HP CIFS Server 3.0d Administrator's Guide version A.02.02 (Edition 5)
Configuring HA HP CIFS
Special Notes for HA HP CIFS Server
Chapter 11 251
password timeout, 604800 seconds by default), HP recommends
that you locate secrets.tdb on a shared logical volume. The location of
the secrets.tdb file is defined by the smb.conf parameter, private
dir. For example, private dir =
/var/opt/samba/shared_vol_1/private will result in the file
/var/opt/samba/shared_vol_1/private/secrets.tdb.
User authentication is also dependent on several entries in different
security files. Other important security files are the user password
file, smbpasswd and passdb.tdb. If you have your Samba server
configured with the “passdb backend = smbpasswd”, for example,
then you have an smbpasswd file. By default, this file is located in
the path /var/opt/samba/private but the passdb backend
parameter can be in two parts, the backend name and a location
string that has meaning only to that particular backend. For
example, passdb backend =
tdbsam:/var/opt/samba/private/path1/passdb.tdb,
smbpasswd:/var/opt/samba/private/path2/smbpasswd will
result in files /var/opt/samba/private/path1/passdb.tdb and
/var/opt/samba/private/path2/smbpasswd.
For both the machine account file and user password file, HP
recommends that you store the files in a common and secure
directory on a shared logical volume.
• Username Mapping File
If you configure your Samba server to use a username mapping file,
HP recommends that you configure it to be located on a shared
logical volume. This way, if changes are made, all the nodes will
always be up-to-date. The username mapping file location is defined
in smb.conf by the parameter username map, e.g. username map =
/var/opt/samba/shared_vol_1/username.map. There is no
username map file by default.
• Winbind Configurations
Add the commented winbind lines in samba.mon and samba.cntl as
reviously described.
Winbind makes use of several files winbindd.pid,
winbindd_cache.tdb, winbindd_idmap.tdb, and directory
winbindd_privileged, in the /var/opt/samba/locks directory.