Compaq Software Product Description ___________________________________________________________________ PRODUCT NAME: Compaq Distributed Computing Environment (DCE) Version 3.0 for OpenVMS SPD 43.05.06 DESCRIPTION The Compaq Distributed Computing Environment for OpenVMS product family provides a set of the distributed computing functionality specified for The Open Group's (OSF) Distributed Computing Environment (DCE) as well as tools for application developers. With DCE, The Open Group has established a standard set of services and interfaces that facilitate the creation, use, and maintenance of client/server applications. DCE for OpenVMS serves as the basis for an open computing environment where networks of multivendor systems appear as a single system to the user. Because DCE makes the underlying networks and operating systems transparent, application developers can easily build portable, interoperable client/server applications. Users can locate and share information safely and easily across the entire enterprise. DCE for OpenVMS supplies system managers with a set of tools to consistently manage the entire distributed computing environment, while also assuring he integrity of the enterprise. The DCE for OpenVMS product family supports both the OpenVMS VAX and OpenVMS Alpha Operating Systems. The functionality provided in the DCE for OpenVMS product family includes: o DCE Remote Procedure Call (RPC): Used to create and run client/server applications, the RPC allows direct calls to remote systems as if they were local procedure calls. o DCE Distributed Time Service (DTS): Synchronizes time on individual nodes in a distributed network environment. July 2000 o DCE Security Service: Provides secure communications and access via authorization and authentication services. o DCE Cell Directory Service (CDS): Provides location-independent naming for resources. o Global Directory Agent (GDA): The GDA provides a means of linking multiple CDS namespaces via either X.500, LDAP, or the Internet Domain Name Server (BIND). o DCE code set registry: Provides a mechanism for uniquely identifying code sets and the character sets they encode across multiple heterogeneous operating systems in an internationalized DCE cell. o The Interface Definition Language (IDL) compiler: IDL is the language used to define remote procedure calls. o Tools and utilities that help manage the DCE environment. o RPC_UNSUPPORTED_NETIFS & RPC_SUPPORTED_NETADDRS Support has been added for restricting network interfaces and addresses via the logical names RPC_UNSUPPORTED_NETIFS and RPC_SUPPORTED_NETADDRS. This can be useful in cluster environments and on systems with more than one network interface. o Hierarchical Cells can be registered in another cell's CDS namespace, allowing the creation of a multi-level control structure. o Extended Registry Attributes allow users to modify the security registry schema to create and maintain attribute types and to create and maintain instances of those types. o An Auditing subsystem creates an Audit daemon to maintain filters and provide the central audit trail file. Specified APIs provide the functions that are used to detect and record critical events. The audit service is controlled via the DCE control program (dcecp). o DCE V3.0 supports the management features of DCE R1.2.2, including the dce daemon (dced), and dce control program (dcecp). o MIT Kerberos V5 support: Enables the use of MIT Kerberos 5 authentication and key distribution services. 2 o GDA over LDAP support: Enables the use of LDAP by the Global Directory Agent in looking up information on foreign cells. o NSI over LDAP support: Enables the use of LDAP by the Name Service Interface Daemon in looking up information on behalf of Microsoft RPC applications. o Documentation available in HTML format: DCE documentation from The Open Group and Compaq is provided in HTML format to allow reading on-line from a web browser. DCE Privacy allows DCE applications to use the packet privacy protection level provided by DCE Security Service and is intended to be used in conjunction with the DCE Runtime Services for OpenVMS VAX and Alpha. The Privacy feature enables an optional privacy level of encryption for Remote Procedure Call packets and allows encryption of user message data via 56-bit DES when calling the GSSAPI or calling the DCE API's directly. The DCE Threads Service which provides user-context multiprocessing functionality is provided as part of the OpenVMS Operating System. The DCE for OpenVMS product family currently consists of eight separate products, four on OpenVMS VAX and four on OpenVMS Alpha, to provide customers with maximum flexibility for configuring a DCE environment, known as a DCE cell. The products and features include: o DCE Runtime Services for OpenVMS, which is required for all systems participating in the DCE cell. The DCE Runtime Services kit includes DCE client functions as well as DCE administration tools. o DCE Application Developers' Kit for OpenVMS, which is required for developers of distributed applications, but optional for other users. The DCE Application Developers' Kit provides programmers with all the DCE API's and the Interface Definition Language (IDL). IDL is an easy-to-use, ANSI C-based language for writing remote procedure calls. 3 o DCE Cell Directory Server, at least one of which is required for each DCE cell. The DCE CDS Server is a central repository containing information about the location of resources in the DCE cell. It allows access to resources by a single name, regardless of physical location. o DCE Security Server, at least one of which is required for each DCE cell. The DCE Security Server protects resources from illegal access and provides secure communications within and between DCE cells. The DCE for OpenVMS V3.0 product family is an implementation of OSF DCE V1.2.2 adapted and enhanced for OpenVMS and has the following features: o Integrated Login. This settable feature enables DCE login to occur automatically when a user logs in to a standard interactive session. At the OpenVMS username and password prompts, the user enters both his OpenVMS username and password or his DCE account name and password. If valid, the user is logged in to both the OpenVMS system and the DCE cell in a single integrated operation. o IMPORT and EXPORT utilities to move accounts to and from DCE. The DCE IDL compiler for OpenVMS supports Compaq C++, and FORTRAN, as well as C. o The DCE IDL has been extended to support a number of C++ language syntax features that provide a distributed object framework. The DCE RPC runtime environment now supports Compaq C++ bindings to remote objects. o IDL development templates are provided to help with the development of client/server interfaces. o A PC name server proxy agent is a feature that enables systems running Microsoft[R] RPC to obtain CDS bindings. DCE for OpenVMS also has a single utility that complements the DCE core services called NSedit. NSedit is a Motif based graphical tool that enables users to navigate, manipulate, and peruse the CDS name space much more effectively and efficiently than when using the CDS command line interface. 4 Microsoft RPC Application Programming Interface (API). In addition to the DCE RPC API, DCE application programmers can now choose to use the Microsoft RPC API when porting programs from Microsoft platforms. PRODUCT OPTIONS The DCE for OpenVMS product family currently consists of eight separate products, four on OpenVMS VAX and four on OpenVMS Alpha: 1. DCE Runtime Services Kit for OpenVMS VAX 2. DCE Runtime Services Kit for OpenVMS Alpha This is a fully integrated set of services that provides applications with the essential capabilities required to use DCE's distributed services. The DCE Runtime Services makes the following DCE features available to distributed applications: o Remote Procedure Call Runtime API and Library that includes: - Access to DCE RPC - Use of the DCE Cell Directory Service for locating servers - Use of DCE Security Service for authentication - Access to various DCE utilities, including serviceability to assist in debugging client/server applications - DCE Audit Application Programming Interface - GSSAPI - Generic Security Service Application Programming Interface o XDS/XOM interface o Distributed Time Service (Client and Server) o Integrated Login, including IMPORT and EXPORT o Administrative tools o NSedit o PC proxy agent for communication with Microsoft[R] RPC 5 A group of DCE systems that work together and are administered as a unit is called a cell. Every system within a DCE cell must run the DCE Runtime Services kit. RPC supports the client/server model that characterizes many distributed applications. The DCE Runtime Services kit provides such client/server applications the ability to interoperate over DECnet, TCP/IP, and UDP /IP network protocols on the OpenVMS operating system. See the section titled SOFTWARE REQUIREMENTS for additional details. The right-to-use the DCE Runtime Services for OpenVMS is included as part of the OpenVMS Operating System license. See the section titled SOFTWARE LICENSING for more detailed information. 3. DCE Application Developers' Kit for OpenVMS VAX 4. DCE Application Developers' Kit for OpenVMS Alpha The DCE Application Developers' Kit for OpenVMS includes tools required for the development of distributed applications using remote procedure calls (RPC). It includes: o IDL RPC stub compiler o Time provider source code routines o Sample applications o All public DCE application programming interfaces o IDL development templates o UUIDGEN Support for Application Development using the X Directory Service (XDSAPI) and Generic Security Service API (GSSAPI) is also included in and DCE Application Developers' Kit. The DCE Runtime Services for OpenVMS is a prerequisite for use of the DCE Application Developers' Kit and must be installed first. 5. DCE Cell Directory Server for OpenVMS VAX 6 6. DCE Cell Directory Server for OpenVMS Alpha The DCE Cell Directory Server provides a consistent mechanism for naming and locating users, applications, files, and systems within a DCE cell. The DCE CDS also includes the Global Directory Agent (GDA). The Global Directory Agent provides a means of linking multiple CDS namespaces via the Internet Domain[R] Name Server (BIND), X.500 or LDAP. 7. DCE Security Server for OpenVMS VAX 8. DCE Security Server for OpenVMS Alpha The DCE Security Server allows users controlled access to information in a distributed computing environment safely and confidentially. The DCE Security Server accomplishes this through two services: o DCE Authentication Service allows users and resources to prove their identity to each other. The DCE Authentication Service is based on Kerberos, which requires that all users and resources possess a secret key. o DCE Data Integrity Service protects network data from tampering. Cryptographic checksums automatically generated by RPC enable DCE to determine whether data has been modified or corrupted in transmission. To run the DCE Security Server, a DCE-SECURITY license must be loaded on that system. Additionally, the use of DCE Security requires that a DCE CDS Server be run on at least one system within the DCE cell. To run the DCE CDS Server, a DCE-CDS license must be loaded on that system. Additionally, the use of DCE CDS requires that a DCE Security Server be run on at least one system within the DCE cell. 7 HARDWARE REQUIREMENTS Compaq DCE for OpenVMS Version 3.0 and OpenVMS Version 7.2 share the same hardware requirements. Refer to the OpenVMS Version 7.2 SPD for a list of hardware requirements. Disk Space Requirements (Block Cluster Size = 1): For Alpha Systems Disk space required for DCE Runtime 48,000 blocks installation: Disk space required for DCE Runtime 44,000 blocks use (permanent): Disk space required for DCE ADK 58,000 installation (includes DCE Runtime): Disk space required for DCE ADK 54,000 blocks (includes DCE Runtime) use (permanent): For VAX Systems Disk space required for DCE Runtime 120,000 blocks installation: Disk space required for DCE Runtime 100,000 blocks use (permanent): Disk space required for DCE ADK 150,000 installation (includes DCE Runtime): Disk space required for DCE 130,000 (includes DCE Runtime) use (permanent): The CDS Server and Security Server images are automatically installed as part of the DCE Runtime Services but must be enabled by Product Authorization Keys (PAKS). These counts refer to the disk space required on the system disk. The sizes are approximate; actual sizes may vary depending on the user's system environment, configuration, and software options. 8 CLUSTER ENVIRONMENT This layered product is fully supported when installed on any valid and licensed VAXcluster[1] configuration without restrictions. SOFTWARE REQUIREMENTS OpenVMS Operating System: VAX: V6.2, V7.0, V7.1, and V7.2 Alpha: V6.2, V7.0, V7.1, and V7.2 TCP/IP is required to establish a DCE cell. DECnet may also be used in conjunction with TCP/IP for application communication, but TCP/IP is required for communication between DCE cell members by DCE services. DECnet-only environments are only supported for applications using just the RPC, and are not configuring their environment into a DCE cell. DCE for OpenVMS supports Compaq's TCP/IP Services for OpenVMS. It is also designed to work with other vendors TCP (UDP)/IP products. Contact your TCP vendor to see if it supports DCE for OpenVMS. DCE for OpenVMS will communicate over DECnet Phase IV, DECnet Phase V) also known as DECnet-Plus. OPTIONAL SOFTWARE Compaq for OpenVMS VAX Compaq C for OpenVMS Alpha Compaq C++ for OpenVMS Alpha Compaq C++ for OpenVMS VAX Compaq Fortran for OpenVMS Compaq X.500 Directory Service Compaq Language-Sensitive Editor (LSE) for OpenVMS Compaq Module Management System (MMS) for OpenVMS ____________________ VAXcluster configurations are fully described in the VAXcluster Software Product Description (29.78.xx) and include SEE, Ethernet, and Mixed Interconnect configurations. 9 GROWTH CONSIDERATIONS The minimum hardware/software requirements for any future version of this product may be different from the requirements for the current version. DISTRIBUTION MEDIA CD-ROM (VAX and Alpha) This product is available as part of the OpenVMS Consolidated Software Distribution CD-ROM. The software documentation for this product is available as part of the OpenVMS Online Documentation Library CD-ROM. ORDERING INFORMATION For Alpha Systems DCE Runtime Services for OpenVMS Alpha: Software License: N/A. See SOFTWARE LICENSING Software Media: QA-24CAA-H8 Software Documentation: QA-01RAA-GZ Software Product Services: QA-24CA*-** DCE Application Developers' Kit for OpenVMS Alpha: Software License: QL-24CA9-AA Software Media: QA-24CAA-H8 Software Documentation: QA-01SAA-GZ Software Product Services: QT-24CA*-** DCE Cell Directory Server for OpenVMS Alpha: Software License: QL-24EA9-AA Software Media: QA-24CAA-H8 Software Documentation: QA-01RAA-GZ Software Product Services: QT-24EA*-** 10 DCE Security Server for OpenVMS Alpha: Software License: QL-24GA9-AA Software Media: QA-24CAA-H8 Software Documentation: QA-01RAA-GZ Software Product Services: QT-24GA*-** For VAX Systems DCE Runtime Services for OpenVMS VAX: Software License: N/A. See SOFTWARE LICENSING Software Media: QA-01RAA-H5 or QA-24CAA-H8 Software Documentation: QA-01RAA-GZ Software Product Services: QT-01RA*-** DCE Application Developers' Kit for OpenVMS VAX: Software License: QL-01SA9-AA Software Media: QA-01RAA-H5 or QA-24CAA-H8 Software Documentation: QA-01SAA-GZ Software Product Services: QT-01SA*-** DCE Cell Directory Server for OpenVMS VAX: Software License: QL-24DA9-AA Software Media: QA-01RAA-H5 or QA-24CAA-H8 Software Documentation: QA-01RAA-GZ Software Product Services: QT-24DA*-** DCE Security Server for OpenVMS VAX: Software License: QL-24FA9-AA Software Media: QA-01RAA-H5 or QA-24CAA-H8 Software Documentation: QA-01RAA-GZ Software Product Services: QT-24FA*-** *Denotes variant fields. For additional information on available li- censes, services, and media, refer to the appropriate price book. 11 Media Notes: Media kit QA-24CAA-H8 contains binaries for all OpenVMS DCE products (VAX and Alpha). Media kit QA-01RAA-H5 contains binaries for all OpenVMS DCE VAX kits that is DCE Runtime for OpenVMS VAX, DCE Application Developers' Kit for OpenVMS VAX, DCE CDS for OpenVMS VAX, and DCE Security Server for OpenVMS VAX.) Documentation Notes: Documentation kits are the same for both the VAX and Alpha platforms. QA-01RAA-GZ contains documentation for the DCE Runtime Services, DCE CDS Server, and DCE Security Server for both platforms. QA-01SAA-GZ contains the documentation for the DCE Application Developers' Kit for both platforms. QA-01SAA-GZ is comprised of all the documentation in QA-01RAA-GZ plus three additional books on DCE application development. SOFTWARE LICENSING The right-to-use the DCE Runtime Services for OpenVMS (VAX and Alpha) products are licensed with the OpenVMS Operating System at no additional cost. However, media and documentation must be ordered separately. The DCE Runtime Services for OpenVMS is technically controlled for export under U.S. Department of Commerce, Export Regulations, and ECCN 5D11A. A U.S. Individual Validated License may be required for sale to customers in, or from, certain foreign countries. Please refer to your Compaq Sales Representative or Compaq Export Administrator in country of destination for further assistance. 12 This software is furnished under the licensing provisions of Compaq Computer Corporation's Standard Terms and Conditions. For more information about Compaq's licensing terms and policies, contact your local Compaq office. License Management Facility Support: The DCE Application Developers' kit supports the OpenVMS License Management Facility. License units for this product are allocated on an Unlimited System Use basis. For more information on the License Management Facility, refer to the OpenVMS Operating System Software Product Description (SPD 25.01.xx) or the License Management Facility manual of the OpenVMS Operating System documentation set. SOFTWARE PRODUCT SERVICES A variety of service options and consulting services are available from Compaq. For more information, contact your local Compaq office. SOFTWARE WARRANTY Warranty for this software product is provided by Compaq with the purchase of a license for the product as defined in the Software Warranty Addendum of this SPD. © 2000 Compaq Computer Corporation. Compaq, VAX, the Compaq logo and the DIGITAL log Registered in the U.S. Patent and Trademark Office. DECnet, OpenVMS and VAXcluster are trademarks of Compaq Information Technologies Group, L.P. Microsoft is a trademark of Microsoft Corporation. Motif and The Open Group are trademarks of The Open Group. All other product names mentioned herein may be trademarks or registered trademarks of their respective companies. 13 Confidential computer software. Valid license from Compaq required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. Compaq shall not be liable for technical or editorial errors or omissions contained herein. The information in this document is subject to change without notice. The limited warranties for Compaq products are exclusively set forth in the documentation accompanying such products. Nothing herein should be construed as constituting a further or additional warranty. 14