Document revision date: 15 July 2002 | |
Previous | Contents | Index |
You can read and write to the OpenVMS Registry in the following ways:
The OpenVMS Registry includes two OpenVMS system services that provide an interface to the OpenVMS Registry server. The OpenVMS Registry system services allow you to query, update, and create keys, subkeys, and values in the OpenVMS Registry database.
For more information about the $REGISTRY and $REGISTRYW system
services, see the OpenVMS System Services Reference Manual.
12.4.2 REG$CP Server Management Utility
The REG$CP server management utility allows you to display and update OpenVMS Registry information from the OpenVMS DCL prompt. The utility also allows you to back up and restore the entire OpenVMS Registry database to or from a file, as long as you have the required system privileges.
For more information about the
REG$CP
server management utility, see Chapter 14.
12.5 OpenVMS Registry Security
The OpenVMS Registry implements both the OpenVMS and Windows NT security models.
To access to the OpenVMS Registry database, the calling process must have the proper OpenVMS Registry rights identifier for the operation you want to perform (for example, REG$LOOKUP for read operations, REG$UPDATE for write operations, or REG$PERFORMANCE for statistics operations) or the calling process must have the SYSPRV privilege.
The following sections describe the two models.
12.5.1 OpenVMS Security Model
When a user requests access to the OpenVMS Registry, the OpenVMS system checks the following:
You can use the OpenVMS Authorize utility (AUTHORIZE) to add the SYSPRV privilege and REG$UPDATE , REG$LOOKUP , and REG$PERFORMANCE identifiers to users.
Granting OpenVMS Registry rights overrides Windows NT security access checks. |
Because rights identifiers are specific to an application, you cannot use the AUTHORIZE command to create the rights identifiers. Use the REG$CP server management utility to create these rights identifiers on your system. Running the REG$CP server management utility creates these rights by default. You must run REG$CP from a privileged account. For more information about running REG$CP , see Chapter 14.
The following example shows how to use the SET RIGHTS_LIST command to allow all users to view keys and data in the OpenVMS Registry database. This command adds the REG$LOOKUP identifier to the system rights list.
$ SET RIGHTS_LIST/ENABLE/SYSTEM REG$LOOKUP |
Example 12-1 shows how to use AUTHORIZE to grant and remove OpenVMS Registry rights to a specific user.
Example 12-1 Using AUTHORIZE to Grant Rights to a User |
---|
$ SET DEF SYS$SYSTEM $ RUN AUTHORIZE UAF> GRANT/IDENTIFIER REG$LOOKUP SMITH (1) UAF> GRANT/IDENTIFIER/ATTRIBUTES=DYNAMIC REG$UPDATE SMITH (2) UAF> REVOKE/IDENTIFIER REG$UPDATE SMITH (3) UAF> GRANT/IDENTIFIER REG$PERFORMANCE SYSTEM (4) |
Windows NT users can access the OpenVMS Registry only through the
Compaq Advanced Server for OpenVMS. OpenVMS grants Windows NT users access to the
OpenVMS Registry based on the user's Windows NT credentials.
12.6 Controlling the OpenVMS Registry Server Operations
OpenVMS Registry server operations include control of file quotas, server priority, error recovery actions, frequency of database backup, and OpenVMS Registry server tuning.
The following sections describe OpenVMS Registry server operations, and
provide minimum, maximum, and default values for each setting. For
information about how to change these settings, see Chapter 14.
12.6.1 Defining Maximum Reply Age/Age Checker Interval Settings
The OpenVMS Registry server handles duplicate requests by tracking work in progress and returning a REG$_DUPLREQUEST error. The OpenVMS Registry server also holds completed requests in case a duplicate request is received for work that is already completed. In this case, the OpenVMS Registry server reconstructs the reply. After a specified time, the requests are discarded. The Maximum Reply Age setting determines how long these requests are retained. The Age Checker Interval setting determines how often the OpenVMS Registry server checks for requests that exceed this age.
By default, the server checks for old completed requests every five seconds. By default, the server discards completed requests that are older than five seconds.
Setting Name | Default value | Minimum value | Maximum value |
---|---|---|---|
Maximum Reply Age | 5 | 1 | 60 |
Age Checker Interval | 5 | 1 | 60 |
The OpenVMS Registry uses a a two-phase commit process to write modifications to the OpenVMS Registry database. The OpenVMS Registry first writes the modifications to a log file and then applies the log file to the OpenVMS Registry database. The Database Log Cleaner Interval setting determines how often the OpenVMS Registry applies the log file to the OpenVMS Registry database. After the OpenVMS Registry applies the log file, the OpenVMS Registry creates a new log file based on the size you specify in the Initial Log File Size setting.
The Database Log Cleaner Interval setting should be short enough so that writes to the database do not require that the log file be extended. Also, the log file size should be small to keep the amount of time spent applying the log relatively short, because this operation blocks writes to the database.
By default, the log file is applied every five seconds. By default, the OpenVMS Registry log file is created using a size of 32 blocks (16 KB).
Setting Name | Default value | Minimum value | Maximum value |
---|---|---|---|
Database Log Cleaner Interval | 5 | 1 | 30 |
Initial Log File Size | 32 | 16 | 256 |
The OpenVMS Registry server limits the size of OpenVMS Registry database files by applying file quotas. You can assign file quotas to the individual files that make up the OpenVMS Registry database. If you do not assign a file quota, the OpenVMS Registry uses the Default File Quota setting.
The File Quota Interval setting is used by Registry servers prior to OpenVMS V7.3-1 only. |
The OpenVMS Registry server periodically recalculates the size of the OpenVMS Registry database files to see whether quota is exceeded. The File Quota Interval setting determines how often the OpenVMS Registry performs this calculation.
By default, the Default File Quota setting is 10 MB. By default, the File Quota Interval setting is 30 seconds.
Setting Name | Default value | Minimum value | Maximum value |
---|---|---|---|
Default File Quota | 0x10000000 | 0x7d00 | 0x3fffffff |
File Quota Interval | 30 | 10 | 60 |
The Scan Interval setting is used by Registry servers prior to OpenVMS Version 7.3-1 only. |
In an OpenVMS Cluster, you can run OpenVMS Registry servers on more than one node; however, only one OpenVMS Registry server is active at a time. A OpenVMS Registry server's priority relative to the other OpenVMS Registry servers in the cluster determines which OpenVMS Registry server is active. If the cluster configuration changes, the system manager can adjust the priority of one or more OpenVMS Registry servers. After the system manager changes the priority, the OpenVMS Registry servers in the cluster determine which server now has the highest priority and automatically change their states as necessary. The Scan Interval setting determines how often a OpenVMS Registry server checks for changes in its priority.
By default, a server checks for changes in priority every 120 seconds.
Setting Name | Default value | Minimum value | Maximum value |
---|---|---|---|
Scan Interval | 120 | 60 | 300 |
The OpenVMS Registry server logs an error if one of the OpenVMS Registry server parameter values is out of the acceptable range. If the OpenVMS Registry detects an out-of-range error, the OpenVMS Registry server uses the default value for that parameter. The Log Registry Value Error setting is a Boolean value that determines whether the error should be logged.
By default, the OpenVMS Registry server does not log out-of-range errors.
Setting Name | Default value | Minimum value | Maximum value |
---|---|---|---|
Log Registry Value Error | 0 | 0 | 1 |
If an I/O error occurs, the OpenVMS Registry server can display a message to the operator console using OPCOM. The Operator Communications Interval setting determines how long the OpenVMS Registry server waits after the I/O error to determine if the error is going to persist. If the error does persist, OpenVMS Registry writes a message to the operator console.
By default, the OpenVMS Registry server writes a message to the operator console if the error persists longer than 60 seconds.
Setting Name | Default value | Minimum value | Maximum value |
---|---|---|---|
Operator Communication Interval | 60 | 30 | 120 |
The OpenVMS Registry server writes a message to the server log file if it takes too long to process a request. The Process Time Limit setting determines when a request has taken too long.
By default, 180 seconds are allowed per request before the OpenVMS Registry logs a message.
Setting Name | Default value | Minimum value | Maximum value |
---|---|---|---|
Process Time Limit | 180 | 60 | 600 |
The OpenVMS Registry server maintains a log of recent replies that it uses to reconstruct work in progress in the case of failover. After a specified time, the server discards these replies. The Reply Log Cleaner Interval setting determines how often the OpenVMS Registry discards these replies.
By default, the OpenVMS Registry server discards replies every five seconds.
Setting Name | Default value | Minimum value | Maximum value |
---|---|---|---|
Reply Log Cleaner Interval | 5 | 5 | 60 |
The OpenVMS Registry server maintains backup copies of the OpenVMS Registry database. The Snapshot Interval setting determines how often the OpenVMS Registry server creates a backup copy. The Snapshot Location setting determines where the OpenVMS Registry stores the copy. The Snapshot Versions setting determines how many previous copies the OpenVMS Registry keeps.
By default, the OpenVMS Registry database is copied to backup once per day. By default, the OpenVMS Registry database is copied to the location determined by the definition of the SYS$REGISTRY logical name. By default, the OpenVMS Registry keeps five previous versions of the OpenVMS Registry database.
Setting Name | Default value | Minimum value | Maximum value |
---|---|---|---|
Snapshot Interval | 86400 | 3600 | 604800 |
Snapshot Location | SYS$REGISTRY | --- | --- |
Snapshot Versions | 5 | 1 | 10 |
If the OpenVMS Registry finds an error when writing to the OpenVMS Registry database, the OpenVMS Registry server retries the write at an interval specified by the Write Retry Interval setting.
By default, the OpenVMS Registry server attempts to retry failed writes to the OpenVMS Registry database every five seconds.
Setting Name | Default value | Minimum value | Maximum value |
---|---|---|---|
Writer Retry Interval | 5 | 1 | 30 |
Previous | Next | Contents | Index |
privacy and legal statement | ||
6539PRO_011.HTML |