IBM NFS/DFS Secure Gateway Network Router User Manual

Open as PDF

of 67

Description

The dfsgwd command initializes the Gateway Server process. The dfsgwd

process runs on machines conﬁgured as DFS clients to enable remote

authentication via the dfs_login command. The dfsgwd process works with

the dfs_login command to obtain DCE credentials for users of NFS clients.

The DCE credentials provide users with authenticated access to data in DFS.

The Gateway Server process manipulates mappings for authenticated users in

the authentication table on the Gateway Server machine. Each mapping

records the following information for an authenticated user:

v The user’s UNIX user identiﬁcation number (UID)

v The network address of the NFS client from which the user has

authenticated access to DFS

v The PAG that stores the user’s DCE ticket-granting ticket (TGT)

The dfs_login and dfs_logout commands provide a remote mechanism for

creating and deleting entries in the authentication table on a Gateway Server

machine. Commands in the dfsgw command suite provide a local

administrative interface to the authentication table on a machine conﬁgured as

a Gateway Server.

The Gateway Server process recognizes the @sys and @host variables on the

NFS client system. This allows the Gateway Server to resolve pathnames to

binaries and other system-dependent ﬁles correctly, based on the user’s login

system name and system type.

The binary ﬁle for the dfsgwd process resides in dcelocal/bin. The process is

normally run on a DFS client that is exporting a mount point for /..., the root

of the DCE namespace, via NFS. The process runs as the DCE principal hosts/

hostname/dfsgw-server.

The dfsgwd process is usually started and controlled by the Basic OverSeer

(BOS) Server (bosserver) process. The BOS Server restarts each process it

monitors whenever the system is restarted. If the dfsgwd process is not

controlled by the BOS Server, the dfsgwd process runs in the foreground by

default.

The dfsgwd process writes output about the operations it performs to a log

ﬁle, by default, named dcelocal/var/dfs/adm/DfsgwLog. You can use the -ﬁle

option to name a different log ﬁle. If the dfsgwd process is controlled by the

BOS Server, you can use the bos getlog command to read the log ﬁle.

Chapter 5. Conﬁguration File and Command Reference 45

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

IBM NFS/DFS Secure Gateway Network Router User Manual