HP DCE/9000 Version 1.7 for HP-UX 11.0 Release Note
28 HP DCE 1.7 for HP-UX 11.0 Release Note
Known Problems and Work Arounds
Differences in Functionality
bootstrap and it supports only EP and LLB services. Thus, you can
run DCE RPC-only and NCS-only applications on hosts that have not
been configured into a cell.
• The command klist -e no longer returns all expired tickets.
• dce_login supports the -r option, which refreshes a user’s
credentials. It is more secure than using kinit because it uses DCE
third-party preauthentication.
• Certain header files were added to support the transition to OSF DCE
1.2.1 ACL Managers, as described in the Chapter 1 of this release
note.
NOTE These header files are supported for transition purposes only; they will
not be supported in the next release of HP DCE.
• dcecp hostdata has changed as follows:
When dced is in full service mode the ability to remove new
hostdata objects has been removed.
A local privileged user may perform the vast majority of DCE cell
administrative tasks remotely. This is allowed by these additional
ACLs for hostdata:
✓ /.:/hosts/foo/config/hostdata
Grants read and insert permissions to the machine principal and
to the member of the subsys/dce/dced-admin group. Grants
read access, i.e., hostdata catalog, to all other users.
This prevents altering a local file system object not residing under
the /var/opt/dce/dced directory.
✓ /.:/hosts/foo/config/hostdata -io
Grants all permissions to the machine principal except
modify -acl (control) to the member of the
subsys/dce/dced-admin group. Grants read access to all other
users.
This allows the remote administration of the DCE configuration,
for example, cellalias, by the member of the
subsys/dce/dced-admin group.