff. It also sets fInOutMatchRecordCount to the number of records that have been placed in fOutDataBuff and sets fResult to eDSNoErr. If the buffer pointed to by fOutDataBuff is too small to hold all of the data, the plug-in sets fIOContinueData to a plug-in–defined value that the plug-in can use when the client application calls dsDoMultipleAttributeValueSearch again to get another buffer of data. If the buffer pointed to by fOutDataBuff contains all of the records or contains the last records in the list of records, the plug-in sets fIOContinueData to NULL.
If the plug-in returns before it gets search results to place in the buffer pointed to by fOutDataBuff, it should set fInOutMatchRecordCount to zero, set fResult to eDSNoErr, and set fIOContinueData to a plug-in–defined value that is not NULL. These settings indicate to the client that it should call dsDoMultipleAttributeValueSearch again to get the search results.
If there are no matching records, the plug-in sets fInOutMatchRecordCount to zero, fIOContinueData to NULL, sets fResult to eDSNoErr, and returns.
Structure received when an Open Directory client calls dsDoMultipleAttributeValueSearch.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirNodeReferencefInNodeRef;
tDataBufferPtr fOutDataBuff;
tDataListPtr fInRecTypeList;
tDataNodePtr fInAttrType;
tDirPatternMatchfInPattMatchType;
tDataListPtr fInPatterns2MatchList;
unsigned long fInOutMatchRecordCount;
tContextData fIOContinueData;
tDataListPtr fInAttrTypeRequestList;
bool fInAttrInfoOnly;
} sDoMultiAttrValueSearchWithData;
fTypeAlways kDoMultipleAttributeValueSearchWithData.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to search for the attribute values. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.” If no matches are found, the plug-in should set fResult to eDSNoErr, fInOutMatchRecordCount to zero, and fIOContinueData to NULL.
fInNodeRefValue of type tDirNodeReference that identifies the directory node for which the search is to be conducted. The directory node reference was created when the client application opened the directory node session.
fOutDataBuffValue of type tDataBufferPtr that points to the tDataBuffer structure in which the plug-in is to place search results.
fInRecTypeListValue of type tDataListPtr pointing to a tDataList structure containing the record types that are to be searched. See Standard Record Types and Meta Record Type Constants for possible values. If NULL, set fResult to eDSEmptyRecordTypeList and return.
fInAttrTypeValue of type tDataNodePtr pointing to a tDataNode structure containing the attribute types that are to be searched for. See the attribute constants described in the “Constants” section for possible values. If NULL, set fResult to eDSEmptyAttributeType and return.
fInPattMatchTypeValue of type tDirPatternMatch that describes the way in which the pattern specified by fInPatt2Match is to be matched. The pattern match type can be a value that the plug-in and application agree upon or a constant defined by Open Directory, as described in the section Pattern Matching Constants.
fInPatterns2MatchListValue of type tDataListPtr pointing to a tDataList structure containing a list of patterns to be matched.
fInOutMatchRecordCountValue of type unsigned long. The first time the client application calls dsDoAttributeValueSearch, fInOutMatchRecordCount is zero to receive all matching records or is a positive integer value that specifies the total number of records the client application wants to receive across what may be a series of dsDoAttributeValueSearch calls. If the latter, the plug-in should use the initial input value of fInOutMatchRecordCount to limit the total number of matching records it returns. Before returning, the plug-in should set fInOutMatchRecordCount to the number of records it has placed in the buffer pointed to by fOutDataBuff. The plug-in should ignore the input value of fInOutMatchRecordCount whenever it is processing a sDoMultiAttrValueSearchWithData structure that has an fIOContinueData field that is not NULL.
fIOContinueDataValue of type tContextData containing continuation data. For the first in a series of calls to dsDoAttributeValueSearch, the input value is NULL. If the plug-in can store all of the matching records in the buffer pointed to by fOutDataBuff, it sets fIOContinueData to NULL before returning. If there more records than can be stored in the buffer, the plug-in stores as much data as possible and sets fIOContinueData to a plug-in–defined value that the plug-in can use when the client application calls dsDoAttributeValueSearch again to get another buffer of data. You may want to include a timestamp in the continuation data and return an error if you determine that fOutContinueData is out of date.
fInAttrTypeRequestListValue of type tDataListPtr pointing to a tDataList structure containing the types of attribute that are to be returned if matches are found. See the attribute constants described in the “Constants” section for possible values. If NULL, set fResult to eDSEmptyAttributeTypeList and return.
fInAttrInfoOnlyBoolean value set to TRUE if the plug-in is only to provide information about attributes or set to FALSE if the plug-in is to provide the values of the attributes as well as information about the attributes.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sDoMultiAttrValueSearchWithData structure when an Open Directory client calls dsDoMultipleAttributeValueSearchWithData to search for records that have attributes whose values match one of multiple specified patterns and return the values of the attributes specified by fInAttrTypeRequestList when a match occurs.
The plug-in uses the fInNodeRef field of the sDoMultiAttrValueSearch structure to determine the directory node in which the search is to be conducted, the fInRecTypeList field to determine the type of records that are to be searched, the fInAttrType field to determine the attributes that are to be searched, the fInPatterns2MatchList field to get the patterns to match, and the fInPattMatchType field to determine the way in which the patterns are to be compared. If this is the first in what may be a series of calls to get the complete search results, the fIOContinueData field is NULL. Otherwise, fIOContinueData contains a plug-in–defined value that the plug-in uses to provide the context required to resume filling the buffer pointed to by fOutDataBuff with search results.
The sDoMultiAttrValueSearchWithData structure differs from the sDoMultiAttrValueSearch structure in that the sDoMultiAttrValueSearchWithData structure has two additional fields: fInAttrTypeRequestList, which specifies the type of attributes for which information is to be returned when a match is found, and fInAttrInfoOnly, which indicates whether attribute information or attribute information and attribute values are to be returned when a match is found.
Depending on the size of the data buffer pointed to by fOutDataBuff and the length of the search results, the plug-in’s routine for processing sDoMultiAttrValueSearchWithData structures may be called multiple times in order to return all of the search results. The first time the plug-in’s routine for processing the sDoMultiAttrValueSearchWithData structure is called, the input value of fIOContinueData is NULL and input value of fInOutRecEntryCount specifies the total number of records that the plug-in should return even if the plug-in’s routine for processing sDoMultiAttrValueSearchWithData structures must be called more than once.
If there are records that match the search criteria specified by fInRecTypeList, fInAttrType, fInPattMatchType, and fInPattern2MatchList, the plug-in puts the record entries, attribute entries, and attribute values in the buffer pointed to by fOutDataBuff. It also sets fInOutMatchRecordCount to the number of records that have been placed in fOutDataBuff and sets fResult to eDSNoErr. If the buffer pointed to by fOutDataBuff is too small to hold all of the data, the plug-in sets fIOContinueData to a plug-in–defined value that the plug-in can use when the client application calls dsDoMultipleAttributeValueSearch again to get another buffer of data. If the buffer pointed to by fOutDataBuff contains all of the records or contains the last records in the list of records, the plug-in sets fIOContinueData to NULL.
If the plug-in returns before it gets search results to place in the buffer pointed to by fOutDataBuff, it should set fInOutMatchRecordCount to zero, set fResult to eDSNoErr, and set fIOContinueData to a plug-in–defined value that is not NULL. These settings indicate to the client that it should call dsDoMultipleAttributeValueSearch again to get the search results.
If there are no matching records, the plug-in sets fInOutMatchRecordCount to zero, fIOContinueData to NULL, sets fResult to eDSNoErr, and returns.
Structure received when an Open Directory client calls dsDoPluginCustomCall.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirNodeReferencefInNodeRef;
unsigned long fInRequestCode;
tDataBufferPtr fInRequestData;
tDataBufferPtr fOutRequestResponse;
} sDoPlugInCustomCall;
fTypeAlways kDoPlugInCustomCall.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that the plug-in responded without error when it processed the sDoPluginCustomCall structure. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInNodeRefValue of type tDirNodeReference that identifies the directory node session to which fInRequestCode and fInRequestData apply.
fInRequestCodeValue of type unsigned long that contains a request code that has significance to the plug-in.
fInRequestDataValue of type tDataBufferPtr that points to a tDataBuffer structure containing data sent by the client application to the plug-in.
fOutRequestResponseValue of type tDataBufferPtr that points to a tDataBuffer structure in which the plug-in places data that is to be returned to the client application.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sDoPluginCustomCall structure when an Open Directory client calls dsDoPluginCustomCall to send custom data to the plug-in.
The plug-in verifies that the directory node reference stored in fInNodeRef is valid. It then interprets the value of the fInRequestCode field, parses the value pointed to by the fInRequestData field, and performs an action that is appropriate for the request code. If the plug-in needs to return data to the client application, it stores the data in the tDatabuffer structure pointed to by fOutRequestResponse.
If the plug-in performs the action without error, it sets fResult to eDSNoErr; otherwise, it sets fResult to an appropriate result code as described in “Result Codes.”
Structure received when an Open Directory client calls dsFlushRecord.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReferencefInRecRef;
} sFlushRecord;
fTypeAlways kFlushRecord.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to flush the record. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference representing the record that is to be flushed. The plug-in created the value of fInRecRef when it was called to process a request to open the record.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sFlushRecord structure when an Open Directory client calls dsFlushRecord.
The plug-in uses the fInRecRef field of the sFlushRecord structure to determine the record that is to be flushed. If the plug-in can write the record, it does so and sets fResult to eDSNoErr, and returns. If the plug-in cannot flush the record, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsGetAttributeEntry.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirNodeReference fInNodeRef;
tDataBufferPtr fInOutDataBuff;
tAttributeListRef fInAttrListRef;
unsigned long fInAttrInfoIndex;
tAttributeValueListRef fOutAttrValueListRef;
tAttributeEntryPtr fOutAttrInfoPtr;
} sGetAttributeEntry;
fTypeAlways kGetAttributeEntry.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to get the requested attribute information. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInNodeRefValue of type tDirNodeReference that identifies the directory node of the record whose attribute information is to be obtained. The directory node reference was created when the client application opened the directory node session.
fInOutDataBuffValue of type tDataBufferPtr that points to the tDataBuffer structure from which the attribute information is to be obtained.
fInAttrListRefValue of type tAttributeListRef that refers to an attribute list that the plug-in returned to the client application when it processed a sGetDirNodeInfo or a sGetRecordEntry structure or that the plug-in returned to the client application when it previously called dsGetAttributeEntry. The plug-in uses the attribute list reference to locate the attribute information in the buffer pointed to by fInOutDataBuff.
fInAttrInfoIndexValue of type unsigned long that specifies the one-based index number of the attribute whose information is to be obtained from the buffer pointed to by fInOutDataBuff.
fOutAttrValueListRefValue of type tAttributeValueListRef assigned by the DirectoryService daemon and that the plug-in associates with the internal structure the plug-in uses to maintain information about the reference.
fOutAttrInfoPtrPointer to a value of type tAttributeValueEntryPtr that points to a tAttributeEntry structure in which the plug-in is to place the attribute information.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sGetAttributeEntry structure when an Open Directory client calls dsGetAttributeEntry to get information about an attribute from the buffer pointed to by fInOutDataBuff.
The plug-in uses the fInNodeRef field to determine the directory node of the record for which attribute information is requested and the fInAttrInfoIndex field to determine the attribute for which attribute information is requested. The information includes the number of values the attribute has, the total number of bytes the values use, the maximum size of a value for the specified attribute, and the attribute’s unique signature.
If the plug-in can get the requested information from fInOutDataBuff, it puts the attribute information in the attribute entry structure pointed to by fOutAttrInfoPtr, sets fOutAttrValueListRef to a value that the plug-in can use to locate the attribute’s value if its routine for processing sGetAttributeValue structures is called, sets fResult to eDSNoErr, and returns.
If the plug-in cannot provide the requested attribute information, it sets fOutAttrValueListRef to NULL, sets fResult to an appropriate result code as described in “Result Codes” and returns.
For information on parsing the data buffer, see the section “Client Side Buffer Parsing” in Chapter 1.
Structure received when an Open Directory client calls dsGetAttributeValue.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirNodeReference fInNodeRef;
tDataBufferPtr fInOutDataBuff;
unsigned long fInAttrValueIndex;
tAttributeValueListRef fInAttrValueListRef;
tAttributeValueEntryPtr fOutAttrValue;
} sGetAttributeValue;
fTypeAlways kGetAttributeValue.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to get the requested attribute value. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInNodeRefValue of type tDirNodeReference that identifies the directory node of the record whose attribute value is to be obtained. The directory node reference was created when the client application opened the directory node session.
fInOutDataBuffValue of type tDataBufferPtr pointing to the tDataBuffer structure containing information previously obtained when the plug-in responded to an sGetRecordList, sDoAttrValueSearch, sDoAttrValueSearchWithData, sDoMultiAttrValueSearch, or sDOMultiAttrValueSearchWithData request from the client application.
fInAttrValueIndexValue of type unsigned long containing a one-based index that specifies which attribute value to get. A value of 1 specifies the first value, a value of 2 specifies the second value, and so on.
fInAttrValueListRefValue of type tAttributeValueListRef created by the plug-in when its routine for processing sGetAttributeEntry structures was called. The reference contains information that the plug-in uses to locate the attribute value in the data buffer pointed to by fInOutDataBuff.
fOutAttrValueValue of type tAttributeValueEntryPtr pointing to the tAttributeValueEntry structure in which the plug-in is to place the value of the attribute specified by the fInAttrValueIndex field.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sGetAttributeValue structure when an Open Directory client calls dsGetAttributeValue.
The plug-in uses the fInNodeRef field of the sGetAttributeValue structure to determine the directory node of the record for which an attribute value is being obtained.
If the plug-in can get the requested value from the data buffer pointed to by fInOutDataBuff, it puts the value in the attribute value entry structure pointed to by fOutAttrValue, sets fResult to eDSNoErr, and returns.
If the plug-in cannot get the requested value, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
For information on parsing the data buffer, see the section “Client Side Buffer Parsing” in Chapter 1.
Structure received when an Open Directory client application calls dsGetDirNodeInfo.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirNodeReference fInNodeRef;
tDataListPtr fInDirNodeInfoTypeList;
tDataBufferPtr fOutDataBuff;
bool fInAttrInfoOnly;
unsigned long fOutAttrInfoCount;
tAttributeListRef fOutAttrListRef;
tContextData fOutContinueData;
} sGetDirNodeInfo;
fTypeAlways kGetDirNodeInfo.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to get information about the directory node identified by fInNodeRef. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInNodeRefValue of type tDirNodeReference that identifies the directory node for which information is to be obtained. The directory node reference was created when the client application opened the directory node.
fInDirNodeInfoTypeListValue of type tDataListPtr that points to a tDataList structure containing the attribute types for which information is being requested.
fOutDataBuffValue of type tDataBufferPtr pointing to a tDataBuffer structure. If the plug-in obtains the requested information, it puts the information in the data buffer pointed to by fOutDataBuff.
fInAttrInfoOnlyBoolean value set to TRUE if the plug-in is only to provide information about attributes or set to FALSE if the plug-in is to provide the values of the attributes as well as information about the attributes.
fOutAttrInfoCountOn return, fOutAttrInfoCount contains the number of attribute types the plug-in has placed in the buffer pointed to by fOutDataBuff.
fOutAttrListRefValue of type tAttributeListRef assigned by the DirectoryService daemon and that the plug-in associates with the internal structure the plug-in uses to maintain information about the reference.
fOutContinueDataValue of type tContextData that represents continuation data. If this is the first call in what may be a series of calls for this value of fInNodeRef, the input value of fOutContinueData is NULL. If all of the directory node information fits in the buffer pointed to by fOutDataBuff, the plug-in sets fOutContinueData to NULL. If there is more information than can fit in the buffer, set fOutContinueData to a plug-in–defined value.Your routine for processing sGetDirNodeInfo structures will be called again, and the fOutContinueData field will contain the continuation data that you previously returned to the client application. Therefore, the continuation data should be a value that you can use to determine which directory node information to place in the data buffer the next time your routine for processing sGetDirNodeInfo structures is called for this value of fInNodeRef. You may want to include a timestamp in the continuation data and return an error if you determine that fOutContinueData is out of date.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sGetDirNodeInfo structure when an Open Directory client calls dsGetDirNodeInfo.
The plug-in uses the fInNodeRef field of the sGetDirNodeInfo structure to determine the directory node for which information is requested, the data list pointed to by fInDirNodeInfoTypeList to determine the type of information that is requested, and fInAttrInfoOnly to determine whether to also return attribute values.
If the plug-in can get attribute information for the specified directory node, it puts the requested information in the buffer pointed to by fOutDataBuff. If fOutDataBuff is too small to hold all of the information, the plug-in sets fOutContinueData to a plug-in–defined value. If all of the information fits in the buffer, the plug-in sets fOutDataBuff to NULL. Before returning, the plug-in sets fOutAttrInfoCount to the number of attributes types that have been placed in the buffer.
If the plug-in cannot get the requested information, it sets fResult to an appropriate result code as described in “Result Codes,” sets fOutContinueData to NULL, sets fOutAttrInfoCount to zero, and returns.
Structure received when an Open Directory client calls dsGetRecordAttributeInfo.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReference fInRecRef;
tDataNodePtr fInAttrType;
tAttributeEntryPtr fOutAttrInfoPtr;
} sGetRecAttribInfo;
fTypeAlways kGetRecordAttributeInfo.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to get information about the attribute of the record referred to by fInRecRef. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference that represents the record for which information about an attribute is to be obtained. The plug-in created the value of fInRecRef when it was called to process a request to open the record.
fInAttrTypeValue of type tDataNodePtr that points to a tDataNode structure containing the attribute type for which information is requested.
fOutAttrInfoPtrValue of type tAttributeValueEntryPtr that points to an tAttributeEntry structure containing the requested attribute information.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sGetRecAttribInfo structure when an Open Directory client calls dsGetRecordAttributeInfo.
The plug-in uses the fInRecRef field of the sGetRecAttribInfo structure to determine the record for which information about an attribute is to be obtained and the fInAttrType field to determine the attribute type for which attribute information is to be obtained. The information includes the number of values the attribute has, the total number of bytes the values use, the maximum size of a value for the specified attribute, and the attribute’s unique signature.
If the plug-in can get the attribute information, it places the information in the attribute entry structure pointed to by fOutAttrInfoPtr, sets fResult to eDSNoErr, and returns.
If the plug-in cannot get the attribute’s information, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsGetRecordAttributeValueByID.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReference fInRecRef;
tDataNodePtr fInAttrType;
unsigned long fInAttrValueID;
tAttributeValueEntryPtr fOutEntryPtr;
} sGetRecordAttributeValueByID;
fTypeAlways kGetRecordAttributeValueByID.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to get the value of the attribute. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference that represents the record for which an attribute value is to be obtained. The plug-in created the value of fInRecRef when it was called to process a request to open the record.
fInAttrTypeValue of type tDataNodePtr that points to a tDataNode structure containing the type of attribute for which an attribute value is requested.
fInAttrValueIDValue of type unsigned long that specifies the attribute value ID of the attribute value that is to be obtained.
fOutEntryPtrValue of type tAttributeValueEntryPtr that points to an tAttributeValueEntry structure in which the plug-in places the requested attribute value.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sGetRecordAttributeValueByID structure when an Open Directory client calls dsGetRecordAttributeValueByID to get the value of an attribute by it attribute value ID.
The plug-in uses the fInRecRef field of the sGetRecordAttributeValueByID structure to determine the record for which the value of an attribute is to be obtained, the fInAttrType field to determine the type of the attribute whose value is to be obtained, and the fInAttrValueID field to determine the ID of the attribute value to get.
If the plug-in can get the specified attribute value, it places the value in the attribute value entry structure pointed to by fOutEntryPtr, sets fResult to eDSNoErr, and returns.
If the plug-in cannot get the attribute’s value, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsGetRecordAttributeValueByIndex.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReference fInRecRef;
tDataNodePtr fInAttrType;
unsigned long fInAttrValueIndex;
tAttributeValueEntryPtr fOutEntryPtr;
} sGetRecordAttributeValueByIndex;
fTypeAlways kGetRecordAttributeValueByIndex.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to get the value of the attribute. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference that represents the record whose attribute value is to be obtained. The plug-in created the value of fInRecRef when it was called to process a request to open the record.
fInAttrTypeValue of type tDataNodePtr that points to a tDataNode structure containing the type of the attribute whose value is requested.
fInAttrValueIndexValue of type unsigned long that specifies the attribute for which information is to be obtained, using a one-based index.
fOutEntryPtrValue of type tAttributeValueEntryPtr that points to an tAttributeValueEntry in which the plug-in is to place the attribute’s value.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sGetRecordAttributeValueByIndex structure when an Open Directory client calls dsGetRecordAttributeValueByIndex to get the value of an attribute by its attribute index.
The plug-in uses the fInRecRef field of the sGetRecordAttributeValueByIndex structure to determine the record for which the value of an attribute is to be obtained, the fInAttrType field to determine the type of the attribute whose value is to be obtained, and the fInAttrValueIndex field to determine which attribute value to obtain.
If the plug-in can get the specified attribute value, it places the value in the attribute value entry structure pointed to by fOutEntryPtr, sets fResult to eDSNoErr, and returns.
If the plug-in cannot get the attribute’s value, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsGetRecordAttributeValueByValue.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReference fInRecRef;
tDataNodePtr fInAttrType;
tDataNodePtr fInAttrValue;
tAttributeValueEntryPtr fOutEntryPtr;
} sGetRecordAttributeValueByValue;
fTypeAlways kGetRecordAttributeValueByValue.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to get the value of the attribute. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference that represents the record whose attribute value is to be obtained. The plug-in created the value of fInRecRef when it was called to process a request to open the record.
fInAttrTypeValue of type tDataNodePtr that points to a tDataNode structure containing the type of the attribute whose value is requested.
fInAttrValueValue of type tDataNodePtr that specifies the value that is to be obtained.
fOutEntryPtrValue of type tAttributeValueEntryPtr that points to an tAttributeValueEntry in which the plug-in is to place the attribute’s value.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sGetRecordAttributeValueByValue structure when an Open Directory client calls dsGetRecordAttributeValueByValue to get the value of an attribute by its value.
The plug-in uses the fInRecRef field of the sGetRecordAttributeValueByValue structure to determine the record for which the value of an attribute is to be obtained, the fInAttrType field to determine the type of the attribute whose value is to be obtained, and the fInAttrValue field to determine which attribute value to obtain.
If the plug-in can get the specified attribute value, it places the value in the attribute value entry structure pointed to by fOutEntryPtr, sets fResult to eDSNoErr, and returns.
If the plug-in cannot get the attribute’s value, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsGetRecordEntry.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirNodeReference fInNodeRef;
tDataBufferPtr fInOutDataBuff;
unsigned long fInRecEntryIndex;
tAttributeListRef fOutAttrListRef;
tRecordEntryPtr fOutRecEntryPtr;
} sGetRecordEntry;
fTypeAlways kGetRecordEntry.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to get the record entries for the directory node identified by fInNodeRef. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInNodeRefValue of type tDirNodeReference that identifies the directory node for which the record entry is to be obtained. The directory node reference was created when the client application opened the directory node.
fInOutDataBuffValue of type tDataBufferPtr that points to the tDataBuffer structure from which the record entry is to be obtained.
fInRecEntryIndexValue of type unsigned long that specifies the record to get. The fInRecEntryIndex field contains a value that is a one-based index.
fOutAttrListRefValue of type tAttributeListRef assigned by the DirectoryService daemon and that the plug-in associates with the internal structure the plug-in uses to maintain information about the reference.
fOutRecEntryPtrValue of type tRecordEntryPtr that points to a tRecordEntry structure containing the requested record.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sGetRecordEntry structure when an Open Directory client calls dsGetRecordEntry to get information about a record.
The plug-in gets information about the record from the buffer pointed to by fInOutDataBuff. The record information consists of the record’s name, type, and number of attributes. The buffer pointed to by fInOutDataBuff was previously filled in by the plug-in when the plug-in’s ProcessRequest routine responded to the receipt of an sGetRecordList structure.
The plug-in verifies that the directory node reference provided in the fInNodeRef field is valid. If the directory node reference is valid, the plug-in uses the fInRecEntryIndex field to determine the record for which record information is to be obtained, places the information in the record entry structure pointed to by the fOutRecEntryPtr field, and places the record’s attribute information in the attribute list referred to by tOutAttrListRef. Before returning, the plug-in sets fResult to eDSNoErr.
If the plug-in cannot get the requested information, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
For information on parsing the data buffer, see the section “Client Side Buffer Parsing” in Chapter 1.
Structure called when an Open Directory client calls dsGetRecordList.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirNodeReference fInNodeRef;
tDataBufferPtr fInDataBuff;
tDataListPtr fInRecNameList;
tDirPatternMatch fInPatternMatch;
tDataListPtr fInRecTypeList;
tDataListPtr fInAttribTypeList;
bool fInAttribInfoOnly;
unsigned long fOutRecEntryCount;
tContextData fIOContinueData;
} sGetRecordList;
fTypeAlways kGetRecordList.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to get the requested list of records for the node identified by fInNodeRef. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.” If no matches are found, the plug-in should set fResult to eDSNoErr, fOutRecEntryCount to zero, and fIOContinueData to NULL.
fInNodeRefValue of type tDirNodeReference that identifies the directory node for which the record list is to be obtained. The directory node reference was created when the client application opened the directory node.
fInDataBuffValue of type tDataBufferPtr pointing to the tDataBuffer structure in which the plug-in is to return the record list.
fInRecNameListValue of type tDataListPtr that points to a tDataList structure containing patterns in UTF-8 encoding that are to be compared with record names. If fInRecNameList is kDSRecordsAll, the plug-in should ignore fInPatternMatch and include all records for the directory node identified by fInNodeRef.
fInPatternMatchValue of type tDirPatternMatch that describes the way in which the patterns specified by fInRecNameList are to be compared. See Pattern Matching Constants for possible constants. The pattern match type may also be a type defined by the Open Directory plug-in that handles the directory system represented by inDirReference.
fInRecTypeListValue of type tDataListPtr that points to atDataList structure containing the types of records to get. See Standard Record Types and Meta Record Type Constants for possible values.
fInAttribTypeListValue of type tDataListPtr that points to a tDataList structure containing the attribute types of records to get. See the attribute constants described in the “Constants” section for possible values.
fInAttribInfoOnlyValue of type bool. If fInAttribInfoOnly is TRUE, the plug-in should include in the buffer pointed to by fInDataBuff attribute information for matching records. If fInAttribInfoOnly is FALSE, the plug-in should include in the buffer pointed to by fInDataBuff attribute information as well as attribute values for matching records.
fOutRecEntryCountValue of type unsigned long. The first time the client application calls dsGetRecordList, fOutRecEntryCount is zero to receive all matching records or is a positive integer value that specifies the total number of records the client application wants to receive across what may be a series of dsGetRecordList calls. If the latter, the plug-in should use the initial input value of fOutRecEntryCount to limit the total number of matching records it returns. Before returning, the plug-in should set fOutRecEntryCount to the number of records it has placed in the buffer pointed to by fInDataBuff. The plug-in should ignore the input value of fOutRecEntryCount whenever it is processing a sGetRecordList structure that has an fIOContinueData field that is not NULL.
fIOContinueDataValue of type tContextData containing continuation data. For the first in a series of calls to dsGetRecordList, the input value is NULL. If the plug-in can store all of the matching records in the buffer pointed to by fInDataBuff, it sets fIOContinueData to NULL before returning. If there more records than can be stored in the buffer, the plug-in stores as much data as possible and sets fIOContinueData to a plug-in–defined value that the plug-in can use when the client application calls dsGetRecordList again to get another buffer of data. You may want to include a timestamp in the continuation data and return an error if you determine that fOutContinueData is out of date.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sGetRecordList structure when an Open Directory client calls dsGetRecordList to get a list of records for a directory node.
The plug-in uses the fInNodeRef field of the sGetRecordList structure to determine the directory node for which the record list is requested, the data list pointed to by fInRecNameList to get the names of records for which information is requested, the data list pointed to by fInRecTypeList to determine the types of records for which information is requested, and the data list pointed to by fInAttributeTypeList to determine the attributes for which information is requested. The plug-in should return only those records whose names match the pattern specified by fInRecNameList. The value of the fInAttributeInfoOnly field determines whether the plug-in should also return attribute values.
Depending on the size of the data buffer pointed to by fInDataBuff and the length of the list of records, the plug-in’s routine for processing sGetRecordList structures may be called multiple times in order to return the complete list. The first time the plug-in’s routine for processing sGetRecordList structures is called, the input value of fIOContinueData is NULL and input value of fInOutRecEntryCount specifies the total number of records that the plug-in should return even if the plug-in’s routine for processing sGetRecordList structures must be called more than once.
If there are records that match the criteria specified by fInRecNameList, fInPatternMatch, fInRecTypeList, and fInAttributeTypeList, plug-in puts the record entries, attribute entries, and attribute values (if fInAttributeInfoOnly is FALSE) in the buffer pointed to by fInDataBuff. It also sets fInOutRecEntryCount to the number of records that have been placed in fInDataBuff and sets fResult to eDSNoErr. If the buffer pointed to by fInDataBuff is too small to hold all of the records, the plug-in sets fIOContinueData to a plug-in–defined value that the plug-in can use when the client application calls dsGetRecordList again to get another buffer of data. If the buffer pointed to by fInDataBuff contains all of the records or contains the last records in the record list, the plug-in sets fIOContinueData to NULL.
If the plug-in returns before it can get records to place in the buffer pointed to by fInDataBuff, it should set fOutRecEntryCount to zero, set fResult to eDSNoErr, set fIOContinueData to a plug-in–defined value that is not NULL. These settings indicate to the client application that it should call dsGetRecordList again to get the records.
If there are no matching records, the plug-in sets fOutRecEntryCount to zero, fIOContinueData to NULL, and fResult to eDSNoErr, and returns.
Structure received when an Open Directory client calls dsGetRecordReferenceInfo.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReference fInRecRef;
tRecordEntryPtr fOutRecInfo;
} sGetRecRefInfo;
fTypeAlways kGetRecordRefInfo.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to get information for the record reference specified by fInRecRef. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference that specifies the record for which information is to be obtained. The plug-in created the value of fInRecRef when it was called to process a request to open the record.
fOutRecInfoValue of type tRecordEntryPtr that points to a tRecordEntry structure containing the requested information.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sGetRecRefInfo structure when an Open Directory client calls dsGetRecordReferenceInfo to get information about a record.
The plug-in uses the fInRecRef field of the sGetRecRefInfo structure to determine the record for information is to be obtained. The information consists of the record’s name, type, and the number of attributes the record has.
If the plug-in can get the record’s information, it places the information in the record entry structure pointed to by fOutRecInfo, sets fResult to eDSnoErr, and returns.
If the plug-in cannot get the record’s information, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure for passing the DirectoryService daemon’s run loop and the Kerberos mutex.
typedef struct {
uInt32 fType;
sInt32 fResult;
tContextData fContextData;
} sHeader;
fTypekServerRunLoop or kKerberosMutex.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fContextDataValue of type tContextData containing the run loop or the Kerberos mutex.
The DirectoryService daemon calls the plug-in’s ProcessRequest entry point once after the plug-in has been loaded and initialized to pass in the fContextData field the CFRunloop for the currently executing process. You can use the run loop to set up timers as an alternative to using the PeriodicTask entry point for setting timers.
Here is an example that gets the run loop from the fContextData field:
if ( ((sHeader *)inData)->fType == kServerRunLoop) |
{ |
if ( (((sHeader *)inData)->fContextData) != nil ) |
{ |
fServerRunLoop = (CFRunLoopRef)(((sHeader *)inData)->fContextData); |
} |
} |
The sHeader structure is also used to pass the Kerberos mutex, a value of type DSMutexSempaphore, immediately after the run loop is passed.
Structure received when an Open Directory client calls dsOpenDirNode.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirReference fInDirRef;
tDataListPtr fInDirNodeName;
tDirNodeReferencefOutNodeRef;
uid_t fInUID;
uid_t fInEffectiveUID;
} sOpenDirNode;
fTypeAlways kOpenDirNode.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to open the directory node specified by fInDirNodeName. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInDirRefValue of type tDirReference that was created when the client application opened the Open Directory session for which this directory node is to be opened.
fInDirNodeNameValue of type tDataListPtr pointing to a tDataList structure containing the name of the directory node that is to be opened.
fOutNodeRefValue of type tDirNodeReference assigned by the DirectoryService daemon and that the plug-in associates with the internal structure the plug-in uses to maintain information about the reference.
fInUIDValue of type uid_t containing the UID of the calling process. Your plug-in can use the value of fInUID and fInEffectiveUID to determine whether to allow a process to perform certain activities without requiring authentication.
fInEffectiveUIDValue of type uid_t containing the effective UID of the calling process. Your plug-in can use the value of fInEffectiveUID and fInUID to determine whether to allow a process to perform certain activities without requiring authentication.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sOpenDirNode structure when an Open Directory client calls dsOpenDirNode to open a directory node.
The plug-in uses the fInDirNodeName field to determine the name of the directory node to open.
If the plug-in can open the specified directory node, it sets fResult to eDSNoErr and returns.
If the plug-in cannot open the directory node or if the Open Directory reference is invalid, the plug-in sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsOpenRecord.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirNodeReference fInNodeRef;
tDataNodePtr fInRecType;
tDataNodePtr fInRecName;
tRecordReference fOutRecRef;
} sOpenRecord;
fTypeAlways kOpenRecord.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to open the specified record. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInNodeRefValue of type tDirNodeReference that identifies the directory node of the record that is to be opened. The directory node reference was created when the client application opened the directory node.
fInRecTypeValue of type tDataNodePtr that points to a tDataNode structure containing the type of the record that is to be opened.
fInRecNameValue of type tDataNodePtr that points to a tDataNode structure containing the name of the record that is to be opened.
fOutRecRefValue of type tRecordReference assigned by the DirectoryService daemon and that the plug-in associates with the internal structure the plug-in uses to maintain information about the reference.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sOpenRecord structure when an Open Directory client calls dsOpenRecord.
The plug-in uses the fInNodeRef field of the sOpenRecord structure to determine the directory node of the record that is to be opened, the fInRecType field to determine the type of the record that this is to be opened, and the fInRecName field to determine the name of the record that is to be opened.
If the plug-in can open the record, it sets fResult to eDSNoErr, and returns. Later, when the client application calls Open Directory functions that operate on the opened record, the record reference will be passed to the plug-in, which should use the record reference to identify the record.
If the plug-in cannot open the record, it should set fResult to an appropriate result code as described in “Result Codes” and return.
Structure received when an Open Directory client calls dsReleaseContinueData.
typedef struct {
uInt32 fType;
sInt32 fResult;
tDirReference fInDirReference;
tContextData fInContinueData;
} sReleaseContinueData;
fTypeAlways kReleaseContinueData.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to deallocate the memory associated with fInContinueData. If an error occurs, the plug-in set fResult to a value listed in “Result Codes.”
fInDirReferenceValue of type tDirReference or of type tDirNodeReference, depending on the type of reference that was used in the call that created the continue data that is to be released.
fInContinueDataValue of type tContextData that points to memory that is to be released.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sReleaseContinueData structure when an Open Directory client calls dsReleaseContinueData.
The plug-in deallocates the memory associated with fInContinueData, sets fResult to eDSNoErr, and returns.
If the plug-in cannot deallocate the memory associated with fInContinueData, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsRemoveAttribute.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReferencefInRecRef;
tDataNodePtr fInAttribute;
} sRemoveAttribute;
fTypeAlways kRemoveAttribute.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to remove the attribute. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference representing the record from which the attribute is to be removed.
fInAttributeValue of type tDataNodePtr that points to a tDataNode structure containing the name of the attribute that is to be removed.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sRemoveAttribute structure when an Open Directory client calls dsRemoveAttribute to remove an attribute from a record.
The plug-in uses the fInRecRef field of the sRemoveAttribute structure to determine the record from which an attribute is to be removed and the fInAttribute field to determine the name of the attribute that is to be removed.
If the plug-in can remove the attribute, it removes the attribute and all of its values, invalidates any attribute list references that may be active for this attribute, sets fResult to eDSNoErr, and returns. After returning, the plug-in responds with an error to any calls of its ProcessRequest entry point that provide a pointers to an attribute entry structure or an attribute value entry structure for the removed attribute.
If the plug-in cannot remove the attribute, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsRemoveAttributeValue.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReference fInRecRef;
tDataNodePtr fInAttrType;
unsigned long fInAttrValueID;
} sRemoveAttributeValue;
fTypeAlways kRemoveAttributeValue.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to remove the value from the attribute. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference representing the record for which a value is to be removed to an attribute.
fInAttrTypeValue of type tDataNodePtr that points to a tDataNode structure containing the type the attribute from which a value is to be removed.
fInAttrValueIDValue of type unsigned long that specifies the ID of the value that is to be removed.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sRemoveAttributeValue structure when an Open Directory client calls dsRemoveAttributeValue to remove a value from an attribute.
The plug-in uses the fInRecRef field of the sRemoveAttributeValue structure to determine the record for which a value is to be removed from an attribute, the fInAttrType field to determine the type of the attribute from which a value is to be removed, and the fInAttrValueID field to determine which attribute value to remove.
If the plug-in can remove the specified value from the specified attribute, it removes the attribute, invalidates any attribute value list references for the removed value, sets fResult to eDSNoErr, and returns. After returning, the plug-in responds with an error to any calls of its ProcessRequest entry point that provide a pointer to an attribute value entry structure for the removed attribute value.
If the plug-in cannot add the attribute value, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsSetAttributeValue.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReference fInRecRef;
tDataNodePtr fInAttrType;
tAttributeValueEntryPtr fInAttrValueEntry;
} sSetAttributeValue;
fTypeAlways kSetAttributeValue.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to set the specified value in the attribute. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference representing the record for which a value is to be set in an attribute. The record reference was created when the plug-in processed an sOpenRecord structure.
fInAttrTypeValue of type tDataNodePtr that points to a tDataNode structure containing the type the attribute whose value is to be set.
fInAttrValueEntryValue of type tAttributeValueEntryPtr that points to a tAttributeValueEntry structure containing the value that is to be set and its attribute value ID.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sSetAttributeValue structure when an Open Directory client calls dsSetAttributeValue to set an attribute’s value.
The plug-in uses the fInRecRef field of the sSetAttributeValue structure to determine the record for which an attribute value is to be set and the fInAttrType field to determine the type of the attribute whose value is to be set. The fInAttrValueEntry field contains a pointer to a tAttributeValueEntry structure whose fAttributeValueID field identifies which value is to be replaced and whose fAttributeValueData field contains the new value.
If the plug-in can set the attribute value, it sets the value, sets fResult to eDSNoErr, and returns.
If the plug-in cannot set the attribute value, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsSetAttributeValues.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReference fInRecRef;
tDataNodePtr fInAttrType;
tDataListPtr fInAttrValueList;
} sSetAttributeValues;
fTypeAlways kSetAttributeValues.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to set the specified value in the attribute. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference representing the record for which a value is to be set in an attribute. The record reference was created when the plug-in processed an sOpenRecord structure.
fInAttrTypeValue of type tDataNodePtr that points to a tDataNode structure containing the type the attribute whose value is to be set.
fInAttrValueListValue of type tAttributeValueEntryPtr that points to a tAttributeValueEntry structure containing the attribute ID of the attribute whose values are to be replaced and a list of the replacement values.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sSetAttributeValues structure when an Open Directory client calls dsSetAttributeValues to replace multiple values for the specified attribute. If the attribute does not exist, the plug-in creates the attribute and sets it to the values specified by fInAttrValueList.
The plug-in uses the fInRecRef field of the sSetAttributeValues structure to determine the record for which an attribute value is to be set and the fInAttrType field to determine the type of the attribute for which values are to be set. The fInAttrValueList field points to a tDataList structure containing a list of values that are to be set for the attribute.
If the plug-in can set the attribute values, it sets the values, sets fResult to eDSNoErr, and returns.
If the plug-in cannot set the attribute values, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client calls dsSetRecordName.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReferencefInRecRef;
tDataNodePtr fInNewRecName;
} sSetRecordName;
fTypeAlways kSetRecordName.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to set the record’s name. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference representing the record whose name is to be set. The plug-in created the value of fInRecRef when it was called to process a request to open the record.
fInNewRecNameValue of type tDataNodePtr that points to a tDataNode structure containing the name in UTF-8 encoding that is to be set.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sSetRecordName structure when an Open Directory client calls dsSetRecordName to set the name of a record.
The plug-in uses the fInRecRef field of the sSetRecordName structure to determine the record whose name is to be set.
If the plug-in can set the new name, it sets the new name, sets fResult to eDSNoErr, and returns.
If the plug-in cannot set the new name, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Structure received when an Open Directory client application calls dsSetRecordType.
typedef struct {
uInt32 fType;
sInt32 fResult;
tRecordReference fInRecRef;
tDataNodePtr fInNewRecType;
} sSetRecordType;
fTypeAlways kSetRecordType.
fResultValue of type sInt32 that the plug-in sets to eDSNoErr before returning to indicate that it was able to set the record’s type. If an error occurs, the plug-in sets fResult to a value listed in “Result Codes.”
fInRecRefValue of type tRecordReference representing the record whose type is to be set. The plug-in created the value of fInRecRef when it was called to process a request to open the record.
fInNewRecTypeValue of type tDataNodePtr that points to a tDataNode structure containing the type that is to be set.
The DirectoryService daemon calls a plug-in’s ProcessRequest entry point and passes an sSetRecordType structure when an Open Directory client calls dsSetRecordType to set a record’s type.
The plug-in uses the fInRecRef field of the sSetRecordType structure to determine the record whose type is to be set.
If the plug-in can set the new type, it sets the record to the new type, sets fResult to eDSNoErr, and returns.
If the plug-in cannot set the new type, it sets fResult to an appropriate result code as described in “Result Codes” and returns.
Note that this structure is deprecated in Mac OS X 10.3 and later and is not supported on LDAP.
Authentication constants.
#define kDSStdAuthMethodPrefix "dsAuthMethodStandard:" #define kDSNativeAuthMethodPrefix "dsAuthMethodNative:" #define kDSSetPasswordBestOf "dsSetPasswdBestOf" #define kDSValueAuthAuthorityDefault "kDSValueAuthAuthorityBasic" #define kDSValueAuthAuthorityBasic ";basic;" #define kDSTagAuthorityBasic ";basic;" #define kDSValueAuthAuthorityLocalWindowsHash ";LocalWindowsHash;" #define kDSTagAuthAuthorityLocalWindowsHash "LocalWindowsHash" #define kDSValueAuthAuthorityShadowHash ";ShadowHash;" #define kDSTagAuthAuthoridyShadowHash "ShadowHash" #define kDSTagAuthAuthorityBetterHashOnly "BetterHashOnly" #define kDSValueAuthAuthorityPasswordServerPrefix ";ApplePasswordServer;" #define kDSTagAuthAuthorityPasswordServer "ApplePasswordServer" #define kDSValueAuthAuthorityKerberosv5 ";Kerberosv5;" #define kDSTagAuthAuthorityKerberosv5 "Kerberosvr5" #define kDSValueAuthAuthorityLocalCachedUser ";LocalCachedUser;" #define kDSTagAuthAuthorityLocalCachedUser "LocalCachedUser" #define kDSValueAuthAuthorityDisabledUser ";DisabledUser;" #define kDSTagAuthAuthorityDisabledUser "DisabledUser" #define kDSValueNonCryptPasswordMarker "********"
kDSStdAuthMethodPrefixPrefix defined for standard authentication methods.
kDSNativeAuthMethodPrefixPrefix defined for native authentication methods.
kDSSetPasswdBestOfNot used; retained for backward compatibility only.
kDSValueAuthAuthorityDefaultThe default value to use for the kDSNAttrAuthenticationAuthority attribute. Set this attribute before creating a user record. By default, the value of this attribute is kDSValueAuthAuthorityBasic.
kDSValueAuthAuthorityBasicStandard authentication authority value for basic (crypt) authentication.
kDSTagAuthAuthorityBasicStandard center tag data of the authentication authority value for basic (crypt) authentication.
Available in Mac OS X v10.2 and later.
kDSValueAuthAuthorityLocalWindowsHashStandard authentication authority value for Local Windows Hash authentication; retained for backward compatibility only.
kDSTagAuthAuthorityLocalWindowsHashStandard center tag data of the authentication authority value for Local Windows Hash authentication. Available in Mac OS X v10.2 and later but retained for backward compatibility only in Mac OS X v10.3 and later.
kDSValueAuthAuthorityShadowHashStandard authentication authority value for ShadowHash authentication.
Available in Mac OS X v10.2 and later.
kDSTagAuthAuthorityShadowHashStandard center tag data of the authentication authority value for ShadowHash authentication.
Available in Mac OS X v10.3 and later.
kDSTagAuthAuthorityBetterHashOnlyUsed as authentication authority data with Shadow Hash authentication authority. Available in Mac OS X v10.3 and later. Superseded in Mac OX X version 10.4 by specifying customized hash lists. For details, see the section “Shadow Hash Authentication” in Chapter 1, “Concepts.”
kDSValueAuthAuthorityPasswordServerPrefixStandard authentication authority value for Apple Password Server authentication.
kDSTagAuthAuthorityPasswordServerStandard center tag data of the authentication authority value for Apple Password Server authentication.
Available in Mac OS X v10.3 and later.
kDSValueAuthAuthorityKerberosv5Standard authentication authority value for Kerberos version 5 authentication.
Available in Mac OS X v10.3 and later.
kDSTagAuthAuthorityKerberosv5Tag form of the Kerberos version 5 authentication type.
Available in Mac OS X v10.3 and later.
kDSValueAuthAuthorityLocalCachedUserStandard authentication authority value for Local Cached User authentication.
Available in Mac OS X v10.3 and later.
kDSTagAuthAuthorityLocalCachedUserStandard center tag data of the authentication authority value for Local Cached User authentication.
Available in Mac OS X v10.3 and later.
kDSValueAuthAuthorityDisabledUserStandard authentication authority value for Disabled User authentication.
Available in Mac OS X v10.2 and later.
kDSTagAuthAuthorityDisabledUserStandard center tag data of the authentication authority value for Disabled User authentication.
Available in Mac OS X v10.2 and later.
kDSValueNonCryptPasswordMarkerMarker used for password attribute value to indicate non-crypt authentication.
DirectoryService/DirServicesConst.hConstants defined for authentication methods.
#define kDSStdAuth2WayRandom "dsAuthMethodStandard:dsAuth2WayRandom" #define kDSStdAuth2WayRandomChangePasswd "dsAuthMethodStandard:dsAuth2WayRandomChangePasswd" #define kDSStdAuthAPOP "dsAuthMethodStandard:dsAuthAPOP" #define kDSStdAuthCHAP "dsAuthMethodStandard:dsAuthCHAP" #define kDSStdAuthCRAM_MD5 "dsAuthMethodStandard:dsAuthNodeCRAM-MD5" #define kDSStdAuthChangePasswd "dsAuthMethodStandard:dsAuthChangePasswd" #define kDSStdAuthClearText "dsAuthMethodStandard:dsAuthClearText" #define kDSStdAuthCrypt "dsAuthMethodStandard:dsAuthCrypt" #define kDSStdAuthDIGEST_MD5 "dsAuthMethodStandard:dsAuthNodeDIGEST-MD5" #define kDSStdAuthDeleteUser "dsAuthMethodStandard:dsAuthDeleteUser" #define kDSStdAuthGetEffectivePolicy "dsAuthMethodStandard:dsAuthGetEffectivePolicy" #define kDSStdAuthGetGlobalPolicy "dsAuthMethodStandard:dsAuthGetGlobalPolicy" #define kDSStdAuthGetKerberosPrincipal "dsAuthMethodStandard:dsAuthGetKerberosPrincipal" #define kDSStdAuthGetPolicy "dsAuthMethodStandard:dsAuthGetPolicy" #define kDSStdAuthGetUserData "dsAuthMethodStandard:dsAuthGetUserData" #define kDSStdAuthGetUserName "dsAuthMethodStandard:dsAuthGetUserName" #define kDSStdAuthMASKE_A "dsAuthMethodStandard:dsAuthMASKE-A" #define kDSStdAuthMASKE_B "dsAuthMethodStandard:dsAuthMASKE-B" #define kDSStdAuthMPPEMasterKeys "dsAuthMethodsStandard:dsAuthMPPEMasterKeys" #define kDSStdAuthMSCHAP1 "dsAuthMethodStandard:dsAuthMSCHAP1" #define kDSStdAuthMSCHAP2 "dsAuthMethodStandard:dsAuthMSCHAP2" #define kDSStdAuthNTLMv2 "dsAuthMethodsStandard:dsAuthNodeNTLMv2" #define kDSStdAuthNewUser "dsAuthMethodStandard:dsAuthNewUser" #define kDSStdAuthNewUserWithPolicy "dsAuthMethodsStandard:dsAuthNewUserWithPolicy" #define kDSStdAuthNodeNativeClearTextOK "dsAuthMethodStandard:dsAuthNodeNativeCanUseClearText" #define kDSStdAuthNodeNativeNoClearText "dsAuthMethodStandard:dsAuthNodeNativeCannotUseClearText" #define kDSStdAuthReadSecureHash "dsAuthMethodStandard:dsAuthReadSecureHash" #define kDSStdAuthSMBWorkStationCredentialSessionKey "dsAuthMethodStandard:dsAuthSMBWorkStationCredentialSessionKey" #define kDSStdAuthSMB_LM_Key "dsAuthMethodStandard:dsAuthSMBLMKey" #define kDSStdAuthSMB_NT_Key "dsAuthMethodStandard:dsAuthSMBNTKey" #define kDSStdAuthSMB_NT_UserSessionKey "dsAuthMethodStandard:dsAuthSMBNTUserSessionKey" #define kDSStdAuthSecureHash "dsAuthMethodStandard:dsAuthSecureHash" #define kDSStdAuthSetGlobalPolicy "dsAuthMethodStandard:dsAuthSetGlobalPolicy" #define kDSStdAuthSetLMHash "dsAuthMethodsStandard:dsAuthSetLMHash" #define kDSStdAuthSetNTHash "dsAuthMethodsStandard:dsAuthSetNTHash" #define kDSStdAuthSetPasswd "dsAuthMethodStandard:dsAuthSetPasswd" #define kDSStdAuthSetPasswdAsRoot "dsAuthMethodStandard:dsAuthSetPasswdAsRoot" #define kDSStdAuthSetPolicy "dsAuthMethodStandard:dsAuthSetPolicy" #define kDSStdAuthSetPolicyAsRoot "dsAuthMethodStandard:dsAuthSetPolicyAsRoot" #define kDSStdAuthSetUserData "dsAuthMethodStandard:dsAuthSetUserData" #define kDSStdAuthSetUserName "dsAuthMethodStandard:dsAuthSetUserName" #define kDSStdAuthSetWorkStationPasswd "dsAuthMethodStandard:dsAuthSetWorkstationPasswd" #define kDSStdAuthWithAuthorizationRef "dsAuthMethodStandard:dsAuthWithAuthorizationRef" #define kDSStdAuthWriteSecureHash "dsAuthMethodStandard:dsAuthWriteSecureHash"
kDSStdAuth2WayRandomTwo-way random authentication method. Deprecated in Mac OS X v10.3.
kDSStdAuth2WayRandomChangePasswdAuthentication method for changing the password of a user using the two-way random authentication method. Use of this authentication method does not require prior authentication. The packed buffer consists of a four byte length of username, the UTF-8 encoded user name, followed by four bytes specifying the length of the old password that follows, followed by the old password encrypted with the new password, followed by four bytes specifying the length of the new password, followed by the new password encrypted by the old password. Deprecated in Mac OS X v10.3.
kDSStdAuthAPOPAPOP authentication method.
kDSStdAuthCHAPCHAP authentication.
Available in Mac OS X v10.3 and later.
kDSStdAuthCRAM_MD5CRAM MD5 authentication method.
kDSStdAuthChangePasswdAuthentication method for changing passwords. When changing a password, send the following information in a single buffer: four bytes containing the length of the user name, the user name in UTF-8 encoding, four bytes containing the length of the old password, the old password in UTF-8 encoding, four bytes containing the length of the new password, and the new password in UTF-8 encoding.
kDSStdAuthClearTextClear text authentication method.
kDSStdAuthCryptCrypt password authentication method. When performing crypt authentication, send the following information in a single buffer: four bytes containing the length of the user name, the user name in UTF-8 encoding, four bytes containing the length of the password, and the password in UTF-8 encoding. Open Directory plug-ins are not required to support this authentication method.
kDSStdAuthDIGEST_MD5Digest MD5 authentication method.
kDSStdAuthDeleteUserAuthentication method used by the Apple Password Server for deleting a user.
kDSStdAuthGetEffectivePolicyUsed to extract from an Apple Password Server the combination of global and user policies that will be applied to a user.
Available in Mac OS X v10.3 and later.
kDSStdAuthGetGlobalPolicyAuthentication method used by the Apple Password Server plug-in for getting the global password policy.
kDSStdAuthGetKerberosPrincipalAuthentication method for getting the Kerberos Principal name.
Available in Mac OS X v10.3 and later.
kDSStdAuthGetPolicyThe Open Directory plug-in determines which authentication method to use. Prior to Mac OS X v10.4, this authentication method was used only by the Apple Password Server, which does not require authentication to use this authentication method. Starting with Mac OX X version 10.4, Shadow Hash authentication supports password policies, so use of kDSStdAuthGetPolicy is no longer limited to the Apple Password Server. Send the following items in a single buffer: four bytes containing the length of the authenticator’s UserID, the authenticator’s UserID in UTF-8 encoding, four bytes containing the length of the authenticator’s password, the authenticator’s password in UTF-8 encoding, four bytes containing the length of the UserID that follows, and the UserID in UTF-8 encoding of the account for which policies are to be obtained. The first and second items can be empty strings and the third item can be a username if calling a directory node. This authentication method is used by the Apple Password Server, which does not require authentication to use this authentication method.
kDSStdAuthGetUserDataAuthentication method used by the Apple Password Server for getting a user’s data.
kDSStdAuthGetUserNameAuthentication method used by the Apple Password Server for getting a user’s name.
kDSStdAuthMASKE_ARetained for backward compatibility only.
kDSStdAuthMASKE_BRetained for backward compatibility only.
kDSStdAuthMPPEMasterKeys40- or 128-bit master key generated from MS-CHAPv2 credentials (RFC 3079).
Available in Mac OS X v10.4 and later.
kDSStdAuthMSCHAP1MS-CHAP1 authentication method.
Available in Mac OS X v10.3 and later.
kDSStdAuthMSCHAP2MS-CHAP2, a mutual authentication method. The Open Directory plug-in generates the data and sends it back to the client. The input buffer format consists of a four byte value specifying the length of the user name that follows, the user name, a four byte value specifying the length of the server challenge that follows, the server challenge, a four byte value specifying the length of the peer challenge that follows, the peer challenge, a four byte value specifying the length of the client’s digest that follows, and the client’s digest. The output buffer consists of a four byte value specifying the length of the return digest for the client’s challenge.
kDSStdAuthNTLMv2NTLMv2 session key packed as follows: 4 byte length of username, username in UTF-8 encoding, four byte length of the Samba server challenge, the Samba server challenge, four byte length of the NTLMv2 client data, the client data (which includes 16 bytes of client digest prefixed to the client data), four byte length of the user name used to calculate the digest, the user name used to calculate the digest in UTF-8 encoding, four byte length of the Samba domain, and the Samba domain in UTF-8 encoding. If the NTLMv2 session key is supported, it is returned in the output buffer.
Available in Mac OS X v10.4 and later.
kDSStdAuthNewUserCreate a new user record with an authentication authority. Send the following information in a single buffer: four bytes containing the length of the authenticator’s UserID, the authenticator’s UserID in UTF-8 encoding, four bytes containing the length of the authenticator’s password, the authenticator’s password in UTF-8 encoding, four bytes containing the new user’s Short Name, the user’s Short Name, four byte length of the new user’s password, and the new user’s password. This authentication type is used by the Apple Password Server.
kDSStdAuthNewUserWithPolicyCreate a new user record with an authentication authority and initial policy settings. Send the following information in a single buffer: four bytes containing the length of the authenticator’s UserID, the authenticator’s UserID in UTF-8 encoding, four bytes containing the length of the authenticator’s password, the authenticator’s password in UTF-8 encoding, four bytes containing the new user’s Short Name, the user’s Short Name, four byte length of the user’s password, the new user’s password, four byte length of the policy string, and the policy string in UTF-8 encoding. This authentication type is used by the Apple Password Server.
kDSStdAuthNodeNativeClearTextOKNative authentication method that allows clear text passwords. The Open Directory plug-in determines which authentication method to use and may decide to use clear text. When using this authentication method, send the following information in a single buffer: four bytes containing the length of the user name, the user name in UTF-8 encoding, four bytes containing the password, and the password in UTF-8 encoding.
kDSStdAuthNodeNativeNoClearTextNative authentication method that does not allow clear text passwords. The Open Directory plug-in determines which authentication method to use but must not use clear text. When using this authentication method, send the following information in a single buffer: four bytes containing the length of the user name, the user name in UTF-8 encoding, four bytes containing the password, and the password in UTF-8 encoding.
kDSStdAuthReadSecureHashAllows a root process to read the secure hash attribute of a user record directly.
Available in Mac OS X v10.3 and later.
kDSStdAuthSMBNTv2UserSessionKeyUsed to generate an NTLMv2 user session key; requires prior authentication using a trusted authentication method. The buffer is packed as follows: four byte length of the directory services name, the directory services name in UTF-8 encoding, four byte length of the server challenge, eight byte server challenge, four byte length of the client response, and the client response buffer.
Available in Mac OS X v10.4 and later.
kDSStdAuthSMBWorkstationCredentialSessionKeySMB workstation credential session key authentication; used to support PDC SMB iteration with Open Directory.
Available in Mac OS X v10.3 and later.
kDSStdAuthSMB_LM_KeySMB LAN Manager authentication method that uses DES.
kDSStdAuthSMB_NT_KeyMD5 hash-based SMB authentication method.
kDSStdAuthSMB_NT_UserSessionKeySMB NT session key authentication; used to support PDC SMB iteration with Open Directory.
Available in Mac OS X v10.3 and later.
kDSStdAuthSecureHashSecure Hash authentication method.
Available in Mac OS X v10.3 and later.
kDSStdAuthSetGlobalPolicyAuthentication method used by the Apple Password Server plug-in for setting the global password policy, such as the minimum password length, time before a password expires, and maximum number of failed logins allowed. Starting with Mac OS X verion 10.4, this authentication method can also be used with ShadowHash on local NetInfo data.
kDSStdAuthSetLMHashUsed to set the LAN Manager hash for a user; requires prior authentication using a trusted authentication method. The buffer is packed as follows: four byte length of the user name, the user name in UTF-8 encoding, four byte length of the LAN Manager hash, and the LAN Manager hash buffer (24 bytes).
Available in Mac OS X v10.4 and later.
kDSStdAuthSetNTHashUsed to set the NT hash for a user; requires prior authentication using a trusted authentication method. The buffer is packed as follows: four byte length of the user name, the user name in UTF-8 encoding, four byte length of the NT hash, and the NT hash buffer (24 bytes).
Available in Mac OS X v10.4 and later.
kDSStdAuthSetPasswdAuthentication method for setting passwords. The buffer is packed as follows: four byte length of the authenticator username, an authenticator username in UTF-8 encoding, four byte length of the authenticator password, authenticator password in UTF-8 encoding, four byte length of the target username, target username in UTF-8 encoding, four byte length of the new password, and the new password in UTF-8 encoding. The authenticator is usually an administrator that has permission to change the target user’s password.
kDSStdAuthSetPasswdAsRootAuthentication method used by root processes that allow the setting of passwords using Basic or Shadow Hash authentication on local domains. This authentication method also works if you previously called dsDoDirNodeAuth or dsDoDirNodeAuthOnRecordType and set the inDirNodeAuthOnly or inDirNodeAuthOnlyFlag parameter, respectively, to FALSE. In this case, your previous credentials determine whether the set password operation succeeds. For example, administrators can usually set any user’s password because their credentials have saved by setting the inDirNodeAuthOnly or inDirNoeAuthOnlyFlag parameter to FALSE.
kDSStdAuthSetPolicyThe Open Directory plug-in determines which authentication method to use. Send the following information in a single buffer: four bytes containing the length of authenticator’s UserID, the authenticator’s UserID in UTF-8 encoding, four bytes containing the length of the authenticator’s password, the authenticator’s password in UTF-8 encoding, four bytes containing the length of the UserID of the account that is setting policies, and the UserID of the account that is setting policies in UTF-8 encoding. This authentication type is used by the Apple Password Server and, starting with Mac OS X v10.4, can be used with ShadowHash on local NetInfo data.
kDSStdAuthSetPolicyAsRootA two-item buffer version of set policy for the Apple Password Server. Available in Mac OS X v10.3 and later. Starting with Mac OS X v10.4, this authentication method can be used with ShadowHash on local NetInfo data.
kDSStdAuthSetUserDataAuthentication method used by the Apple Password Server for setting user’s data.
kDSStdAuthSetUserNameAuthentication method used by the Apple Password Server for setting a user’s name.
kDSStdAuthSetWorkstationPasswdAuthentication method used to set the workstation password; used to support PDC SMB iteration with Open Directory.
Available in Mac OS X v10.3 and later.
kDSStdAuthWithAuthorizationRefAllows access to local directories as root with a valid AuthorizationRef. Input buffer format consists of an externalized AuthorizationRef.
Available in Mac OS X v10.3 and later.
kDSStdAuthWriteSecureHashAllows a root process to write the secure hash attribute of a user record directly.
Available in Mac OS X v10.3 and later.
DirectoryService/DirServicesConst.hConstants defined for neighbor types.
#define kDSValueNSLTopLevelNeighborhoodType "NSLTopLevelNeighborhoodType" #define kDSValueNSLStaticNeighborhoodType "NSLStaticNeighborhoodType" #define kDSValueNSLDynamicNeighborhoodType "NSLDynamicNeighborhoodType" #define kDSValueNSLLocalNeighborhoodType "NSLLocalNeighborhoodType"
kDSValueNSLTopLevelNeighborhoodTypeTop level value type for records of type kDSStdRecordTypeNeighborhoods.
Available in Mac OS X v10.4 and later.
kDSValueNSLStaticNeighboodTypeStatic neighborhood value type for records of type kDSStdRecordTypeNeighborhoods.
Available in Mac OS X v10.4 and later.
kDSValueNSLDynamicNeighboodTypeDynamic neighborhood value type for records of type kDSStdRecordTypeNeighborhoods.
Available in Mac OS X v10.4 and later.
kDSValueNSLLocalNeighboodTypeLocal neighborhood value type for records of type kDSStdRecordTypeNeighborhoods.
Available in Mac OS X v10.4 and later.
DirectoryService/DirServicesConst.hConstants defined for pattern matching.
typedef enum {
eDSNoMatch1 = 0x0000,
eDSAnyMatch = 0x0001,
eDSBeginAppleReserve1 = 0x0002,
eDSEndAppleReserve1 = 0x1fff,
eDSExact = 0x2001,
eDSStartsWith = 0x2002,
eDSEndsWith = 0x2003,
eDSContains = 0x2004,
eDSLessThan = 0x2005,
eDSGreaterThan = 0x2006,
eDSLessEqual = 0x2007,
eDSGreaterEqual = 0x2008,
eDSWildCardPattern = 0x2009,
eDSRegularExpression = 0x200A,
eDSCompoundExpression = 0x200B,
eDSiExact = 0x2101,
eDSiStartsWith = 0x2102,
eDSiEndsWith = 0x2103,
eDSiContains = 0x2104,
eDSiLessThan = 0x2105,
eDSiGreaterThan = 0x2106,
eDSiLessEqual = 0x2107,
eDSiGreaterEqual = 0x2108,
eDSiWildCardPattern = 0x2109,
eDSiRegularExpression = 0x210A,
eDSiCompoundExpression = 0x210B,
eDSLocalNodeNames = 0x2200,
eDSSearchNodeName = 0x2201,
eDSConfigNodeName = 0x2202,
eDSLocalHostedNodes = 0x2203,
eDSAuthenticationSearchNodeName = 0x2201,
eDSContactsSearchNodeName = 0x2204,
eDSNetworkSearchNodeName = 0x2205,
eDSDefaultNetworkNodes = 0x2206,
dDSBeginPlugInCustom = 0x3000,
eDSEndPlugInCustom = 0x4fff,
eDSBeginAppleReserve2 = 0x5000,
eDSEndAppleReserve2 = 0xfffe,
eDSNoMatch2 = 0xffff
} tDirPatternMatch;
eDSNoMatch1Reserved.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSAnyMatchMatches any value.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSBeginAppleReserve1Beginning of a range of values reserved for use by Apple Computer.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSEndAppleReserve1End of a range of values reserved for use by Apple Computer.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSExactMatches the specified value exactly (case sensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSStartsWithMatches values that start with the specified value (case sensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSEndsWithMatches values that end with the specified value (case sensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSContainsMatches values that contain the specified value (case sensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSLessThanMatches values that are less than the specified value (case sensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSGreaterThanMatches values that are greater than the specified value (case sensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSLessEqualMatches values that are less than or equal to the specified value (case sensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSGreaterEqualMatches values that are greater than or equal to the specified value (case sensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSWildCardPatternMatches values using the specified wild card pattern (case sensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSRegularExpressionMatches values using the specified regular expression (case sensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSCompoundExpressionAccommodates an attribute search based on a pre-built compound expression.
Available in Mac OS X v10.2 and later.
Declared in DirServicesTypes.h.
eDSiExactMatches the specified value exactly (case insensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSiStartsWithMatches values that start with the specified value (case insensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSiEndsWithMatches values that end with the specified value (case insensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSiContainsMatches values that contain the specified value (case insensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSiLessThanMatches values that are less than the specified value (case insensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSiGreaterThanMatches values that are greater than the specified value (case insensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSiLessEqualMatches values that are less than or equal to the specified value (case insensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSiGreaterEqualMatches values that are greater than or equal to the specified value (case insensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSiWildCardPatternMatches values using the specified wild card pattern (case insensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSiRegularExpressionMatches values using the specified regular expression (case insensitive).
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSiCompoundExpressionAccommodates an attribute search based on a pre-built compound expression (case insensitive).
Available in Mac OS X v10.2 and later.
Declared in DirServicesTypes.h.
eDSLocalNodeNamesMatches the local node name.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSSearchNodeNameMatches the node name that is to be used to authenticate the Open Directory client.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSConfigNodeNameMatches the configuration node. Used primarily by the Directory Access application for configuration purposes; not intended for use by developers.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSLocalHostedNodesMatches NetInfo domains stored on this machine.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSAuthenticationSearchNodeNameMatches the node name that is to be used to authenticate an Open Directory client. (This is another name for eDSSearchNodeName.)
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSContactsSearchNodeNameMatches the node name that is to be used for searching when authentication is not required; used by Address Book and Mail applications.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSNetworkSearchNodeNameSearches across all the nodes returned by eDSDefaultNetworkNodes.
Available in Mac OS X v10.2 and later.
Declared in DirServicesTypes.h.
eDSDefaultNetworkNodesMatches the default network node.
Available in Mac OS X v10.2 and later.
Declared in DirServicesTypes.h.
dDSBeginPlugInCustomBeginning of a range of values reserved for use by Open Directory plug-ins.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSEndPlugInCustomEnd of a range of values reserved for use by Open Directory plug-ins.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSBeginAppleReserve2Beginning of a range of values reserved for use by Apple Computer.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSEndAppleReserve2End of a range of values reserved for use by Apple Computer.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
eDSNoMatch2Reserved.
Available in Mac OS X v10.0 and later.
Declared in DirServicesTypes.h.
The tDirPatternMatch enumeration defines constants for use with Open Directory functions that look for pattern matches. A directory service is not required to support all types of pattern matching.
DirectoryService/DirServicesTypes.hConstants defined to work with all records, standard records, or native records.
#define kDSRecordsAll "dsRecordsAll" #define kDSRecordsStandardAll "dsRecordsStandardAll" #define kDSRecordsNativeAll "dsRecordsNativeAll" #define kDSNativeRecordTypePrefix "dsRecTypeNative:" #define kDSStdRecordTypeAll "dsRecTypeStandard:All #define kDSStdUserNamesMeta "dsRecTypeStandard:MetaUserNames"
kDSRecordsAllUsed to indicate that all records should be returned (instead of returning records that match a pattern).
kDSRecordsStandardAllRetained for backward compatibility.
kDSRecordsNativeAllRetained for backward compatibility.
kDSStdRecordTypePrefixUsed as the prefix for all standard record types.
kDSNativeRecordTypePrefixPrefix used to identify a native record type.
kDSStdRecordTypeAllUsed to indicate that all record types need to be searched.
Available in Mac OS X v10.4 and later.
kDSStdUserNamesMetaRetained for backward compatibility.
DirectoryService/DirServicesConst.hConstants defined for standard record types.
#define kDSStdRecordTypeAccessControls "dsRecTypeStandard:AccessControls #define kDSStdRecordTypeAFPServer "dsRecTypeStandard:AFPServer" #define kDSStdRecordTypeAFPUserAliases "dsRecTypeStandard:AFPUserAliases" #define kDSStdRecordTypeAliases "dsRecTypeStandard:Aliases" #define kDSStdRecordTypeAutoServerSetup "dsRecTypeStandard:AutoServerSetup" #define kDSStdRecordTypeBootp "dsRecTypeStandard:Bootp" #define kDSStdRecordTypeCertificateAuthorities "dsRecTypeStandard:CertificateAuthorities #define kDSStdRecordTypeComputerLists "dsRecTypeStandard:ComputerLists" #define kDSStdRecordTypeComputers "dsRecTypeStandard:Computers" #define kDSStdRecordTypeConfig "dsRecTypeStandard:Config" #define kDSStdRecordTypeEthernets "dsRecTypeStandard:Ethernets" #define kDSStdRecordTypeFileMakerServers "dsRecTypeStandard:FileMakerServers" #define kDSStdRecordTypeFTPServer "dsRecTypeStandard:FTPServer" #define kDSStdRecordTypeGroupAliases "dsRecTypeStandard:GroupAliases" #define kDSStdRecordTypeGroups "dsRecTypeStandard:Groups" #define kDSStdRecordTypeHostServices "dsRecTypeStandard:HostServices" #define kDSStdRecordTypeHosts "dsRecTypeStandard:Hosts" #define kDSStdRecordTypeLDAPServer "dsRecTypeStandard:LDAPServer" #define kDSStdRecordTypeLocations "dsRecTypeStandard:Locations" #define kDSStdRecordTypeMachines "dsRecTypeStandard:Machines" #define kDSStdRecordTypeMeta "dsRecTypeStandard:AppleMetaRecord" #define kDSStdRecordTypeMounts "dsRecTypeStandard:Mounts" #define kDSStdRecordTypeNeighborhoods "dsRecTypeStandard:Neighborhoods" #define kDSStdRecordTypeNFS "dsRecTypeStandard:NFS" #define kDSStdRecordTypeNetDomains "dsRecTypeStandard:NetDomains" #define kDSStdRecordTypeNetGroups "dsRecTypeStandard:NetGroups" #define kDSStdRecordTypeNetworks "dsRecTypeStandard:Networks" #define kDSStdRecordTypePasswordServer "dsRecTypeStandard:PasswordServer" #define kDSStdRecordTypePeople "dsRecTypeStandard:People" #define kDSStdRecordTypePresetComputerLists "dsRecTypeStandard:PresetComputerLists" #define kDSStdRecordTypePresetGroups "dsRecTypeStandard:PresetGroups" #define kDSStdRecordTypePresetUsers "dsRecTypeStandard:PresetUsers" #define kDSStdRecordTypePrintService "dsRecTypeStandard:PrintService" #define kDSStdRecordTypePrintServiceUser "dsRecTypeStandard:PrintServiceUser" #define kDSStdRecordTypePrinters "dsRecTypeStandard:Printers" #define kDSStdRecordTypeProtocols "dsRecTypeStandard:Protocols" #define kDSStdRecordTypeQTSServer "dsRecTypeStandard:QTSServer" #define kDSStdRecordTypeRPC "dsRecTypeStandard:RPC" #define kDSStdRecordTypeSMBServer "dsRecTypeStandard:SMBServer" #define kDSStdRecordTypeServer "dsRecTypeStandard:Server" #define kDSStdRecordTypeServices "dsRecTypeStandard:Services" #define kDSStdRecordTypeSharePoints "dsRecTypeStandard:SharePoints" #define kDSStdRecordTypeUserAliases "dsRecTypeStandard:UserAliases" #define kDSStdRecordTypeUsers "dsRecTypeStandard:Users" #define kDSStdRecordTypeWebServer "dsRecTypeStandard:WebServer"
kDSStdRecordTypeAccessControlsRecord type for storing directory access control directives.
Available in Mac OS X v10.4 and later.
kDSStdRecordTypeAFPServerRecord type for storing Apple Filing Protocol (AFP) server records.
kDSStdRecordTypeAFPUserAliasesRecord type for storing AFP user aliases records used exclusively by AFP processes. Not used in Mac OS X v10.4 and later.
kDSStdRecordTypeAliasesRecord type for representing alias records.
kDSStdRecordTypeAutoServerSetupType for locating automated server set up information.
Available in Mac OS X v10.3 and later.
kDSStdRecordTypeBootpRecord in the local node for storing bootp information.
kDSStdRecordTypeCertificateAuthoritiesRecord type for storing certificate authority information.
Available in Mac OS X v10.4 and later.
kDSStdRecordTypeComputerListsRecord type for identifying computer record lists.
Available in Mac OS X v10.2 and later.
kDSStdRecordTypeComputersRecord type for identifying computer records.
Available in Mac OS X v10.2 and later.
kDSStdRecordTypeConfigRecord type for identifying configuration records.
kDSStdRecordTypeEthernetsRecord type in the local node for storing Ethernets.
kDSStdRecordTypeFileMakerServersRecord type for storing FileMaker server records that describe FileMaker servers.
Available in Mac OS X v10.4 and later.
kDSStdRecordTypeFTPServerRecord type for storing File Transfer Protocol (FTP) server records.
kDSStdRecordTypeGroupAliasesRecord type for group aliases records. Not supported in Mac OS X v10.4 or later.
kDSStdRecordTypeGroupsRecord type for identifying group records.
kDSStdRecordTypeHostServicesRecord in the local node for storing host services.
kDSStdRecordTypeHostsRecord type for storing host records.
kDSStdRecordTypeLDAPServerRecord type for storing Lightweight Directory Access Protocol (LDAP) server records.
kDSStdRecordTypeLocationsRecord type for storing location information.
Available in Mac OS X v10.4 and later.
kDSStdRecordTypeMachinesRecord type for storing machine records.
kDSStdRecordTypeMetaRecord type for identifying meta records. Not used as of Mac OS X v10.4.
kDSStdRecordTypeMountsRecord type for identifying mount records.
kDSStdRecordTypeNeighborhoodsRecord type for identifying records that contain a list of computers and other neighborhoods; used for network browsing.
Available in Mac OS X v10.4 and later, and used for Managed Network Views.
kDSStdRecordTypeNFSRecord type for identifying Network File System (NFS) records.
kDSStdRecordTypeNetDomainsRecord type in the local node for storing net domains.
kDSStdRecordTypeNetGroupsRecord type in the local node for storing net groups.
kDSStdRecordTypeNetworksRecord type for identifying network records.
kDSStdRecordTypePasswordServerRecord type for discovering password servers via Bonjour.
Available in Mac OS X v10.3 and later.
kDSStdRecordTypePeopleRecord type for identifying “people” records containing contact information.
Available in Mac OS X v10.3 and later.
kDSStdRecordTypePresetComputerListsRecord type for identifying preset computer list records used in record creation.
Available in Mac OS X v10.2 and later.
kDSStdRecordTypePresetGroupsRecord type for identifying preset group records used in record creation.
Available in Mac OS X v10.2 and later.
kDSStdRecordTypePresetUsersRecord type for identifying preset user records used in record creation.
Available in Mac OS X v10.2 and later.
kDSStdRecordTypePrintServiceRecord type for identifying print service records.
kDSStdRecordTypePrintServiceUserRecord type in the local node for storing quota usage for a user.
Available in Mac OS X v10.3 and later.
kDSStdRecordTypePrintersRecord type for identifying printer records.
kDSStdRecordTypeProtocolsRecord type for identifying protocol records.
kDSStdRecordTypeQTSServerRecord type for identifying QuickTime Streaming Server (QTSS) records.
kDSStdRecordTypeRPCRecord type for identifying RPC records.
kDSStdRecordTypeSMBServerRecord type for identifying SMB server records.
kDSStdRecordTypeServerRecord type for identifying generic server records.
kDSStdRecordTypeServicesRecord type for identifying directory-based service records.
kDSStdRecordTypeSharePointsRecord type for identifying share point records.
Available in Mac OS X v10.3 and later.
kDSStdRecordTypeUserAliasesRecord type for storing user aliases records. Not supported in Mac OS X v10.4 or later.
kDSStdRecordTypeUsersRecord type for identifying user records.
kDSStdRecordTypeWebServerRecord type for identifying Web server records.
DirectoryService/DirServicesConst.hConstants defined to get all attributes, standard attributes, or native attributes.
#define kDSAttributesAll "dsAttributesAll" #define kDSAttributesStandardAll "dsAttributesStandardAll" #define kDSAttributesNativeAll "dsAttributesNativeAll" #define kDSStdAttrTypePrefix "dsAttrTypeStandard:" #define kDSNativeAttrTypePrefix "dsAttrTypeNative:" #define kDSAttrNone "dsNone"
kDSAttributesAllIndicates that all attribute types should be searched or returned.
kDSAttributesStandardAllIndicates that all standard attribute types should be searched or returned.
kDSAttributesNativeAllIndicates that all native attribute types should be searched or returned.
kDSStdAttrTypePrefixPrefix used to identify all standard attribute types.
kDSNativeAttrTypePrefixPrefix used to identify directory-native attribute types.
kDSAttrNoneRetained for backward compatibility.
DirectoryService/DirServicesConst.hConstants for accessing alias information.
#define kDS1AttrAlias "dsAttrTypeStandard:Alias" #define kDS1AttrAliasData "dsAttrTypeStandard:AppleAliasData" #define kDSNAttrRecordAlias "dsAttrTypeStandard:RecordAlias" #define kStandardTargetAlias "dsAttrTypeStandard:AppleMetaAliasTarget" #define kStandardSourceAlias "dsAttrTypeStandard:AppleMetaAliasSource"
kDS1AttrAliasSingle-value attribute for storing a pointer to another node, record, or attribute.
kDS1AttrAliasDataSingle-value attribute for storing alias data.
kDSNAttrRecordAliasMulti-value attribute for storing record aliases. Not supported in Mac OS X v10.4 or later.
kStandardTargetAliasSingle-value attribute for storing a target alias. Not supported in Mac OS X v10.4 or later.
kStandardSourceAliasSingle-value attribute for storing a source alias. Not supported in Mac OS X v10.4 or later.
DirectoryService/DirServicesConst.hConstants for accessing boot information.
#define kDS1AttrBootFile "dsAttrTypeStandard:BootFile" #define kDSNAttrBootParams "dsAttrTypeStandard:BootParams"
kDS1AttrBootFileSingle-value attribute for storing the name of the kernel that this machine uses by default when performing a netboot. This attribute is available in Mac OS X v10.4 and later.
kDSNAttrBootParamsMulti-value attribute for storing boot parameters. This attribute is found in records of type kDSStdRecordTypeHosts or kDSStdRecordTypeMachines.
DirectoryService/DirServicesConst.hCertificate attribute constants.
#define kDS1AttrAuthorityRevocationList "dsAttrTypeStandard:AuthorityRevocationList" #define kDS1AttrCACertificate "dsAttrTypeStandard:CACertificate" #define kDS1AttrCertificateRevocationList "dsAttrTypeStandard:CertificateRevocationList" #define kDS1AttrCrossCertificatePair "dsAttrTypeStandard:CrossCertificatePair" #define kDS1AttrUserCertificate "dsAttrTypeStandard:UserCertificate" #define kDS1AttrUserPKCS12Data "dsAttrTypeStandard:UserPKCS12Data" #define kDS1AttrUserSMIMECertificate "dsAttrTypeStandard:UserSMIMECertificate"
kDS1AttrAuthorityRevocationListSingle-value attribute for storing a list of binary certificate authority certificates that are no longer trusted. No user certificates are included in this list. This attribute is usually found in records of type kDSStdRecordTypeCertificateAuthorities. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrCACertificateSingle-value attribute for storing the binary of a certificate of a certificate authority. The corresponding private key is used to sign certificates. This attribute is usually found in records of type kDSStdRecordTypeCertificateAuthorities. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrCertificateRevocationListSingle-value attribute for storing the list of binary certificates that are no longer trusted. This attribute is usually found in records of type kDSStdRecordTypeCertificateAuthorities. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrCrossCertificatePairSingle-value attribute for storing the binary of a pair of certificates that verify each other. Both certificates have the same level of authority. This attribute is usually found in records of type kDSStdRecordTypeCertificateAuthorities. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrUserCertificateSingle-value attribute for storing the binary of a user’s certificate, where a certificate is data that identifies the user and that is attested to by a known party and that can be independently verified by a third party. This attribute is usually found in user records. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrUserPKCS12DataSingle-value attribute for storing binary data usually encrypted with a passphrase, such as keys, certificates and other related information, in PKCS #12 format. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrUserSMIMECertificateSingle-value attribute containing the binary of the user’s SMIME certificate and usually found in records of type kDSStdRecordTypeUsers. The certificate is data that identifies a user, is attested to by a known third party, and can be independently verified by a third party. SMIME certificates are often used for signed or encrypted e-mail. This attribute is available in Mac OS X v10.4 and later.
DirectoryService/DirServicesConst.hConstants defined for attributes that store DNS information.
#define kDS1AttrDNSDomain "dsAttrTypeStandard:DNSDomain" #define kDS1AttrDNSNameServer "dsAttrTypeStandard:DNSNameServer" #define kDSNAttrDNSName "dsAttrTypeStandard:DNSName"
kDS1AttrDNSDomainSingle-value attribute for storing a DNS Resolver domain. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrDNSNameServerSingle-value attribute for storing a DNS Resolver name server. This attribute is available in Mac OS X v10.4 and later.
kDSNAttrDNSNameMulti-value attribute for storing DNS names.
DirectoryService/DirServicesConst.hConstants for accessing to Kerberos attributes.
#define kDSNAttrKDCAuthKey "dsAttrTypeStandard:KDCAuthKey" #define kDS1AttrKDCConfigData "dsAttrTypeStandard:KDCConfigData" #define kDS1AttrKerberosRealm "dsAttrTypeStandard:KerberosRealm"
kDSNAttrKDCAuthKeyMulti-value attribute for storing KDC master keys. Each key is RSA-encrypted with the realm public key.
Available in Mac OS X v10.3 and later.
kDS1AttrKDCConfigDataSingle-value attribute for storing the contents of the Kerberos Key Distribution Center (KDC) file, kdc.conf.
Available in Mac OS X v10.3 and later.
kDS1AttrKerberosRealmAttribute for storing the Kerberos realm; used with the Open Directory dsGetDirNodeInfo function in support of Kerberos SMB server services.
Available in Mac OS X v10.4 and later.
DirectoryService/DirServicesConst.hConstants for accessing LDAP attributes.
#define kDS1AttrRelativeDNPrefix "dsAttrTypeStandard:RelativeDNPrefix" #define kDSNAttrLDAPReadReplicas "dsAttrTypeStandard:LDAPReadReplicas" #define kDSNAttrLDAPWriteReplicas "dsAttrTypeStandard:LDAPWriteReplicas"
kDS1AttrRelativeDNPrefixSingle-value attribute for storing information needed to map the first native LDAP attribute type. This is required to build the Relative Distinguished Name for creating LDAP records.
Available in Mac OS X v10.3 and later.
kDSNAttrLDAPReadReplicasAttribute for storing LDAP server URLs that can be used to read directory data.
Available in Mac OS X v10.3 and later.
kDSNAttrLDAPWriteReplicasAttribute for storing LDAP server URLs that can be used to write directory data.
Available in Mac OS X v10.3 and later.
DirectoryService/DirServicesConst.hConstants for accessing network address attributes.
#define kDS1AttrENetAddress "dsAttrTypeStandard:ENetAddress’ #define kDSNAttrIPAddress "dsAttrTypeStandard:IPAddress" #define kDSNAttrNBPEntry "dsAttrTypeStandard:NBPEntry"
kDS1AttrENetAddressSingle-value attribute for storing a hardware Ethernet (MAC) address. This attribute is found in records of type kDSStdRecordTypeComputers and kDSStdRecordTypeMachines.
kDSNAttrIPAddressMulti-value attribute for storing IP addresses. This attribute is found in records of type kDSStdRecordTypeComputers and kDSStdRecordTypeMachines.
kDSNAttrNBPEntryMulti-value attribute for storing Name Binding Protocol (NBP) data; retained for backward compatibility only.
DirectoryService/DirServicesConst.hConstants for accessing certain attributes typically found in records of type kDSStdRecordTypeHosts and kDSStdRecordTypeMachines.
#define kDS1AttrContactPerson "dsAttrTypeStandard:ContactPerson" #define kDSNAttrMachineServes "dsAttrTypeStandard:MachineServes"
kDS1AttrContactPersonSingle-value attribute for storing the name of the contact person for the machine. This attribute is available in Mac OS X v10.4 and later.
kDSNAttrMachineServesMulti-value attribute for storing the NetInfo domains that a machine or host serves. This attribute is supported in Mac OS X v10.4 and later.
DirectoryService/DirServicesConst.hConstants for Managed Clients for Mac OS X (MCX) attributes.
#define kDS1AttrMCXFlags "dsAttrTypeStandard:MCXFlags" #define kDS1AttrMCXSettings "dsAttrTypeStandard:MCXSettings" #define kDSNAttrMCXSettings "dsAttrTypeStandard:MCXSettings"
kDS1AttrMCXFlagsSingle-value attribute for storing MCX flags.
kDS1AttrMCXSettingsSingle-value attribute for storing MCX settings.
kDSNAttrMCXSettingsMulti-value attribute for storing MCX settings.
Available in Mac OS X v10.3 and later.
DirectoryService/DirServicesConst.hConstants for accessing miscellaneous attributes.
#define kDS1AttrCopyTimestamp "dsAttrTypeStandard:CopyTimestamp" #define kDS1AttrDataStamp "dsAttrTypeStandard:DataStamp" #define kDS1AttrPresetUserIsAdmin "dsAttrTypeStandard:PresetUserIsAdmin" #define kDS1AttrRARA "dsAttrTypeStandard:RARA" #define kDS1AttrTimePackage "dsAttrTypeStandard:TimePackage" #define kDSNAttrAccessControlEntry "dsAttrTypeStandard:AccessControlEntry" #define kDSNAttrAuthMethod "dsAttrTypeStandard:AuthMethod" #define kDSNAttrComputers "dsAttrTypeStandard:Computers" #define kDSNAttrGroup "dsAttrTypeStandard:Group" #define kDSNAttrHTML "dsAttrTypeStandard:HTML" #define kDSNAttrKeywords "dsAttrTypeStandard:Keywords" #define kDSNAttrMember "dsAttrTypeStandard:Member" #define kDSNAttrMIME "dsAttrTypeStandard:MIME" #define kDSNAttrNetworkView "dsAttrTypeStandard:NetworkView" #define kDSNAttrPGPPublicKey "dsAttrTypeStandard:PGPPublicKey" #define kDSNAttrProtocols "dsAttrTypeStandard:Protocols" #define kDSNAttrSchema "dsAttrTypeStandard:Schema" #define kDSNAttrURL "dsAttrTypeStandard:URL" #define kDSNAttrURLForNSL "dsAttrTypeStandard:URLForNSL" #define kDSStdMachPortName "com.apple.DirectoryService"
kDS1AttrCopyTimestampSingle-value attribute for storing a timestamp used in local account caching.
Available in Mac OS X v10.3 and later.
kDS1AttrDataStampSingle-value attribute for storing checksum meta data.
kDS1AttrPresetUserIsAdminSingle-value attribute whose value indicates whether users created using this preset are administrators by default. This attribute is found in records of type kDSStdRecordTypePresetUsers.
kDS1AttrRARARetained for backward compatibility.
kDS1AttrTimePackageSingle-value attribute for storing creation, modification, and backup dates in UTC.
kDSNAttrAccessControlEntryMulti-value attribute for storing directory access control directives. This attribute is supported in Mac OS X v10.4 and later.
kDSNAttrAuthMethodMulti-value attribute for storing authentication methods for an authentication-capable record.
kDSNAttrComputersMulti-value attribute for storing names of records of type kDSStdRecordTypeComputers that are members of a computer list. Used by records of type kDSStdRecordTypeComputerLists; maps to “computers” in NetInfo.
kDSNAttrGroupMulti-value attribute for storing group records.
kDSNAttrHTMLMulti-value attribute for storing HTML locations.
kDSNAttrKeywordsMulti-value attribute for storing search keywords.
Available in Mac OS X v10.3 and later.
kDSNAttrMemberMulti-value attribute for storing member records.
kDSNAttrMIMEMulti-value attribute for storing fully qualified MIME types.
kDS1AttrNetworkViewSingle-value attribute for storing the name of the managed network view a computer should use for browsing.
kDSNAttrPGPPublicKeyMulti-value attribute for storing Pretty Good Privacy (PGP) public keys.
kDSNAttrProtocolsMulti-value attribute for storing the names of protocols.
kDSNAttrSchemaMulti-value attribute for storing attribute types.
kDSNAttrURLMulti-value attribute for storing URLs.
kDSNAttrURLForNSLMulti-value attribute for storing URLs used by the Network Services Location Manager; not used.
kDSStdMachPortNameRegistered name used with mach_init for DirectoryService daemon.
DirectoryService/DirServicesConst.hNeighborhood attribute constants.
#define kDS1AttrComputerAlias "dsAttrTypeStandard:ComputerAlias" #define kDS1AttrNeighborhoodAlias "dsAttrTypeStandard:NeighborhoodAlias" #define kDS1AttrNeighborhoodType "dsAttrTypeStandard:NeighborhoodType" #define kDS1AttrNodePathXMLPlist "dsAttrTypeStandard:NodePathXMLPlist"
kDS1AttrComputerAliasSingle-value attribute found in records of type kDSStdRecordTypeNeighborhoods; used to describe computer records pointed to by this neighborhood. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrNeighborhoodAliasSingle-value attribute found in records of type kDSStdRecordTypeNeighborhoods; used to describe sub-neighborhood records. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrNeighborhoodTypeSingle-value attribute for storing a description of the function of a record of type kDSStdRecordTypeNeighborhoods. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrNodePathXMLPlistSingle-value attribute found in records of type kDSStdRecordTypeNeighborhoods; used to describe the Open Directory node to search when looking for aliases in this neighborhood. This attribute is available in Mac OS X v10.4 and later.
DirectoryService/DirServicesConst.hConstants defined for storing information about nodes.
#define kDS1AttrAuthCredential "dsAttrTypeStandard:AuthCredential" #define kDS1AttrCapabilities "dsAttrTypeStandard:Capabilities" #define kDS1AttrOriginalNodeName "dsAttrTypeStandard:OriginalNodeName" #define kDS1AttrReadOnlyNode "dsAttrTypeStandard:ReadOnlyNode" #define kDSNAttrMetaNodeLocation "dsAttrTypeStandard:AppleMetaNodeLocation" #define kDSNAttrNodePath "dsAttrTypeStandard:NodePath" #define kDSNAttrPlugInInfo "dsAttrTypeStandard:PlugInInfo" #define kDSNAttrSubNodes "dsAttrTypeStandard:SubNodes"
kDS1AttrAuthCredentialSingle-value attribute for storing an authentication credential used to authenticate to other directory nodes.
kDS1AttrCapabilitiesSingle-value attribute used to store information about the API capabilities of a directory node.
kDS1AttrOriginalNodeNameSingle-value attribute for storing the node name used in local account caching.
Available in Mac OS X v10.3 and later.
kDS1AttrReadOnlyNodeSingle-value attribute for storing the read/write status of a node, which can be one of ReadOnly, ReadWrite, or WriteOnly. Attributes of this type can be found by calling dsGetDirNodeInfo. Note that ReadWrite does not imply fully readable or fully writable.
kDSNAttrMetaNodeLocationMulti-value attribute for storing the registered node name returned by an Open Directory plug-in.
kDSNAttrNodePathMulti-value attribute for storing, in order, plug-in defined sub-strings of an Open Directory node.
kDSNAttrPlugInInfoMulti-value attribute for storing information provided by the plug-in that services a particular directory node. Clients can use this attribute to get information about an Open Directory plug-in, such as its version, signature, “about” information, and credits. As of Mac OX X version 10.4, this attribute is not used.
kDSNAttrSubNodesMulti-value attribute for storing a list of a node’s subnodes. This attribute is supported in Mac OS X v10.4 and later.
DirectoryService/DirServicesConst.hConstants for accessing password policy and password setting method attributes.
#define kDS1AttrPasswordPolicyOptions "dsAttrTypeStandard:PasswordPolicyOptions" #define kDS1AttrPwdAgingPolicy "dsAttrTypeStandard:PwdAgingPolicy" #define kDSNAttrSetPasswdMethod "dsAttrTypeStandard:SetPasswdMethod"
kDS1AttrPasswordPolicyOptionsSingle-value attribute for storing the collection of password policy options; used in records of type kDSStdRecordTypePresetUsers.
Available in Mac OS X v10.3 and later.
kDS1AttrPwdAgingPolicySingle-value attribute for storing password aging policy data for an authentication-capable record. Not implemented and not used.
kDSNAttrSetPasswdMethodMulti-value attribute for storing password-setting methods. Not implemented and not used.
DirectoryService/DirServicesConst.hConstants for accessing Password Server attributes.
#define kDS1AttrPasswordServerList "dsAttrTypeStandard:PasswordServerList" #define kDS1AttrPasswordServerLocation "dsAttrTypeStandard:PasswordServerLocation"
kDS1AttrPasswordServerListSingle-value attribute for storing an Apple Password Server’s replication information.
Available in Mac OS X v10.3 and later.
kDS1AttrPasswordServerLocationSingle-value attribute for storing the IP address or domain name of the Password Server associated with a given directory node. This attribute is found in configuration records named “passwordserver”.
Available in Mac OS X v10.2 and later.
DirectoryService/DirServicesConst.hConstants for accessing print-related attributes.
#define kDS1AttrNote "dsAttrTypeStandard:Note" #define kDS1AttrPrinter1284DeviceID "dsAttrTypeStandard:Printer1284DeviceID" #define kDS1AttrPrinterLPRHost "dsAttrTypeStandard:PrinterLPRHost" #define kDS1AttrPrinterLPRQueue "dsAttrTypeStandard:PrinterLPRQueue" #define kDS1AttrPrinterMakeAndModel "dsAttrTypeStandard:PrinterMakeAndModel" #define kDS1AttrPrinterType "dsAttrTypeStandard:PrinterType" #define kDS1AttrPrinterURI "dsAttrTypeStandard:PrinterURI" #define kDS1AttrPrintServiceInfoText "dsAttrTypeStandard:PrintServiceInfoText" #define kDS1AttrPrintServiceInfoXML "dsAttrTypeStandard:PrintServiceInfoXML" #define kDS1AttrPrintServiceUserData "dsAttrTypeStandard:PrintServiceUserData" #define kDSNAttrPrinterXRISupported "dsAttrTypeStandard:PrinterXRISupported"
kDS1AttrNoteSingle-value attribute for storing a note; commonly used in printer records. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrPrinter1284DeviceIDSingle-value attribute for storing a printer’s IEEE 1284 DeviceID, which is used when configuring a printer. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrPrinterLPRHostSingle-value attribute for storing the name of the host for an LPR printer in records of type kDSStdRecordTypePrinters.
Available in Mac OS X v10.3 and later.
kDS1AttrPrinterLPRQueueSingle-value attribute for storing the name of the queue for an LPR printer in records of type kDSStdRecordTypePrinters.
Available in Mac OS X v10.3 and later.
kDS1AttrPrinterMakeAndModelSingle-value attribute for storing a printer’s make and model; for example, “HP LaserJet 2200”. The value of this attribute is used to determine the PPD file to use when configuring a printer and is based on RFC 3712, Lightweight Directory Access Protocol (LDAP) Schema for Printer Services and RFC 2911, Internet Printing Protocol/1.1 (IPP), and the IETF IPP-LDAP Printer Record. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrPrinterTypeSingle-value attribute for storing the printer type in records of type kDSStdRecordTypePrinters.
Available in Mac OS X v10.3 and later.
kDS1AttrPrinterURISingle-value attribute for storing a printer’s URI; for example, “ipp://address” or “smb://server/queue”. The value of this attribute is used when configuring a printer and is based on RFC 3712, Lightweight Directory Access Protocol (LDAP) Schema for Printer Services and RFC 2911, Internet Printing Protocol/1.1 (IPP), and the IETF IPP-LDAP Printer Record. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrPrintServiceInfoTextSingle-value attribute for storing text print service information.
kDS1AttrPrintServiceInfoXMLSingle-value attribute for storing XML print service information.
kDS1AttrPrintServiceUserDataSingle-value attribute for storing print quota configuration or statistics (XML data). This attribute is found in records of type kDSStdRecordTypeUsers and kDSStdRecordTypePrintServiceUser.
kDSNAttrPrinterXRISupportedMulti-value attribute for storing additional URIs that a printer supports. This attribute is used when configuring a printer and is based on the RFC 3712, Lightweight Directory Access Protocol (LDAP) Schema for Printer Services and RFC 2911, Internet Printing Protocol/1.1 (IPP), and the IETF IPP-LDAP Printer Record. This attribute is available in Mac OS X v10.4 and later.
DirectoryService/DirServicesConst.hConstants for accessing attributes that store information about records.
#define kDS1AttrCreationTimestamp "dsAttrTypeStandard:CreationTimeStamp" #define kDS1AttrDateRecordCreated "dsAttrTypeStandard:DateRecordCreated" #define kDS1AttrModificationTimestamp "dsAttrTypeStandard:ModificationTimestamp" #define kDS1AttrOwner "dsAttrTypeStandard:Owner" #define kDS1AttrRecordImage "dsAttrTypeStandard:RecordImage" #define kDS1AttrTimeToLive "dsAttrTypeStandard:TimeToLive" #define kDS1AttrTotalSize "dsAttrTypeStandard:TotalSize" #define kDSNAttrAllNames "dsAttrTypeStandard:AllNames" #define kDSNAttrRecordName "dsAttrTypeStandard:RecordName" #define kDSNAttrRecordType "dsAttrTypeStandard:RecordType"
kDS1AttrCreationTimestampSingle-value attribute for storing the date and time the record was created. The date and time are stored in x.208 format (YYYYMMDDHHMMSSZ) where “Z” is required to be Greenwich Mean Time (GMT). This attribute is available in Mac OS X v10.4 and later.
kDS1AttrDateRecordCreatedSingle-value attribute for storing the date the record was created.
Available in Mac OS X v10.4 and later.
kDS1AttrModificationTimestampSingle-value attribute for storing the date and time the record was modified. The date and time are stored in x.208 format (YYYYMMDDHHMMSSZ) where “Z” is required to be GMT. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrOwnerSingle-value attribute for storing the owner of a record; typically the value is an LDAP distinguished name. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrRecordImageSingle-value attribute for storing a record image; clients can use this attribute to force a directory service to generate a binary image of the record and all of its attributes. Not used or implemented.
kDS1AttrTimeToLiveSingle-value attribute for storing the recommended amount of time to cache the record’s attribute values. The time is stored as an unsigned 32-bit value representing the number of seconds. For example, 300 is five minutes. This attribute is available in Mac OS X v10.4 and later.
kDS1AttrTotalSizeSingle-value attribute for storing checksum or meta data. Not used or implemented.
kDSNAttrAllNamesMulti-value attribute for all possible names for a record; retained for backward compatibility but has never been supported.
kDSNAttrRecordNameMulti-value attribute for storing a list of names and keys for a record.
kDSNAttrRecordTypeMulti-value attribute for storing record types; a single value is allowed for records and multiple values are allowed for directory nodes.
DirectoryService/DirServicesConst.hConstants for accessing search-related attributes.
#define kDS1AttrCSPSearchPath "dsAttrTypeStandard:CSPSearchPath" #define kDS1AttrLSPSearchPath "dsAttrTypeStandard:LSPSearchPath" #define kDS1AttrNSPSearchPath "dsAttrTypeStandard:NSPSearchPath" #define kDS1AttrSearchPath "dsAttrTypeStandard:SearchPath" #define kDS1AttrSearchPolicy "dsAttrTypeStandard:SearchPolicy" #define kDSNAttrCSPSearchPath "dsAttrTypeStandard:CSPSearchPath" #define kDSNAttrLSPSearchPath "dsAttrTypeStandard:LSPSearchPath" #define kDSNAttrNSPSearchPath "dsAttrTypeStandard:NSPSearchPath" #define kDSNAttrSearchPath "dsAttrTypeStandard:SearchPath"
kDS1AttrCSPSearchPathRetained for backward compatibility only.
kDS1AttrLSPSearchPathRetained for backward compatibility only.
kDS1AttrNSPSearchPathRetained for backward compatibility only.
kDS1AttrSearchPathRetained for backward compatibility only.
kDS1AttrSearchPolicySingle-value attribute for storing the search policy of a search node.
kDSNAttrCSPSearchPathSingle-value attribute for storing a custom search path configured by an administrator.
kDSNAttrLSPSearchPathSingle-value attribute for storing the local-only search path defined by the search node.
kDSNAttrNSPSearchPathSingle-value attribute for storing the automatic search path defined by the search node.
kDSNAttrSearchPathSingle-value attribute for storing the search path used by the search node.
DirectoryService/DirServicesConst.hConstants defined for server attributes.
#define kDS1AttrLocation "dsAttrTypeStandard:Location" #define kDS1AttrPort "dsAttrTypeStandard:Port" #define kDS1AttrServiceType "dsAttrTypeStandard:ServiceType" #define kDS1AttrXMLPlist "dsAttrTypeStandard:XMLPlist"
kDS1AttrLocationSingle-value attribute for storing the location at which a service is available. The location is usually a domain name. This attribute is found in records of type kDSStdRecordTypeAFPServer, kDSStdRecordTypeLDAPServer, and kDSStdRecordTypeWebServer.
kDS1AttrPortSingle-value attribute for storing the port number at which a service is available. This attribute is typically found in records of type kDSStdRecordTypeAFPServer, kDSStdRecordTypeLDAPServer, and kDSStdRecordTypeWebServer.
kDS1AttrServiceTypeSingle-value attribute for storing the service type for a service. For example, a record of type kDSStdRecordTypeWebserver would have a kDS1AttrServiceType attribute whose value is http or https.
kDS1AttrXMLPlistSingle-value attribute for storing AutoServer configuration settings. Also used for storing encrypted Kerberos information in computer records when using the Open Directory delegated administration feature for adding a Kerberized server to the network.
Available in Mac OS X v10.3 and later.
DirectoryService/DirServicesConst.hConstants for accessing Setup Assistant attributes.
#define kDS1AttrSetupAdvertising "dsAttrTypeStandard:SetupAssistantAdvertising" #define kDS1AttrSetupAutoRegister "dsAttrTypeStandard:SetupAssistantAutoRegister" #define kDS1AttrSetupLocation "dsAttrTypeStandard:SetupAssistantLocation" #define kDS1AttrSetupOccupation "dsAttrTypeStandard:Occupation"
kDS1AttrSetupAdvertisingSingle-value attribute used by Setup Assistant to store advertising information.
kDS1AttrSetupAutoRegisterSingle-value attribute used by Setup Assistant to store automatic registration information.
kDS1AttrSetupLocationSingle-value attribute used by Setup Assistant to store a location.
kDS1AttrSetupOccupationSingle-value attribute used by Setup Assistant to store an occupation.
DirectoryService/DirServicesConst.hConstants for accessing SMB attributes.
#define kDS1AttrPrimaryNTDomain "dsAttrTypeStandard:PrimaryNTDomain" #define kDS1AttrNTDomainComputerAccount "dsAttrTypeStandard:NTDomainComputerAccount" #define kDS1AttrSMBAcctFlags "dsAttrTypeStandard:SMBAccountFlags" #define kDS1AttrSMBGroupRID "dsAttrTypeStandard:SMBGroupRID" #define kDS1AttrSMBHome "dsAttrTypeStandard:SMBHome" #define kDS1AttrSMBHomeDrive "dsAttrTypeStandard:SMBHomeDrive" #define kDS1AttrSMBKickoffTime "dsAttrTypeStandard:SMBKickoffTime" #define kDS1AttrSMBLogoffTime "dsAttrTypeStandard:SMBLogoffTime" #define kDS1AttrSMBLogonTime "dsAttrTypeStandard:SMBLogonTime" #define kDS1AttrSMBPrimaryGroupSID "dsAttrTypeStandard:SMBPrimaryGroupSID" #define kDS1AttrSMBProfilePath "dsAttrTypeStandard:SMBProfilePath" #define kDS1AttrSMBPWDLastSet "dsAttrTypeStandard:SMBPWDLastSet" #define kDS1AttrSMBRID "dsAttrTypeStandard:SMBRID" #define kDS1AttrSMBScriptPath "dsAttrTypeStandard:SMBScriptPath" #define kDS1AttrSMBSID "dsAttrTypeStandard:SMBSID" #define kDS1AttrSMBUserWorkstations "dsAttrTypeStandard:SMBUserWorkstations"
kDS1AttrPrimaryNTDomainSingle-value attribute for storing the primary NT domain; used with the Open Directory dsGetDirNodeInfo function in support of Kerberos SMB server services.
Available in Mac OS X v10.4 and later.
kDS1AttrPrimaryNTDomainComputerAccountSingle-value attribute for storing the primary NT domain computer account; used with the Open Directory dsGetDirNodeInfo function in support of Kerberos SMB server services.
Available in Mac OS X v10.4 and later.
kDS1AttrSMBAcctFlagsSingle-value attribute for storing account flags.
Available in Mac OS X v10.3 and later.
kDS1AttrSMBGroupRIDSingle-value attribute used for storing information about PDC SMB interaction with Open Directory.
Available in Mac OS X v10.3 and later.
kDS1AttrSMBHomeSingle-value attribute for storing the Universal Naming Convention (UNC) address of a Windows home directory mount point (\\server\\sharepoint).
Available in Mac OS X v10.3 and later.
kDS1AttrSMBHomeDriveSingle-value attribute for storing the drive letter for the home directory mount point.
Available in Mac OS X v10.3 and later.
kDS1AttrSMBKickoffTimeSingle-value attribute for storing the kickoff time. Authentications before the kick off time will fail.
Available in Mac OS X v10.3 and later.
kDS1AttrSMBLogoffTimeSingle-value attribute for storing the time the user last logged off.
Available in Mac OS X v10.3 and later.
kDS1AttrSMBLogonTimeSingle-value attribute for storing the current log on time.
Available in Mac OS X v10.3 and later.
kDS1AttrSMBPrimaryGroupSIDSingle-value attribute for storing an SMB Primary Group Security ID stored as a string of up to 64 bytes. Found in records of type kDSStdRecordTypeUsers, kDSStdRecordTypeGroups, and kDSStdRecordTypeComputers.
Available in Mac OS X v10.4 and later.
kDS1AttrSMBProfilePathSingle-value attribute for storing desktop management information, such as desktop links and docking information.
Available in Mac OS X v10.3 and later.
kDS1AttrSMBPWDLastSetSingle-value attribute for storing the last time the password was set.
Available in Mac OS X v10.3 and later.
kDS1AttrSMBRIDSingle-value attribute used for storing information about PDC SMB interaction with Open Directory.
Available in Mac OS X v10.3 and later.
kDS1AttrSMBScriptPathSingle-value attribute for storing the login script path.
Available in Mac OS X v10.3 and later.
kDS1AttrSMBSIDSingle-value attribute for storing an SMB Security ID stored as a string of up to 64 bytes. Found in records of type kDSStdRecordTypeUsers, kDSStdRecordTypeGroups, and kDSStdRecordTypeComputers.
Available in Mac OS X v10.4 and later.
kDS1AttrSMBUserWorkstationsSingle-value attribute for storing the list of workstations user can log in from.
Available in Mac OS X v10.3 and later.
DirectoryService/DirServicesConst.hConstants for accessing attributes typically found in records of type kDSStdRecordTypeUsers and kDSStdRecordTypeGroups.
#define kDS1AttrAdminLimits "dsAttrTypeStandard:AdminLimits" #define kDS1AttrAdminStatus "dsAttrTypeStandard:AdminStatus" #define kDS1AttrAlternateDatastoreLocation "dsAttrTypeStandard:AlternateDatastoreLocation" #define kDS1AttrAuthenticationHint "dsAttrTypeStandard:AuthenticationHint" #define kDS1AttrChange "dsAttrTypeStandard:Change" #define kDS1AttrComment "dsAttrTypeStandard:Comment" #define kDS1AttrDistinguishedName "dsAttrTypeStandard:RealName" #define kDS1AttrExpire "dsAttrTypeStandard:Expire" #define kDS1AttrFirstName "dsAttrTypeStandard:FirstName" #define kDS1AttrGeneratedUID "dsAttrTypeStandard:GeneratedUID" #define kDS1AttrHomeDirectorySoftQuota "dsAttrTypeStandard:HomeDirectorySoftQuota" #define kDS1AttrHomeDirectoryQuota "dsAttrTypeStandard:HomeDirectoryQuota" #define kDS1AttrHomeLocOwner "dsAttrTypeStandard:HomeLocOwner" #define kDS1AttrInternetAlias "dsAttrTypeStandard:InetAlias" #define kDS1AttrLastName "dsAttrTypeStandard:LastName" #define kDS1AttrMailAttribute "dsAttrTypeStandard:MailAttribute" #define kDS1AttrMiddleName "dsAttrTypeStandard:MiddleName" #define kDS1AttrNFSHomeDirectory "dsAttrTypeStandard:NFSHomeDirectory" #define kDS1AttrOriginalNFSHomeDirectory "dsAttrTypeStandard:OriginalNFSHomeDirectory" #define kDS1AttrPassword "dsAttrTypeStandard:Password" #define kDS1AttrPasswordPlus "dsAttrTypeStandard:PasswordPlus" #define kDS1AttrPicture "dsAttrTypeStandard:Picture" #define kDS1AttrPrimaryGroupID "dsAttrTypeStandard:PrimaryGroupID" #define kDS1AttrRealuserID "dsAttrTypeStandard:RealUserID" #define kDS1AttrUniqueID "dsAttrTypeStandard:UniqueID" #define kDS1AttrUserShell "dsAttrTypeStandard:UserShell" #define kDSNAttrAddressLine1 "dsAttrTypeStandard:AddressLine1" #define kDS1StandardAttrHomeLocOwner "DS1AttrHomeLocOwner" #define kDSNAttrAddressLine2 "dsAttrTypeStandard:AddressLine2" #define kDSNAttrAddressLine3 "dsAttrTypeStandard:AddressLine3" #define kDSNAttrAreaCode "dsAttrTypeStandard:AreaCode" #define kDSNAttrAuthenticationAuthority "dsAttrTypeStandard:AuthenticationAuthority" #define kDSNAttrBuilding "dsAttrTypeStandard:Building" #define kDSNAttrCity "dsAttrTypeStandard:City" #define kDSNAttrCountry "dsAttrTypeStandard:Country" #define kDSNAttrDepartment "dsAttrTypeStandard:Department" #define kDSNAttrEMailAddress "dsAttrTypeStandard:EMailAddress" #define kDSNAttrFaxNumber "dsAttrTypeStandard:FAXNumber" #define kDSNAttrGroupMembers "dsAttrTypeStandard:GroupMembers #define kDSNAttrGroupMembership "dsAttrTypeStandard:GroupMembership" #define kDSNAttrHomeDirectory "dsAttrTypeStandard:HomeDirectory" #define kDSNAttrIMHandle "dsAttrTypeStandard:IMHandle" #define kDSNAttrJobTitle "dsAttrTypeStandard:JobTitle" #define kDSNAttrMobileNumber "dsAttrTypeStandard:MobileNumber" #define kDSNAttrNamePrefix "dsAttrTypeStandard:NamePrefix" #define kDSNAttrNameSuffix "dsAttrTypeStandard:NameSuffix" #define kDSNAttrNestedGroups "dsAttrTypeStandard:NestedGroups" #define kDSNAttrNetGroups "dsAttrTypeStandard:NetGroups" #define kDSNAttrNickName "dsAttrTypeStandard:NickName" #define kDSNAttrOrganizationName "dsAttrTypeStandard:OrganizationName" #define kDSNAttrOriginalHomeDirectory "dsAttrTypeStandard:OriginalHomeDirectory" #define kDSNAttrPagerNumber "dsAttrTypeStandard:PagerNumber" #define kDSNAttrPhoneNumber "dsAttrTypeStandard:PhoneNumber" #define kDSNAttrPostalAddress "dsAttrTypeStandard:PostalAddress" #define kDSNAttrPostalCode "dsAttrTypeStandard:PostalCode" #define kDSNAttrState "dsAttrTypeStandard:State" #define kDSNAttrStreet "dsAttrTypeStandard:Street"
kDS1AttrAdminLimitsSingle-value attribute for storing an XML plist indicating what the user can edit as an administrator.
kDS1AttrAdminStatusSingle-value attribute for storing an administrator status; retained for backward compatibility.
kDS1AttrAlternateDatastoreLocationSingle-value attribute for storing the UNIX path to the location at which a user’s e-mail is stored.
Available in Mac OS X v10.3 and later.
kDS1AttrAuthenticationHintSingle-value attribute for storing the authentication hint that is displayed when an incorrect password is entered several times at loginwindow.
kDS1AttrChangeSingle-value attribute whose value indicates whether a password needs to be changed. Currently not used and usually set to zero; the Password Server and ShadowHash provide this functionality now.
kDS1AttrCommentSingle-value attribute for storing an unformatted comment.
kDSNAttrDepartmentMulti-value attribute for storing the department name of a user or group.
Available in Mac OS X v10.3 and later.
kDS1AttrDistinguishedNameSingle-value attribute for storing a user’s real name.
kDS1AttrExpireSingle-value attribute used for storing an expiration date or time, depending on the context. Currently not used and usually set to zero; the Password Server and ShadowHash provide this functionality now.
kDS1AttrFirstNameSingle-value attribute for storing a user’s first name.
kDS1AttrGeneratedUIDSingle-value attribute for storing a universal unique identifier (UUID) consisting of 32 characters containing hexadecimal data, plus four dash ( - ) characters, for a total of 36 characters, or 128 bits.
kDS1AttrHomeDirectorySoftQuotaSingle-value attribute for storing the home directory size limit in bytes at which the user is notified that the hard limit has nearly been reached.
Available in Mac OS X v10.3 and later.
kDS1AttrHomeDirectoryQuotaSingle-value attribute for storing the allowed usage in bytes for a user’s home directory.
kDS1AttrHomeLocOwnerSingle-value attribute for storing the owner of a workgroup’s shared home directory.
kDS1AttrInternetAliasSingle-value attribute used to track Internet aliases.
kDS1AttrLastNameSingle-value attribute for storing a user’s last name.
kDS1AttrMailAttributeSingle-value attribute for storing mail account configuration information.
kDS1AttrMiddleNameSingle-value attribute for storing a user’s middle name.
kDS1AttrNFSHomeDirectorySingle-value attribute for storing a user’s home directory path on the local machine.
kDS1AttrOriginalNFSHomeDirectorySingle-value attribute used in local account caching for storing the user’s original NFS home directory path.
Available in Mac OS X v10.3 and later.
kDS1AttrPasswordSingle-value attribute for storing a password or credential value.
kDS1AttrPasswordPlusSingle-value attribute for storing marker data to indicate possible authentication redirection.
kDS1AttrPictureSingle-value attribute for storing the path to the picture of each user displayed in the login window.
kDS1AttrPrimaryGroupIDSingle-value attribute for storing the signed 32-bit unique ID representing the primary group of which the user is a member, stored in string format.
kDS1AttrRealUserIDSingle-value attribute for storing the user’s real user ID; used to support managed desktop features.
Available in Mac OS X v10.3 and later.
kDS1AttrUniqueIDSingle-value attribute for storing a 32-bit unique ID representing the user in the legacy manner and stored in string format.
kDS1AttrUserShellSingle-value attribute for storing the user’s shell setting.
kDSNAttrAddressLine1Multi-value attribute for storing the first line of an address.
kDSNAttrAddressLine2Multi-value attribute for storing the second line of an address.
kDSNAttrAddressLine3Multi-value attribute for storing the third line of an address.
kDSNAttrAreaCodeMulti-value attribute for storing area codes.
kDSNAttrAuthenticationAuthorityMulti-value attribute for storing the mechanism to use when verifying or setting a user’s password. If this attribute has multiple values, the first attribute returned takes precedence. This attribute is typically found in records of type kDSStdRecordTypeUsers and kDSStdRecordTypeComputers.
kDSNAttrBuildingMulti-value attribute for storing the building name of a user or person.
Available in Mac OS X v10.3 and later.
kDSNAttrCityMulti-value attribute for storing the names of cities; usually found in a record of type kDSStdRecordTypeUsers.
kDSNAttrCountryMulti-value attribute for storing the country of a user or person; usually found in records of type kDSStdRecordTypeUsers.
Available in Mac OS X v10.3 and later.
kDSNAttrEMailAddressMulti-value attribute for storing e-mail addresses; usually found in records of type kDSStdRecordTypeUsers.
kDSNAttrFaxNumberMulti-value attribute for storing the fax numbers of a user or person; usually found in records of type kDSStdRecordTypeUsers.
Available in Mac OS X v10.3 and later.
kDSNAttrGroupMembersMulti-value attribute listing member user records by record name. Found in records of type kDSStdRecordTypeGroups.
Available in Mac OS X v10.3 and later.
kDSNAttrGroupMembershipMulti-value attribute for storing the users that belong to a given group record.
kDSNAttrHomeDirectoryMulti-value attribute for storing network home directory URLs.
kDSNAttrIMHandleMulti-value attribute for storing the Instant Messaging handles of a user. Values should be prefixed with the appropriate IM type, such as AIM:, Jabber:, MSN:, Yahoo:, and ICQ:.
Available in Mac OS X v10.3 and later.
kDSNAttrJobTitleMulti-value attribute for storing the job title of a user; usually found in records of type kDSStdRecordTypeUsers.
Available in Mac OS X v10.3 and later.
kDSNAttrMobileNumberMulti-value attribute for storing the mobile numbers of a user or person; usually found in records of type kDSStdRecordTypeUsers.
Available in Mac OS X v10.3 and later.
kDSNAttrNamePrefixMulti-value attribute for storing the name prefix of a user, such as Mr., Ms., Mrs., or Dr.
Available in Mac OS X v10.3 and later.
kDSNAttrNameSuffixMulti-value attribute for storing the name suffix of a user, such as Jr., or Sr.
Available in Mac OS X v10.3 and later.
kDSNAttrNestedGroupsMulti-value attribute for storing GUID values for nested groups; found in records of type kDSStdRecordTypeGroups. This attribute is supported in Mac OS X v10.4 and later.
kDSNAttrNetGroupsMulti-value attribute for storing the net groups in which the record is a member. This attribute is found in records of type kDSStdRecordTypeUsers, kDSStdRecordTypeHosts, and kDSStdRecordTypeNetDomains.
kDSNAttrNickNameMulti-value attribute for storing the nickname of a user or group.
Available in Mac OS X v10.3 and later.
kDSNAttrOrganizationNameMulti-value attribute for storing organization names.
kDSNAttrOriginalHomeDirectoryMulti-value attribute for storing home directory URL used in local account caching.
Available in Mac OS X v10.3 and later.
kDSNAttrPagerNumberMulti-value attribute for storing the pager numbers of a user or person; usually found in records of type kDSStdRecordTypeUsers.
Available in Mac OS X v10.3 and later.
kDSNAttrPhoneNumberMulti-value attribute for storing phone numbers.
kDSNAttrPostalAddressMulti-value attribute for storing postal addresses; usually excludes the postal code.
kDSNAttrPostalCodeMulti-value attribute for storing postal codes such as zip codes.
kDSNAttrStateMulti-value attribute for storing the names of states or provinces.
kDSNAttrStreetMulti-value attribute for storing the street address of a user or person; usually found in records of type kDSStdRecordTypeUsers.
Available in Mac OS X v10.3 and later.
DirectoryService/DirServicesConst.hConstants for accessing virtual file system (VFS) attributes.
#define kDS1AttrVFSDumpFreq "dsAttrTypeStandard:VFSDumpFreq" #define kDS1AttrVFSLinkDir "dsAttrTypeStandard:VFSLinkDir" #define kDS1AttrVFSPassNo "dsAttrTypeStandard:VFSPassNo" #define kDS1AttrVFSType "dsAttrTypeStandard:VFSType" #define kDSNAttrVFSOpts "dsAttrTypeStandard:VFSOpts"
kDS1AttrVFSDumpFreqSingle-value attribute for storing a dump frequency.
kDS1AttrVFSLinkDirSingle-value attribute for storing the beginning of a path in a mounts record; usually is set to /Network/Servers. A record name is appended to the value of this attribute to create the path to mount. Maps to “dir” in NetInfo.
kDS1AttrVFSPassNoSingle-value attribute for storing mount record information; usually set to zero.
kDS1AttrVFSTypeSingle-value attribute for storing a VFS type.
kDSNAttrVFSOptsMulti-value attribute for storing VFS options.
DirectoryService/DirServicesConst.hConstants for getting and setting an attribute’s read/write status.
typedef enum {
keAttrReadOnly = 0x00000001,
keAttrReadWrite = 0x00000002
} eAttributeFlags;
This enumeration is not currently used or supported.
Constants for setting a plug-in’s state.
typedef enum {
kUnknownState = 0x00000000,
kActive = 0x00000001,
kInactive = 0x00000002,
kInitialized = 0x00000004,
kUninitialized = 0x00000008,
kFailedToInit = 0x00000010,
} ePluginState;
kUnknownStatePlug-in has not yet been loaded.
kActivePlug-in is loaded, initialized, and active.
kInactivePlug-in is loaded and initialized but is not active.
kUninitializedPlug-in is loaded but not initialized.
kFailedToInitPlug-in is loaded but inactive because it failed to initialize.
The result codes for Open Directory are listed here. Note that some errors, such as system errors, do not appear in this list.
Last updated: 2009-05-21
Mac OS X Reference Library Networking, Internet, & Web: Services & Discovery Directory Services Reference