|
|
TA08-134A: Microsoft Updates for Multiple Vulnerabilities
|
|
secval(1m) secval(1m) NAME
secval - A dcecp object that manages the security validation service on a host SYNOPSIS
secval activate [host_name_list] secval deactivate [host_name_list] secval help [operation | -verbose] secval operations secval ping [host_name_list] secval status [host_name_list] secval update [host_name_list] [-pesite time_in_seconds] ARGUMENTS
A list of one or more names of host systems whose security validation systems you want to act on. If you do not specify this argument, the local host is assumed. The argument is optional and takes one of the following forms: hosts/host_name /.:/hosts/host_name /.../cell_name/hosts/host_name The name can also be a single string binding representing the host with which to communicate. For example: {ncacn_ip_tcp 130.105.1.227} A string binding is useful when the name service is not operating and cannot translate the other forms of host names. The name of the sec- val operation for which to display help information. DESCRIPTION
The secval object represents the security validation service running on a host, as part of the dced server. This service is responsible for maintaining the security credentials of the host machine. Access to the commands is based on the access control list (ACL) of the security validation object for a host. This takes the form of /.../cell_name/hosts/host_name/config/secval. OPERATIONS
secval activate Activates a security validation service. The syntax is as follows: secval activate [host_name_list] The activate operation activates a security validation service. If the service is already activated, an error is returned. The optional host_name_list argument is a list of one or more names of host systems whose security validation systems you want to activate. This opera- tion returns an empty string on success. Privileges Required You must have x (execute) permission to the security validation service object. Examples dcecp> secval activate dcecp> dcecp> secval activate ncacn_ip_tcp:15.22.24.145 dcecp> secval deactivate Deactivates a security validation service. The syntax is as follows: secval deactivate [host_name_list] The deactivate operation deactivates a security validation service. If it is already deactivated, an error is returned. The optional host_name_list argument is a list of one or more names of host systems whose security validation systems you want to deactivate. This operation returns an empty string on success. Privileges Required You must have s (stop) permission to the security validation service object. Examples dcecp> secval deactivate dcecp> dcecp> secval deactivate /.:/hosts/gumby dcecp> secval help Returns help information about the secval object and its operations. The syntax is as follows: secval help [operation | -verbose] Options Displays information about the secval object. Used without an argument or option, the secval help command returns brief information about each secval operation. The optional operation argument is the name of an operation about which you want detailed information. Alternatively, you can use the -verbose option for more detailed information about the secval object itself. Privileges Required No special privileges are needed to use the secval help command. Examples dcecp> secval help activate Enables the secval service. deactivate Disables the secval service. ping Contacts the dced secval to validate the security service. status Returns 1 if secval is enabled, 0 if not. update Updates a component of the secval. help Prints a summary of command-line options. operations Returns a list of the valid operations for this command. dcecp> secval operations Returns a list of the operations supported by the secval object. The syntax is as follows: secval operations The list of available operations is in alphabetical order except for help and operations, which are listed last. Privileges Required No special privileges are needed to use the secval operations command. Examples dcecp> secval operations activate deactivate ping status update help operations dcecp> secval ping Validates the credentials returned by a DCE security service. The syntax is as follows: secval ping [host_name_list] The ping operation validates the credentials returned by a security service. This operation can be used to verify that secd is trusted. The operation returns 1 if the credentials are valid, 0 if they are not. The optional host_name_list argument is a list of one or more names of host systems whose security validation systems you want to validate. If the argument is a list of host names, a list is returned with a 1 or a 0 for each server. Privileges Required No special privileges are needed to use the secval ping command. Examples dcecp> secval ping 1 dcecp> dcecp> secval ping /.../pokey_cell/hosts/gumby 1 dcecp> secval status Checks for an active secval. The syntax is as follows: secval status [host_name_list] The status operation returns 1 if the security validation service is activated, 0 if it is not. If the argument is a list, a list is returned, with a 1 or 0 for each server. Privileges Required No special privileges are needed to use the secval status command. Examples dcecp> secval status 1 dcecp> dcecp> secval status ncacn_ip_tcp:15.22.24.145 1 dcecp> secval update Updates a component of the secval service. The syntax is as follows: secval update [host_name_list] [-pesite time_in_seconds] Options Sets the amount of time to wait between each pe_site Thread Maintenance update. The update operation updates a component of the security validation service. Currently only updates to the pe_site Maintainer Thread are supported. Use the -pesite option to set the amount of time in seconds between each update. The update is performed after the time speci- fied in time_in_seconds passes. If the -pesite option is not supplied, the update is performed immediately. This operation returns an empty string on success. Privileges Required You must have x (execute) permission to the security validation service object. Examples dcecp> secval update -pesite 300 dcecp> RELATED INFORMATION
Commands: dcecp(1m), dced(1m). secval(1m)
