IBM NFS/DFS Secure Gateway Network Router User Manual

Open as PDF

of 67

Conﬁguring the Gateway Server Process

To conﬁgure the Gateway Server (dfsgwd) process, perform the following

steps on the machine to be conﬁgured as a Gateway Server. The steps assume

that the BOS Server is already running on the machine. In all of the steps,

hostname is the hostname of the local machine.

Note: You need to perform some steps only when you conﬁgure the ﬁrst

Gateway Server process. Such steps are qualiﬁed with the phrase for the

ﬁrst Gateway Server process.

1. If you have not already done so, perform all the steps in “Conﬁguring a

Gateway Server Without Enabling Remote Authentication” on page 6 to

install the dfsgw binary ﬁle on the machine and to export /... from the

machine.

2. If you have not already done so, log in as the local superuser root on the

machine.

3. Install the binary ﬁle for the dfsgwd process in the directory dcelocal/bin

on the machine. The dfsgwd process provides users of NFS clients with a

remote interface to the authentication table maintained on the Gateway

Server machine.

4. Add the dfsgw service to the Internet services database. The dfsgw

service provides the login facility for the NFS/DFS Secure Gateway. To

add the service, do one of the following:

v If you use the /etc/services ﬁle in your environment, add an entry for

the dfsgw service to the /etc/services ﬁle on the machine.

v If you use a Network Information Service (NIS) services map in your

environment, add an entry for the dfsgw service to the NIS services

map ﬁle on the NIS master. Add the entry to the services map only for

the ﬁrst Gateway Server process; do not add the entry for additional

Gateway Server processes or NFS clients.

In either case, you need to add the following entry for the service:

dfsgw 438/udp dlog

where dfsgw is the name of the service, 438 is the port at which the

service receives RPCs, udp is the protocol the service uses to

communicate, and dlog is an alias for the dfsgw service.

5. Authenticate to DCE as a principal who has the following ACL

permissions on entries in the registry database:

v The i permission on the directory hosts/hostname.

v For the ﬁrst Gateway Server process, the i permission on the directory

subsys/dce.

Chapter 2. Conﬁguring Gateway Server Machines 9

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

IBM NFS/DFS Secure Gateway Network Router User Manual