Configuring and Managing MPE/iX Internet Services (July 2001)

ManualsBrandsHP ManualsSoftwareMPE/iX 7.0 Operating System

111

112

113

114

115

116

117

118

119

120

Chapter 7 119

Samba for MPE/iX Services

Samba for MPE/iX Server Security Mode

Samba for MPE/iX server mode security is just one of the security

policies of user level authentication. This mode of security is one of the

types in processing user authentication. After the user is validated,

access rights are enforced for the user:

To make Samba for MPE/iX operate in server security mode:

• Add security = server in the

[global] section for smb.conf

specifying security = server in smb.conf, the server security

mode is on.

• Add password server = <yourNTserver>

This option will allow Samba for MPE/iX to ask a remote SMB

server for password checks, e.g., a Windows NT server. This option

will be useful if you are integrating an MPE/iX into an already

existing NT domain. It is better to set your Windows NT (primary or

backup domain controller) server as the password server.

Please set the password parameter to the DNS name of the

Windows NT server.

After setting up the conﬁguration, the client can proceed to login to the

Samba for MPE/iX server. When connecting to a service using user level

security, the client sends a session setup SMB that includes username

and password. This step is not necessary while using shared level

security.

In server level security, the Samba for MPE/iX server reports to the

client in which it is in user level security. The client sends username

and password pair. The Samba for MPE/iX server takes the

username/password that the client sent and attempts to login to the

“password server” by sending exactly the same username/password

that it got from the client. If that server is in user level security and

accepts the password, Samba for MPE/iX accepts the client’s

connection. This allows the Samba for MPE/iX server to use another

SMB server as the “password server,” the user authenticates against

the NT password.

Some particular issues with Samba for MPE/iX and Windows NT: one

of the problems with Windows NT is that NT refuses to connect to a

server that is in user level security mode and doesn’t support password

encryption unless it ﬁrst prompts the user for a password.

This means that even if you have the same password on the NT box and

the Samba for MPE/iX server, you will get prompted for a password.

Entering the correct password will get you connected.