IBM NFS/DFS Secure Gateway Скачать руководство пользователя

Страница: 1 / 67

DFS for Solaris

NFS/DFS Secure Gateway Guide and

Reference

Version 3.1

GC09-3993-00

Содержание NFS/DFS Secure Gateway

Страница 1: ...DFS for Solaris NFS DFS Secure Gateway Guide and Reference V ersion 3 1 GC09 3993 00...

Страница 2: ......

Страница 3: ...DFS for Solaris NFS DFS Secure Gateway Guide and Reference V ersion 3 1 GC09 3993 00...

Страница 4: ...and to all subsequent releases and modifications until otherwise indicated in new editions Order publications through your IBM representative or through the IBM branch office serving your locality Co...

Страница 5: ...out Enabling Remote Authentication 14 Configuring a Client and Enabling Remote Authentication 14 Chapter 4 Accessing DFS from an NFS Client 17 Unauthenticated Access to DFS 17 Authenticated Access to...

Страница 6: ...iv DFS for Solaris NFS DFS Secure Gateway Guide and Reference...

Страница 7: ...ng knowledge of DCE and its requirements Applicability This revision applies to IBM DFS for Solaris Version 3 1 See your software license for details Purpose The purpose of this book is to provide inf...

Страница 8: ...g typographic conventions Bold Bold words or characters represent system elements that you must use literally such as commands options and pathnames Italic Italic words or characters represent variabl...

Страница 9: ...dicates a control character sequence For example Ctrl C means that you hold down the control key while pressing C Return The notation Return refers to the key on your terminal or workstation that is l...

Страница 10: ...viii DFS for Solaris NFS DFS Secure Gateway Guide and Reference...

Страница 11: ...oth Local and remote authentication work as follows v Local authentication to DCE from Gateway Server machines is provided via the dfsgw add command With local authentication you can enable users to i...

Страница 12: ...way Server machine an association is created between the UNIX user identification number UID of the user and the network address of the NFS client from which DFS access is desired A mapping is then cr...

Страница 13: ...end the authenticated session regardless of which command was used to obtain the credentials Because the authentication table resides in memory all authenticated sessions are terminated if the Gateway...

Страница 14: ...4 DFS for Solaris NFS DFS Secure Gateway Guide and Reference...

Страница 15: ...sue the dfs_login command to authenticate to DCE This configuration allows system administrators to manage all DCE authentication from the Gateway Server machines You can allow users to issue the dfsg...

Страница 16: ...on the machine The dfsgw command suite provides a local interface to the authentication table maintained on the Gateway Server machine Commands in the dfsgw suite can be used to add delete and view m...

Страница 17: ...See the IBM DFS for AIX and Solaris Administration Guide for more information about the BOS Server Configuring the BOS Server Process To configure the BOS Server process bosserver perform the followin...

Страница 18: ...tname dfs server key password dcecp keytab add self member hosts hostname dfs server random registry dcecp exit 6 Remove the BosConfig file and any administrative lists that possibly exist from a prev...

Страница 19: ...ver machine 4 Add the dfsgw service to the Internet services database The dfsgw service provides the login facility for the NFS DFS Secure Gateway To add the service do one of the following v If you u...

Страница 20: ...te hosts hostname dfsgw server dcecp account create hosts hostname dfsgw server group subsys dce dfsgw admin org none password password mypwd password dcecp exit 9 Use the su command to become the loc...

Страница 21: ...gw to run the dfsgwd server process dcelocal bin bos create server hosts hostname process dfsgw type simple cmd dcelocal bin dfsgwd The Gateway Server process is now fully configured on the machine Ch...

Страница 22: ...12 DFS for Solaris NFS DFS Secure Gateway Guide and Reference...

Страница 23: ...he instructions in Configuring a Client Without Enabling Remote Authentication on page 14 v If you configured your Gateway Servers so that users can issue the dfs_login command to authenticate to DCE...

Страница 24: ...s In the command cellname is the name of the DCE cell to be accessed from the NFS client the cell in which the machine that exports is configured as a DFS client ln s cellname fs 4 Verify that the NFS...

Страница 25: ...thenticating to DCE from an NFS Client on page 19 for information about using this command The dfs_login and dfs_logout commands use version 5 of Kerberos to communicate with the DCE Security Service...

Страница 26: ...alias for the dfsgw service If you use an NIS services map in your environment you added an entry to the services map file when you configured the first Gateway Server process You do not need to add...

Страница 27: ...ed from File Server machines When accessing DFS data from an NFS client NFS background I O daemons cache local copies of files accessed via the NFS server The caching of information by the NFS daemons...

Страница 28: ...ssue the dfs_login command See Authenticating to DCE from an NFS Client on page 19 for more information v From a Gateway Server machine issue the dfsgw add command See Authenticating to DCE from a Gat...

Страница 29: ...DCE credentials before they expire use the dfsgw add command which refreshes the ticket lifetime of your existing TGT to obtain new credentials then use the dfs_login or dfsgw add command to replace y...

Страница 30: ...fault the ticket is assigned the DCE cell s default lifetime dce_principal Specifies the DCE principal name of the user for whom to obtain a ticket By default the command uses the name of the issuer o...

Страница 31: ...e issuer of the command dfs_logout Authenticating to DCE from a Gateway Server Machine The dfsgw add command authenticates a user to DCE from a Gateway Server machine Users can use the dfsgw add comma...

Страница 32: ...ent includes multiple Gateway Server machines you must issue the command on the Gateway Server machine whose authentication table is to be examined The command displays information about a user s entr...

Страница 33: ...S access and the date and time at which each user s DCE credentials expire See the reference page for the dfsgw list command for more information about the command Chapter 4 Accessing DFS from an NFS...

Страница 34: ...24 DFS for Solaris NFS DFS Secure Gateway Guide and Reference...

Страница 35: ...Chapter 5 Configuration File and Command Reference This chapter contains configuration file and command reference information for the NFS DFS Secure Gateway Copyright IBM Corp 1989 1999 25...

Страница 36: ...DfsgwLog old file in the same directory overwriting the current DfsgwLog old file if it exists before creating a new version to which to append messages The process can write different types of outpu...

Страница 37: ...currently supported inet Internet help Displays the online help for the command All other valid options specified with this option are ignored Description The dfsgw command suite provides commands to...

Страница 38: ...ands The following examples summarize the syntax for the different help options dfsgw help Displays a list of commands in a command suite dfsgw help command Displays the syntax for a single command df...

Страница 39: ...Related Information Commands dfsgw_add 8dfs dfsgw_apropos 8dfs dfsgw_delete 8dfs dfsgw_help 8dfs dfsgw_list 8dfs dfsgw_query 8dfs dfs_intro 8dfs Chapter 5 Configuration File and Command Reference 29...

Страница 40: ...ecify a principal name and password the command prompts for them only if you do not already have a valid ticket granting ticket TGT in the current login context If you omit only your password the comm...

Страница 41: ...thentication table Otherwise it returns a nonzero exit value DCE credentials obtained with the command are valid for the default ticket lifetime in effect in the registry database of the DCE cell DCE...

Страница 42: ...alid TGT If it succeeds in creating the entry in the authentication table the command displays the following Mapping added successfully PAG is PAG where PAG identifies the PAG created with the command...

Страница 43: ...r any dfsgw command that contains the string specified by the topic option in its name or short description To display the syntax for a command use the dfsgw help command Privilege Required No privile...

Страница 44: ...Related Information Commands dfsgw help 8dfs 34 DFS for Solaris NFS DFS Secure Gateway Guide and Reference...

Страница 45: ...options specified with this option are ignored Description The dfsgw delete command cancels a user s authenticated access to DFS The command removes the entry for the specified user and NFS client fr...

Страница 46: ...owing command deletes the entry from the authentication table that grants authenticated access to the user named ludwig from the NFS client that has network address 15 27 32 40 The command is issued b...

Страница 47: ...irst line name and short description of the online help entry for every dfsgw command if the topic option is not provided For each command name specified with the topic option the output lists the ent...

Страница 48: ...dfsgw list list all entries in the AT Usage dfsgw list help Related Information Commands dfsgw apropos 8dfs 38 DFS for Solaris NFS DFS Secure Gateway Guide and Reference...

Страница 49: ...that the dfsgw list command provides some additional information not displayed by the dfsgw query command For example it displays the hostname of the NFS client for which the DCE credentials are grant...

Страница 50: ...s no entries No mappings exist Examples The following command displays the current entries from the authentication table on the local Gateway Server machine The first entry grants secure access to DFS...

Страница 51: ...dfsgw_delete 8dfs dfsgw_query 8dfs Chapter 5 Configuration File and Command Reference 41...

Страница 52: ...ption The dfsgw query command checks the local authentication table to determine whether the user has an entry for the NFS client Because each Gateway Server machine maintains its own authentication t...

Страница 53: ...entry for the NFS client in the authentication table the dfsgw query command displays the following line of output instead No mapping found Examples The following command determines whether the authe...

Страница 54: ...host variables This name can be set by starting the dfsgwd process with the sysname option The sysname argument is a unique name derived from the uname function that describes the machine architecture...

Страница 55: ...the authentication table on a machine configured as a Gateway Server The Gateway Server process recognizes the sys and host variables on the NFS client system This allows the Gateway Server to resolve...

Страница 56: ...al var dfs adm DfsgwLog The default log file for the dfsgwd process You can use the file option to specify a different pathname for the log file Related Information Commands bos getlog 8dfs bosserver...

Страница 57: ...6 19 27 receiving help 28 dfsgw commands add 1 2 5 6 7 14 18 19 21 30 35 apropos 33 delete 2 19 21 31 35 help 37 list 22 39 42 query 22 42 dfsgwd process 1 7 19 21 26 44 DfsgwLog file 26 G Gateway Se...

Страница 58: ...48 DFS for Solaris NFS DFS Secure Gateway Guide and Reference...

Страница 59: ...e furnishing of this document does not give you any license to these patents You can send license inquiries in writing to IBM Director of Licensing IBM Corporation North Castle Drive Armonk NY 10504 1...

Страница 60: ...U S A Such information may be available subject to appropriate terms and conditions including in some cases payment of a fee The licensed program described in this document and all licensed material...

Страница 61: ...used by an actual business enterprise is entirely coincidental If you are viewing this information softcopy the photographs and color illustrations may not appear Trademarks The following terms are tr...

Страница 62: ...ted States other countries or both and is licensed exclusively through X Open Company Limited Other company product and service names may be trademarks or service marks of others 52 DFS for Solaris NF...

Страница 63: ...his book is Very Satisfied Satisfied Neutral Dissatisfied Very Dissatisfied Accurate h h h h h Complete h h h h h Easy to find h h h h h Easy to understand h h h h h Well organized h h h h h Applicabl...

Страница 64: ...ESSEE IBM Corporation ATTN File Systems Documentation Group 11 Stanwix Street Pittsburgh PA 15222 1312 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _...

Страница 65: ......

Страница 66: ...Program Number Printed in the United States of America on recycled paper containing 10 recovered post consumer fiber GC09 3993 00...

Страница 67: ...Spine information DFS for Solaris NFS DFS Secure Gateway Guide and Reference Version 3 1 GC09 3993 00...

Результаты поиска

Содержание NFS/DFS Secure Gateway

Отзывы:

Похожие инструкции для NFS/DFS Secure Gateway

Бренды по названию

Популярные бренды

IBM NFS/DFS Secure Gateway, Справочное руководство

Результаты поиска

Содержание NFS/DFS Secure Gateway

Отзывы:

Похожие инструкции для NFS/DFS Secure Gateway

Бренды по названию

Популярные бренды