Configuring the Gateway Server Process
To configure the Gateway Server (dfsgwd) process, perform the following
steps on the machine to be configured as a Gateway Server. The steps assume
that the BOS Server is already running on the machine. In all of the steps,
hostname is the hostname of the local machine.
Note: You need to perform some steps only when you configure the first
Gateway Server process. Such steps are qualified with the phrase for the
first Gateway Server process.
1. If you have not already done so, perform all the steps in “Configuring a
Gateway Server Without Enabling Remote Authentication” on page 6 to
install the dfsgw binary file on the machine and to export /... from the
machine.
2. If you have not already done so, log in as the local superuser root on the
machine.
3. Install the binary file for the dfsgwd process in the directory dcelocal/bin
on the machine. The dfsgwd process provides users of NFS clients with a
remote interface to the authentication table maintained on the Gateway
Server machine.
4. Add the dfsgw service to the Internet services database. The dfsgw
service provides the login facility for the NFS/DFS Secure Gateway. To
add the service, do one of the following:
v If you use the /etc/services file in your environment, add an entry for
the dfsgw service to the /etc/services file on the machine.
v If you use a Network Information Service (NIS) services map in your
environment, add an entry for the dfsgw service to the NIS services
map file on the NIS master. Add the entry to the services map only for
the first Gateway Server process; do not add the entry for additional
Gateway Server processes or NFS clients.
In either case, you need to add the following entry for the service:
dfsgw 438/udp dlog
where dfsgw is the name of the service, 438 is the port at which the
service receives RPCs, udp is the protocol the service uses to
communicate, and dlog is an alias for the dfsgw service.
5. Authenticate to DCE as a principal who has the following ACL
permissions on entries in the registry database:
v The i permission on the directory hosts/hostname.
v For the first Gateway Server process, the i permission on the directory
subsys/dce.
Chapter 2. Configuring Gateway Server Machines 9