HP j6750 Supplementary Manual page 153

Enterprise file system, planning and configuring hp dce/9000 enhanced dfs version 3.0
Hide thumbs Also See for j6750:
Table of Contents

Advertisement

dfs_login allows users of the NFS client to establish an authenticated
session by obtaining DCE credentials on a Gateway Server machine. (See
"Authenticating to DCE from an NFS Client" for information about using
this command.)
dfs_logout allows users on the NFS client to end an authenticated session
established with the dfs_login command. (See "Authenticating to DCE
from an NFS Client" for information about using this command.)
The dfs_login and dfs_logout commands use version 5 of Kerberos to
communicate with the DCE Security Service.
4 Create the Kerberos configuration file named /krb5/krb.conf. The dfs_login
command reads this file to determine the name of a DCE Security Server that
it can contact. This file must be identical to the /krb5/krb.conf file on
machines in the host DCE cell; copy it from a machine in the DCE cell.
5 Create the Kerberos configuration file named /krb5/krb.realms. The
Kerberos runtime uses the information in this file to translate Internet
domains to the corresponding Kerberos realms. In the file, the Kerberos realm
has the same name as the DCE cell. Each line of the file must have the
following format:
domain krb-realm
where domain is the name of the local Internet domain, and krb-realm is the
name of the Kerberos realm (the name of the DCE cell to be accessed). For
example, in the following krb.realms file, def.com is the name of the
Internet domain, and abc.com is the name of the DCE cell. If machines from
multiple domains are to contact the DCE cell, you need a separate line for
each domain. Note that realm names are case-sensitive.
.DEF.COM abc.com
6 If you use the /etc/services file in your environment, add the following entry
for the dfsgw service to the /etc/services file on the machine:
dfsgw 438/udp dlog
where dfsgw is the name of the service, 438 is the port at which the service
receives RPCs, udp is the protocol the service uses to communicate, and
dlog is an alias for the dfsgw service.
If you use an NIS Services map in your environment, you added an entry to
the services map file when you configured the first Gateway Server process.
You do not need to add the entry to the services map when you configure
NFS clients.
The DFS/NFS Secure Gateway
Configuring Gateway Server Machines
153

Hide quick links:

Advertisement

Table of Contents
loading

Table of Contents