HP CIFS Server Administrator Guide Version A.03.01.03 (5900-2006, October 2011)
Table Of Contents
- HP CIFS Server Administrator Guide Version A.03.01.03
- Contents
- About this document
- 1 Introduction to the HP CIFS Server
- 2 Installing and configuring HP CIFS Server
- HP CIFS Server requirements and limitations
- Step 1: Installing HP CIFS Server software
- Step 2: Running the configuration script
- Step 3: Modify the configuration
- Step 4: Starting HP CIFS Server
- Other Samba configuration issues
- 3 Managing HP-UX file access permissions from Windows NT/XP/2000/Vista/Windows 7
- Introduction
- UNIX file permissions and POSIX ACLs
- Using the Windows NT Explorer GUI to create ACLs
- Using the Windows Vista Explorer GUI to create ACLs
- POSIX ACLs and Windows 2000, Windows XP, Windows Vista, and Windows 7 clients
- HP CIFS Server Directory ACLs and Windows 2000, Windows XP, Windows Vista, and Windows 7 clients
- In conclusion
- 4 Windows style domains
- Introduction
- Configure HP CIFS Server as a PDC
- Configure HP CIFS Server as a BDC
- Domain member server
- Create the Machine Trust Accounts
- Configure domain users
- Join a Windows client to a Samba domain
- Roaming profiles
- Configuring user logon scripts
- Home drive mapping support
- Trust relationships
- 5 Windows 2003 and Windows 2008 domains
- 6 LDAP integration support
- Overview
- Network environments
- Summary of installing and configuring
- Installing and configuring your Directory Server
- Installing LDAP-UX Client Services on an HP CIFS Server
- Configuring the LDAP-UX Client Services
- Enabling Secure Sockets Layer (SSL)
- Extending the Samba subschema into your Directory Server
- Migrating your data to the Directory Server
- Configuring the HP CIFS Server
- Creating Samba users in directory
- Management tools
- 7 Winbind support
- 8 Kerberos support
- 9 HP CIFS deployment models
- Introduction
- Samba Domain Model
- Windows Domain Model
- Unified Domain Model
- 10 Securing HP CIFS Server
- 11 Configuring HA HP CIFS
- 12 HP-UX configuration for HP CIFS
- 13 Tool reference
- Glossary
- Index
4 Windows style domains
Introduction
This chapter describes how to configure the roles that an HP CIFS Server can play in a Windows
style domain, whether it is a Samba Domain, consisting solely of HP CIFS Servers, or as a Windows
domain with a Microsoft Domain Controller (DC). Configuration of Member Servers joining a
Windows 2000 and Windows 2003 Domain as a pre-Windows 2000 compatible computer is
described here. Chapter 5, Windows 2003 and Windows 2008 Domains, should be consulted
for configuration of Member Servers joining Domains with a Windows 2003 or Windows 2008
Domain Controller as an ADS Member Server. Chapter 9, HP CIFS Deployment Models describes
further how the server roles can be utilized in common network deployments.
HP CIFS Server can be configured to play different roles in an Windows style Domain Model
including:
• Member Server in a Windows 2003 or Windows 2008 Domain with a Microsoft DC
• PDC in an Samba Domain where an HP CIFS Server serves as the PDC
• Backup Domain Controller (BDC) in an Samba Domain where an HP CIFS Server serves as
the PDC
• Member Server in an Samba Domain where HP CIFS Server serves as the PDC
Advantages of the Samba Domain Model
The HP CIFS Server PDC domain model provides a number of advantages:
• HP CIFS Server PDC domain administrators may group workstations and servers under the
authority of a domain controller
• Domain members may be centrally administered by using domains to group related machines.
One of the benefits of this is the ability for user accounts to be common for multiple systems.
A user may now make one password change which will affect multiple systems accessed by
that user. Another benefit is that IT administration work is reduced, since there is no longer a
need for individual accounts to be administered on each system
• HP CIFS BDCs may be configured to off load some of the HP CIFS PDC authentication
responsibilities and can be promoted to a PDC if the PDC fails or needs to be taken out of
services.
Primary Domain Controllers
The Primary Domain Controller (PDC) is responsible for several tasks within the domain. These
include:
• Authenticating user logon for users and workstations that are members of the domain
• Acting as a centralized point for managing user account and group information for the domain
• A user logged on to the Primary Domain Controller (PDC) as the domain administrator can
add, remove or modify Windows domain account information on any machine that is part of
the domain
54 Windows style domains