OSF DCE Application Development Guide--Core Components
Overview of Security
The security daemon (a replicated server)
• sec_create_db
Creates the security databases
• sec_admin
Administers instances of the security daemon
• sec_salvage_db
Converts the security database from one version of DCE to another
Salvages a corrupted security database
• The security validation service of dced
Enables clients of the security server to communicate with it
All other interfaces to the security server are more precisely characterized as interfaces
to its three services: registry, authentication, and privilege.
22.7.1.1 Registry Service Interfaces
User interfaces to the registry service are described in the
and the OSF DCE Administration Reference. Following is a summary of them:
• rgy_edit
Edits registry database entries
• passwd_import
Creates registry database entries from UNIX system /etc/passwd and /etc/group files
• passwd_export
Creates local registry information that corresponds to network registry database
entries
• chpass
Changes a user’s password in a registry database entry
22.7.1.2 Authentication Service Interfaces
Following is a summary of the user interfaces to the authentication service when the
default authentication protocol is in effect (the default protocol is DCE shared-secret,
which is based on the Kerberos Version 5 network authentication system).
• kinit
124245 Tandem Computers Incorporated 22−7