Previous | Contents | Index |
This chapter describes the DCE system configuration utility for Digital DCE for OpenVMS VAX and OpenVMS Alpha. Note that DCE must be configured.
Many of the system configuration utility prompts have default values associated with them. The default responses are based on your existing configuration, if you have one. Otherwise, default values for the most common DCE system configurations are provided.
The system configuration utility sets up the DCE environment on your node so that you can use DCE services. The system configuration utility leads you through the process of creating or joining a cell.
If you are installing DIGITAL DCE for OpenVMS VAX or OpenVMS Alpha Version 1.5 over a previous version of DCE, you do not have to reconfigure DCE after the installation. Before the installation, stop the DCE daemons with the following command:
Then, after the installation, enter the following command:
You must reconfigure if you are installing DCE for the first time or if you are installing a new version over DCE Version 1.0. |
If you are installing DCE over an existing DIGITAL DCE for OpenVMS VAX or OpenVMS Alpha Version 1.5, perform the following steps:
$ @SYS$MANAGER:DCE$SETUP CLEAN |
$ @SYS$MANAGER:DCE$RPC_SHUTDOWN |
$ @SYS$MANAGER:DCE$SETUP START |
If you did not reboot after the installation and if you chose to configure your system during installation, the DCE system configuration utility starts automatically. You can also start the system configuration utility manually at the DCL prompt. You can use the same command to perform an initial configuration or to reconfigure DCE. See Appendix C for several sample configurations.
To start the system configuration utility at the DCL prompt, enter the following command:
$ @SYS$MANAGER:DCE$SETUP |
The DCE System Management Main Menu appears:
DCE System Management Main Menu DCE for OpenVMS VAX V1.5 1) Configure Configure DCE services on this system 2) Show Show DCE configuration and active daemons 3) Stop Terminate all active DCE daemons 4) Start Start all DCE daemons 5) Restart Terminate and restart all DCE daemons 6) Clean Terminate all active DCE daemons and remove all temporary local DCE databases 7) Clobber Terminate all active DCE daemons and remove all permanent local DCE databases 8) Test Run Configuration Verification Program 0) Exit Exit this procedure ?) Help Display helpful information Please enter your selection: |
Enter 1 to view the DCE Configuration Menu.
To skip the previous menu and go directly to the DCE Configuration Menu, enter the following command:
$ @SYS$MANAGER:DCE$SETUP CONFIG |
The configuration procedure displays an initial menu:
DCE Configuration Menu 1) RPC_Only Provide DCE RPC services only 2) Client Configure this host as a DCE client system 3) Server Configure this host as a full DCE server system 4) Custom Define a customized DCE configuration for this host 5) IntLogin Enable or disable DCE integrated login support 6) Rebuild Rebuild DCE on this host using the current configuration 7) Add_SecRep Add a Security Replica to the configuration on this host 8) Add_CdsRep Add a CDS Replica clearinghouse to the configuration on this host 0) Exit Return to previous menu ?) Help Display helpful information Please enter your selection: |
Table 4-1 provides descriptions of the options available on the DCE Configuration Menu.
Option | Description |
---|---|
1 RPC_Only | Provides a subset of the DCE RPC services. If DCE Version 1.5 is installed on an OpenVMS Alpha system running Version 7.2 or higher, NTLM security may be utilized for authenticated RPC requests. With an RPC_Only configuration, there are no RPC name service interface routines available. This configuration will, however, allow applications to communicate if full string bindings are supplied by the RPC client, or if the client requests the port number to complete the partial string binding from the end point mapper (RPC daemon). |
2 Client | Provides full DCE RPC services, client services for CDS and Security, and optional time services. A DCE client system must join an existing DCE cell with a security registry and a CDS master server available on other systems in the cell. |
3 Server | Provides full DCE RPC services, a security registry server for the cell, a CDS master server, a DTS server, and the NSI agent for name service independent access to directory services from PC client systems. There can be only one security registry and CDS master server in a cell, although they need not reside on the same host. |
4 Custom |
If one of the other configuration options is not appropriate for this
host, this option creates a customized DCE configuration. This
configuration allows tailoring of the following DCE services:
|
5 IntLogin | Provides support for Integrated Login, which combines the DCE and OpenVMS login procedures. (See the Digital DCE for OpenVMS VAX and OpenVMS Alpha Product Guide for information about Integrated Login.) |
6 Rebuild | If a valid configuration is present, this option rebuilds the DCE configuration on this host using the current settings. Note that this option appears on the menu only if the procedure detects an existing valid configuration. |
7 Add_SecRep | Adds a security replica to the configuration on this host. This option is only present if the host is a DCE security client. |
7 Del_SecRep | Deletes the security replica from this host. This option appears instead of Add_SecRep if a security replica has already been configured. Selecting this option is the only way to delete a security replica (except for clobbering the configuration). |
8 Add_CdsRep | Adds a CDS replica clearinghouse to the configuration on this host. This option is only present if the host is a DCE CDS client. |
8 Del_CdsRep | Deletes the CDS replica clearinghouse from this host. This option appears instead of Add_CdsRep if a CDS replica has already been configured. Selecting this option is the only way to delete a CDS replica clearinghouse (except for clobbering the configuration). |
This section leads you through the configuration process. It assumes
that you have chosen either the client or server option from the
configuration menu described in Section 4.2.
4.3.1 Initial Messages
If you are performing an initial configuration, the procedure responds with messages similar to the following:
Starting DCE client configuration . . . This system has no current DCE configuration. Based on this configuration, there should be no active DCE daemons. At each prompt, enter your response. You may enter <RETURN> for the default response, displayed in [brackets], or '?' for help. Entering a CONTROL-Z will terminate this configuration request. Press <RETURN> to continue . . . |
The procedure then stops any daemons and removes all files from previous configuration operations.
Removing temporary local DCE databases . . . Removing permanent local DCE databases . . . |
If you do not already have a valid time zone configuration, you are asked to provide one during the configuration. For more information on time zone configuration, see the Troubleshooting chapter in the Digital DCE for OpenVMS VAX and OpenVMS Alpha Product Guide.
The following questions may be displayed:
DCE requires a valid UTC time zone configuration. No time zone configuration startup procedure was found, so you will now be asked to provide local time zone information so that the startup procedure will be created. Timezone Options: [0] Exit Timezone Configuration [1] Choose a timezone using menus [2] Use Universal Coordinated Time (UTC) [3] Type in your own timezone rule * Enter an option number [1] : Timezone Region Options: [0] Return to the Timezone Options menu [1] Europe [2] North America [3] Central & South America [4] Africa [5] Asia [6] South Pacific [7] Antarctica * Enter a timezone region number : Timezone Subregion Options: [0] Return to Region Options menu [1] US/Eastern [2] US/East-Indiana [3] US/Central [4] US/Mountain [5] US/Pacific [6] US/Alaska [7] US/Arizona [8] US/Navajo [9] US/Michigan [10] US/Aleutian [11] US/Hawaii [12] US/Samoa [13] Canada/Newfoundland [14] Canada/Atlantic [15] Canada/Eastern [16] Canada/Central [17] Canada/East-Saskatchewan [18] Canada/Mountain [19] Canada/Pacific [20] Canada/Yukon * Enter a timezone subregion number : |
After removing the temporary and permanent local DCE databases, the procedure leads you through the process of creating or joining a cell.
Names and identifiers associated with DCE, including principal names and passwords, are case sensitive and cell names and hostnames are always converted to lowercase. |
First, the system responds with the following messages:
Starting Remote Procedure Call Services daemon (DCE$RPCD) . . . %RUN-S-PROC_ID, identification of created process is 218001AB |
It then asks you for the DCE hostname:
Please enter the DCE hostname for this system [dcevms]: |
Press the Return key to take the default name. If you do not take the
default, define a name for your system that is unique within your DCE
cell. You can base this name on your network hostname, but do not
include any dots (.) in the name. Use only the hostname portion of the
node's fully specified name. For example, use only myhost; do
not use myhost.mycompany.com.
4.3.4 Defining the DCE Cellname
After you enter the hostname, you are asked whether you want to search the LAN for known DCE cells:
Do you wish to search the LAN for known DCE cells (YES/NO/?) [Y]? |
If you answer YES the system responds with messages similar to the following:
Searching, please wait . . . The following cells were discovered within broadcast range of this system: openup_cell.dce.zko.dec.com opndce_cell.dce.zko.dec.com excess_cell.dce.zko.dec.com opnsea_cell.dce.zko.dec.com |
Whether you answered YES or NO to the previous question, you are then asked for the name of your DCE cell:
Please enter the name of your DCE cell []: excess_cell.dce.zko.dec.com |
Note that cell names can look like IP Domain names with the form
cellname.domain.company.com.
X.500 cell names have the form
c=country/o=organization/ou=organization unit.
X.500 cell names can contain spaces or hyphens if they are enclosed in double quotes, but underscores are never allowed, even if they are enclosed in double quotes. For example, the X.500 cell names /c=us/o=digital/ou="excess cell" and /c=us/o=digital/ou="excess-cell" are allowed, but /c=us/o=digital/ou=excess_cell and /c=us/o=digital/ou="excess_cell" are not allowed. |
X.500 requires DECnet/OSI. If you enter an X.500 style cell name and you do not have DECnet/OSI installed, the system responds with the following message:
*** *** You have entered an X.500 style cellname. *** DECnet/OSI has not been found on this system and is necessary for X.500 *** operation. If you wish to configure an X.500 cell, please exit this *** program and install DECnet/OSI. YOu can then configure DCE successfully. *** |
If you do not know the cell name, refer to the section on global names in the OSF DCE Administration Guide, or consult your network administrator. Note that you should not include the /.../ or /.:/ prefix when specifying a cellname. It will be added automatically whenever it is needed.
You are then asked whether you want to save the current cell names:
Do you want to save these names for your DCE configuration (YES/NO) [YES]? |
Under normal circumstances, press the Return key to save the settings. You must save these names to be able to start the DCE daemons.
If you have made an error in the hostname or cellname and want to correct the error, answer NO to the question on saving the current names. You are then asked whether you want to continue the procedure. Answer YES if you are satisfied. Answer NO if you have made a mistake and want to change your answers.
If you have specified an X.500 cellname, you are then asked whether you want to register the DCE cell in X.500. Remember that X.500 requires DECnet/OSI.
Do you want to register the DCE cell in X.500 (YES/NO/?) [N]? y |
The security questions in this section may vary depending on the type of configuration you are performing.
If this is a client, you are asked to enter the name of the host where the security registry for the cell is located.
Please enter the hostname of the DCE security registry [leaper]: Checking TCP/IP local host database for address of "leaper". Please wait ... Checking BIND servers for address of "leaper". Please wait ... |
To configure an OpenVMS DCE client system, you need access to a DCE security registry server. Security initialization requires contacting the security registry.
If the hostname that you specify is not currently defined in the TCP/IP host's database, you must also provide the IP address. When you enter the hostname, do not include any dots (.) or include the DCE hosts/ prefix with the hostname.
You must also provide the principal name and password that are authorized to perform cell configuration operations. The default principal name is cell_admin.
Please enter the principal name to be used [cell_admin]: Please enter the password for principal "cell_admin" (or ? for help): |
If the Internet address for the hostname that you specified cannot be obtained from the current TCP/IP services, the procedure asks whether you want to enter a different hostname.
Do you want to specify a different hostname (YES/NO/?) [Y]? |
If you answer NO, you are asked to provide the IP address.
Please enter the IP address for opra: 55.13.792.631 |
If the procedure did not search the LAN for cells or your cell name is not in the list that the procedure found, the procedure asks whether the CDS master server is in broadcase range.
Is the CDS Master Server within broadcast range (YES/NO/?) [Y] |
CDS clients learn about namespace clearinghouse servers by using an advertisement protocol that is broadcast over the LAN. If the CDS master server for this cell is not reachable on the LAN, you must provide the name of the host running the CDS master server so that this client can contact the server directly via TCP/IP messages instead of LAN broadcast messages. This situation may arise if your CDS Master Server is accessible only through a WAN or is behind a LAN bridge that is filtering out the broadcast messages.
If the CDS master server is not within broadcast range, DCE startup
will use the cdscp define cached server command to initiate
communication with the CDS master server. If the server is within
broadcast range, no cached server command is required.
4.3.7 Configuring Multiple LAN Cells
If you are configuring a CDS Master Server, you are asked whether the cell uses multiple LANs. The cell uses multiple LANs if clients and servers are divided into profile groups to facilitate performance. (Most cells will not require this feature.)
Does this cell use multiple LANs (YES/NO/?) [N]? y |
If you answer YES, the system responds with messages similar to the following:
Checking TCP/IP local host database for address of "leaper". Please wait . . . Please enter the name of your LAN [43.7.12]: |
If you are configuring a CDS client and the procedure detects a multi-LAN cell, you are asked which LAN your host is on. (The following questions are asked during the configuration, because the search cannot occur until after the CDS daemons are started.)
Testing for multi-LAN cell . . . This cell has been configured to span multiple LANs. The known LANs are: 43.7.12 Please enter the name of the LAN for this host [43.7.12]: 27.0.66 The requested LAN has not yet been defined in the namespace. Do you want to define it (YES/NO/?) [Y]? |
Digital DCE for OpenVMS VAX and OpenVMS Alpha provides two time services: DCE DTS and DECnet/DTSS. By default, DCE DTS is used.
Do you want to disable DECnet/DTSS, and use DCE DTS instead? (YES/NO/?) [Y]? |
If you accept the default and use DCE DTS, you can choose to accept time from DECnet/DTSS servers by answering YES to the following question.
Do you want to accept time from DECnet/DTSS servers? (YES/NO/?) [N]? |
If you rely on DCE time services for time synchronization, you need a
minimum of three time servers to synchronize time in a cell. See the
section on the DCE Distributed Time Service in the OSF DCE
Administration Guide for more information.
4.3.9 Saving the DCE Services
One of the last questions asked is whether you want to save the service configuration:
Do you want to save this service configuration (YES/NO/?) [Y] |
If you answer YES, the actual configuration begins. If you answer NO, you are returned to the main menu, where you may answer all the questions again or stop the configuration.
Previous | Next | Contents | Index |