Configuring the Gateway Server Process

To configure the Gateway Server (dfsgwd) process, perform the following steps on the machine to be configured as a Gateway Server. The steps assume that the BOS Server is already running on the machine. In all of the steps, hostname is the hostname of the local machine.

Note: You need to perform some steps only when you configure the first Gateway Server process. Such steps are qualified with the phrase for the first Gateway Server process.

1.If you have not already done so, perform all the steps in “Configuring a Gateway Server Without Enabling Remote Authentication” on page 6 to install the dfsgw binary file on the machine and to export /... from the machine.

2.If you have not already done so, log in as the local superuser root on the machine.

3.Install the binary file for the dfsgwd process in the directory dcelocal/bin on the machine. The dfsgwd process provides users of NFS clients with a remote interface to the authentication table maintained on the Gateway Server machine.

4.Add the dfsgw service to the Internet services database. The dfsgw service provides the login facility for the NFS/DFS Secure Gateway. To add the service, do one of the following:

v If you use the /etc/services file in your environment, add an entry for the dfsgw service to the /etc/services file on the machine.

vIf you use a Network Information Service (NIS) services map in your environment, add an entry for the dfsgw service to the NIS services map file on the NIS master. Add the entry to the services map only for the first Gateway Server process; do not add the entry for additional Gateway Server processes or NFS clients.

In either case, you need to add the following entry for the service:

dfsgw 438/udp dlog

where dfsgw is the name of the service, 438 is the port at which the service receives RPCs, udp is the protocol the service uses to communicate, and dlog is an alias for the dfsgw service.

5.Authenticate to DCE as a principal who has the following ACL permissions on entries in the registry database:

v The i permission on the directory hosts/hostname.

vFor the first Gateway Server process, the i permission on the directory subsys/dce.

Chapter 2. Configuring Gateway Server Machines 9

Page 18 Page 20
Page 19
Image 19
IBM NFS/DFS Secure Gateway manual Configuring the Gateway Server Process
Page 18 Page 20
Top Page Image Contents