The Top-Level Security Directory
The following tables describe the namespace entries for /.:/sec, the top-level Security directory.
| Name | /.:/sec/group |
| Well Known | Yes. This name is not architecturally defined, but is defined by the implementation. |
| Description | This is the Security directory that holds all the groups. |
| Default ACLs | |
| Object ACL | {unauthenticated r-----} |
| {user creator rcidDn} | |
| {group acct-admin rcidDn} | |
| {other_obj r-----} | |
| {any_other r-----} | |
| Initial Object ACL | {unauthenticated r-t-----} |
| {user creator rctDnfmM} | |
| {group_obj r-t-----} | |
| {group acct-admin rctDnfmM} | |
| {other_obj r-t-----} | |
| {any_other r-------} | |
| Initial Container ACL | {unauthenticated r-----} |
| {user creator rcidDn} | |
| {group acct-admin rcidDn} | |
| {other_obj r-----} | |
| {any_other r-----} |
| Name | /.:/sec/org |
| Well Known | Yes. This name is not architecturally defined, but is defined by the implementation. |
| Description | This is the Security directory that holds all the organizations. |
| Object ACL | {unauthenticated r-----} |
| {user creator rcidDn} | |
| {group acct-admin rcidDn} | |
| {other_obj r-----} | |
| {any_other r-----} | |
| Initial Object ACL | {unauthenticated r-t-----} |
| {user creator rctDnfmM} | |
| {group acct-admin rctDnfmM} | |
| {other_obj r-t-----} | |
| {any_other r-t-----} | |
| Initial Container ACL | {unauthenticated r-----} |
| {user creator rcidDn} | |
| {group acct-admin rcidDn} | |
| {other_obj r-----} | |
| {any_other r-----} |
| Name | /.:/sec/org/none |
| Well Known | Yes |
| Description | This is the default organization. |
| Default ACLs | |
| Object ACL | {unauthenticated r-t-----} |
| {user creator rctDnfmM} | |
| {group acct-admin rctDnfmM} | |
| {other_obj r-t-----} | |
| {any_other r-t-----} | |
| Name | /.:/sec/policy |
| Well Known | Yes. This name is not architecturally defined, but is defined by the implementation. |
| Description | This entry provides the ability to set Security policies on a cell-wide basis. |
| Object ACL | {unauthenticated r----} |
| {user creator rcmaA} | |
| {group acct-admin rcmaA} | |
| {other_obj r----} | |
| {any_other r----} |
| Name | /.:/sec/principal |
| Well Known | Yes. This name is not architecturally defined, but it cannot be changed in DCE 1.1. |
| Description | This is the Security directory that holds all of the principals. |
| Default ACLs | |
| Object ACL | {unauthenticated r-----} |
| {user creator rcidDn} | |
| {group acct-admin rcidDn} | |
| {other_obj r-----} | |
| {any_other_obj r-----} | |
| Initial Object ACL | {unauthenticated r-------g} |
| {user_obj r---f--ug} | |
| {user creator rcDnfmaug} | |
| {group acct-admin rcDnfmaug} | |
| {other_obj r-------g} | |
| {any_other r--------} | |
| Initial Container ACL | {unauthenticated r-----} |
| {user creator rcidDn} | |
| {group acct-admin rcidDn} | |
| {other_obj r-----} | |
| {any_other r-----} |
| Name | /.:/sec/replist |
| Well Known | Yes. This name is not architecturally defined, but it cannot be changed in DCE 1.1. |
| Description | This entry holds information about the different security replicas. |
| Default ACLs | |
| Object ACL | {user creator cidmA-} |
| {user hosts/hostname/self -i-m-I} | |
| {group acct-admin cidmA-} |
| Name | /.:/sec/xattrschema |
| Well Known | Yes. This name is not architecturally defined, but it cannot be changed in DCE 1.1. |
| Description | This is a container for extended registry attribute schema entries. The entries within this directory define the format of ERAs that may be attached to other registry objects (for example, principals). |
| Default ACLs | |
| Object ACL | {unauthenticated r----} |
| {user creator rcidm} | |
| {other_obj r----} | |
| {any_other r----} |