White Paper - File Sharing Security
Copyright © 2000 Hewlett-Packard Company Page 22 of 28
All Rights Reserved
value, this file is
consulted to match the
NT primary group with
a UNIX group name.
This file is also used to
generate an ACL
display list for
Windows users for
UNIX files.
The files that contain the association between the clients in Windows and UNIX are the following.
File Name File Information Purpose
Users.map UNIX username, UID,
NT username, NT
domain, NT relative ID
(RID)
Provides UNIX users
with an identity that
can be used to display
ACL data for Windows
users.
For Windows users the
RID and assigned UID
and GID values can be
translated.
Group.map UNIX groupname, GID,
primary NT group
name, NT domain, NT
relative ID (RID)
Provides UNIX users
with an identity that
can be used to display
ACL data for Windows
users.
For Windows users the
RID and assigned UID
and GID values can be
translated.
A discussion about how these files are accessed and used follows.
6.2 Establishing a Windows Client
Each time an NT user logs into the HP NetStorage 6000 the mapping files are checked to determine whether
the user has previously established UNIX credentials or whether it will be necessary to assign UID and GID
values. The users.map files is consulted to determine if an equivalency already exists between the NT client
and a UNIX account with a UID and GID value. If there is no match in the map file, the passwd file is scanned
to see if the NT client has previously accessed the server and been assigned a local UNIX UID and GID value.
If no mapping has been selected and if both of these checks fail, then the NT client will be added to the local
passwd file and assigned a UID and GID with numbers greater than or equal to 60001. The users credentials
are checked each time the user logs into the HP NetStorage 6000. The user must have the same NT domain
and user name to be considered the same.