Unauthenticated access is provided to users who access DFS without first authenticating to DCE. For a user who does not have an account in the DCE registry database, unauthenticated access is the only form of access available. Unauthenticated access requires no preliminary steps; users simply access data in DFS from an NFS client.
Unauthenticated users receive the following permissions for objects (files and directories) in the DFS filespace:
· For objects in non-LFS filesets, unauthenticated users receive the permissions granted by the other mode bits of the object.
· For objects in DCE LFS filesets, unauthenticated users receive the permissions granted by the any_other entry, if it exists, on the ACL of the object. The mask_obj entry filters permissions granted via the any_other entry.
When an unauthenticated user creates an object, the object is owned by the user nobody and the group nogroup. The UID of the user nobody is -2, and the GID of the group nogroup is also -2. (Note that identities and ID numbers of an unauthenticated user and group can vary between systems; see your vendor's documentation for more information.)
Unauthenticated access is provided with the DFS/NFS Secure Gateway as a side effect of configuring Gateway Server machines and NFS clients. Unauthenticated access is available without the DFS/NFS Secure Gateway. Simply export /... from a DFS client that is also an NFS Server, and mount /... on each NFS client from which users are to access DFS.