Authenticated Access To Dfs - HP j6750 Supplementary Manual

Enterprise file system, planning and configuring hp dce/9000 enhanced dfs version 3.0
Hide thumbs Also See for j6750:
Table of Contents

Advertisement

For objects in non-LFS filesets, unauthenticated users receive the permissions
granted by the other mode bits of the object.
For objects in DCE LFS filesets, unauthenticated users receive the
permissions granted by the any_other entry, if it exists, on the ACL of the
object. The mask_obj entry filters permissions granted via the any_other
entry.
When an unauthenticated user creates an object, the object is owned by the
user nobody and the group nogroup. The UID of the user nobody is -2, and
the GID of the group nogroup is also -2. (Note that identities and ID
numbers of an unauthenticated user and group can vary between systems;
see your vendor's documentation for more information.)
Unauthenticated access is provided with the DFS/NFS Secure Gateway as a
side effect of configuring Gateway Server machines and NFS clients.
Unauthenticated access is available without the DFS/NFS Secure Gateway.
Simply export /... from a DFS client that is also an NFS Server, and mount
/... on each NFS client from which users are to access DFS.

Authenticated Access to DFS

Authenticated access is available to users who have accounts in the DCE
cell. When an authenticated user accesses an object in the DFS filespace,
the user receives the permissions associated with the DCE identity to which
the user is authenticated. When the user creates an object, the object is
owned by the user and the user's primary group.
To authenticate to DCE, you can issue either of the following commands,
both of which establish credentials recognized by the DCE Security Service:
From an NFS client, enter the dfs_login command. (See "Authenticating to
DCE from an NFS Client.")
From a Gateway Server machine, enter the dfsgw add command. (See
"Authenticating to DCE from a Gateway Server Machine.")
A user who desires authenticated access to DFS must have a principal and
account in the registry database of the DCE cell. An entry must exist for the
user in the /etc/passwd file on the machine configured as a Gateway Server
and on each NFS client from which the user is to access DCE. The user's
UID in the /etc/passwd file must match the user's UID in the DCE registry
The DFS/NFS Secure Gateway
Configuring Gateway Server Machines
155

Hide quick links:

Advertisement

Table of Contents
loading

Table of Contents