Manualshelf

HP CIFS Server 3.0f Administrator's Guide verison A.02.03

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
71727374757677787980
NOTE: While the HP CIFS Server may operate satisfactorily with other LDAP products, HP only provides
LDAP support for the HP CIFS Server with HP LDAP-UX Integration, J4269AA, HP Netscape Directory Server,
J4258CA, or HP Red Hat Directory Server, NSDirSvr7, product configurations.
HP CIFS Server Advantages
The HP CIFS Server with the LDAP support provides the following benefits to the customer:
Reduces the need to maintain user account information across multiple HP CIFS servers, as LDAP provides
a centralized user database management.
Easily adds multiple HP CIFS servers or users to the LDAP directory environment. This greatly improves
the scalability of the HP CIFS Server.
Stores and looks up user account information in the LDAP directory. This reduces the user lookup time
for large databases by providing an indexed search rather than a sequential search.
The amount of information stored in the smbpasswd file has no room for additional attributes. With
the LDAP support, the schema is extensible, you can store more user information into the LDAP directory.
This also eliminates the need for additional employee and user databases.
Network Environments
The HP CIFS Server supports many different network environments. Features such as WINS, browser control,
domain logons, roaming profiles, and many others continue to be available to support a diverse range of
network environments. LDAP integration provides one more alternative solution for Samba user authentication.
Domain Model Networks
CIFS Server Acting as the Primary Domain Controller (PDC)
Since PDCs are responsible for Windows authentication, HP CIFS Servers configured as PDCs will replace
smbpasswd with LDAP enabled directory servers for Windows authentication. Other Samba configuration
items may remain unchanged. Administrators of new LDAP configurations must also install the HP LDAP-UX
Integration software and configure the LDAP client. This will also permit the consolidation of Posix and
Windows users on the LDAP directory server.
CIFS Server Acting as the Member Server
HP CIFS Servers acting as member servers in the domain model network environment can continue to operate
as member servers by leaving their Samba configuration unchanged. The Windows authentication requests
will continue to be managed by the PDC whether through LDAP or smbpasswd. Administrators of new LDAP
configurations may want to install the HP LDAP-UX Integration software and configure the LDAP client to
consolidate Posix and Windows users on the LDAP directory server.
If a member server (security = domain) is also configured to enable LDAP, then it will still try to
authenticate via the PDC. If the PDC authentication fails, then it will try to authenticate directly via the LDAP
directory server set in its own smb.conf configuration file.
CIFS Server Acting as Backup Domain Controller (BDC) to Samba PDC
Since BDCs are also responsible for Windows authentication, HP CIFS Servers configured as BDCs can
access the LDAP directory for user authentication. BDC configuration is vey similar to PDC configuration with
the exception that you set both master browser and domain master tono.
CIFS Server acting as an Active Directory Service (ADS) Member Server
ADS Member Servers use LDAP libriaries and Kerberos security to access ADS Domain Controllers'
authentication services. Therefore, LDAP-UX Integration and HP Kerberos Client Library products are required.
See Chapter 5 “Windows 2000/2003 Domains” for details.
78 LDAP Integration Support