HP ProLiant Storage Server User Guide (440584-001, February 2007)

ManualsBrandsHP ManualsStorageHP ProLiant DL320s 3.6TB SAS Storage Server

Therefore, the administrator nee ds to install the Server for NFS Authentication DLL on Windows 2000

domain controllers when:

• The NFS ﬁle serving environment uses previous NFS releases (NAS, SFU, and so on).

• The Windows domain environment uses pre-2003 domain controllers.

See Table 8 for guidance as to when to use NFS Authentication DLL instead of S4U legacy NFS and

R2 MSNFS.

Table 8 Authentication table

Domain controller type

Legacy NFS (pre-WSS2003 R2) MSNFS (WSS2003 R2)

Legacy domain

controller

(pre-WSS200

Requires NFS A

uthentication DLL

on domain con

troller

Requires NFS A

uthentication DLL

on doma in con

troller

Recent d o main controllers

(WSS2003 and later)

Requires NFS Authentication DLL

on domain controller

Usesthebuilt-inS4U(onthe

domain controller). It is unaffected

by the NFS Authentication DLL on

the domain controller.

The S4U set of extensions to the Kerberos protocol consists of the Service-for-User-to-Proxy (S4U2Proxy)

extension and the Service-for-User-to-Self (S4U2Self) extension. For m ore information about the S4U2

extensions, see the Kerberos articles at the following URLs: h

ttp://searchwi ndowssecurity.techtarget.com/

originalContent/0,289142,sid 45_gci1013484,00. ht ml (intended for IT professionals) and

ttp://msdn.microsoft.com/m sdnmag/ iss ues/03/04/SecurityBriefs/default.aspx (intended for

developers).

Installing NFS Authentication D LL on domain controllers

NOTE:

Iftheauthenticationsoftwareisnotinstalledonalldomaincontrollersthathaveusernamemappings,

includin

g primary domain controllers, backup domain controllers, and Active Directory domains, then

domain user name mappings will not work correctly.

You need t

o install the version of NFS Authentication included with Services for UN IX 3.5. You can

download Services for UNIX 3.5 at no charge from h

ttp://go.microsoft.com/fwlink/?LinkId=44501.

To install the Authentication software on the domain controllers:

1. From the SFU 3.5 ﬁles, locate the director y named SFU35SEL_EN.

2. On the domain controller where the Authentication software is b eing installed use Windows Explorer

to:

a. Open the shared directory containing setup.exe.

b. Double-click the ﬁle to open it. Windows Installer is opened.

NOTE:

If the domain controller used does not have Windows Installer installed, locate the ﬁle

InstMSI.exe on the SFU 3.5 directory and run it. After this installation, the Windows

Installer program starts when opening setup.exe.

3. In the Microsoft Windows Services for UNIX Setup Wizard dialog box, click Next.

4. In the User na m e box, enter your name. If the na me of your organization does not appear in the

Organization box, enter the name of your organization there.

5. Read the End User License Agreement c arefully. If you accept the terms of the agreement, click I

acceptthetermsintheLicenseAgreement, and then click Next to continue installation. If you click I

do not accept the License Agreement (Exit Setup), the installation procedure terminates.

Microsoft Services for Network File System (MSNFS)