Description
The dfsgwd command initializes the Gateway Server process. The dfsgwd
process runs on machines configured as DFS clients to enable remote
authentication via the dfs_login command. The dfsgwd process works with
the dfs_login command to obtain DCE credentials for users of NFS clients.
The DCE credentials provide users with authenticated access to data in DFS.
The Gateway Server process manipulates mappings for authenticated users in
the authentication table on the Gateway Server machine. Each mapping
records the following information for an authenticated user:
v
The user’s UNIX user identification number (UID)
v
The network address of the NFS client from which the user has
authenticated access to DFS
v
The PAG that stores the user’s DCE ticket-granting ticket (TGT)
The dfs_login and dfs_logout commands provide a remote mechanism for
creating and deleting entries in the authentication table on a Gateway Server
machine. Commands in the dfsgw command suite provide a local
administrative interface to the authentication table on a machine configured as
a Gateway Server.
The Gateway Server process recognizes the @sys and @host variables on the
NFS client system. This allows the Gateway Server to resolve pathnames to
binaries and other system-dependent files correctly, based on the user’s login
system name and system type.
The binary file for the dfsgwd process resides in dcelocal/bin. The process is
normally run on a DFS client that is exporting a mount point for /..., the root
of the DCE namespace, via NFS. The process runs as the DCE principal hosts/
hostname/dfsgw-server.
The dfsgwd process is usually started and controlled by the Basic OverSeer
(BOS) Server (bosserver) process. The BOS Server restarts each process it
monitors whenever the system is restarted. If the dfsgwd process is not
controlled by the BOS Server, the dfsgwd process runs in the foreground by
default.
The dfsgwd process writes output about the operations it performs to a log
file, by default, named dcelocal/var/dfs/adm/DfsgwLog. You can use the -file
option to name a different log file. If the dfsgwd process is controlled by the
BOS Server, you can use the bos getlog command to read the log file.
Chapter 5. Configuration File and Command Reference
45
Summary of Contents for NFS/DFS Secure Gateway
Page 1: ...DFS for Solaris NFS DFS Secure Gateway Guide and Reference V ersion 3 1 GC09 3993 00...
Page 2: ......
Page 3: ...DFS for Solaris NFS DFS Secure Gateway Guide and Reference V ersion 3 1 GC09 3993 00...
Page 6: ...iv DFS for Solaris NFS DFS Secure Gateway Guide and Reference...
Page 10: ...viii DFS for Solaris NFS DFS Secure Gateway Guide and Reference...
Page 14: ...4 DFS for Solaris NFS DFS Secure Gateway Guide and Reference...
Page 22: ...12 DFS for Solaris NFS DFS Secure Gateway Guide and Reference...
Page 34: ...24 DFS for Solaris NFS DFS Secure Gateway Guide and Reference...
Page 51: ...dfsgw_delete 8dfs dfsgw_query 8dfs Chapter 5 Configuration File and Command Reference 41...
Page 58: ...48 DFS for Solaris NFS DFS Secure Gateway Guide and Reference...
Page 65: ......