Configuring a Client Without Enabling Remote Authentication

To provide users of an NFS client with access to DFS but not the dfs_login command, perform the following steps on the client:

1. Log in as the local root user on the machine.

2. Mount the root of the DCE namespace, /..., on the machine. In the command, hostname is the hostname of a machine that exports /.... Each machine configured as a Gateway Server exports /.... When users access DFS from an NFS client, they go through the Gateway Server machine that exports /... to the client. To achieve proper load balancing if you configure multiple Gateway Server machines, ensure that the mounts of /... on your NFS clients are divided evenly among your Gateway Servers. (You can use the NFS automount mechanism with a direct automount map to mount /...; see your vendor's NFS documentation for more information.)

# mkdir /...
# mount hostname:/... /...

3. Create a symbolic link from /: to the root of the DFS filespace for the host DCE cell, /.../cellname/fs. In the command, cellname is the name of the DCE cell to be accessed from the NFS client (the cell in which the machine that exports /... is configured as a DFS client).

# ln -s /.../cellname/fs /:

4. Verify that the NFS mount of DCE was successful by using the ls command to list the contents of /:, which leads to the root directory of the DFS filespace. The command should yield the same output from the NFS client that it does from a DFS client of the DCE cell.

# ls /:

The NFS client is now configured to provide access to DFS but not to allow users of the client to authenticate to DCE with the dfs_login command. Repeat these steps on each NFS client to be configured in this manner. Should you later decide to allow users to authenticate to DCE from the NFS client, simply perform the steps in Configuring a Client and Enabling Remote Authentication on the client.