Browse Prior Art Database

A User Subtree for Cell Directory Services (CDS)

IP.com Disclosure Number: IPCOM000123097D
Original Publication Date: 1998-May-01
Included in the Prior Art Database: 2005-Apr-04
Document File: 1 page(s) / 47K

Publishing Venue

IBM

Related People

Stokes, EJ: AUTHOR

Abstract

The method describes how to provide users their own subtree in the DCE associated with their DCE security registry principal entry without any code changes required by a DCE supplier.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 59% of the total text.

A User Subtree for Cell Directory Services (CDS)

   The method describes how to provide users their own subtree
in the DCE associated with their DCE security registry principal
entry without any code changes required by a DCE supplier.

   Currently, users and their attributes are defined in
the DCE security registry.  However, users can develop RPC
applications in the DCE, and in doing so need a place to have their
applications write the RPC binding information in the CDS during the
development of these applications (and even afterward if these
applications are not deployed by the administrator, but the writer
wants to continue to make them accessible).  The DCE does not permit
this easily - it really forces the application developer to deploy
his own cell.

   The solution is to create a user tree in the CDS.  But,
just the creation of this subtree alone is not sufficient for a
coherent solution.  At installation time, a CDS subtree for users is
created,that is, the entry in the CDS /.../<cellname>/users.  When
the administrator creates a user in the DCE security registry, i.e. a
principal, that same principal name is used to create another entry
in the CDS 'users' subtree, that is,
/.../<cellname>/users/<principal_name>.  This is an important step in
that it implicitly ties the <principal_name> defined in the DCE CDS
to the <principal_name> defined in the DCE security registry with
correct access control.  The access control for that <principal_name>
directory...