Bay Networks 5390 Administering page 465

within a limited time, the Model 5390 server broadcasts. If the broadcast fails, the Model 5390
server denies the user's request.
5
Modify the eservices file (see Configuring the Security Server on page A15-10).
When a user requests access to Model 5390 server(s) configured for security logging, the Model
5390 server calls the ACP security service on the security host. Each time this security service grants
or denies a request to access the Model 5390 server, the service enters a message in a file defined
as acp_logfile. This file is created by erpcd and is located in the install directory along with the
other ACP files, such as acp_passwd (see UNIX-based Passwords on page A15-33).
If the Model 5390 server cannot reach the security host, it calls the back-up host, if one is defined,
and stores the message in the acp_logfile on that host. If you examine this file on the primary security
host and notice a gap in security entries, check the acp_logfile on the back-up server. The primary
server may have gone down temporarily; in this case, the events are logged to the secondary server.
If the Model 5390 security_broadcast parameter is set to Y (the default), and the Model 5390 server
cannot reach either the primary or back-up security host, it broadcasts for a security host on the
network. If it finds one that is running erpcd, the Model 5390 server stores any security messages
in an acp_logfile on that host, which could be anywhere on the network and therefore hard to locate.
Set security_broadcast to N to avoid this problem.
893-741-B
Using Model 5390 Security
A15-45