Manualshelf

HP-UX HB v13.00 Ch-20 - CIFS

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 Virtual Server Operating Environment (VSE-OE) LTU
11121314151617181920
HP-UX Handbook Rev 13.00 Page 12 (of 40)
Chapter 20 CIFS
October 29, 2013
server signing
server signing is another global parameter which offers [auto|mandatory|disable]. Auto (default)
will offer SMB signing but not enforce it.Mandatory will SMB signing is required, this will
exclude connections to older Windows Servers. SMB signing is a feature which approx started
with Windows 2000 SP3.
The same values exist for the communication with the clients: client schannel and client
signing. Furthermore there are two values which should be kept to Yes: client use spnego and
use spnego. Samba will try to use Simple and Protected NEGOciation (as specified by rfc2478)
with WindowsXP and Windows2000 servers and clients to agree upon an authentication
mechanism.
Copy = other service (S)
HP CIFS client
A simplified way to explain HP CIFS Client is that it is a translation mechanism for NFS-RPC
calls into CIFS protocol and back. HP CIFS Client enables HP-UX users to mount shares as
UNIX filesystems from a CIFS/SMB protocol speaking file servers (including W95, W98,
WinNT, W2K, W2K3, ASU, CIFS server or Samba)
CIFS client allows to restrict access permissions for users. Users are being validated against the
connected Windows/smb server. CIFS client can as well be part of a domain to easily validate
domain-users. CIFS client can archive mounts and cifslogins in a binary database file to re-
establish connections after restarting.
The basic configuration file is /etc/opt/cifsclient/cifsclient.cfg
HP CIFS Client current version
The current version of HP CIFS Client is A.02.02.02, which offers extended kerberos support.
This means that cifsclient depends on an additional software package which brings the relevant
kerberos libaries. The bundle is called "pam kerberos J5849AA" you can download the software
from www.software.hp.com <security and manageability> for free. The actual cifsclient version
will be found on www.software.hp.com as well under <internet ready and networking>
HP CIFS Client technically seen
cifsclientd acts as NFS server for the internal HP-UX kernel, whilst the kernel is the NFS client
to cifsclientd. Externally cifsclientd speaks smb/cifs protocol. Having understood this it is much
easier to work with cifsclient and understand the messages in syslog.log which are are flagged as
NFS. (e.g. "NFS server <windows-server> not responding", that is cifsclientd which is not
responding.) Furthermore this would explain that if the kernel believes that a mount is still active