Manualshelf

HP CIFS Server 3.0f Administrator's Guide verison A.02.03

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
71727374757677787980
6 LDAP Integration Support
This chapter describes the HP CIFS Server with LDAP integration. It includes benefits of LDAP, procedures to
install, configure and verify the HP Netscape Directory Server, HP LDAP-UX Integration product and HP CIFS
Server software. It contains the following sections:
“Overview”
“Network Environments
“Summary of Installing and Configuring
“Installing and Configuring Your Directory Server
“Installing LDAP-UX Client Services on an HP CIFS Server”
“Configuring the LDAP-UX Client Services
“Enabling Secure Sockets Layer (SSL)”
“Migrating Your data to the Directory Server
“Extending the Samba Subschema into Your Directory Server”
“Configuring the HP CIFS Server
“Installing your Samba Users in the Directory”
“LDAP management Tools
“Limitations with the LDAP Feature Support”
Overview
Lightweight Directory Access Protocol (LDAP) provides a framework for the development of a centralized
management infrastructure. LDAP supports directory enabled computing by consolidating applications,
services, user accounts, Windows account and configuration information into a central LDAP directory.
Samba customer sites with large numbers of users and servers may want to integrate the HP CIFS Server
with LDAP support. Configuring multiple HP CIFS servers to communicate with the LDAP directory server
provides a centralized and scalable management of user databases. When you integrate the HP CIFS Server
with the LDAP-UX Integration product on HP-UX, the HP CIFS Server can store user accounts information on
the Netscape Directory Server.The LDAP database can replace /etc/passwd or NIS and smbpasswd or
NT server user databases.
The LDAP directory can be used to store the Windows user information which had previously beeen stored
in the smbpasswd file. When the HP CIFS Server is configured to use the LDAP integration, the SMBD program
will use the LDAP directory to look up the Windows user information during authentication and authorization
processes. Also, when you invoke the smbpasswd program to add, delete or change Windows user
information, updates are made in the LDAP user database rather than the smbpasswd file.
You can enable the LDAP support with configuration parameters provided by the HP CIFS Server. HP CIFS
Server will access an LDAP directory server for password, user, group, and other data when you specify the
smb.conf passwd backend parameter to ldapsam.
You can configure the ldap ssl parameter specified in the smb.conf file to enable the Secure Sockets
Layer (SSL) support. With the SSL support, the HP CIFS Server allows you to access an enabled SSL LDAP
directory to protect passwords over the network and to ensure confidentiality and data integrity between
CIFS servers and SSL enabled LDAP directory server. You can set passdb backend =
ldapsam:ldaps://<fully qualitied name of NDS server> to enable the SSL support.
Overview 77