chndaf Command
Purpose
Changes the configuration of the AIX® Network Data Administration Facility (NDAF).
Syntax
Description
The chndaf command modifies the parameters used by the dms and the dmadm daemons. Depending on the flags that you specify, the changes take place at different times. You can save the changes in the /etc/rc.ndaf startup script for subsequent restarts.
Flags
| Item | Description |
|---|---|
| -B | Temporarily stops the daemons currently running on the system, modifies the /etc/rc.ndaf startup script with the new parameters, and restarts the daemons with the indicated parameters. This flag is the default. |
| -I | Modifies the /etc/rc.ndaf script so that the specified parameters run when the daemons restart. |
| -N | Temporarily stops the daemons currently running on the system and restarts the daemons with the indicated parameters. |
Parameters
You can specify one or more of the following optional parameter values:
| Item | Description |
|---|---|
| -admin_serv=yes | no |
|
| -rpc_timeout=val | Sets the timeout for an RPC connect or call. The default value is 300 seconds. |
| -log_level=val | Sets the level of logging for the log files.
The default value is notice. You can specify the following
values:
|
| -security=val | Sets the type of security method that is used.
The default value is krb5. You can specify the following values:
|
| -krb5_principal=val | Sets the Kerberos principal that is used for the kinit command, with which you can renew your credentials. |
| -admin_port=val | Sets the dmadm port waiting for the dmf remote procedure call (RPC). The default value is 28000. |
| -serv_port=val | Sets the dms port waiting for the dmadm RPC. The default value is 28001. |
| -admin_cb_port=val | Sets the dmadm port waiting for the dms RPC callbacks. The default value is 28002. |
| -serv_serv_port=val | Sets the dms port waiting for the dms RPC. The default value is 28003. |
| -ndaf_dir=val | Sets the base directory for NDAF. By default,
it contains databases, logs and also the data sets and replicas that
are created with no specific path. If you do not specify the -ndaf_dataset_default value, data sets are placed here by default. If you do not specify
the -ndaf_replica_default value, replicas are placed here by
default. The following subdirectories are created:
Requirement: You must specify the -ndaf_dataset_default and -ndaf_replica_default parameters or you must specify the -ndaf_dir parameter. You must have previously enabled the creation of cells, data sets, and replicas, using the dms_enable_fs command, on the file systems containing the specified directories to store the data sets and replicas. |
| -ndaf_dataset_default=val | Sets the default directory for data sets. The
default is ${ndaf_dir}/dsets. Requirement: You must specify the -ndaf_dataset_default and -ndaf_replica_default parameters or you must specify the -ndaf_dir parameter. You must have previously enabled the creation of cells, data sets, and replicas, using the dms_enable_fs command, on the file systems containing the specified directories to store the data sets and replicas. |
| -ndaf_replica_default=val | Sets the default directory for replicas. The
default is ${ndaf_dir}/replicas. Requirement: You must specify the -ndaf_dataset_default and -ndaf_replica_default parameters or you must specify the -ndaf_dir parameter. You must have previously enabled the creation of cells, data sets, and replicas, using the dms_enable_fs command, on the file systems containing the specified directories to store the data sets and replicas. |
| -ndaf_log_dir=val | Sets the directory for log files. The default is ${ndaf_dir}/log. |
| -krb5_keytab=val | Indicates the Kerberos keytab path. If you do not specify the parameter and the system resource controller (SRC) is not in use, the keytab is defined either by the KRB5_KTNAME environment variable, or by the default as specified in the /etc/krb5/krb5.conf file (when the KRB5_KTNAME variable is not set). If you do not specify the parameter but the SRC is in use, the keytab is always the default as specified in the /etc/krb5/krb5.conf file. |
| -nfs_args=val | Specifies arguments to be used when data sets are exported by NDAF using NFS. The NFS arguments are formatted exactly as they are for the exportfs command. |
Examples
-
To configure this system as an NDAF administration server, use the following command:
chndaf -admin_serv=yes -ndaf_dir=/var/dmf \ -ndaf_dataset_default=/ndafpool/dset \ -ndaf_replica_default=/ndafpool/replica -IThis change is made for the restart of the next daemons.
- To restrict exports to krb5p only,
use the following command:
If you specify the NFS version number in the vers=stanza form, you must include version 4; otherwise, NDAF does not work correctly. If you do not specify the version number, the file systems are exported for NFSv4 only. To export for versions 3 and 4, use the following command:chndaf -nfs_args=sec=krb5p
.chndaf -nfs_args=vers=3:4
Security
Attention RBAC users and Trusted AIX users: This command can perform privileged operations. Only privileged users can run privileged operations. For more information about authorizations and privileges, see Privileged Command Database in Security. For a list of privileges and the authorizations associated with this command, see the lssecattr command or the getcmdattr subcommand.