IBM NFS/DFS Secure Gateway Reference Manual page 13

Before establishing a new mapping between a remote user and DCE principal,
the existing mapping must be deleted. A user who wants to end an
authenticated session to DFS before the credentials expire can issue either the
dfs_logout command from the NFS client for which the credentials were
granted or the dfsgw delete command from the Gateway Server machine.
Both commands remove the user's entry for the NFS client from the
authentication table on the Gateway Server machine. Either command can be
used to end the authenticated session, regardless of which command was
used to obtain the credentials. Because the authentication table resides in
memory, all authenticated sessions are terminated if the Gateway Server is
restarted.
"Chapter 2. Configuring Gateway Server Machines" on page 5 and "Chapter 3.
Configuring NFS Clients to Access DFS" on page 13 provide complete
instructions for configuring Gateway Server machines and NFS clients to give
NFS users either local or remote authentication to DCE. "Chapter 4. Accessing
DFS from an NFS Client" on page 17 provides detailed information about how
users authenticate to DCE and how they access DFS from an NFS client.
3
Chapter 1. Overview of the NFS/DFS Secure Gateway