Manualshelf

HP CIFS Server 3.0b Administrator's Guide version A.02.01.01

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
171172173174175176177178179180
Winbind Support
Overview
Chapter 7162
How Winbind works
Winbind works by using the winbind daemon
(/opt/samba/bin/winbindd) that communicates with a Windows
Domain Controller, the name services provided by the Name Service
Switch (NSS), and configuration options in the smb.conf file. With
winbind support, you need to set up the NSS configuration file,
/etc/nsswitch.conf, to enable a HP-UX system to look up UID and
GID mappings for users and groups that reside exclusively in the
Windows domain.
When a user connects to a HP CIFS Server share, the user’s Windows
SID (Security Identifier) is mapped to a UID and set of GID within a
range specified in the smb.conf file. When the user creates or modifies a
file on the share, this mapped UID and GID pair is recorded as the owner
and group owner of the file.
When a UNIX procees needs to translate these UID and GID pairs into
user names, it calls standard C library functions, getpwname() and
getgrnam(), to search the user name associated with the UID and GID
pair. These routines in turn use the entries in the /etc/nsswitch.conf
file to determine which name services backend to use to obtain the
information. When the winbind entry is specified in the
/etc/nsswitch.conf file, the /usr/lib/libnss_winbind.1 routine is
called which interfaces with the winbind daemon, winbindd, to translate
the UID and GID back into the Windows SID, and then query the
password server for the user name associated with this SID.