Notes on Cell Administration

Establishing Intercell Communication

3. Use the dcecp registry connect command:

 

dcecp> registry connect /.../foreign_cell_name \

 

-facct cell_admin \

 

-facctpwforeign_cell_admin_pwd \

 

-group none\

 

-fgroup none\

 

-org none\

 

-forg none\

 

-mypwdlocal_cell_admin_pwd

 

As of HP DCE 1.6, intercell logins by members of trusted cells are

NOTE

 

disabled by default to protect against insecure intercell logins. (This

 

differs from standard OSF DCE 1.1 behavior.) If you want to permit

 

intercell logins, specify one or both of the following options to the dcecp

 

registry connect command:

 

-acctvalid— Marks the local cell account as a valid account. A valid

 

local cell account allows users from the foreign cell to login to nodes in

 

the local cell. The default is invalid.

 

-facctvalid— Marks the foreign cell account as a valid account. A valid

 

foreign cell account allows users from the local cell to log in to nodes in

 

the foreign cell. The default is invalid.

 

For example, to enable peer-to-peer trust between two cells and permit

 

 

intercell logins in both directions between them:

 

dcecp> registry connect /.../foreign_cell_name \

 

-facct cell_admin\

 

-facctpwforeign_cell_admin_pwd \

 

-acctvalid\-facctvalid\-group none\-fgroup none\

 

-fgroup none\

 

-org none\

 

-forg none\

 

-mypwdlocal_cell_admin_pwd

 

See “Creating Trust Relationships” in the OSF DCE Administration

 

Guide — Core Components for detailed information on establishing

 

peer-to- peer trust. See the online version of the dcecp_registry man page

 

for information on the acctvalid and facctvalid options.

Planning and Configuring HP DCE 1.7

7-13