OSF DCE Administration Guide--Core Components
OSF DCE Administration Guide—Core Components
dcecp> principal create {bach britten mahler satie} -quota 5
30.5.2 Changing Principals
You can change a principal’s primary name and other information related to the
principal. Additionally, you can change a primary name to an alias and an alias to a
primary name. If you change a primary name to an alias and do not make an alias the
primary name, operations that return names choose one of the aliases at random.
30.5.2.1 Changing Primary Names
Use the dcecp principal rename command to change a primary name. Enter the
command in the following form:
principal rename old_name -to new_name
where:
old_name Is the primary name of the principal to be changed.
new_name Is the new primary name of the principal.
The following example shows the principal rename command used to change a full
name from mahlar to mahler:
dcecp> principal rename mahlar -to mahler
Note that, if you change a primary name, that change is reflected in the membership lists
of all the groups and organizations in which the principal is a member.
In the unusual case where you are changing a host’s principal name while the host is
logged into a DCE cell, the existing host credentials will become invalid unless you
perform extra steps to update the host credentials with the new principal name.
Host credentials are managed by the secval process, which performs security client
functions on a DCE host. Normally, just after the host starts, the secval process logs the
host into the DCE cell, getting the host credentials and storing them on the host.
Deactivate and reactivate the secval process to update these credentials after changing
the principal name. The following illustrates these operations on remote host
persephone:
dcecp> secval deactivate /.:/hosts/persephone/config/secval
dcecp> secval activate /.:/hosts/persephone/config/secval
30 − 6 Tandem Computers Incorporated 124243