getuserpasswd
Description
The getuserpasswd() function prompts the user for the password that belongs to the specified user on the policy server. The password is not echoed to the screen as it is typed.
Not supported in Endpoint Privilege Management for Linux (EPM-L).
The user’s failure to provide the correct password does not automatically result in a rejection of the secured task request. The policy should examine the result of the getuserpasswd() function and respond accordingly.
Syntax
result = getuserpasswd(user[, prompt[, attempts[, name, time]]]);
Arguments
user | Required. The user whose password must be entered. |
prompt | Optional. The prompt to display to the user. |
attempts | Optional. The number of attempts that the user has to enter the correct password. The default value for attempts is 3. |
name |
Optional. The name of a file or persistent variable whose age/expiration determines the re-authentication grace period. If the value starts with a dollar sign ($), it is treated as a persistent variable, otherwise it is treated as a filename. If name is specified, the time parameter (below) is required. |
time |
Required if name argument (above) is specified). The time/expiry date (number of seconds) after which a prompt is forced. getuserpasswd() returns true without prompting the user for a password if one of the following is true:
|
Return Values
true | Password matched. |
false | Password did not match. |
result = getuserpasswd(runuser, "Please enter " + runuser _ "'s Password:");
In this example, result contains true if the user enters the password for the runuser. If the correct password is not entered in three attempts, then the function sets result to false.
getuserpasswd(user, "Passwd for "+user+": ", 3, "/opt/pbul/gp001", 300);
In this example, the file /opt/pbul/gp001 is created at initial successful user authentication and for 5 minutes (300 seconds) thereafter, the user is not prompted for a password as long as the file is not modified.
For more information, see the following: