The development of application and system software for data processing systems has traditionally been a time consuming task. The field of software engineering has attempted to overcome the limitations of traditional techniques by proposing new, more efficient software development models. Object oriented programming has emerged as a promising technology that will allow rapid development, implementation and customization of objects. Each new object has certain data attributes and processes or methods that operate on that data. Data is said to be "encapsulated" by an object, and can only be modified by the object methods, invoked by sending a message to an object identifying the method supplying any needed arguments.
Object oriented systems have two important properties in addition to encapsulation. "Inheritance" is the ability to derive a new object from an existing object and inherit all properties, including methods and data structure, from the existing object. The new object may have certain unique features which are supplied as overrides or modifications to the existing class. For example, a new subclass needs to specify only the functions and data that distinguish that class from the existing more general class.
The ability to override an existing method description enables polymorphism, the ability to have a single message received by an object be processed in different ways depending on the object itself. Inheritance and polymorphism create a powerful structure for implementing new software systems. The software developers does not have to develop each piece of a system, they need only specify the unique features of the system. One object oriented programming system is the System Object Model (SOM). More information on SOM can be found in the SOM objects Developer Toolkit User's Guide, Version 2.0, 1993, available from the International Business Machine Corporation.
In today's computer software environment, code is developed using a modular approach whenever possible. Future software environments will continue to use a modular approach, yielding the concept of reusable software components. This reusability spans many competing layers starting with the operating system, moving up through network transports, distributed computing layers, and finally into application components like spell checkers, search engines, and databases.
In the Distributed Computing Environment (DCE), various software components may be located on more than one physical system, such as a number of computers in a distributed data processing system. Examples of such services include security, directory, and time services. The various components use each other's services by making internal calls to one another (in the form of messages sent from one object to another object) as a way of satisfying a request for a particular service. For example, when an application invokes a security component requesting the addition of a new user to the security registry database, the message requesting an addition of a new user results in other messages being made to other parts of the security component to check that the component making this request is authorized to add users in the databases, which in turn uses a remote procedure call (RPC) component to transmit those requests to the appropriate service.
Such modular software component environments provide programmers with clean, well-defined interfaces for requesting services needed by an application. A problem exist, however, when a system administrator must preform user administration procedures to enable a user to logon or access resources within the distributed computing environment (DCE). The problem emanates from the fact that in the distributed computing environment, the concept of a user of network resources is exposed at a low-level which is not familiar to the system administrators. While mechanisms exist within the DCE environment for creating and manipulating the low-level components of a DCE user, there is not a set of high-level standard administrative and system management definitions.
It is desirable to have an improved method and apparatus for a distributed computing environment, where a set of standard administrative and system management objects are provided, which are readily customizable and easily extendable to satisfy future requirements.