HP CIFS Server Administrator Guide Version A.03.01.03 (5900-2006, October 2011)
Table Of Contents
- HP CIFS Server Administrator Guide Version A.03.01.03
- Contents
- About this document
- 1 Introduction to the HP CIFS Server
- 2 Installing and configuring HP CIFS Server
- HP CIFS Server requirements and limitations
- Step 1: Installing HP CIFS Server software
- Step 2: Running the configuration script
- Step 3: Modify the configuration
- Step 4: Starting HP CIFS Server
- Other Samba configuration issues
- 3 Managing HP-UX file access permissions from Windows NT/XP/2000/Vista/Windows 7
- Introduction
- UNIX file permissions and POSIX ACLs
- Using the Windows NT Explorer GUI to create ACLs
- Using the Windows Vista Explorer GUI to create ACLs
- POSIX ACLs and Windows 2000, Windows XP, Windows Vista, and Windows 7 clients
- HP CIFS Server Directory ACLs and Windows 2000, Windows XP, Windows Vista, and Windows 7 clients
- In conclusion
- 4 Windows style domains
- Introduction
- Configure HP CIFS Server as a PDC
- Configure HP CIFS Server as a BDC
- Domain member server
- Create the Machine Trust Accounts
- Configure domain users
- Join a Windows client to a Samba domain
- Roaming profiles
- Configuring user logon scripts
- Home drive mapping support
- Trust relationships
- 5 Windows 2003 and Windows 2008 domains
- 6 LDAP integration support
- Overview
- Network environments
- Summary of installing and configuring
- Installing and configuring your Directory Server
- Installing LDAP-UX Client Services on an HP CIFS Server
- Configuring the LDAP-UX Client Services
- Enabling Secure Sockets Layer (SSL)
- Extending the Samba subschema into your Directory Server
- Migrating your data to the Directory Server
- Configuring the HP CIFS Server
- Creating Samba users in directory
- Management tools
- 7 Winbind support
- 8 Kerberos support
- 9 HP CIFS deployment models
- Introduction
- Samba Domain Model
- Windows Domain Model
- Unified Domain Model
- 10 Securing HP CIFS Server
- 11 Configuring HA HP CIFS
- 12 HP-UX configuration for HP CIFS
- 13 Tool reference
- Glossary
- Index
Workgroup model networks
HP CIFS Servers configured with server mode security will attempt to authenticate Windows users
on the server specified. If LDAP is enabled, then authentication will fall back to the LDAP server if
the server mode authentication fails. HP CIFS Servers configured with share mode security may
replace smbpasswd with an LDAP directory server. HP CIFS Servers configured with as stand-alone
user mode servers may replace smbpasswd with an LDAP directory server.
UNIX user authentication - /etc/passwd, NIS Migration
HP UNIX user authentication is required in addition to Samba (Windows) user authentication for
HP CIFS Server logon. You can consolidate Samba and UNIX users into a single LDAP directory
server database. However, the /etc/passwd file or NIS database files can continue to be used
for UNIX users if desired. You can use migration scripts provided by HP to migrate the /etc/
passwd file and NIS database files to the LDAP directory server. For more information on the
migration scripts, see “Migrating your data to the Directory Server” (page 89) .
CIFS authentication with LDAP integration
With LDAP integration, multiple HP CIFS Servers can share a single LDAP directory server for a
centralized user database management. The HP CIFS Server can access the LDAP directory and
look up the windows user information for user authentication. The figure 6-1 shows the CIFS
authentication in the LDAP network environment:
Figure 20 The CIFS Authentication with LDAP Integration
CIFS Server2
CIFS Server1
LDAP Directory
Server
Windows PCWindows PC
1
2
4
5
3
CIFS Protocol
LDAP Protocol
6
The following describes the message exchanges among the Windows PC, CIFS Server and LDAP
directory server for the user authentication shown on Figure 6-1:
1. A Windows user requests a connection.
2. The CIFS Server sends a challenge to the Windows PC client.
3. The Windows PC client sends a responsepacket to the CIFS Server based on the user password
and the challenge information.
4. The CIFS Server looks up the LDAP directory server for the user data and requests data attributes
including the password information.
80 LDAP integration support