Returns the current DCE RPC authentication level settings for communications between the Cache Manager and File Servers
Synopsis
cm getprotectlevels [-help]
Options
-help
Prints the online help for this command. All other valid options specified with this option are ignored.
Description
The cm getprotectlevels command returns the current Cache Manager DCE RPC authentication level settings. The returned values include separate local and foreign cell settings for the initial and minimum authentication levels for communications with File Servers.
The Cache Manager and File Server default settings are such that communications occur at the Packet Integrity authentication level. (Packet integrity both makes certain that the data is received from the expected principal and that the data has not been modified.)
The authentication bounds for the File Server itself are set through the fxd command. In addition to a general pair of upper and lower bounds for all communications between the File Server and Cache Manager, administrators can also set advisory bounds on a per fileset basis. At present, these advisory levels serve only to bias the Cache Manager's selection of an initial authentication level (they may be enforced in a future version of DFS). Advisory bounds are set through the fts setprotectlevels command and are stored in the FLDB record for that fileset. You can display the current advisory RPC authentication bounds for a fileset through either the fts lsfldb or fts lsft commands.
Privilege Required
No privileges are required.
Output
The output consists of the following four lines:
Initial protection level in the local cell:\*O \*Vlevel\*O
Minimum protection level in the local cell:\*O \*Vlevel\*O
Initial protection level in non-local cells:\*O
\*Vlevel\*O
Minimum protection level in non-local cells:\*O \*Vlevel\*O
Where level is one of the various DCE RPC authentication levels, whose possible values are:
· rpc_c_protect_level_default - default
Use the DCE default authentication level.
· rpc_c_protect_level_none - none
Perform no authentication.
· rpc_c_protect_level_connect - connect
Authenticate only when the Cache Manager establishes a connection with the File Server.
· rpc_c_protect_level_call - call
Authenticate only at the beginning of each RPC received.
· rpc_c_protect_level_pkt - packet
Ensure that all data received is from the expected principal.
· rpc_c_protect_level_pkt_integ - packet integrity
Authenticate and verify that none of the of the data transferred has been modified.
· rpc_c_protect_level_pkt_privacy - packet privacy
Perform authentication as specified by all of the previous levels and also encrypt each RPC argument
value.
Examples
The following command returns the current authentication levels for communications between the Cache Manager and Files Servers:
$ cm getprotectlevels
Initial protection level in the local cell: rpc_c_protect_level_pkt_integ
Minimum protection level in the local cell: rpc_c_protect_level_none
Initial protection level in
non-local cells: rpc_c_protect_level_pkt_integ
Minimum protection level in non-local cells: rpc_c_protect_level_pkt
Related Information
Commands: