secval(1m)secval(1m)NAME
secval - A dcecp object that manages the security validation service on
a host
SYNOPSIS
secval activate [host_name_list]
secval deactivate [host_name_list]
secval help [operation | -verbose]
secval operations
secval ping [host_name_list]
secval status [host_name_list]
secval update [host_name_list] [-pesite time_in_seconds]
ARGUMENTS
A list of one or more names of host systems whose security validation
systems you want to act on. If you do not specify this argument, the
local host is assumed. The argument is optional and takes one of the
following forms: hosts/host_name
/.:/hosts/host_name
/.../cell_name/hosts/host_name
The name can also be a single string binding representing the host with
which to communicate. For example: {ncacn_ip_tcp 130.105.1.227}
A string binding is useful when the name service is not operating and
cannot translate the other forms of host names. The name of the secval
operation for which to display help information.
DESCRIPTION
The secval object represents the security validation service running on
a host, as part of the dced server. This service is responsible for
maintaining the security credentials of the host machine.
Access to the commands is based on the access control list (ACL) of the
security validation object for a host. This takes the form of
/.../cell_name/hosts/host_name/config/secval.
OPERATIONS
secval activate
Activates a security validation service. The syntax is as follows:
secval activate [host_name_list]
The activate operation activates a security validation service. If the
service is already activated, an error is returned. The optional
host_name_list argument is a list of one or more names of host systems
whose security validation systems you want to activate. This operation
returns an empty string on success.
Privileges Required
You must have x (execute) permission to the security validation service
object.
Examples
dcecp> secval activate dcecp>
dcecp> secval activate ncacn_ip_tcp:15.22.24.145 dcecp>
secval deactivate
Deactivates a security validation service. The syntax is as follows:
secval deactivate [host_name_list]
The deactivate operation deactivates a security validation service. If
it is already deactivated, an error is returned. The optional
host_name_list argument is a list of one or more names of host systems
whose security validation systems you want to deactivate. This opera‐
tion returns an empty string on success.
Privileges Required
You must have s (stop) permission to the security validation service
object.
Examples
dcecp> secval deactivate dcecp>
dcecp> secval deactivate /.:/hosts/gumby dcecp>
secval help
Returns help information about the secval object and its operations.
The syntax is as follows: secval help [operation | -verbose]
Options Displays information about the secval object.
Used without an argument or option, the secval help command returns
brief information about each secval operation. The optional operation
argument is the name of an operation about which you want detailed
information. Alternatively, you can use the -verbose option for more
detailed information about the secval object itself.
Privileges Required
No special privileges are needed to use the secval help command.
Examples dcecp> secval help activate Enables the secval ser‐
vice. deactivate Disables the secval service. ping
Contacts the dced secval to validate the security service. status
Returns 1 if secval is enabled, 0 if not. update Updates
a component of the secval. help Prints a summary of
command-line options. operations Returns a list of the valid
operations for this command. dcecp>
secval operations
Returns a list of the operations supported by the secval object. The
syntax is as follows: secval operations
The list of available operations is in alphabetical order except for
help and operations, which are listed last.
Privileges Required
No special privileges are needed to use the secval operations command.
Examples
dcecp> secval operations activate deactivate ping status update help
operations dcecp>
secval ping
Validates the credentials returned by a DCE security service. The syn‐
tax is as follows: secval ping [host_name_list]
The ping operation validates the credentials returned by a security
service. This operation can be used to verify that secd is trusted.
The operation returns 1 if the credentials are valid, 0 if they are
not. The optional host_name_list argument is a list of one or more
names of host systems whose security validation systems you want to
validate. If the argument is a list of host names, a list is returned
with a 1 or a 0 for each server.
Privileges Required
No special privileges are needed to use the secval ping command.
Examples
dcecp> secval ping 1 dcecp>
dcecp> secval ping /.../pokey_cell/hosts/gumby 1 dcecp>
secval status
Checks for an active secval. The syntax is as follows: secval status
[host_name_list]
The status operation returns 1 if the security validation service is
activated, 0 if it is not. If the argument is a list, a list is
returned, with a 1 or 0 for each server.
Privileges Required
No special privileges are needed to use the secval status command.
Examples
dcecp> secval status 1 dcecp>
dcecp> secval status ncacn_ip_tcp:15.22.24.145 1 dcecp>
secval update
Updates a component of the secval service. The syntax is as follows:
secval update [host_name_list] [-pesite time_in_seconds]
Options
Sets the amount of time to wait between each pe_site Thread Maintenance
update.
The update operation updates a component of the security validation
service. Currently only updates to the pe_site Maintainer Thread are
supported. Use the -pesite option to set the amount of time in seconds
between each update. The update is performed after the time specified
in time_in_seconds passes. If the -pesite option is not supplied, the
update is performed immediately. This operation returns an empty
string on success.
Privileges Required
You must have x (execute) permission to the security validation service
object.
Examples
dcecp> secval update -pesite 300 dcecp>
RELATED INFORMATION
Commands: dcecp(1m), dced(1m).
secval(1m)