The default Cache Manager and File Server authentication settings are such that they will negotiate to the packet integrity authentication level. Use the following options to set the authentication levels at the Cache Manager:
· -initiallocalprotectlevel
Specifies the initial DCE RPC authentication level for communications between the Cache Manager and File Servers within the
local cell.
· -minlocalprotectlevel
Specifies the minimum acceptable DCE RPC authentication level for communications between the Cache Manager and File Servers within
the local cell.
· -initialremoteprotectlevel
Specifies the initial DCE RPC authentication level for communications between the Cache Manager and File Servers within
foreign cells.
· -minremoteprotectlevel
Specifies the minimum acceptable DCE RPC authentication level for communications between the Cache Manager and File Servers within
foreign cells.
Each of the above options takes either a string, abbreviated string, or integer value as an argument to define the RPC authentication level. The following lists the values you can use:
· rpc_protect_level_default or default or 0
Use the DCE default authentication level.
· rpc_protect_level_none or none or 1
Perform no authentication.
· rpc_protect_level_connect or connect or 2
Authenticate only when the Cache Manager establishes a connection with the File Server.
· rpc_protect_level_call or call or 3
Authenticate only at the beginning of each RPC received.
· rpc_protect_level_pkt or pkt or 4
Ensure that all data received is from the expected host.
· rpc_protect_level_pkt_integrity or pkt_integrity or 5
Authenticate and verify that none of the data transferred has been modified.
· rpc_protect_level_pkt_privacy or pkt_privacy or 6
Perform authentication as specified by all of the previous levels and also encrypt
each RPC argument value.
The following example sets the initial RPC authentication level for the home cell to connect, the minimum authentication RPC level for the home cell to none, the initial RPC authentication level for foreign cells to packet privacy, and the minimum authentication level for foreign cells also to packet privacy.
$ dfsd -initiallocalprotectlevel rpc_protect_level_connect -minlocalprotectlevel none -initialremoteprotectlevel 6 initialremoteprotectlevel pkt_privacy
When configuring the authentication levels, any combination of dfsd options is allowed.