Filter
Top Products
Chapter 2. Configuring Gateway Server Machines
A Gateway Server machine provides authenticated access to the DFS filespace
to users on NFS clients. You can configure any machine that is configured as a
DFS client and an NFS server as a Gateway Server. Following successful
configuration, the machine provides authenticated access to the DFS filespace,
and it exports the root of the DCE namespace, /..., via NFS.
You can configure multiple Gateway Server machines to provide DFS access
from multiple sources. However, users do not randomly select Gateway
Server machines from NFS clients. By default, users on an NFS client contact
the Gateway Server machine that exports /... to the client. If you want to
balance the load among multiple Gateway Servers, you must configure your
NFS clients so that each client mounts /... on a particular Gateway Server
machine. (See “Chapter 3. Configuring NFS Clients to Access DFS” on page 13
for information on configuring NFS clients.)
Depending on how closely you want to control access to the DFS filespace,
configure your Gateway Server machines in one of the following ways:
v Configure the Gateway Server machines so that users cannot issue the
dfs_login command to authenticate to DCE.
This configuration allows system administrators to manage all DCE
authentication from the Gateway Server machines. You can allow users to
issue the dfsgw add command themselves, or you can limit use of the
command to administrators only. To configure a Gateway Server machine
without enabling remote authentication via the dfs_login command, follow
the instructions in “Configuring a Gateway Server Without Enabling
Remote Authentication” on page 6.
v Configure the Gateway Server machines so that users can issue the
dfs_login command to remotely authenticate to DCE.
This configuration allows users of NFS clients to acquire their own DCE
credentials from the NFS clients. To configure a Gateway Server machine
and enable remote authentication via the dfs_login command, follow the
instructions in “Configuring a Gateway Server and Enabling Remote
Authentication” on page 7.
Note: The dfs_login and dfs_logout commands are not provided with DFS;
these commands can be used only if they are available from your NFS
vendor and have been installed on an NFS client. If these commands
are not available, use the dfsgw add and dfsgw delete commands,
which work in a similar fashion. See your NFS vendor documentation
for the availability and use of the dfs_login and dfs_logout commands.
© Copyright IBM Corp. 1989, 1999 5