HP CIFS Server Administrator Guide Version A.03.01.03 (5900-2006, October 2011)
Table Of Contents
- HP CIFS Server Administrator Guide Version A.03.01.03
- Contents
- About this document
- 1 Introduction to the HP CIFS Server
- 2 Installing and configuring HP CIFS Server
- HP CIFS Server requirements and limitations
- Step 1: Installing HP CIFS Server software
- Step 2: Running the configuration script
- Step 3: Modify the configuration
- Step 4: Starting HP CIFS Server
- Other Samba configuration issues
- 3 Managing HP-UX file access permissions from Windows NT/XP/2000/Vista/Windows 7
- Introduction
- UNIX file permissions and POSIX ACLs
- Using the Windows NT Explorer GUI to create ACLs
- Using the Windows Vista Explorer GUI to create ACLs
- POSIX ACLs and Windows 2000, Windows XP, Windows Vista, and Windows 7 clients
- HP CIFS Server Directory ACLs and Windows 2000, Windows XP, Windows Vista, and Windows 7 clients
- In conclusion
- 4 Windows style domains
- Introduction
- Configure HP CIFS Server as a PDC
- Configure HP CIFS Server as a BDC
- Domain member server
- Create the Machine Trust Accounts
- Configure domain users
- Join a Windows client to a Samba domain
- Roaming profiles
- Configuring user logon scripts
- Home drive mapping support
- Trust relationships
- 5 Windows 2003 and Windows 2008 domains
- 6 LDAP integration support
- Overview
- Network environments
- Summary of installing and configuring
- Installing and configuring your Directory Server
- Installing LDAP-UX Client Services on an HP CIFS Server
- Configuring the LDAP-UX Client Services
- Enabling Secure Sockets Layer (SSL)
- Extending the Samba subschema into your Directory Server
- Migrating your data to the Directory Server
- Configuring the HP CIFS Server
- Creating Samba users in directory
- Management tools
- 7 Winbind support
- 8 Kerberos support
- 9 HP CIFS deployment models
- Introduction
- Samba Domain Model
- Windows Domain Model
- Unified Domain Model
- 10 Securing HP CIFS Server
- 11 Configuring HA HP CIFS
- 12 HP-UX configuration for HP CIFS
- 13 Tool reference
- Glossary
- Index
able to make use of locking mechanisms when multiple systems are involved. You need to be aware
of the following things when using HP CIFS Server in either an NFS or a Veritas CFS environment:
• CIFS Server running simultaneously on multiple nodes should not use either NFS or Veritas
CFS to concurrently share the smb.conf configuration and its subordinate CIFS system files
in /var/opt/samba/locks and /var/opt/samba/private.
There are operational reasons why multiple nodes should not share a configuration file
concurrently such a name/IP registration conflicts, etc. Also, sharing ansmb.conf file will
likely lead to sharing CIFS Server system data, increasing the likelihood of concurrent file
access and the possibility of CIFS Server corruption.
• Beginning with version A.02.02, HP CIFS Server does not start if another master daemon is
sharing the daemon PID files including a daemon on another node. (By default, PID files are
found in the /var/opt/samba/lock path). CIFS does this to prevent the problems with
sharing the CIFS Server configuration as discussed above.
• Avoid using HP CIFS Server to share Veritas CFS directories simultaneously on multiple nodes.
Since NFS and Veritas CFS provides for multiple nodes to read and write the same files
concurrently, you should use extra caution when configuring HP CIFS Server on multiple nodes
since most locking mechanisms do not span across multiple nodes. Simultaneous file access
can lead to data corruption if multiple producers overwrite each others work.
• The smb.conf parameter strict locking may be set to yes to prevent data corruption
but it may also lead to decrease performance.
By default, since HP CIFS Server provides access to files from multiple clients (and from multiple
nodes sharing an NFS or a Veritas CFS), there is the possibility of concurrent file access and
hence at least a remote chance of data corruption. Therefore, HP CIFS Server provides a "strict
locking" mechanism that can be enabled to prevent concurrent file access. When strict
locking is set toyes in smb.conf, the server checks every read and write access for file
locks, and denies access if locks exist. Since this check will be slow on some systems and well
behaved clients do ask for lock checks when it is important, HP recommends that you set
strict locking to no in smb.conf for most environments. The default value for strict
locking is no.
NetBIOS names are not supported on port 445
HP CIFS Server A.02.* and A.03.* versions (based on Samba 3.x.y) can accept connections on
port 445 as well as the original port 139. However, since port 445 connections are for SMB over
TCP and do not support the NetBIOS protocol. NetBIOS names are not supported on port 445.
This means features of Samba that depend on NetBIOS will not work. For example, the "virtual
server" technique depending on an "include = /etc/opt/samba/smb.conf.%L" which
ends up referring to another smb.conf.<netbios name> will not work.
You can use the smb.conf parametersmb ports to specify which ports the server should listen
on for SMB traffic. Set smb ports to 139 to disable port 445. By default, smb ports is set to
445 139.
32 Installing and configuring HP CIFS Server