/sys$common/syshlp/DNS$CPHELP.HLB  —  add

1  –  clearinghouse_access

 Adds an access control entry (ACE) to a clearinghouse's access
 control set (ACS).

 SYNOPSIS

      ADD CLEARINGHOUSE clearinghouse-name ACCESS principal)

      [AS GROUP] [FOR] access

 Arguments

 clearinghouse-name

 The name of the clearinghouse to which access is being added.

 principal

 The principal for whom access is being added. You can specify a
 principal as a group name, a collection of principals denoted
 with wildcards (for example, .org.name*), or an individual name
 in the format, nodename.username. To specify a DNS Version 1-style
 principal, use the format nodename::username. The phrase as group
 indicates the specified principal is a group. You cannot use this
 phrase with wildcard principal names.

 access

 The access rights for the specified principal. Rights are read,
 write, delete, test, control, and none, and you can specify them as
 r, w, d, t, c, and non. Separate multiple rights with commas.

 Description

 This command adds an access control entry (ACE) to a clearinghouse's
 access control set. Access rights are defined as follows:

 Read       The principal can look up the clearinghouse by name and
            read any attribute of the clearinghouse.
 Write      The principal can change the replica type of any replica
            stored in the clearinghouse, create or delete replicas in
            the clearinghouse, alter any modifiable attribute of the
            clearinghouse (except the ACS).
 Delete     The principal can delete the clearinghouse.
 Test       The principal can check the value of any attribute of the
            clearinghouse.
 Control    The principal can alter the clearinghouse's ACS and move
            the clearinghouse to another server.
 None       The principal has no access rights.

 ACCESS RIGHTS
 You must have control access to the clearinghouse whose access
 control set (ACS) is being modified.

1.1  –  example

 The following command grants an access control group named
 .testgroup read, write, test, and control access to the .paris2_
 ch clearinghouse.

 dns> add clearinghouse .paris2_ch access .testgroup -
 _> as group for r, w, t, c

2  –  directory_access

 Adds an access control entry (ACE) to a directory's access control
 set (ACS).

 SYNOPSIS

      ADD DIRECTORY directory-name [access-option] ACCESS principal

      [AS GROUP] [FOR] access

 Arguments

 directory-name

 The full name of the directory.

 access-option

 The extent to which the access rights apply. Possible access options
 are default and nopropagate. Enter one or both of the following
 options. If you enter both options, separate them with a comma.
 If you omit this argument, the ACE applies to the directory and
 automatically propagates to subsequent child directories.

 default        Indicates that the ACE applies to all new object
                entries created in this directory. Access to already
                existing entries is not affected. A default ACE
                applies only to the contents of the directory, not to
                the directory itself. If you do not use the default
                option, the ACE applies to the directory.
 nopropagate    Prevents the access rights in this ACE from being
                inherited by subsequently created child directories
                of the specified directory. When used in conjunction
                with default, prevents the ACS from being inherited
                by the contents of future children of the specified
                directory. Nopropagate is optional; if you do not use
                it, access rights propagate automatically.

 principal

 The principal for whom access is being added. You can specify a
 principal as a group name, a collection of principals denoted
 with wildcards (for example, .org.name*), or an individual name
 in the format, nodename.username. To specify a DNS Version 1-style
 principal, use the format nodename::username. The phrase as group
 indicates the specified principal is a group. You cannot use this
 phrase with wildcard principal names.

 access

 The access rights for the specified principal. Rights are read,
 write, delete, test, control, and none, and you can specify them as
 r, w, d, t, c, and non. Separate multiple rights with commas.

 Description

 This command adds an access control entry (ACE) to a directory's
 access control set. Access rights are defined as follows:

 Read       Enables the specified principal to look up the directory
            by name, list the contents of the directory, and read any
            directory attribute.
 Write      Enables the specified principal to create object entries
            or soft links in the directory, to skulk the directory,
            and to create, modify, or delete child directories.
 Delete     Enables the specified principal to delete the directory or
            any name in the directory.
 Test       Enables the specified principal to check the value of any
            attribute of the directory.
 Control    Enables the specified principal to perform any operation
            on any object entry, soft link, or child in the directory,
            to read or modify any attribute of the directory
            (including its ACS), and to modify the replica type of
            a replica or the epoch value of the directory.
 None       Does not grant the specified principal any access rights.

 ACCESS RIGHTS
 You must have control access to the directory whose ACS is being
 modified. You also need write access to the clearinghouse.

2.1  –  example

 The following command grants read and write access for the .DNS_
 Admin administration group to the .sales directory.

 dns> add directory .sales access .DNS_Admin as group for r,w

3  –  group

3.1  –  access

 Adds an access control entry (ACE) to a group's access control set
 (ACS).

 SYNOPSIS

      ADD GROUP group-name ACCESS principal [AS GROUP]

      [FOR] access

 Arguments

 group-name

 The full name of the group.

 principal

 The principal for whom access is being added as a member of the
 group. You can specify a principal as a group name, a collection of
 principals denoted with wildcards (for example, .org.name*), or an
 individual name in the format, nodename.username. To specify a DNS
 Version 1-style principal, use the format nodename::username. The
 phrase as group indicates the specified principal is a group. You
 cannot use this phrase with wildcard principal names.

 access

 The access rights for the specified principal. Rights are read,
 write, delete, test, control, and none, and you can specify them as
 r, w, d, t, c, and non. Separate multiple rights with commas.

 Description

 This command adds an access control entry (ACE) to a group's access
 control set. Access rights are defined as follows:

 Read       The principal can look up the group by name and read any
            attribute of the group.
 Write      The principal can change any modifiable group attribute
            except the ACS.
 Delete     The principal can remove the member from the set of group
            members
 Test       The principal can check the value of any attribute of the
            group.
 Control    The principal can alter the group's ACS.
 None       The principal does not have access rights.

 ACCESS RIGHTS
 You must have control access to the group whose ACS is being
 modified.

3.1.1  –  example

 The following command grants user .sales.deneb.smith read access to
 the .DNS_admin group.

 dns> add group .DNS_admin access .sales.deneb.smith for r

3.2  –  member

 Adds a member to an existing group. The member can be an individual
 principal, a collection of principals denoted with wildcards, or
 another group. Use the optional keywords as group to specify that
 the member you are adding is itself a group. If you omit this
 argument, the principal is not a group.

 SYNOPSIS

      ADD GROUP group-name MEMBER [=] principal [AS GROUP]

 Arguments

 group-name

 The full name of the group.

 principal

 The principal that is being added as a member of the group. You
 can specify a principal as a group name, a collection of principals
 denoted with wildcards (for example, .org.name*), or an individual
 name in the format, nodename.username. To specify a DNS Version 1-style
 principal, use the format nodename::username. The phrase as group
 indicates the specified principal is itself a group. You cannot use
 this phrase with wildcard principal names.

 ACCESS RIGHTS
 You must have write access to the group to which you are adding a
 member.

3.2.1  –  example

 The following command adds the member smith on node .sales.orion to
 the admin group.

 dns>add group .admin member .sales.orion.smith

4  –  link_access

 Adds an access control entry (ACE) to a soft link's access control
 set (ACS).

 SYNOPSIS

      ADD LINK link-name ACCESS principal [AS GROUP] [FOR] access

 Arguments

 link-name

 The full name of the soft link.

 principal

 The principal for whom access is being added. You can specify a
 principal as a group name, a collection of principals denoted
 with wildcards (for example, .org.name*), or an individual name
 in the format, nodename.username. To specify a DNS Version 1-style
 principal, use the format nodename::username. The phrase as group
 indicates the specified principal is a group. You cannot use this
 phrase with wildcard principal names.

 access rights

 The access rights for the specified principal. Rights are read,
 write, delete, test, control, and none, and you can specify them as
 r, w, d, t, c, and non. Separate multiple rights with commas.

 Description

 This command adds an access control entry (ACE) to a soft link's
 access control set. Access rights are defined as follows:

 Read       The principal can look up the soft link by name, read any
            soft link attribute, and perform wildcard lookups.
 Write      The principal can change any modifiable attribute except
            the ACS.
 Delete     The principal can delete the soft link.
 Test       The principal can check the value of any attribute of the
            soft link.
 Control    The principal can alter the soft link's ACS.
 None       The principal does not have access rights.

 ACCESS RIGHTS
 You must have control access to the soft link whose ACS is being
 modified.

4.1  –  example

 The following command grants an access control group named
 .testgroup read, write, and test access to the soft link
 .sales.asia.

 dns> add link .sales.asia access .testgroup as group -
 _> for r, w, t

5  –  object

 Adds a value to a modifiable, set-valued attribute (including
 application-defined attributes) of an object entry. If the value
 is already defined for the attribute, no error message is generated.
 Usually this task is performed through the client application, since
 the client application defines the name of the attribute and the
 syntax of its value.

 SYNOPSIS

      ADD OBJECT object-name attribute-name [=] attribute-value

 Arguments

 object-name

 The full name of an object entry.

 attribute-name

 The name of a particular attribute. Specify your own attribute
 name or one of the DECdns-defined attributes. Separate multiple
 attributes with commas.

 attribute-value

 The value of a particular attribute. You can express the values of
 application-defined attributes as quoted strings, "ps"; hex strings,
 %x FF00EE; or concatenations of them in parentheses, (%x0103 "ps").

 ACCESS RIGHTS
 You must have write access to the object entry or control access to
 the parent directory in which you intend to store the attribute.

5.1  –  example

 The following command adds the value "ps" to the user-
 defined set-valued attribute printcap of an object entry named
 .sales.east.deskprinter.

 dns>add object .sales.east.deskprinter printcap "ps"

5.2  –  access

 Adds an access control entry (ACE) to an object entry's access
 control set (ACS).

 SYNOPSIS

      ADD OBJECT object-name ACCESS principal [AS GROUP]

      [FOR] access

 Arguments

 object-name

 The full name of the object entry.

 principal

 The principal for whom access is being added. You can specify a
 principal as a group name, a collection of principals denoted
 with wildcards (for example, .org.name*), or an individual name
 in the format, nodename.username. To specify a DNS Version 1-style
 principal, use the format nodename::username. The phrase as group
 indicates the specified principal is a group. You cannot use this
 phrase with wildcard principal names.

 access

 The access rights for the specified principal. Rights are read,
 write, delete, test, control, and none, and you can specify them as
 r, w, d, t, c, and non. Separate multiple rights with commas.

 Description

 This command adds an access control entry (ACE) to an object entry's
 access control set. Access rights are defined as follows:

 Read       The principal can look up the object entry by name, read
            any object attribute, and perform wildcard lookups.
 Write      The principal can change any modifiable attribute except
            the ACS.
 Delete     The principal can delete the object entry.
 Test       The principal can check the value of the object entry.
 Control    The principal can alter the object entry's ACS.
 None       The principal does not have access rights.

 You must have control access to the object entry whose ACS is being
 modified.

5.2.1  –  example

 The following command grants read, write, and test access to user
 smith on node .sales.orion for an object entry named .admin.work_
 disk3.

 dns> add object .admin.work_disk3 access .sales.orion.smith -
 _> for r, w, t
Close Help