Description
The user object represents all the data associated with a DCE user. This data consists of registry information and a CDS directory in the default implementation. The user object is a high-level abstraction that allows administrators to easily create, delete and view user information.
The user object consists of a principal and account in the registry; registers the principal in a group and an organization, creating them if necessary; and a CDS directory named after the principal with the appropriate ACL. If necessary the user task object also adds the principal to a group and an organization, creating the group and orgnaization if necessary. Only the principal and account attributes are considered attributes of the user task object, and are the only ones displayed by the show operation.
This object is implemented as a script to allow it to be manipulated and extended on a per-site basis. For example, administrators might want to add Global Directory Service (GDS) and Distributed File Service (DFS) information to the object. Other possible modifications include:
· Changing the location of the CDS directory created for users, or remove it completely.
· Changing the default ACLs placed on the various objects.
· Setting certain attributes or policies on all newly created principals and accounts to match the site's policies.
· Setting up site-specific defaults for passwords (to be changed by the user later), groups, organizations, principal directories, and so on.
· Supporting a user modify operation.