Commands in the bos suite are also used to manage DFS administrative privileges and security in a cell. You can use bos commands to perform the following types of tasks:
· List the members (users, groups, and servers) of an administrative list with the bos lsadmin command.
· Add a member to an administrative list with the bos addadmin command; remove a member from an administrative list with the bos rmadmin command.
· List the key version numbers and either the server encryption keys or the checksums (encrypted keys) associated with the server encryption keys in a keytab file with the bos lskeys command.
· Add a key to a keytab file with the bos genkey or bos addkey command; remove a key from a keytab file with bos rmkey command.
· Enable or disable DFS authorization checking with the bos setauth command.
You can use the dcecp command to perform the following tasks related to security:
· Verify or modify ACL permissions with the dcecp acl command.
· Create administrative (or user) groups with the dcecp group create command.
You can also use the dfsd command to set Cache manager initial RPC authentication levels and lower RPC authentication level bounds. You can set the File Server upper and lower RPC authentication bounds with the fxd command.