HP DCE/9000 Version 1.7 for HP-UX 11.
Notice The information contained in this document is subject to change without notice. HEWLETT-PACKARD MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance or use of this material.
About This Document This document is the release note for HP DCE/9000 Version 1.7 (HP DCE 1.7) core services for HP-UX 11.0. For detailed information about HP DCE 1.7, see Planning and Configuring HP DCE 1.7 (B3190-90073). For information about the documentation for HP DCE 1.7, see Chapter 5 of this document. HP DCE 1.7 for HP-UX 11.
iv HP DCE 1.7 for HP-UX 11.
Contents 1. What’s In This Version HP DCE/9000 Version 1.7 Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 HP DCE/9000 Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 HP Value-Added Features New at HP DCE 1.7 . . . . . . . . . . . . . . . . .9 HP Value-Added Features New at HP DCE 1.6 . . . . . . . . . . . . . . . . .9 HP Value-Added Features For HP DCE 1.5. . . . . . . . . . . . . . . . . . . .10 OSF DCE 1.2.1 Features. . . . . . . . . . . . . . .
Contents 3. Compatibility Information and Installation Requirements HP DCE/9000 Version 1.7 Installation Requirements . . . . . . . . . . . . . . Overview of HP DCE Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . Hardware and Software Requirements . . . . . . . . . . . . . . . . . . . . . . . . Codeword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Other Installation Notes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1 What’s In This Version HP DCE/9000 Version 1.7 provides the features of OSF DCE 1.2.1, along with HP value-added features and bug fixes. HP DCE 1.7 for HP-UX 11.
What’s In This Version HP DCE/9000 Version 1.7 Overview HP DCE/9000 Version 1.7 Overview HP DCE/9000 Version 1.7 (HP DCE 1.7) makes the functionality of OSF DCE 1.2.1 available on HP/9000 Series 700/800 systems running HP-UX 11.0. HP DCE 1.7 also includes HP value-added tools. HP DCE 1.7 provides the functionality of HP DCE 1.4.1, 1.5, and 1.6 along with new features and bug fixes. As of HP-UX 10.
What’s In This Version HP DCE/9000 Version 1.7 Overview HP Value-Added Features New at HP DCE 1.7 The following features are new at HP DCE 1.7: • NSS-DCE: a DCE module for the Name Service Switch. • DCE support for Kerberos V5 applications through creation of configuration and keytab files. • All integrated login utilities, including ftpd, now use PAM. There are no longer any separate .auth binaries. NOTE Although HP DCE/9000 Version 1.7 can be installed on both the HP-UX 11.
What’s In This Version HP DCE/9000 Version 1.7 Overview ✓ Forced password change on login. Administrators can set pwdvalid no in a user’s account to force change of password on login. ✓ As of HP DCE 1.6, passwd -R becomes passwd -r. ✓ The addition of -e, -g and -h flags to passwd -r dce. passwd -r dce -e username changes the username shell in the DCE registry only. passwd -r dce -g username changes the username gecos (finger) information in the DCE registry only.
What’s In This Version HP DCE/9000 Version 1.7 Overview OSF DCE 1.2.1 Features HP DCE 1.7 includes the following OSF DCE 1.2.1 features. For information about these features, see the OSF DCE 1.2.1 documentation, which is provided with HP DCE 1.7. • Single administrative DCE control program — dcecp. • DCE daemon (combines rpcd and sec_clientd) — dced. • Cell aliasing. • Hierarchical cell naming without transitive trust. • Serviceability improvements.
What’s In This Version HP DCE/9000 Version 1.7 Overview • Internationalization interfaces — message catalogs for all user-visible messages. • Character code set interoperability — allow development of RPC applications that automatically convert character data from one code set to another. • IDL compiler performance enhancements — smaller stub size and a number of new IDL constructs. • RPC performance enhancements — allows additional client sockets during peak usage and optimizes RPC run-time packets.
What’s In This Version Other Information Other Information This section contains consequences, recommendations, and other items not included in the other sections of this chapter. DCE Features Not Supported by OSF DCE 1.2.1 Cell renaming is documented but not supported by OSF DCE 1.2.1 (or by HP DCE 1.7). Transitive trust between hierarchical cells is documented but not supported by OSF DCE 1.2.1 (or by HP DCE 1.7). DCE Features Not Supported By HP DCE 1.6 and 1.7 HP DCE 1.6 and 1.
What’s In This Version Other Information • acl_edit The following daemons no longer exist: • sec_clientd • rpcd • cdsclerk dced replaces sec_clientd and rpcd. As of HP DCE 1.4.x, a symbolic link permits you to run dced as rpcd.The functionality of cdsclerk is part of cdsadv in HP DCE 1.4.x. You need to modify any scripts or programs that reference these non-existent daemons. Transition of ACL Managers in HP DCE 1.6 OSF DCE 1.2.1 provides ACL management facilities within libdce.
What’s In This Version Other Information recommended that application developers plan now for this transition. HP plans to preserve binary compatibility. However, developers can prepare for this change as follows: 1. Isolate new threads API usage to macros or wrapper APIs. 2. Minimize the use of signals, and use only POSIX semantics when programming with signals. For example, we recommed that thjreaded applications use only the functions sigaction(), sigprocmask(), and sigwait(). HP DCE 1.7 U.S.
What’s In This Version Other Information Software Included in the U.S./Canada Version The U.S./Canada version of HP DCE 1.7 includes the following software: • /usr/lib/libdce.1 • /usr/lib/libdce.2 • /opt/dce/lib/libdce.a • /opt/dce/sbin/dced Installing the U.S./Canada Software There are special considerations that apply to installing and de-installing the U.S./Canada Software. For information, see HP DCE/9000 Version 1.7 U.S./Canada Software for HP-UX 11.
2 Known Problems and Work Arounds This chapter describes the known problems, workarounds, and changes in HP DCE/9000 Version 1.7 on HP-UX 11.0. HP DCE 1.7 for HP-UX 11.
Known Problems and Work Arounds Known Problems for HP DCE/9000 Version 1.7 Known Problems for HP DCE/9000 Version 1.7 This chapter contains a list of the known problems for HP DCE 1.7. Where possible, we indicate a work around for the problem. Planning and Configuring HP DCE 1.7 (B3190-90073) also contains additional information about many of these problems. There are several known problems with integrated login that are documented only in Planning and Configuring HP DCE 1.7.
Known Problems and Work Arounds Known Problems for HP DCE/9000 Version 1.7 HP DCE 1.7 Limitations and Known Problems The limitations of HP DCE 1.7 are as follows: • The following messages may be seen during swinstall on systems with Integrated Login installed. This error has no detrimental effect, and hence can be ignored. * Beginning the Batch Swmodify Phase WARNING: Cannot delete the definition for "/usr/vue/bin/ vuge.auth.new"from the fileset "IntegratedLogin.AUTH-COM MON".
Known Problems and Work Arounds Known Problems for HP DCE/9000 Version 1.7 • If you use standard UNIX remote login utilities (remsh, rlogin, telnet) to perform remote DCE cell administration, these utilities may expose the cell administrator’s password to network attackers. The most secure way to perform cell administration is to log in locally on each system that requires administration. • A user’s DCE credentials are not automatically removed by exiting a shell or logging out.
Known Problems and Work Arounds Known Problems for HP DCE/9000 Version 1.7 • There is a known bug in the k5dcelogin command when called by rlogin -f to log in to the local node. If you already have Kerberos credentials on the local node when using rlogin -f to log in to it, then when you exit or logout, your local Kerberos credentials will be deleted. This is a known bug in k5dcelogin, where the local credentials are deleted on completion of the process.
Known Problems and Work Arounds Known Problems for HP DCE/9000 Version 1.7 For example, to enable peer-to-peer trust between two cells and permit intercell logins in both directions between them: dcecp>registry connect /...
Known Problems and Work Arounds Known Problems for HP DCE/9000 Version 1.7 • xntpd and dtsd cannot run on the same host because they both affect the system clock. If xntpd is running, do not start dtsd manually or via the DCE configuration tools (DCM, dce_config) without first stopping the xntpd daemon. • VxFS volumes can not be exported to DFS. • Use the following command to display the dts update man page: man dts_update • Users of the Export version of HP DCE 1.7 should start dced with the -c option.
Known Problems and Work Arounds Known Problems for HP DCE/9000 Version 1.7 • Series 817 and 827 systems do not perform well under moderate DCE activity. It is therefore recommended that HP DCE 1.7 should not be installed on these systems. • Both libdce and libcma were versioned at HP-UX 11.0. libdce.1 and libcma.1 are the HP-UX 10.20 patch PHSS-10565 (domestic version PHSS-10566) Version 1.5 libraries. libdce.2 and libcma.2 support HP-UX 11.0/HP DCE/9000 Version 1.7.
Known Problems and Work Arounds Known Problems for HP DCE/9000 Version 1.7 A defect repair for large file size support in libcma.1 makes reference to the symbol "getrlimit64". This symbol was not referenced in the original 10.20 version of libcma.1 used by Oracle for the 7.3.3 build. If you attempt to install and run the 10.20 build of Oracle 7.3.3 on HP-UX 11.0, it will likely fail at runtime with the error: dld: could not resolve getrlimit64 from /usr/lib/libcma.
Known Problems and Work Arounds Differences in Functionality Differences in Functionality This section briefly describes differences in functionality from previous releases of HP DCE and OSF DCE and other considerations. These changes were made at HP DCE 1.4.x. For detailed information about these changes, see Planning and Configuring HP DCE 1.7. • As of HP DCE 1.4, the audit daemon does not start by default. You must set the proper environment variable, export it, and start the audit daemon.
Known Problems and Work Arounds Differences in Functionality the aliases, and fill in those fields in the local dce_cf.db file. The data is obtained from the remote node via dcecp hostdata commands using string bindings. NOTE This feature only works if the Security Server is running HP DCE 1.4.1 or later versions. If the security server is an HP DCE 1.2 or 1.2.1 machine, users must still provide a cell name. • Servers under high stress require non-standard memory and swap.
Known Problems and Work Arounds Differences in Functionality bootstrap and it supports only EP and LLB services. Thus, you can run DCE RPC-only and NCS-only applications on hosts that have not been configured into a cell. • The command klist -e no longer returns all expired tickets. • dce_login supports the -r option, which refreshes a user’s credentials. It is more secure than using kinit because it uses DCE third-party preauthentication.
Known Problems and Work Arounds Differences in Functionality ✓ /.:/hosts/foo/config/hostdata/post_processors Grants purge and read permissions to the machine principal and to the member of the subsys/dce/dced-admin group. Grants read access to all other users. This prevents altering post-processors that are executed as a privileged user. ✓ /.:/hosts/foo/config/hostdata/passwd_override, and /.:/hosts/foo/config/hostdata/group_override Grants no right to all users.
Known Problems and Work Arounds Differences in Functionality 30 HP DCE 1.7 for HP-UX 11.
3 Compatibility Information and Installation Requirements This chapter describes compatibility and installation requirements for HP DCE/9000 Version 1.7 on HP-UX 11.0. HP DCE 1.7 for HP-UX 11.
Compatibility Information and Installation Requirements HP DCE/9000 Version 1.7 Installation Requirements HP DCE/9000 Version 1.7 Installation Requirements This section provides a brief overview of HP DCE 1.7 installation for HPUX 11.0, followed by installation requirements. Installation of HP DCE 1.7 is described in Planning and Configuring HP DCE 1.7 (B3190-90073); installation of HP-UX 11.0 is described in Installing HP-UX 11.0 and Updating HP-UX 10.x to 11.0 (B2355-90153).
Compatibility Information and Installation Requirements HP DCE/9000 Version 1.7 Installation Requirements • The operating system required for HP DCE 1.7: HP-UX 11.0. • The memory space required to run HP DCE 1.7 is a minimum 32 Mb of memory for client-only systems; 64 Mb for server systems. • Disk space required to install HP DCE 1.7 is at least 92 Mb for a full installation. (The exact space required is highly dependent on exactly what is installed.
Compatibility Information and Installation Requirements HP DCE/9000 Version 1.7 Installation Requirements Other Installation Notes Also note the following regarding the installation of HP DCE 1.7: • Do not install the Export version of HP DCE 1.7 over a previous install of HP DCE 1.7 that included the U.S./Canada Version. If you need to install the Export version over a previous install of HP DCE 1.7 that included the U.S./Canada Version: 1. Use swremove DCE-Domestic to remove the U.S./Canada Version 2.
Compatibility Information and Installation Requirements HP DCE/9000 Version 1.7 Installation Requirements NOTE HP DCE 1.7 does not support direct migration from versions of HP DCE that run on HP-UX 9.x (HP DCE 1.2, 1.2.1, and 1.4.2). However, you can migrate from those versions of HP DCE by migrating first to HP DCE 1.4 on HP-UX 10.01 and then migrating to HP DCE 1.7 on HP-UX 11.0. HP DCE 1.7 for HP-UX 11.
Compatibility Information and Installation Requirements HP DCE/9000 Version 1.7 Installation Requirements 36 HP DCE 1.7 for HP-UX 11.
4 What’s Fixed In This Version This chapter describes fixes and patches for HP DCE/9000 Version 1.7 on HP-UX 11.0. HP DCE 1.7 for HP-UX 11.
What’s Fixed In This Version Fixes in HP DCE/9000 Version 1.7 Fixes in HP DCE/9000 Version 1.7 Many problems were fixed in HP DCE/9000 Version 1.7. For detailed information, see the Software Release Bulletin (SRB). 38 HP DCE 1.7 for HP-UX 11.
5 What Manuals Are Available For This Version This chapter describes the documentation for HP DCE/9000 Version 1.7 on HP-UX 11.0. HP DCE 1.7 for HP-UX 11.
What Manuals Are Available For This Version HP DCE 9000 Version 1.7 Documentation HP DCE 9000 Version 1.7 Documentation Documentation for HP DCE/9000 Version 1.7 consists of printed manuals and online documentation. For information about documentation for the HP DCE application development tools, see the HP DCE/9000 Version 1.7 Application Development Tools for HP-UX 11.0 Release Note (B3190-90022). Printed Documentation The following printed documents describe HP DCE 1.7: • HP DCE/9000 Version 1.
What Manuals Are Available For This Version HP DCE 9000 Version 1.7 Documentation • The following two books published by O’Reilly & Associates: ✓ Understanding DCE (B3190-90018) ✓ Guide to Writing DCE Applications (B3190-90029) For general information on installing software on HP-UX 11.0 systems, see Installing HP-UX 11.0 and Updating HP-UX 10.x to 11.0 (B2355-90153). For general information about programming with CMA threads on HP-UX 11.0, see Programming with Threads on HP-UX (B2355-90060).
What Manuals Are Available For This Version HP DCE 9000 Version 1.7 Documentation HP DCE man pages are in the following directories: /opt/dce/share/man /opt/dce/usr/man /usr/share/man To read DCE man pages by using the man command, include the path names listed above in your MANPATH shell environment variable.
What Manuals Are Available For This Version HP DCE 9000 Version 1.7 Documentation Accessing DCE Online Help From CDE You can access the DCE Online Help from the Front Panel or from a shell. To access the DCE Online Help from the Front Panel, follow these steps: 1. Click on the Front Panel help icon (the “ ?”). A “Welcome to Help Manager” help window appears. 2. In the Help Manager window, click on the “HP DCE/9000, Version 1.7” product-family title. A list of the HP/DCE 9000 help volumes appears.
What Manuals Are Available For This Version HP DCE 9000 Version 1.7 Documentation 44 HP DCE 1.7 for HP-UX 11.
6 Software Availability In Native Languages This chapter describes how HP DCE/9000 Version 1.7 on HP-UX 11.0 is localized. HP DCE 1.7 for HP-UX 11.
Software Availability In Native Languages HP DCE/9000 Version 1.6 and 1.7 Localization HP DCE/9000 Version 1.6 and 1.7 Localization HP DCE 1.6 was localized for the Japanese market. HP provided localized message catalogs in both Shift-JIS and EUC encoding. Consult your Hewlett-Packard sales representative for detailed information about the Japanese-localized version of HP DCE 1.6. HP DCE 1.7 provides no additional localization. 46 HP DCE 1.7 for HP-UX 11.
