HP DCE/9000 Version 1.7 for HP-UX 11.0 Release Note
HP DCE 1.7 for HP-UX 11.0 Release Note 11
What’s In This Version
HP DCE/9000 Version 1.7 Overview
OSF DCE 1.2.1 Features
HP DCE 1.7 includes the following OSF DCE 1.2.1 features. For
information about these features, see the OSF DCE 1.2.1 documentation,
which is provided with HP DCE 1.7.
• Single administrative DCE control program — dcecp.
• DCE daemon (combines rpcd and sec_clientd) — dced.
• Cell aliasing.
• Hierarchical cell naming without transitive trust.
• Serviceability improvements.
• Security delegation — intermediary servers can operate on behalf of
the initiating client while preserving identities and ACLs.
• Auditing — tracking of security-related events.
• Extended Generic Security Service Application (GSSAPI) — permits
use of DCE security by message passing applications.
• Extended Registry Attribute (ERA) facility— provides a means to
define arbitrary attribute types; to attach instances of those types to
principals, groups, and organizations; and to insert attributes in a
principal’s credentials for use by specialized security applications. For
example, the ERA facility could be used to support single sign-on
across non-UNIX platforms and legacy systems by associating
additional security information with users and groups.
• Extended logon capabilities — provide the following features:
✓ Pre-authentication, which improves the security of authentication
by eliminating passive attacks on the Key Distribution Center.
✓ Login denial, which permits limitation on the number of
successive invalid attempts and Security Server enforcement of
password expiration.
✓ Password management, which permits strength checking of
user-selected passwords according to site policies and automatic
generation of random plaintext passwords.
• ACL Manager Library — provides server writers with an ACL
manager for use with all servers.
• Group override — customizes group name mapping from host to host
to allow DCE to adapt to various operating system conventions.