Chapter 6 HPSS Configuration
HPSS Installation Guide September 2002 275
Release 4.5, Revision 2
Keytab Pathname The absolute pathname of
the UNIX file containing
the keytab entry that will
beused by the server when
setting up its identity.
Anylegal UNIX file name
canbe used as long as it is
the name of a keytable
file.
/krb5/
hpss.keytabs
Advice: The server must have read access to this file. Do not set other access
permissions on this file or your security can be breached. Notes: (1) Each server
can have its own key file, or all the servers can share a single key file. It is
recommended that one key file be used for all of the servers on any given
platform.(2)To use the standard DCE system wide key file, set this value to /krb/
v5srvtab (not recommended).
Authentication Service Arg The argument passed to
the authentication service
indicated by the
Authentication Service
configuration variable and
used by the authentication
service to validate
communications.
Currently, the only
authentication services
supported arenone and
dce.
NULL or any UNIX
pathname that points to a
key file.
/krb5/hpss.keytabs
Advice: Ifdce authentication is to be used and the Keytab Pathname is /krb/
v5srvtab, set this variable toNULL. If dce authentication is to be used and the
KeytabPathname is not /krb/v5srvtab, set this variable to the value of Keytab
Pathname.In either case, the server must have read access to the file. Do not set
otherpermissions on this file or your security can be breached. If no authentication
is to be used, set this value toNULL.
Audit Policy. The following fields describe the server’s audit policy configuration.
AUTH The Security Audit Policy
for Authentication events.
If set, security audit
messages will be sent to
the logging subsystem.
NONE- No audit
messages will be
generated.
FAILURE - Audit
messages will only be
generated when there are
errors.
ALL - Audit messages
will be generated for all
related operations.
FAILURE
Advice: Sites that must audit all login type events should set this value to ALL.
Table 6-3 Basic Server Configuration Variables (Continued)
Display Field Name Description Acceptable Values Default
Value