CIFS Server Administrator's Guide Version A.03.02.00 (5900-2578, January 2013)

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software

9 HP CIFS deployment models....................................................................117

Introduction..........................................................................................................................117

Samba domain model...........................................................................................................117

Samba Domain components..............................................................................................120

HP CIFS Server acting as a PDC....................................................................................120

HP CIFS Server acting as a BDC...................................................................................120

HP CIFS acting as the member server.............................................................................121

An example of the Samba Domain model...........................................................................121

A Sample smb.conf file for a PDC.................................................................................121

Configuration options..................................................................................................122

A Sample smb.conf file for a BDC.................................................................................123

Configuration options..................................................................................................123

A Sample smb.conf file for a domain member server.......................................................123

Configuration options..................................................................................................124

A Sample /etc/nsswitch.ldap file..................................................................................124

Windows domain model.......................................................................................................125

Components for Windows domain model...........................................................................126

An Example of the ADS domain model...............................................................................126

A sample smb.conf file For an HP CIFS ADS member server..............................................126

A sample /etc/krb5.conf file........................................................................................128

A sample /etc/nsswitch.conf file...................................................................................128

An example of Windows NT domain model........................................................................129

A Sample smb.conf file for an HP CIFS member server.....................................................129

Unified domain model...........................................................................................................131

Unified domain components..............................................................................................132

HP CIFS acting as a Windows 200x ADS member server.................................................132

Setting up the unified domain model..................................................................................132

Setting up LDAP-UX client services on an HP CIFS Server.......................................................132

Installing and configuring LDAP-UX client services on an HP CIFS Server.............................132

Configuring /etc/krb5.conf to authenticate using Kerberos...............................................133

Installing SFU 3.5 on a Window 2003 or 2008 R2 ADS Domain Controller............................133

An Example of the Unified omain Model.............................................................................133

A sample smb.conf file for an HP CIFS member server.....................................................134

A sample /etc/krb5.conf file........................................................................................134

A sample /etc/nsswitch.conf file...................................................................................135

10 Securing HP CIFS Server........................................................................136

Security protection methods....................................................................................................136

Restricting network access.................................................................................................136

Using host restrictions..................................................................................................136

An example...........................................................................................................136

Using interface protection.............................................................................................136

Interface protection example....................................................................................136

Using a firewall...........................................................................................................137

Using an IPC$ share-based denial.................................................................................137

Protecting sensitive information..........................................................................................137

Encrypting authentication.............................................................................................137

Protecting sensitive configuration files.............................................................................138

Using %m name replacement macro With caution................................................................138

Restricting execute permission on stacks..............................................................................139

Restricting user access......................................................................................................139

Automatically receiving HP security bulletins.............................................................................139

Reporting new security vulnerabilities..................................................................................140

11 Configuring HA HP CIFS........................................................................141

Overview of HA HP CIFS Server.............................................................................................141

Contents 7