1 remove 2 clearinghouse_access Deletes an access control entry (ACE) from a clearinghouse's access control set (ACS). SYNOPSIS REMOVE CLEARINGHOUSE clearinghouse-name ACCESS principal Arguments clearinghouse-name The name of the clearinghouse from which access is being deleted. principal The principal for whom access is being removed. You can specify a principal as a group name, a collection of principals denoted with wildcards (for example, .org.name*), or an individual name in the format, nodename.username. To specify a DNS Version 1-style principal, use the format nodename::username. ACCESS RIGHTS You must have control access to the clearinghouse whose ACS is being modified. 3 example The following command removes access for the user group .testgroup from the .paris2_ch clearinghouse. dns> remove clearinghouse .paris2_ch access .testgroup 2 directory_access Deletes an access control entry (ACE) from a directory's access control set (ACS). The optional argument [as default] indicates the ACE to be deleted is a default ACE. If this argument is not used, DECdns assumes the ACE is associated with the directory and not its contents. SYNOPSIS REMOVE DIRECTORY directory-name ACCESS principal [AS DEFAULT] Arguments directory-name The full name of the directory. principal The principal for whom access is being removed. You can specify a principal as a group name, a collection of principals denoted with wildcards (for example, .org.name*), or an individual name in the format, nodename.username. To specify a DNS Version 1-style principal, use the format nodename::username. ACCESS RIGHTS You must have control access to the directory whose ACS is being modified. 3 example The following command removes the default ACE for user smith on node .admin from the .sales directory. dns> remove directory .sales access .admin.smith as default 2 group 3 access Deletes an access control entry (ACE) from a group's access control set (ACS). SYNOPSIS REMOVE GROUP group-name ACCESS principal Arguments group-name The full name of the group from which an ACE is being removed. principal The principal whose access is being removed. You can specify a principal as a group name, a collection of principals denoted with wildcards (for example, .org.name*), or an individual name in the format, nodename.username. To specify a DNS Version 1-style principal, use the format nodename::username. ACCESS RIGHTS You must have write access to the group from which you are removing access. 4 example The following command removes the access rights of user smith on node .sales.deneb from the administrator group .dns_admin. dns>remove group .dns_admin access .sales.deneb.smith 3 member Deletes one member from an existing group. SYNOPSIS REMOVE GROUP group-name MEMBER[=] principal [AS GROUP] Arguments group-name The full name of a group. principal The principal who is being deleted from the group. You can specify a principal as an individual name in the format, nodename.username, or as a collection of principals denoted with wildcards (for example, .org.name*). To specify a DNS Version 1-style principal, use the format nodename::username. Use the phrase as group to specify that the member you are removing is itself a group. ACCESS RIGHTS You must have write access to the group from which you are removing a member. 4 example The following command removes the user smith on node .sales.orion from the group .admin. dns> remove group .admin member .sales.orion.smith 2 link_access Deletes an access control entry (ACE) from a soft link's access control set (ACS). SYNOPSIS REMOVE LINK link-name ACCESS principal Arguments link-name The full name of the soft link. principal The principal for whom access is being removed. You can specify a principal as a group name, a collection of principals denoted with wildcards (for example, .org.name*), or an individual name in the format, nodename.username. To specify a DNS Version 1-style principal, use the format nodename::username. ACCESS RIGHTS You must have control access to the soft link whose ACS is being modified. 3 example The following command removes access for the user group .testgroup from the .sales.asia soft link. dns> remove link .sales.asia access .testgroup 2 object Deletes a value from an application-defined, set-valued attribute of an object entry. If the value is not presently defined for the attribute, no error message is generated. Usually this task is accomplished through the client application. SYNOPSIS REMOVE OBJECT object-name attribute-name [=] attribute-value Arguments object-name The full name of the object entry. attribute-name The simple name of the attribute. Specify your own attribute name or one of the DECdns-defined attributes. Separate multiple attributes with commas. attribute-value The value of a particular attribute. You can express the values of application-defined attributes as quoted strings, "ps"; hex strings, %x FF00EE; or concatenations of them in parentheses, (%x0103 "ps"). ACCESS RIGHTS You must have write access to the object entry whose attribute value you intend to remove or have control access to the parent directory. 3 access Deletes an access control entry (ACE) from an object entry's access control set (ACS). SYNOPSIS REMOVE OBJECT object-name ACCESS principal Arguments object-name The full name of the object entry. principal The principal for whom access is being removed. You can specify a principal as a group name, a collection of principals denoted with wildcards (for example, .org.name*), or an individual name in the format, nodename.username. To specify a DNS Version 1-style principal, use the format nodename::username. You must have control access to the object entry whose ACS is being modified. 4 example The following command removes access for user smith on node .sales.orion from the object entry .sales.work_disk2. dns> remove object .sales.work_disk2 access .sales.orion.smith 3 example The following command removes the value of "ps" from the set-valued attribute printcap of the object entry named .sales.east.deskprinter. dns>remove object .sales.east.deskprinter printcap "ps" 2 subtree 3 access Removes an access control entry (ACE) from the access control set (ACS) of a directory and its contents, or from an entire subtree. SYNOPSIS REMOVE SUBTREE tree-name[...] ACCESS principal [EXCLUDE entry-type] Arguments tree-name The name of the topmost directory in the subtree. When used without the optional recursion notation, the change applies only to the specified directory and and the links and objects in that directory. The recursion notation causes the change to additionally apply to all child directories and their contents. principal The principal whose ACE is being removed. Principals can be specified as a group name or an individual name in the format nodename.user. entry-type One or more of the following types of entries to exclude from the change: objects, links, or directories. Multiple directories can be excluded in a single command. Use any combination of the following entry-type specifiers, separating multiple arguments with commas: objects links directory directory name Description This command removes an ACE from the access control set (ACS) of a particular directory (and its contents) or from an entire subtree of directories. You can use the optional recursion notation (...) to modify the ACEs associated with all the child directories (and their contents). You can use the optional exclude argument to restrict the type of entries affected by this command. You can also use exclude with the recursion notation to prevent certain directories from being processed. ACCESS RIGHTS You must have control and write access to the directory you specify as well as the contents of the directory. If you use the command recursively, you also need control and write access to all child directories (and their contents) of the directory you specify. 4 example The following command removes all ACEs that specify the principal .pjl.smith from the .admin directory and all its child directories. dns> remove subtree .admin... access .pjl.smith 3 group_member Removes a specified group member from all groups in the specified subtree. SYNOPSIS REMOVE SUBTREE tree-name[...] GROUP MEMBER member-name [EXCLUDE DIRECTORY directory-name] Arguments tree-name The name of the topmost directory in the subtree. When used without the optional recursion notation, the change applies only to the specified directory and and the links and objects in that directory. The recursion notation causes the change to additionally apply to all child directories (and their contents). member-name The name of the group member that you want to remove. directory-name One or more directories and their associated ACEs to exclude from the change. Multiple directories can be excluded in a single command. Separate multiple arguments with commas. Description This command removes a specified group member specification from all groups in the directory specified in tree-name. If you use the recursive notation (...), you can use the optional exclude directory directory-name argument to exclude groups named in a particular directory (and all its child directories) from group member modification. You can exclude multiple directories in a single command. Separate multiple exclude directory directory-name arguments with commas. ACCESS RIGHTS You must have control access to the group whose member you intend to modify. If you use the command recursively, you must have control access to all groups affected by the command. 4 example The following command removes user .pjl.smith from membership in all groups named in the .admin directory. dns> remove subtree .admin group member .pjl.smith