Manualshelf

HP CIFS Client A.02.02.03 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
21222324252627282930
These HP-UX resources explain the essentials of Kerberos (in the respective Overview chapters in
each manual). This level of detail may be sufficient for most installations.
Configuration Guide for Kerberos Client Products on HP-UX:
http://docs.hp.com/hpux/onlinedocs/T1417-90005/T1417-90005.html
Installing, Configuring and Administering the Kerberos Server on HP-UX 11i:
http://docs.hp.com/hpux/onlinedocs/T1417-90001/T1417-90001.html
Installing, Configuring and Administering the Kerberos Server V 2.0 on HP-UX 11i:
http://docs.hp.com/hpux/onlinedocs/T1417-90003/T1417-90003.html
Other HP-UX resources can be found by searching for kerberos at http://docs.hp.com
In-depth discussion of the Kerberos protocol can be found in the following excellent documentation:
Kerberos: An Authentication Service for Computer Networks, B. Clifford Neuman and Theodore
Ts'o:
http://www.isi.edu/gost/publications/kerberos-neuman-tso.html
The documentation repository at Massachusetts Institute of Technology (the developer of
Kerberos):
http://web.mit.edu/kerberos
The Kerberos specification, RFC 1510. An excellent introduction (section 1) and descriptions
of message exchanges (section 3):
http://ftp.rfc-editor.org/in-notes/rfc1510.txt
Several informative papers can also be found at the Microsoft web site. Most of these
documentation also include practical infomation on how you should set up security in networks
of Windows computers. Please search for kerberos or related topics at:
http://www.microsoft.com
Step 2. Set Up and Verify the Kerberos Infrastructure
In order to use Kerberos with the HP CIFS Client, you must first have a working Kerberos
infrastructure on your network including the HP-UX host (independent of the CIFS Client). The
Kerberos infrastructure consists of:
A Key Distribution Center (KDC)
At least one CIFS server that supports Kerberos and is a member of the KDC's domain (called
a "realm" in the Kerberos terminology)
At least one user account on the KDC
A properly configured HP-UX Kerberos Client installation on the system running the HP CIFS
Client
NOTE: A domain name server (DNS) is recommended to be active on a Windows server on
your network. CIFS servers to which you want to connect should be configured in the Windows
DNS table in order to be recognized by the KDC.
For information on setting up a Key Distribution Center on a Windows 2000 or 2003 server, refer
to your Microsoft documentation.
The CIFS servers to which you want to connect via Kerberos with the CIFS client must be joined to
the Windows Domain. For more information, refer to Windows online help or the HP CIFS Server
Administrator's Guide.
For information on setting up user accounts on a Windows KDC, consult online help for managing
user Domain accounts.
Using Kerberos with the HP CIFS Client 25