Manualshelf

OSF DCE Administration Guide--Core Components

ManualsBrandsHP ManualsServerHP NonStop G-Series
401402403404405406407408409410
OSF DCE Administration Guide—Core Components
__________________________________________________________________
Option Meaning
__________________________________________________________________
The date (in ISO timestamp format YY-MM-DD-
hh:mm:ss) on which the account expires. To
renew a account after it expires, change the date.
The default is none, meaning the account never
expires.
-expdate
__________________________________________________________________
A flag determining whether a new ticket-granting
ticket with a network address that differs from the
present TGT’s network address can be issued to
the account’s principal. (The -proxiabletkt
attribute performs the same function for service
tickets.) The default is yes.
-forwardabletkt {yes|no}
__________________________________________________________________
The date and time (in ISO timestamp format YY-
MM-DD-hh:mm:ss) that the account was last
known to be in an uncompromised state. Any
tickets granted before this date are invalid.
Control over this date is especially useful if you
know that an account’s password was
compromised. Changing the password can
prevent the unauthorized principal from
accessing the system again by using that
password, but does not prevent the principal from
accessing the system components for which
tickets were obtained fraudulently before the
password was changed. To eliminate the
principal’s access to the system, the tickets must
be canceled. Set the -goodsince attribute to the
date and time the compromised password was
changed to invalidate all tickets issued before
that time and eliminate the unauthorized
principal’s system access. When the account is
created, the -goodsince attribute is set to the
current date.
-goodsince date
__________________________________________________________________
The name of the group that is associated with the
account. This attribute must be supplied to create
an account; there is no default.
-group group_name
__________________________________________________________________
The directory in which the principal is placed at
login. No default.
-home dir_name
__________________________________________________________________
The name of the organization that is associated
with the account. This attribute must be supplied
to create an account; there is no default.
-organization org_name
__________________________________________________________________
__________________________________________________________________
The required password for the account in
plaintext. The system encrypts the password you
supply. No default.
-password password
__________________________________________________________________
31 8 Tandem Computers Incorporated 124243