Manualshelf

HP-UX HB v13.00 Ch-20 - CIFS

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 Technical OE
11121314151617181920
HP-UX Handbook Rev 13.00 Page 11 (of 40)
Chapter 20 CIFS
October 29, 2013
There is one smbd for rdoelker, which is from a mapped drive and another one which is from
entering the UNC patch \\hprtdu96\kunden into the run line of the windows-client. Each time a
IPC$ share is connected too.
Kernel
The sytem-requirements did not change much since CIFS A.01.08 (see table in System
requirements for Samba 2.2 on HP-UX 11.0 for PA-Risc). There might be some changes if you
are running on HP-UX 11.23 September04 release. We will update this section if needed.
Generally each smbd needs 2Mb memory and uses 12 entries in the unix filetable (nfiles). The
use of unix file locks (nflocks) should be the same as in the recommendations below. It was not
possible to investigate the kernel values with the existing technology preview.
A word on HP-UX 11.0
As we have mentioned before HP CIFS Server 3 will not be offered for HP-UX 11.0, this is
because the end of product life was 2004. As I know that the base of 11.0 users is very large
I’ve tested a UNSUPPORTED configuration. You may get the 11.11 binaries to work on 11.0,
but your HP support will not support this.
You need:
# swlist -l product |grep e krb e ldap
KRB5-Client B.11.00.15 Kerberos V5 Client 1.11
LdapUxClient B.03.20 LDAP-UX Client Services
Check for patches in the patch database and for newer version on www.software.hp.com.
(KRB5-Client is named pam kerberos version 1.11 on software.hp.com)
Upon swinstall you may need the option “Allow installation of incompatible software”, maybe
you need to disable “enable script errors” to make it work. Then continues as describes above.
I’ve taken the many of the systemoutputs from my 11.0 system. (rainer.doelker@hp.com).
Security parameters
A good document for protecting samba is http://www.samba.org/samba/docs/server_security.html (HP
external). Besides we list some of the new smb.conf parameters which might be worth to think
about.
server schannel
the server schannel is a global parameter which rules if a netlogon schannel is offered or
demanded. If set to auto (default) it offers the schannel but does not enforce it. If set to yes
Clients prior to NT4SP4 will be excluded. This seems similar to the WindowsXP Registry value
requireSignOrSeal