The security administrator for the security mechanism must define principals, which include both users and servers, to the security mechanism. Table 14-4 lists tools you can use to add users and servers.
Security mechanism |
Command or tool |
|---|---|
DCE |
Use the DCE dcecp tool’s user create command to create a new principal (user or server). In addition, use the keytab create command to create a DCE keytab file, which contains a principal’s password in encrypted form. When you are defining a server to DCE, use command options that specify that the new principal can act as a server. |
CyberSAFE Kerberos |
Use the CyberSAFE kadmin utility’s add command. In addition, use the kadmin utility, with the ext command to create a key in a CyberSAFE Kerberos server key table file. When you are defining a server to CyberSAFE Kerberos, use command options that specify that the new principal can act as a server. |
Windows NT LAN Manager |
Run the User Manager tool to define users to the Windows NT LAN Manager. Be sure to define the Adaptive Server name as a user to Windows NT LAN Manager and bring up Adaptive Server as that user name. |
In a production environment, you must control the access
to files that contain the keys of the servers and users. If users
can access the keys, they can create a server that impersonates
your server.
Refer to the documentation available from the third-party provider of the security mechanism for detailed information about how to perform required administrative tasks.
