HP CIFS Server 3.0k Administrator's Guide version A.02.04

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software

101

102

103

104

105

106

107

108

109

110

7 Winbind Support

This chapter describes the HP CIFS winbind feature and explains when to use it and how best

to configure its use. It contains the following topics:

• “Overview”

• “Winbind Features”

• “Winbind Process Flow”

• “Winbind Supports Non-blocking, Asynchronous Functionality”

• “When and How to Deploy Winbind”

• “Configuring HP CIFS Server with Winbind”

• “idmap Backend Support in Winbind”

• “Starting and Stopping Winbind”

• “An Example for File Ownership by Winbind Users”

Overview

HP CIFS Server must resolve the fact that HP-UX and Microsoft Windows use different

technologies to represent user and group identity. Winbind is a CIFS feature which is one of

several different ways in which CIFS can map the Windows implementation of user and group

security identifiers, SIDs, to the HP-UX implementation of user and group identifiers, UIDs and

GIDs. Further, there are several different ways to deploy winbind to achieve this mapping. The

purpose of winbind is to automate the creation of UIDs and GIDs and maintain their

correspondence to the appropriate Windows SIDs in order to minimize identity management

efforts.

Winbind is an important feature to understand before you configure HP CIFS Server because

choosing an appropriate configuration for your environment is the key to minimize IT

management problems. Choosing the best way to map identities for your environment is important

because directories and files populate file systems with permissions based on the identities of

the owners. Over time, the difficulty of changing user maps will increase unless the proper

configuration is chosen initially. This chapter will help you understand winbind and configure

CIFS appropriately.

NOTE: Winbind user mapping is only appropriate when the HP CIFS Server is a member server

of a Microsoft Windows domain.

For more information about winbind, refer to chapter 23, "Winbind:Use of Domain Accounts"

in the Samba 3.0 HOWTO Reference Guide at the following web site:

http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/

Winbind Features

Winbind provides the following features:

• Identity resolution via the Name Services Switch (NSS) (as configured in /etc/

nsswitch.conf)

The Name Service Switch (NSS) is an HP-UX feature which allows system information such

as host names, user names, and group names to be resolved from different sources.

Overview 109