Chapter 6 HPSS ConfigurationHPSS Installation Guide September 2002 275Release 4.5, Revision 2Keytab Pathname The absolute pathname ofthe UNIX file containingthe keytab entry that willbe used by the server whensetting up its identity.Any legal UNIX file namecan be used as long as it isthe name of a keytablefile./krb5/hpss.keytabsAdvice: The server must have read access to this file. Do not set other accesspermissions on this file or your security can be breached. Notes: (1) Each servercan have its own key file, or all the servers can share a single key file. It isrecommended that one key file be used for all of the servers on any givenplatform.(2) To use the standard DCE system wide key file, set this value to /krb/v5srvtab (not recommended).Authentication Service Arg The argument passed tothe authentication serviceindicated by theAuthentication Serviceconfiguration variable andused by the authenticationservice to validatecommunications.Currently, the onlyauthentication servicessupported are none anddce.NULL or any UNIXpathname that points to akey file./krb5/hpss.keytabsAdvice: If dce authentication is to be used and the Keytab Pathname is /krb/v5srvtab, set this variable to NULL. If dce authentication is to be used and theKeytab Pathname is not /krb/v5srvtab, set this variable to the value of KeytabPathname. In either case, the server must have read access to the file. Do not setother permissions on this file or your security can be breached. If no authenticationis to be used, set this value to NULL.Audit Policy. The following fields describe the server’s audit policy configuration.AUTH The Security Audit Policyfor Authentication events.If set, security auditmessages will be sent tothe logging subsystem.NONE- No auditmessages will begenerated.FAILURE - Auditmessages will only begenerated when there areerrors.ALL - Audit messageswill be generated for allrelated operations.FAILUREAdvice: Sites that must audit all login type events should set this value to ALL.Table 6-3 Basic Server Configuration Variables (Continued)Display Field Name Description Acceptable Values DefaultValue
