See Directory Access Protocol.

Data Encryption Standard (DES)

A data encryption algorithm widely used in the United States.

data limit

RPC: A value that specifies which elements of an array are transmitted during a remote procedure call.

data token

DFS: A token that grants access to a range of bytes in a file. Read and write data tokens are available. See also token.


An unreliable network data packet that is independent of all other packets and lacks any guarantees of delivery or sequentiality.

datagram protocol

A connectionless, datagram-based transport protocol, such as UDP; an RPC protocol that runs over a connectionless transport protocol.

date-specific restore

DFS: In the DFS backup system, a restore that returns a fileset to its state when it was last dumped before a specified date. A date-specific restore differs from a full restore. See also full restore, restore.


See also Distributed Computing Environment.

DCE Audit Service

That part of the DCE Security Service which detects and records the execution of DCE server operations that are relevant to the maintenance of a secure distributed computing environment. See also DCE Security Service.

DCE authorization

Provides a server with the client's PAC and EPAC. See also PAC, EPAC, name-based authorization, authorization protocol.

DCE Cell Directory Service (CDS)

The DCE Cell Directory Service stores names and attributes of resources located in a DCE cell. It is optimized for local access, since most directory service queries are for information about resources within the same cell as the originator of the query. It is replicated, in order to make it highly available. There must be at least one Cell Directory Server in each DCE cell.

DCE control program (dcecp)

An administrative interface that provides consistent and uniform access to DCE administration functions, wherever they reside, from any and every point in the cell.

DCE daemon (dced)

A continuously running program on each host that provides access to the host services either locally on that host, or remotely from another host.

DCE Directory Service

The DCE Directory Service is a distributed, replicated database service consisting of a hierarchical set of names which have associated attributes. Given a name, its associated attributes can be looked up in the Directory Service.

DCE Distributed File Service (DFS)

In DCE, a file service that joins the local file systems of several File Server machines, making the file systems equally available to all DFS client machines.

DCE Distributed Time Service (DTS)

The Distributed Time Service synchronizes the clocks in networked systems.

DCE Global Directory Service (GDS)

The DCE GDS component is a distributed, replicated directory service based on the CCITT X.500/ISO 9594 international standard. It provides a global namespace that connects the local DCE cells into one worldwide hierarchy.

DCE remote procedure call (RPC)

A call to a procedure in a different address space. In a traditional procedure call, the calling procedure and the called procedure are in the same address space on one machine. In a remote procedure call, the calling procedure invokes a procedure in a different address space, and usually on a different machine. See other glossary terms beginning with binding, interface, and RPC.

DCE Security Service

The DCE Security Service comprises several parts, including the Authenticated Service, the Privilege Service, the Registry Service, the Access Control List Facility, the Login Facility, and the Audit Service.

DCE Threads

A user-level (nonkernel) threads library based on the pthreads interface specified by POSIX in the 1003.4a standard (Draft 4). It consists of an API that gives programmers the ability to create and manipulate threads.


See DCE control program.


See DCE daemon.

default cell

Security: With the sec_admin and rgy_edit commands, the cell in which the replica being acted on by the sec_admin command is registered.

default DSA

The DSA generally used when the user does not specify any particular DSA when connecting to the directory system.

default element

RPC: An optional profile element that contains a nil interface identifier and object UUID and that specifies a default profile. Each profile can contain only one default element. See also default profile, profile, profile element.

default profile

RPC: A backup profile, referred to by the default element in another profile. The NSI import and lookup operations use the default profile, if present, whenever a search based on the current profile fails to find any useful binding information. See also default element, profile.

delegate restrictions

Restrictions that limit who can act as an intermediary for a particular identity in a call chain.

delegation token

A checksum over EPAC data, encrypted in the Privilege Server's key and placed in the A_D field of a PTGT. The token is placed in the A_D field by the Privilege Server when it enables delegation and when it generates a new delegation chain or impersonated identity.


See Data Encryption Standard.


XOM: The means by which the client and service exchange an attribute value and the integers that denote its representation, type, and syntax.

XDS: A defined data structure that is used to represent an OM attribute type and a single value.

descriptor list

GDS: An ordered sequence of descriptors that is used to represent several OM attribute types and values.


A user-supplied routine that is expected to finalize and then deallocate a per-thread context value.


See Distributed File Service.

DFS/NFS secure gateway

DFS: The DFS/NFS secure gateway provides authenticated access to DFS from NFS clients. Users who have DCE accounts can authenticate to DCE via a DFS client configured as a gateway server and access DFS data according to their DCE identities. Administrators can allow users to authenticate to DCE from NFS clients, or administrators can reserve the ability to grant authenticated access from a gateway server only.


DFS: A program that initializes the cache manager and several daemons on a DFS client machine. It must run each time the client machine reboots for the machine to function as a DFS client.


See Directory Information Base.


CDS: A logical unit for storing entries under one name (the directory name) in a CDS namespace. In addition to object entries, a directory can contain soft links and child pointers. You can copy, delete, and control access to a directory. Each physical instance of a directory is called a replica.

GDS: A collection of open systems that cooperate to hold a logical database of information about a set of objects in the real world.

Directory Access Protocol (DAP)

GDS: The protocol used by a DUA to access a remote DSA.

directory ID

See directory identifier.

directory identifier (directory ID)

An identifier for distinguishing several configurations of the directory service within an installation.

Directory Information Base (DIB)

GDS: The complete set of information to which the directory provides access, which includes all of the pieces of information that can be read or manipulated using the operations of the directory. It consists of entries.

Directory Information Tree (DIT)

GDS: The DIB considered as a tree, whose vertices (other than the root) are the directory entries.

directory package

DFS: The part of the DFS Cache Manager that stores directory (rather than file) caching information.

directory schema

See schema.

directory service

GDS: A system using a directory. The directory service consists of the DUA and the directory system. The components of the directory service are connected by a communications network.

directory system

GDS: A system for managing a directory, consisting of one or more DSAs. Each DSA manages part of the DIB.

Directory System Agent (DSA)

GDS: An Open Systems Interconnection (OSI) application process that is part of the directory.

Directory System Protocol (DSP)

GDS: The protocol by a DSA to access another DSA.

Directory User Agent (DUA)

GDS: An OSI application process that represents a user accessing the directory.


RPC: The data item that determines which union case is currently used.

disk usage

DFS: A statistic reported by the scout program that indicates space usage on a File Server machine's aggregates and partitions. An administrator can use scout to highlight disk usage statistics that exceed specified values. See also scout.


XOM: The software that implements the service interface functions using workspace interface functions.

distinguished encoding

The restrictions to the Basic Encoding Rules designed to ensure a unique encoding of each ASN.1 value, defined in the X.500 Directory Standards (CCITT X.509).

Distinguished Name (DN)

GDS: One of the names of an object, formed from the sequence of RDNs of its object entry and each of its superior entries.

distinguished value

GDS: An entry's attribute value that has been designated to appear in the RDN of the entry.

Distributed Computing Environment (DCE)

Services and tools that support the creation, use, and maintenance of distributed applications in a heterogeneous computing environment.


See Directory Information Tree.


See Distinguished Name.

Domain Name Service ( DNS)

A hierarchical, distributed naming service which, like the GDS, can act a higher level connector of DCE cells. See also DCE Global Directory Service .


DTS: The change in a clock's error rate over a specified period of time.


See Directory System Agent.


See Directory System Protocol.


See DCE Distributed Time Service.

DTS entity

DTS: The server or clerk software on a system.


See Directory User Agent.

DUA cache

GDS: The part of the DUA that stores frequently required information.


DFS: Generally, the conversion of a fileset's contents into a format suitable for storage on a backup tape and the data object that results from this action. However, the operation need not involve dumping to other media such as tape. See also full dump, incremental dump, restore.

dump hierarchy

DFS: A logical structure in the DFS Backup System that defines the parent/child relationship between full and incremental dump levels. See also full dump , incremental dump.

dump ID number

DFS: A unique identification number that the DFS Backup System assigns to a dump set. It is distinct from the job ID number assigned to an operation in interactive mode. See also job ID number.

dump level

DFS: An entry in the dump hierarchy recorded in the DFS Backup System's Backup Database. There are two types of dump levels: full and incremental. See also full dump, incremental dump.

dump set

In the DFS Backup System, the fileset data that results from dumping a particular fileset family at a given dump level. By implication, all of the data in a dump set was dumped at the same time and in the same manner (fully or incrementally).

dynamic endpoint

RPC: An endpoint that is generated by the RPC runtime for an RPC server when the server registers its protocol sequences and that expires when the server stops running. See also well-known endpoint, endpoint.