Manualshelf

OSF DCE Administration Guide--Core Components

ManualsBrandsHP ManualsServerHP NonStop G-Series
371372373374375376377378379380
OSF DCE Administration Guide—Core Components
The following subsections describe the DCE Security Service objects that the DCE
control program operates on and the types of operations that the control program can
perform on these objects.
29.1.1 Security Service Objects
The DCE control program has functions that operate on the following security service
components:
principal This object represents registry principals. These principals can
be human users of the network, servers on the network,
machines on the network, or cells with which the local cell will
engage in cross-cell authentication.
group This object represents registry groups. Groups are collections of
principals for which you can assign access rights to objects.
organization This object represents registry organizations. Organizations are
collections of principals to whom you can assign policies that
expand your areas of administrative control.
account This object represents the accounts that are established in the
registry for principals.
registry This object represents the registry, or the DCE Security
Service’s database of account information, in a DCE cell. The
registry copy operated on can be either the master replica or a
slave replica.
xattrschema This object operates on the schemas, or the definitions, for
extended registry attributes (ERAs) that you specify for DCE
Security Service components and data maintained by the host
daemon (dced) on the local host.
acl This object represents the ACLs for all of the DCE entities that
can be protected by the ACL facility of the DCE Security
Service.
keytab This object represents the files that store the keys, or passwords,
for authenticated server principals in the DCE Security Service.
29.1.2 DCE Control Program Operations for the DCE Security Service
Table 29-1 lists the operations that dcecp performs on DCE Security Service objects.
Specific instructions for using DCE control program commands to create and maintain
principals, groups, organizations, and accounts are given in Chapters 30 and 31 of this
guide.
29 2 Tandem Computers Incorporated 124243