DCE authorization (rpc_c_authz_dce) provides a server with the client's credentials.
Credentials offer a trusted mechanism for conveying client authorization data to authenticated servers. The security service generates a client's credentials in a tamper-proof manner. When a server receives a client credentials, it knows that the credentials has been certified by DCE security.
Credentials are designed to be used with the DCE ACL facility. The ACL facility provides an editor and a set of API routines that support the implementation of access control lists and the managers to control them.