Manualshelf

HP CIFS Server Administrator Guide Version A.02.04.04 (5070-6710, October 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
81828384858687888990
Workgroup Model Networks
HP CIFS Servers configured with server mode security will attempt to authenticate Windows users
on the server specified. If LDAP is enabled, then authentication will fall back to the LDAP server if
the server mode authentication fails. HP CIFS Servers configured with share mode security may
replace smbpasswd with an LDAP directory server. HP CIFS Servers configured with as stand-alone
user mode servers may replace smbpasswd with an LDAP directory server.
UNIX User Authentication - /etc/passwd, NIS Migration
HP UNIX user authentication is required in addition to Samba (Windows) user authentication for
HP CIFS Server logon. You can consolidate Samba and UNIX users into a single LDAP directory
server database. However, the /etc/passwd file or NIS database files can continue to be used
for UNIX users if desired. You can use migration scripts provided by HP to migrate the /etc/
passwd file and NIS database files to the LDAP directory server. For more information on the
migration scripts, see “Migrating Your data to the Directory Server” (page 88) .
The CIFS Authentication with LDAP Integration
With LDAP integration, multiple HP CIFS Servers can share a single LDAP directory server for a
centralized user database management. The HP CIFS Server can access the LDAP directory and
look up the windows user information for user authentication. The figure 6-1 shows the CIFS
authentication in the LDAP network environment:
Figure 20 The CIFS Authentication with LDAP Integration
CIFS Server2
CIFS Server1
LDAP Directory
Server
Windows PCWindows PC
1
2
4
5
3
CIFS Protocol
LDAP Protocol
6
The following describes the message exchanges among the Windows PC, CIFS Server and LDAP
directory server for the user authentication shown on Figure 6-1:
1. A Windows user requests a connection.
2. The CIFS Server sends a challenge to the Windows PC client.
3. The Windows PC client sends a responsepacket to the CIFS Server based on the user password
and the challenge information.
4. The CIFS Server looks up the LDAP directory server for the user data and requests data attributes
including the password information.
Network Environments 81