OSF DCE Administration Guide--Core Components
Chapter 30. Creating and Maintaining Principals,
Groups, and Organizations
This chapter explains how to use dcecp to create and maintain principals, groups, and
organizations. It begins with a discussion of the names that are assigned to principals,
groups, and organizations and of the Universal Unique Identifiers (UUIDs) used
internally by the DCE Security Service to identify registry objects.
30.1 Principal, Group, and Organization Names
You must assign a name to each principal, group, and organization in the registry.
Although a principal, a group, and an organization can have the same name, no two
principals, groups, or organizations can have the same name. For example, two
principals cannot be named smith, but a principal can be named smith, a group can be
named smith, and an organization can be named smith.
You can assign up to three types of names: primary, full, and aliases.
30.1.1 Primary Names
Primary names are assigned to principals, groups, and organizations. A registry object’s
primary name is the name that is used by most system utilities when a human-readable
string is needed. When you add a principal, group, or organization to the registry
database, you must supply a primary name. The primary name is a key field that you can
use as input to the principal show command to query the registry database.
124243 Tandem Computers Incorporated 30−1