Manualshelf

HP CIFS Server 2.2i Administrator's Guide version A.01.11.01

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
121122123124125126127128129130
LDAP Integration Support
Overview
Chapter 6 109
Overview
Lightweight Directory Access Protocol (LDAP) provides a framework for
the development of a centralized management infrastructure. LDAP
supports directory enabled computing by consolidating applications,
services, user accounts, Windows account and configuration information
into a central LDAP directory.
Samba customer sites with large numbers of users and servers may want
to integrate the HP CIFS Server with LDAP support. Configuring
multiple HP CIFS servers to communicate with the LDAP directory
server provides a centralized and scalable management of user
databases. When you integrate the HP CIFS Server with the LDAP-UX
Integration product on HP-UX, the HP CIFS Server can access the
Netscape Directory Server for user authentication.The LDAP database
can replace /etc/passwd or NIS and smbpasswd or NT server user
databases.
You can now store the Windows user information in an LDAP directory,
which had been previously stored in the smbpasswd file. With the LDAP
integration, the SMBD program will use the LDAP directory to look up the
Windows user information during authentication and authorization
processes. Also, when you invoke the smbpasswd program to add, delete
or change Windows user information, updates are made in the LDAP
user database rather than the smbpasswd file.
You can enable the LDAP support with configuration parameters
provided by the HP CIFS Server. By default, the ldap enable
parameter is disabled which will result in smbpasswd or Windows server
authentication. See “LDAP Configuration Parameters” on page 134, for
more information on a list of new configuration parameters.
You can configure the ldap ssl parameter specified in the smb.conf file
to enable the Secure Sockets Layer (SSL) support. With the SSL support,
the HP CIFS Server allows you to access an enabled SSL LDAP directory
to protect passwords over the network and to ensure confidentiality and
data integrity between CIFS servers and SSL enabled LDAP directory
servers.