VMS Help  —  DCE  DCE_SECURITY, Admin Intro, secd
 NAME

    secd - The DCE Security Server

 SYNOPSIS

  secd [-b[ootstrap]] [-lockpw] [-locksm[ith]] [pname] [-rem[ote]]
       [-master_seqno new_master_seqno] [-cpi time] [-restore_master]
       [-v[erbose]]

 OPTIONS

 -locksm[ith]
           Restarts the master Security Server in locksmith mode. Use
           this mode if you cannot access the registry as the principal
           with full registry access, because that principal's account
           has been inadvertently deleted or its password lost.

 -pname     The pname argument is the name of the locksmith principal. If
           no registry account exists for this principal, secd creates
           one.

 -lockpw   Prompt for a new locksmith password when running in locksmith
           mode. This option allows you to specify a new password for the
           locksmith account when the old one is unknown.

 -rem[ote] Allows the locksmith principal to log in remotely.  If this
           option is not used, the principal must log in from the local
           machine on which secd will be started.

 -bo[otstrap]
           Always waits only one minute between tries to export binding
           information to the Cell Directory Service during DCE config-
           uration.  If you do not specify this option, during initial-
           ization secd sleeps for 1 minute if CDS is not available when
           it tries to export binding information.  If the export fails
           a second time, it sleeps for 2 minutes before it tries again.
           If it still fails, it sleeps for 4, 8, and 16 minutes between
           retries.  Then, sleep time stays at 16 minutes until the
           binding export succeeds.

 -master_seqno
           Sets a new master sequence number for the master replica. This
           option is used only in unusual situations when a replica that
           you want to be the master has a master sequence number that is
           lower than (or equal to) another master sequence number in the
           system.  When the master detects that its master sequence
           number is lower than another one in the system, it marks
           itself as a duplicate master and its process exits. Each time
           you start the master replica, it will notice that it has been
           deemed a duplicate master, and its process will again exit.
           Use this option to assign a new master sequence number to the
           replica you want to be master.  The new sequence number should
           be one digit higher than the highest master sequence number in
           the system.  (Use the dcecp registry show -replica command for
           each replica to find the highest master sequence number.)

 -cpi      The checkpoint interval for the mater registry database.  This
           is the interval in seconds at which the master will read its
           database to disk.  The default is one hour.

 -restore_master
            Marks all slave replicas for initialization during the master
            restart. Use this option only to recover from a catastrophic
            failure of the master security server (for example, if the
            database is corrupted and then restored from a backup tape).

 -v[erbose]]
            Runs in verbose mode.

 All options start the Security Server on the local node.

 DESCRIPTION

 The secd daemon is the Security Server. It manages all access to the
 registry database. You must have root privileges to invoke the secd.

 The Security Server can be replicated, so that several copies of the
 registry database exist on a network, each managed by a secd process.
 Only one Security Server, the master replica, can perform database
 update operations (such as adding an account).  Other servers, the
 slave replicas, can perform only lookup operations (such as validating
 a login attempt).

 A DCE Host daemon (dced) must be running on the local node when secd is
 started.  Typically, dced and secd are started at boot time. The secd
 server places itself in the background when it is ready to service
 requests.

 LOCKSMITH MODE

 The secd -locksmith option starts secd in locksmith mode.  The
 -locksmith option can be used only with the master replica. In
 locksmith mode, the principal name you specify to secd with pname
 becomes the locksmith principal.  As the locksmith principal, you
 can repair malicious or accidental changes that prevent you from
 logging in with full registry access privileges.

 If no account exists for pname, secd establishes one and prompts you
 for the account's password. (Use this password when you log in to the
 account as the locksmith principal.) If an account for pname exists,
 secd changes the account and policy information as described in the
 tables titled "Locksmith Account Changes Made by the Security Server"
 and "Registry Policy Changes Made by the Security Server." These
 changes ensure that even if account or registry policy was tampered
 with, you will now be able to log in to the locksmith account.

 In locksmith mode, all principals with valid accounts can log in and
 operate on the registry with normal access checking.  The locksmith
 principal, however, is granted special access to the registry: no
 access checking is performed for the authenticated locksmith principal.
 This means that, as the locksmith principal, you can operate on the
 registry with full access.  The following table shows locksmith account
 changes that can be made by the security server.

 IF THE SECURITY SERVER FINDS                  IT CHANGES
 Password-Valid flag is set to no              Password-Valid flag to yes
 ________________________________________________________________________
 Account Expiration date is set to             Account Expiration date to
 less than the current time plus one           the current time plus one
 hour                                          hour
 ________________________________________________________________________
 Client flag is set to no                      Client flag to yes
 ________________________________________________________________________
 Account-Valid flag is set to no               Account-Valid flag to yes
 ________________________________________________________________________
 Good Since date is set to greater             Good Since date to the
 than the current time                         current time
 ________________________________________________________________________
 Password Expiration date is set               Password Expiration date
 to less than current time plus                to the current time plus
  one hour                                     one hour
 ------------------------------------------------------------------------

 The following table shows registry policy changes that can be made by
 the security server.

            IF THE SECURITY SERVER FINDS   IT CHANGES
            Account Lifespan is set to     Account Lifespan to the
            less than the difference       current time plus one hour
            between the locksmith          minus the locksmith
            account creation date and      account creation date
            the current time plus one
            hour
            _________________________________________________________
            Password Expiration date is    Password Expiration date
            set to greater than the time   to the current time plus
            the password was last          one hour
            changed but less than the
            current time plus one hour

 Use the -lockpw option if the locksmith account exists but you do not
 know its password.  This option causes secd to prompt for a new lock-
 smith password and replace the existing password with the one entered.

 Use the -remote option to allow the locksmith principal to log in from
 a remote machine.
 The secd program normally runs in the background. When you start
 secd in locksmith mode, it runs in the foreground so that you can
 answer prompts.

 EXAMPLES

 All of the commands shown in the following examples must be run by a
 privileged process:

  1.  Start a Security Server after you create the database with
      sec_create_db.

            $ run sys$system:dce$secd

  2.  Restart an existing replica (master or slave).

            $ run sys$system:dce$secd

  3.  Start the Security Server in locksmith mode and allow the
      master_admin principal to log in on a remote machine.

            $ secd :== $sys$system:dce$secd.exe
            $ secd -locksmith master_admin -remote
Close Help