*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->HP-UX 11i man pages -> sec_create_db (1m)              
Title
Content
Arch
Section
 

Contents


 sec_create_db(1m)                   OSF                   sec_create_db(1m)




 NAME    [Toc]    [Back]
      sec_create_db - registry database creation utility

 SYNOPSIS    [Toc]    [Back]
      sec_create_db {-master | -slave} -my[name] my_server_name
      [-cr[eator] creator_name]
      [-cu[nix_id] creator_unix_id]
      [-g[roup_low_id] g_unix_id]
      [-k[eyseed] keyseed]
      [-ma[x_unix_id]  max_unix_id]
      [-o[rg_low_unix_id] o_unix_id] [-pa[ssword] default_password]
      [-p[erson_low_unix_id] p_unix_id]
      [-u[uid cell_uuid]
      [-v[erbose]]


 OPTIONS    [Toc]    [Back]
      {-master | -slave}
                Specifies whether the database for the master replica should
                be created (-master) or a database for a slave replica
                should be created (-slave).  All other sec_create_db options
                can be used with the -master option.  Only the -myname, -
                keyseed, and -verbose options can be used with the -slave
                option.

      -my[name] Specifies the name that will be used by the Directory
                Service to locate the machine on which the cell's Security
                Server is running.

      -cr[eator]
                Specifies the principal name of the initial privileged user
                of the registry database (known as the "registry creator").

      -cu[nix_id]
                Specifies the UNIX ID of the initial privileged user of the
                registry database. If you do not enter the UNIX ID, it is
                assigned dynamically.

      -g[roup_low_unix_id]
                Specifies the starting point for UNIX IDs automatically
                generated by the Security Service when groups are added with
                the rgy_edit command.

      k[eyseed] Specifies a character string used to seed the random key
                generator in order to create the master key for the database
                you are creating. It should be string that cannot be easily
                guessed. The master key is used to encrypt all account
                passwords.  Each instance of a replica (master or slave) has
                its own master key.  You can change the master key using the
                sec_admin command.




 Hewlett-Packard Company            - 1 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96






 sec_create_db(1m)        Open Software Foundation         sec_create_db(1m)




      ma[x]     Specifies the highest UNIX ID that can be assigned to a
                principal, group, or organization.

      -o[rg_low_unix_id]
                Specifies the starting point for UNIX IDs automatically
                generated by the Security Service when organizations are
                added with the rgy_edit command.

      -pa[ssword]
                The default password assigned to the accounts created by
                sec_create_db, including the account for the registry
                creator. If you do not specify a default password, -dce- is
                used.  (Note that the hosts/local_host/self none none,
                krbtgt/cell_name none none, and nobody none none accounts
                are not assigned the default password, but instead a
                randomly generated password.)

      -p[erson_low_unix_id]
                Specifies the starting point for UNIX IDs automatically
                generated by the Security Service when principals are added
                with the rgy_edit command.

      -u[uid]   Specifies the cell's UUID.  If you do not enter this UUID,
                it is assigned dynamically.

      -v[erbose]
                Specifies that sec_create_db runs in verbose mode and
                displays all activity.


 DESCRIPTION    [Toc]    [Back]
      The sec_create_db tool creates new master and slave databases in
      dcelocal/var/security/rgy_data on the machine from which sec_create_db
      is run. Normally, these databases are created only once by the system
      configuration tool, dce_config.  However, you can use sec_create_db if
      you need to re-create the master or a slave databse from scratch.  You
      must be root to invoke sec_create_db.

      The sec_create_db -master option creates the master database on the
      machine on which it is run.  This database is initialized with names
      and accounts, some of them reserved. You must use the rgy_edit command
      to populate the database with objects and accounts.

      When the master registry database is created, default ACL entries for
      registry objects are also created.  These entries give the most
      privileged permission set to the principal named in the -cr[eator]
      option. If the principal is not one of the reserved names and
      accounts, sec_create_db adds it as a new principal and adds an account
      for that new principal.   If the -cr option is not used, root is the
      creator.




 Hewlett-Packard Company            - 2 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96






 sec_create_db(1m)        Open Software Foundation         sec_create_db(1m)




      The sec_create_db -slave option creates a slave database on the
      machine on which it is run. This command creates a stub database on
      the local node in dcelocal/var/security/rgy_data and adds the newly
      created replica to the master's replica list.  The master then marks
      the replica to be initialized when a Security Server is started on the
      slave's node.

      The sec_create_db command also creates a registry configuration file,
      named dcelocal/etc/security/pe_site, that contains the network address
      of the machine on which the database is created.  This file supplies
      the binding address of the secd master server if the Naming Service is
      not available.

 FILES    [Toc]    [Back]
      /dcelocal/etc/security/pe_site
                The file containing the network address of the machine on
                which the security database is created.

      /dcelocal/var/security/rgy_data
                The directory in which the registry database files are
                stored.


 RELATED INFORMATION    [Toc]    [Back]
      Commands: secd(1m), sec_admin(1m)


 Hewlett-Packard Company            - 3 -OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96
[ Back ]
 Similar pages
Name OS Title
rgy_edit HP-UX Edits the registry database
passwd_override HP-UX The registry database override file
sec_salvage_db HP-UX Recover a corrupted registry database Note: The sec_salvage_db -check and -fix options are not currently avail
passwd_import HP-UX Creates registry database entries based on information in UNIX group and password files
bttape Tru64 Bootable Tape Creation utility
xrdb Tru64 X server resource database utility
xrdb IRIX X server resource database utility
xrdb HP-UX X server resource database utility
devswmgr Tru64 utility to manage the device switch database
xfsinvutil IRIX xfsdump inventory database checking and pruning utility
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service