OSF DCE Administration Guide--Introduction

OSF DCE Administration Guide—Introduction

A.2 The Security Space

Figures A-4 through A-6 illustrate the Security namespace within the DCE cell

namespace. The subsections that follow provide a description of each entry. The

subdirectories that comprise the Security namespace are principal, group, org, policy,

replist, and xattrschema.

To operate on the ACLs on any of these namespace entries, you need to include the name

of the Security junction. For example, when you use the DCE control program’s (dcecp)

acl * commands, the group name acct-admin is referenced as /.:/sec/group/acct-admin,

its database object name.

However, when you use the dcecp program’s principal *, group *,ororganization *

commands operate on a principal, group, or organization name without /.:/sec and

principal, group,ororganization included as part of the name. For example, to view

the attributes of the group acct-admin, you issue the group show command specifying

the group name acct-admin without this path.

Figure A-4. The Top-Level Security Directory

xattrschemareplist

/.:

sec

group org

none

principalpolicy

A−14 Tandem Computers Incorporated 124244