IBM NFS/DFS Secure Gateway manual Configuring the Gateway Server Process

Page 19

Configuring the Gateway Server Process

To configure the Gateway Server (dfsgwd) process, perform the following steps on the machine to be configured as a Gateway Server. The steps assume that the BOS Server is already running on the machine. In all of the steps, hostname is the hostname of the local machine.

Note: You need to perform some steps only when you configure the first Gateway Server process. Such steps are qualified with the phrase for the first Gateway Server process.

1.If you have not already done so, perform all the steps in “Configuring a Gateway Server Without Enabling Remote Authentication” on page 6 to install the dfsgw binary file on the machine and to export /... from the machine.

2.If you have not already done so, log in as the local superuser root on the machine.

3.Install the binary file for the dfsgwd process in the directory dcelocal/bin on the machine. The dfsgwd process provides users of NFS clients with a remote interface to the authentication table maintained on the Gateway Server machine.

4.Add the dfsgw service to the Internet services database. The dfsgw service provides the login facility for the NFS/DFS Secure Gateway. To add the service, do one of the following:

v If you use the /etc/services file in your environment, add an entry for the dfsgw service to the /etc/services file on the machine.

vIf you use a Network Information Service (NIS) services map in your environment, add an entry for the dfsgw service to the NIS services map file on the NIS master. Add the entry to the services map only for the first Gateway Server process; do not add the entry for additional Gateway Server processes or NFS clients.

In either case, you need to add the following entry for the service:

dfsgw 438/udp dlog

where dfsgw is the name of the service, 438 is the port at which the service receives RPCs, udp is the protocol the service uses to communicate, and dlog is an alias for the dfsgw service.

5.Authenticate to DCE as a principal who has the following ACL permissions on entries in the registry database:

v The i permission on the directory hosts/hostname.

vFor the first Gateway Server process, the i permission on the directory subsys/dce.

Chapter 2. Configuring Gateway Server Machines 9

Page 18 Page 20
Image 19
Page 18 Page 20
Contents NFS/DFS Secure Gateway Guide and Reference Page NFS/DFS Secure Gateway Guide and Reference First Edition April Contents Page Purpose PrefaceAudience ApplicabilityConstant width Related DocumentsTypographic and Keying Conventions BoldReturn Ctrl- x orPage Overview of the NFS/DFS Secure Gateway DFS for Solaris NFS/DFS Secure Gateway Guide and Reference Overview of the NFS/DFS Secure Gateway DFS for Solaris NFS/DFS Secure Gateway Guide and Reference Configuring Gateway Server Machines DFS for Solaris NFS/DFS Secure Gateway Guide and Reference Configuring the BOS Server Process Add the group subsys/dce/dfs-admin to the admin.bos file Configuring the Gateway Server Process Invoke the dcecp command $ dcecp Gateway Server process is now fully configured on the machine DFS for Solaris NFS/DFS Secure Gateway Guide and Reference Configuring NFS Clients to Access DFS Configuring a Client and Enabling Remote Authentication Configuring a Client Without Enabling Remote AuthenticationDfslogout DfsloginDfsgw 438/udp dlog Unauthenticated Access to DFS Accessing DFS from an NFS ClientAuthenticated Access to DFS Authenticating to DCE from an NFS Client Hhostname Authenticating to DCE from a Gateway Server Machine Determining Whether a Specific User Is Authenticated to DCE Accessing DFS from an NFS Client DFS for Solaris NFS/DFS Secure Gateway Guide and Reference Configuration File and Command Reference Bos getlog8dfs Dfsgwd8dfs DfsgwLog PurposeDescription Related InformationDfsgw delete Dfsgw PurposeOptions Dfsgw addDfsgw query $ dfsgw help command$ dfsgw command -help Dfsgw listRelated Information Remotehost name Dfsgw add PurposeSynopsis Sysname sysnamePrivileges Required Examples OutputDfsgwdelete8dfs Dfsgwlist8dfs Dfsgwquery8dfs Topic string Dfsgw apropos PurposeDfsgw help8dfs Dfsgw delete Purpose Dfsgwadd8dfs Dfsgwlist8dfs Dfsgwquery8dfs $ dfsgw help list Dfsgw help PurposeDfsgw apropos8dfs Dfsgw list Purpose Dfsgwadd8dfs PrincipalDfsgwdelete8dfs Dfsgwquery8dfs Dfsgw query Purpose Dfsgwadd8dfs Dfsgwdelete8dfs Dfsgwlist8dfs Nodomains Dfsgwd PurposeVerbose Description Bos getlog8dfs Bosserver8dfs Dfsgw8dfs Dcelocal/var/dfs/adm/DfsgwLogDfsgwLog4dfs Special Characters IndexDFS for Solaris NFS/DFS Secure Gateway Guide and Reference First Edition April DFS for Solaris NFS/DFS Secure Gateway Guide and Reference Trademarks DFS for Solaris NFS/DFS Secure Gateway Guide and Reference How satisfied are you that the information in this book is Readers’ Comments We’d Like to Hear from YouGC09-3993-00 Readers’ Comments We’d Like to Hear from YouPage Program Number NFS/DFS Secure Gateway Guide
Top Page Image Contents