HP CIFS Windows 2000 Interoperability (October 2002)

CIFS/9000 and Windows 2000 Interoperability
Hewlett-Packard
29
…or the separate account databases can be combined onto the Windows 2000 ADS using
HP’s Unified Login capability.
5.3 Unified Login
Unified Login is officially known as “Integrating HP-UX Account Management and
Authentication with Microsoft Windows 2000 Active Directory” at
http://www.docs.hp.com/hpux/internet/index.html. Unified Login is an acceptable
abbreviation.
Unified Login provides the tools needed to consolidate HP-UX account data and Windows
2000 account data in a common location on the Windows 2000 Active Directory. Users and
groups from both platforms are now administered in one place, and users have one user
name and one password. These features significantly simplify administration of two
different but integrated platforms.
Unified Login uses existing HP products to authenticate and access HP-UX users on ADS:
PAM_KERBEROS (for HP-UX logins, not CIFS/9000)
LDAP_UX Integration
CIFS/9000
The benefits are:
Cost savings no dual administration
No synchronization of accounts
No confusion one password for both Windows and HP-UX
5.3.1 Traditional Login Scenario
CIFS/9000 Share Mapping
1. Windows client maps share
2. Authenticate to Domain Controller
3. Look up account data (etc\passwd or NIS/LDAP server)
Telnet
1. Windows or HP-UX client telnets to host
2. Look up account data (etc\passwd or NIS/LDAP server)
HP-UX Server
NIS Server
Windows Domain Controller
CIFS Server
Web Server
Unix Server
Map
\
\
Server
\
share
Map
\
\
Server
\
share
AuthenticateAuthenticate
Account Lookup
/etc/passwd
Account LookupAccount Lookup
/etc/passwd
Telnet hostnameTelnet hostname
Auth/Acct Lookup
/etc/passwd
Auth/Acct LookupAuth/Acct Lookup
/etc/passwd
LDAP Server
Etc…
http://server.comhttp://server.com
Auth/Acct Lookup
/etc/passwd
Auth/Acct LookupAuth/Acct Lookup
/etc/passwd
NIS+ Server
Client
Windows
HP -UX