Description
The registry object represents a DCE Security Service registry. The registry is a replicated database: each instance of registry server, secd, maintains a working copy of the database in virtual memory and on disk. One server, called the master replica, accepts updates and handles the subsequent propagation of changes to all other replicas. All other replicas are slave replicas, which accept only queries. Each cell has one master replica and may have numerous slave replicas.
Note that registry cannot add, delete, or modify information in the registry database, such as names and accounts. Use the appropriate principal, group or organization command to modify registry database entries.
Two access control lists (ACLs) control access to registry operations. For operations dealing with replication the replist object's ACL (usually /.:/sec/replist) controls access. For those that deal with registry attributes and policies, the policy object's ACL (usually /.:/sec/policy ) controls access.
When this command executes, it attempts to bind to the registry server identified in the _s(sec) variable. If that server cannot process the request or if the _s(sec) variable is not set, the command binds to either an available slave server or the master registry server, depending on the operation. Upon completion, the command sets the _b(sec) convenience variable to the name of the registry server to which it bound.