Maintaining the Local Registry
The local registry allows login from that machine if a network registry is not available. The local registry is created automatically the first time that a human or nonhuman user performs a DCE login from the local machine if the network registry server is running. As users log into the machine, their account information is automatically added to the local registry.
The following files make up the local registry database:
dcelocal/var/security/lrgy_data
Contains account information entries.
dcelocal/var/security/lrgy_tgts
Contains ticket-granting ticket entries.
dcelocal/var/security/lrgy_lock
Used by the security server to lock the registry for read/write operations.
You must use the security command rgy_edit to maintain the local registry. The following subcommands are available:
view
To view all entries in the local registry.
delete principal_name
To delete the principal specified by principal_name from the registry.
properties
To set and view properties for the local registry.
help
To obtain help information on the local registry.
In addition to the subcommands in the preceding list, the rgy_edit command provides one additional subcommand, purge, and an additional registry property, called the registry capacity, to restrict the number of entries that are in the local registry.
The remainder of this topic describes the purge subcommand and the registry capacity property. See the rgy_edit(8sec) reference page information on the use of the other subcommands.
More:
The Registry Capacity Property
Setting the Capacity and Lifespan Properties