Configuring Security Replicas

1. At the Additional Server Configuration menu, type 8 and press <Return>.

The dce_config script displays:

Enter the security replica name (without subsys/dce/sec) : (hostname)

2. Type the name to be assigned to the Security replica and press <Return>. Note that the default, hostname in parentheses, is replaced with the actual name of the host machine. The replica is created in the subsys/dce/sec directory.

If this is the first time you have configured a Security replica on the machine, the dce_config script prompts:

What is the name of this cell (without /.../):

3. Type the name of the machine's cell and press <Return>.

If the machine has not been configured as a DCE client machine, dce_config will configure it as a DCE client. If it does this it will display the following message:

S:****** Configuring client...

See the steps 1 through 4 in Configuring DCE Clients for instructions on how to configure a client.

After you complete client configuration if necessary, the dce_config script displays the following messages as it creates and starts the replica on the local machine:

S******: Configuring Security Replication
Modifying acls on /.:/sec/replist ...
Modifying acls on /.:/subsys/dce/sec ...
Modifying acls on /.:/sec ...
Modifying acls on /.: ...
Modifying acls on /.:/cell-profile ...

Then, dce_config prompts for the replica's keyseed:

Enter keyseed for initial database master key:

4. Type in the text string for the keyseed, which is a temporary DES key that is used to generate the replica's master key (the key that the replica will use for account key creation). Press <Return>.

The text you enter should not be easily guessed. Note that it is not displayed as you type it.

The dce_config script creates and starts the security replica and displays:

start slave security server (secd) ...

The dce_config returns the Additional Server Configuration menu.