HP CIFS Windows 2000 Interoperability (October 2002)
CIFS/9000 and Windows 2000 Interoperability
Hewlett-Packard
30
• Web Server
1. Web user access secure page
2. Look up account data (etc\passwd or NIS/LDAP server)
5.3.2 Unified Login Scenario
• CIFS/9000 Share Map
1. Authenticate to W2000 domain controller (ADS)
2. Look up account data on W2000 domain controller (ADS)
• Telnet
1. Windows or HP-UX client telnets to host
2. Look up account data on W2000 domain controller (ADS)
• Web Server
1. Web user access secure page
2. Look up account data on W2000 domain controller (ADS)
With Unified Login, all account lookups are routed to the Windows 2000 Active Directory on
the domain controller, whether the account is Windows or HP-UX. /etc/passwd still exists on
the servers to hold local account data – like root.
NSSWITCH.CONF is configured to route user and group lookups to LDAP. LDAP
configuration points to the Windows 2000 ADS. PAM.CONF sends authentication requests
to the correct protocol. For telnet and web users, the KRB5.CONF file is used. CIFS/9000
passes through to NTLM, which is handled by the user space daemon smbd, so PAM is not
used at all.
The Windows 2000 Active Directory schema must be extended to add the POSIX account
attributes. This extension is accomplished using Microsoft Services For UNIX (SFU) version
2.0, and is a one-way operation – it is not possible to back out the changes once they have
been applied to the schema. The HP product set includes LDAP-UX Migration scripts that
automatically populate the ADS with existing account data from a standard HP-UX
structure.
Detailed installation and configuration instructions are available at:
http://www.docs.hp.com/hpux/internet/index.html.
HP-UX
CIFS Server
Web Server
Unix Server
Map
\
\
Server
\
share
Map
\
\
Server
\
share
AuthenticateAuthenticate
Account LookupAccount Lookup
Telnet hostnameTelnet hostname
Auth/Acct LookupAuth/Acct Lookup
http://server.comhttp://server.com
Auth/Acct LookupAuth/Acct Lookup
Active Directory
Username
•SID
•UID
•GID
Client
•Windows
•HP-UX