ACL manager names for all of DCE should follow the convention for naming dcecp attributes. There is no architectural restriction involved in the guidelines shown here, merely an attempt at consistency. The DCE control program will accept names outside of this convention, but adherence to it will make usage of ACL managers easier.
The guidelines are as follows:
· Alphabetic characters in names must be lowercase only.
· Names should not contain underscores.
· Names should not contain spaces.
· Names should be no longer than 16 bytes, the defined value of sec_acl_printstring_len.
· Names should be similar to object command names supported in dcecp whenever possible. For example, the ACL manager name principal refers to the object, /.:/sec/principal, that contains registry information about principals. Note that dcecp allows abbreviations. For example, a user can specify org for the ACL manager name organization.
· Names must be unique within a component's ACL manager but not necessarily within DCE. For example, the name xattrschema can be used for a DCE extended attribute configuration schema ACL object and for a security ERA schema ACL object.
· The help string for an ACL manager must specify the component that owns or manages the objects in question because this information cannot always be derived from the ACL manager name.