The following are recommended cell management policies that could apply to all cells in a distributed computing infrastructure:
· All users and machines belong to a cell in the infrastructure.
· Cells offer a full range of services, which are accessible to the users who need them across organizational boundaries.
· Cell boundaries define who can log in to the environment and where they normally log in; but cell boundaries do not limit where they should log in.
· Cell boundaries define a unified naming environment that includes a set of DCE principals that share their secret keys with the same authentication service.
· Cells should be fully contained in routing domains but the cell configuration does not need to reflect the underlying routing structure of the networks.
· Cell administrators are responsible for creating, naming, and managing all cells within the infrastructure and may empower other cell administrators to create specific DCE groups and manage individual cell populations and resources on an ongoing basis.
· Cells should have a documented and practiced failover plan for all DCE core services and vital databases.
· Cells can interconnect by either a LAN or a WAN. Machines within a cell may connect by either a LAN or a WAN.
· Access to cell resources is restricted by how they are named in the cell's CDS namespace not by where they are located in the infrastructure.
· Single-points-of-failure should be avoided. If a cell must have a single point of failure, cell administrators should limit the effects of any system interruption to within that cell; only that cell's user population can suffer the service interruption.