White Paper - File Sharing Security
Copyright © 2000 Hewlett-Packard Company Page 26 of 28
All Rights Reserved
• Administrator has selected full user name mapping
Client assumptions:
• UNIX client created the file and is the owner of the file.
• The Windows client is accessing the HP NetStorage 6000 for the first time
• Windows full name matches the UNIX comment field exactly
Files Scanned or Read Files Written Comments
passwd
-no relevant entry
The client has never accessed
the HP NetStorage 60001
so they don't have an auto-
assigned number or a UNIX
UID value.
Passwd.nis file is scanned and a
match is made between the
UNIX comment field and the NT
logon full name.
Users.map file has a new
entry that contains information
about the NT domain and
UNIX accounts that have now
been matched.
The UNIX account UID is
assigned to this Windows
client. A mapping is created.
7.3 Windows File Accessed by UNIX Clients
For this example a Windows client is creating a file that they want to share with other Windows clients and
UNIX users who are in the same group as themselves.
The client has the following information:
Windows UNIX
User Name User name: msullivan
NT domain: Empire
- no account
Group Primary group: marketing marketing
HP NetStorage 6000 Configuration assumptions:
• Administrator has established file volume permission so that both UNIX and Windows clients can access the
file.
• NIS server administration is used and enabled so that the passwd.nis and group.nis files are populated with
UNIX user and group accounts.
• Administrator has selected group mapping only
Client assumptions:
• Windows client created the file and is the owner of the file.
• As a Windows client the user has stored the file on the HP NetStorage 6000
• Client has accessed the HP NetStorage 6000 as a Windows client
• Windows logon name does not match any UNIX logon name
• Windows primary group matches a known UNIX group