Adopting Registry Orphans

Orphans are objects owned by UUIDs that are not associated with a principal or group because the principal or group has been deleted. For example, if you delete a principal from the registry, you also delete the association between the name used to identify the principal externally and the UUID used to identify the principal internally. Any objects (files, programs) owned by the deleted principal are now owned internally by a UUID no longer associated with a principal. If no other principal, group, or organization has access rights to the object, the object cannot be accessed at all and is now an orphan.

To solve this problem, you can use the dcecp principal create, group create, and org create commands with the -uuid option to create a principal, group, or organization with the same UUID as the UUID that owns the orphaned object and thus "adopt'' the orphaned object.

Note: When you create a new registry object, you have no way of specifying the UUID associated with the object; therefore, you cannot simply add a new registry object of the same name to adopt the orphan.

The -uuid option creates a principal, group, or organization and lets you specify the UUID with which it should be associated instead of assigning it automatically. Except for the manner in which it is created, a principal, group, or organization created by these commands is no different from any other principal, group, or organization. The following examples show how to use this option to create a principal, group, or organization to adopt an orphaned registry object.

To create a principal associated with the UUID that owns the orphaned object, use the following command:

principal create name -uuid uuid [-fullname fullname]\
[-quota object_creation_quota] [-uid UNIX_number]

To create a group associated with the UUID that owns the orphaned object, use the following command:

group create name -uuid uuid [-fullname string] \
[-inprojlist [yes | no]] [-gid UNIX_number]

To create an organization associated with the UUID that owns the orphaned object, use the following command:

group create name [-fullname string] [-gid UNIX_number]

where:

name
The principal's, group's, or organization's primary name.

uuid
The UUID number to be assigned to the principal, group, or organization. This UUID should be the one that owns the orphaned object (that is, the one that was associated with the deleted registry object). The UUID is specified in RPC print string format as 8 hexadecimal digits, a hyphen; 4 hexadecimal digits, a hyphen; 4 hexadecimal digits, a hyphen; 4 hexadecimal digits, a hyphen; and 12 hexadecimal digits. The format is as follows:

nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn

string
The principal's, group's, or organization's full name.

UNIX_number
For cell principals only, the UNIX number to be associated with the name. If you do not enter this option, the next sequential UNIX number is supplied. For all principals other than cells, the UNIX number is extracted from information that is embedded in the principal's UUID and cannot be specified here.

object_creation_quota
For principals only, the principal's object creation quota. If you do not enter this option, the default is unlimited.

-inprojlist
For groups only, yes turns off the project list inclusion so that groups are not included in project lists. If you enter no, the group is included in project lists.

Note: In the current implementation of DCE, UNIX numbers are embedded in UUIDs. If you try to create a group or organization to adopt an orphaned object and fail, it could be because the embedded UNIX number is invalid because it does not fall within the range of valid UNIX numbers set for the cell as a registry property. If this is the case, you must reset the range of valid UNIX number to include the UNIX number embedded in the UUID and then try again to adopt the object. See Maintaining Policies and Properties for information on setting the valid range of UNIX numbers.