Using the DCE Control Program
Since detailed information about the DCE control program and its command syntax appears in Part 1 of this guide, this topic does not repeat the information. It describes only the commands that the DCE control program provides specifically for managing the DCE Security Service.
The DCE control program creates and maintains principals, groups, organizations, and accounts for the DCE Security Service's network-wide registry (registry service component). The control program also operates on the keytab files that protect the passwords for security servers on the local node (authentication service component). Additionally, it maintains the ACLs that protect DCE resources (privilege service component). The DCE control program commands for managing the DCE Security Service operate on these security and DCE-wide resources through various objects that it defines. For example, the control program's acl check command displays the permissions that the ACL for a DCE Security Service object grants to the invoking principal.
The following subtopics describe the DCE Security Service objects that the DCE control program operates on and the types of operations that the control program can perform on these objects.
More:
DCE Control Program Operations for the DCE Security Service