Manualshelf

OSF DCE Administration Guide--Core Components

ManualsBrandsHP ManualsServerHP NonStop G-Series
919293949596979899100
Chapter 4. DCE Administration Task Objects
This part of the discusses the purpose and use of DCE administration task objects
provided with DCE Version 1.1. Generally, these special dcecp objects perform routine
high-level administration tasks by combining several lower-level operations.
Often, a single task object uses or affects multiple DCE services. For example, one of
the task objects, the host object, can configure a host computer into a DCE cell. This
task adds specific kinds of information to the DCE Security Service, the Cell Directory
Service, and the DCE host daemon services. Because a single invocation of the host
object can perform multiple steps, it shields DCE administrators from some of the
lower-level administration details that would otherwise have to be attended to by using
several lower-level dcecp administration objects.
While we discuss the task objects at a high level, you’ll need to keep in mind that there is
often more going on that we’re only hinting at. In these cases, we’ll point out where to
go in this guide for more detailed information. Usually you’ll be directed to the
corresponding lower-level discussion in the relevant component’s part of this guide.
4.1 Using Task Objects to Simplify DCE Administration
Individual DCE control program objects operate on very specific pieces of information in
DCE. For example, the group object operates solely on security groups in the DCE
Security Service registry database. The group object enables administrators to create
and delete security groups, add and remove members from security groups, rename the
groups, and so on. Such precise control is necessary because it allows you to custom
tailor DCE to meet very specific needs or circumstances.
While such control might be necessary when configuring a new cell or fixing some
access control problem, it can overwhelm routine DCE administration tasks. As an
example, let’s look at the minimum steps needed to add a new user to a DCE cell:
1. Use the principal object to create a principal name for the user.
2. Use the group object to add the principal to a security group.
3. Use the organization object to add the principal to a security organization.
124243 Tandem Computers Incorporated 41