Manualshelf

HP CIFS Server 3.0b Administrator's Guide version A.02.01.01

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
171172173174175176177178179180
Winbind Support
Overview
Chapter 7 161
Overview
UNIX and Microsoft Windows NT have different models to represent
user and group information and use different technologies for
implementing them. Winbind is a component of the Samba suite of
programs that resolve Windows users and groups to HP-UX UIDs and
GIDs. Winbind uses a UNIX implementation and the Name Services
Switch (NSS) to allow Windows NT domain users to appear and operate
as UNIX users on a HP-UX system. Winbind stores the ID mappings
database in a tdb file or a LDAP directory.
Winbind provides the following two features:
Identity resolution via Name Service Switch (NSS)
The Name Service Switch (NSS) is a feature which allows system
information such as hostname, user names, group names to be
resolved from different sources.
The NSS application programming interface allows winbind to
present itself as a source of system information when resolving
HP-UX user names and groups. Winbind uses NSS interfce to
enumerate the users and groups on a HP-UX machine running
winbind and see all users and groups in a Windows domain.
Winbind provides the NSS routine, /etc/lib/libnss_winbind.1,
which interfaces to the winbind daemon to resolve ID mappings.
User and group ID allocation
Winbind maintains a database called winbind_idmap.tdb where it
stores mapping data between HP-UX UIDs/GIDs and Windows SIDs
(Security Identifiers). It stores the UID and GID allocated from
idmap uid/gid range that it has mapped to the Windows SID. If the
idmap backend has been specified as ldapsam:ldap://<ldap
server name>, then winbind obtains this information from the
LDAP directory server instead of using a local mapping file.
For more information about winbind, refer to chapter 20, “Winbind:Use
of Domain Accounts” in the Samba 3.0 HOWTO Reference Guide.