Manualshelf

HP-UX DCE Version 2.0 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX DCE Software
11121314151617181920
About This Document
Known Problems and Work Arounds
Chapter 114
The workaround is to use rlogin without -f when logging into the
local node. In the remote case, where you are using rlogin -f to log
in to a remote node, it is intended behavior for k5dcelogin to delete
the credentials on the remote system once you exit the remote
system.
Audit events are not generated for authentication services. These
events are:
AS_Request
TGS_TicketReq
TGS_RenewReq
TGS_ValidateReq
•The chpass command is not supported.
Intercell logins are insecure with respect to other logins from the
same cell; therefore, such logins are disabled by default. To facilitate
administrative control over intercell logins, two switches have been
added to the dcecp registry connect command. If you want to
permit intercell logins, specify one or both of the switches listed in
Table 1-1 to the dcecp registry connect.
For example, to enable peer-to-peer trust between two cells and
permit intercell logins in both directions between them:
dcecp>registry connect /.../_cell_name> \-facct cell_admin\
-facctpw _cell_admin_pwd>\-acctvalid\-facctvalid\-group
none\-fgroup none\-org none\-forg none\-mypwd
_cell_admin_pwd>
Table 1-1 Switches for the dcecp Registry Command
Command Definition
acctvalid Marks the local cell account as a valid account. A
valid local cell account allows users from the foreign
cell to login to nodes in the local cell. The default is
invalid.
-facctvalid Marks the foreign cell account as a valid account. A
valid foreign cell account allows users from the local
cell to log in to nodes in the foreign cell. The default is
invalid.