OSF DCE Administration Guide--Core Components

Managing the DCE DST

The DTS principal that represents the server on a given system is the primary access

control object for DTS. This principal has controlled access by human users and clerk or

server processes. The default name that you can use for the DTS object in any dcecp

command is /.:hosts/hostname/dts-entity.

The ACL for the DTS server can contain any type of ACL entry that is valid for a

principal (human or process) or authorization group to which this principal belongs. See

Chapter 28 of this guide for a discussion of the DCE ACLs facility and descriptions of

ACL types and their entries.

To display the ACL entries in the DTS server principal’s ACL, you can use the dcecp

acl show command. For example:

dcecp> acl show /.:/hosts/Detroit2/dts-entity

{unauthenticated r--}

{user hosts/Detroit2/self rwc}

{group subsys/dce/dts-admin rwc}

{any_other r--}

To modify any of the entries in the DTS server principal’s ACL, you can use the acl

modify command. Instructions for using this command appear in Chapter 28.

124243 Tandem Computers Incorporated 25− 23