dced_secval_stop(3dce) — Subroutines
Name
dced_secval_stop - Stops the security validation service of a specific host’s dced
Synopsis
#include <dce/dced.h> void dced_secval_stop(
dced_binding_handle_t dced_bh,
error_status_t ∗status);
Parameters
Input
dced_bhSpecifies the dced binding handle for the secval service on a specific host.
Output
statusReturns the status code from this routine. This status code indicates whether the routine completed successfully or, if not, why not.
Description
The dced_secval_stop() routine stops the security validation service (secval) of a specific host’s dced. This routine is typically used by management applications.
The secval service is commonly started by default when dced starts. The main use of dced_secval_stop() and dced_secval_start() is to force a refresh of the host principal credentials. This is the only way to force certain registry changes made by the host principal (such as groupset membership) to be seen by processes running on the host.
You can easily stop and then start the secval service with the following operations:
dcecp -c secval deactivate
dcecp -c secval activate
It is not a good idea to remove the machine principal self credentials for an extended period of time because processes running as self will fail in their attempts to perform authenticated operations.
Errors
The following describes a partial list of errors that might be returned. Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages.
error_status_ok
dced_s_bad_binding
dced_s_sv_not_enabled
sec_acl_invalid_permission
Related Information
Commands: dced(8dce), the secval(8dce) object of dcecp.
Functions: dced_binding_create(3dce), dced_binding_from_rpc_binding(3dce), dced_secval_start(3dce).
Books: OSF DCE Application Development Guide.