Authentication Structures

Parent Previous Next

Authentication Structures

Authentication structures are used to indicate what methods of authentication are used during logins.

TUAF_Authentication = packed record

                         Typ : longint ;

                         Expiration : int64 ;

                         Access_Type : longint ;

                         Auth : TString_Ptr ;

                         Flags : longint ;

                         Description : TString_Ptr ;

                         Lifetime : int64 ;

                         Last_Change : int64 ;

                     end ;




Authentication method:
UAM_Password = Password

UAM_Auth = External authentication


If 0, the password doesn't expire. Otherwise, this is the timestamp of when the password expires.


Access type that this method applies to:
UAT_Batch = Batch logins.

UAT_Interactive =  logins via physical connections (such as the monitor/keyboard on a PC) or via network (such as telnet).

UAT_Network = Implicit logins that are used to authenticate the user when trying to access system resources via network connection.

UAT_Remote = Logins through another UOS system serving as a gateway.


If this is a password authentication method, this is the password value. Note: this is a hashed value rather than the actual password text. If this is an external authentication method, then this is the name of the CUSP that is called to do the authentication.  If Description is non-null, the user is prompted for a response before the CUSP is called. If Description is null, prompting is left up to the CUSP.


Flags.  A combination of the following:
UAMF_Generate = Automatically generate passwords


If null, a default value is displayed to the user for authentication. For instance, for a password authentication method, the user would be prompted by the word "Password". Otherwise, this is the text that the user is prompted with.


This is ignored for non-password records. If 0, the password doesn't autoexpire. Otherwise, this is the length of time (in ns) until a new password expires. When a password is changed, the Expiration date is set to the current date/time plus this value.


Ignored except for password authentication records. Otherwise, this is the timestamp of the last password change.