Manualshelf

OSF DCE Administration Guide--Core Components

ManualsBrandsHP ManualsServerHP NonStop G-Series
481482483484485486487488489490
OSF DCE Administration Guide—Core Components
It is especially important that the machine where the master replica runs be available
throughout the network.
The machine size that is required to run secd depends on the platform and operating
system. As a very general rule, choose machines large enough to accommodate future
growth of the registry database. The machines must have enough disk space for the
registry database and enough backing store so that processes do not thrash.
When you run the dce_config script, it will configure the master replica site to run the
DCE host daemon (dced), which provides the endpoint mapper service for the local host,
and any required CDS servers.
38.2 Creating the Master Registry Database
When you initially configure your cell’s security server, the dce_config script invokes
the dcelocal/bin/sec_create_db command to create the master replica. When
sec_create_db creates a new master replica, it initializes its database with names and
accounts. Note that you must be root to run sec_create_db.
The sec_create_db command also creates a registry configuration file, which is named
dcelocal/etc/security/pe_site, that contains the cell name and network address of the
master replica. This file supplies the binding address of the secd server to clients running
on that machine, if the CDS is unavailable.
In the event that you ever need to create a new master registry database, you can invoke
sec_create_db directly. Note that you must be root to run sec_create_db. Note also that
it is highly unusual to recreate a master database, but you may need to recreate a slave
database if the slave is destroyed. The following subsections describe how to use the
sec_create_db command.
38.2.1 The sec_create_db Command Format
The sec_create_db command has the following format:
sec_create_db {-master | -slave} -my[name] my_server_name \
[-k [eyseed] keyseed][-cr [eator] creator_name]\
[-cu [nix_id] creator_unix_id][-u [uid ] cell_uuid]\
[-p [erson_low_unix_id] unix_id][-g [roup_low_unix-id] unix_id]\
[-o [ rg_low_unix-id] unix_id][-ma [ x_unix_id] unix_id]\
[-pa[ssword] default_password][-v [ erbose]
where:
-master Specifies that the master replica’s database should be created. All other
sec_create_db options can be used with the -master option.
38 2 Tandem Computers Incorporated 124243