OSF DCE Administration Guide--Core Components
Creating and Using Extended Registry Attributes
authentication_service Specifies the authentication service. The exact level of
protection provided by the authentication service is
specified by the protection level. The supported
authentication services are as follows:
• default—DCE shared-secret key.
• none—No authentication: no tickets are exchanged, no
session keys established, client EPACs or names are
not transmitted, and transmissions are in the clear.
Specify none to turn authentication off for remote
procedure calls made using this binding.
• secret—DCE shared-secret key authentication.
authorization_service Specifies the authorization service. The validity and
trustworthiness of authorization data, like any application
data, is dependent on the authentication service and
protection level specified. The supported authorization
services are as follows:
• none—Server performs no authorization. This is valid
only if the authorization service is set to none,
specifying that no authentication is being performed.
• name—Server performs authorization based on the
client principal name. This value cannot be used if the
authorization service is none.
• dce—Server performs authorization by using the
client’s DCE EPAC sent to the server with each remote
procedure call made with this binding. Generally,
access is checked against DCE ACLs.
32.3.2.2 Specifying the Binding Information
The binding_info parameter specifies the binding, which can be a string binding, a server
entry name, or a list containing one or more string bindings or server entry names. The
following example shows a server entry name binding:
./.:/hosts/host_name/dce_entity_name
The following example shows a string binding in standard syntax:
ncadg_udp_ip:130.105.96.3[1234]
The following example shows a string binding in TCL syntax:
ncarn_ip_tcp 10-29.58.00 2001
124243 Tandem Computers Incorporated 32− 11