Manualshelf

HP CIFS Server Administrator Guide Version A.02.04.04 (5070-6710, October 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
919293949596979899100
7 Winbind Support
This chapter describes the HP CIFS winbind feature and explains when to use it and how best to
configure its use. It contains the following topics:
“Overview” (page 96)
“Winbind Features” (page 96)
“Winbind Process Flow” (page 98)
“Winbind Supports Non-blocking, Asynchronous Functionality” (page 99)
“When and How to Deploy Winbind” (page 100)
“Configuring HP CIFS Server with Winbind” (page 103)
“idmap Backend Support in Winbind” (page 105)
“Starting and Stopping Winbind” (page 106)
An Example for File Ownership by Winbind Users” (page 107)
Overview
HP CIFS Server must resolve the fact that HP-UX and Microsoft Windows use different technologies
to represent user and group identity. Winbind is a CIFS feature which is one of several different
ways in which CIFS can map the Windows implementation of user and group security identifiers,
SIDs, to the HP-UX implementation of user and group identifiers, UIDs and GIDs. Further, there are
several different ways to deploy winbind to achieve this mapping. The purpose of winbind is
to automate the creation of UIDs and GIDs and maintain their correspondence to the appropriate
Windows SIDs in order to minimize identity management efforts.
Winbind is an important feature to understand before you configure HP CIFS Server because
choosing an appropriate configuration for your environment is the key to minimize IT management
problems. Choosing the best way to map identities for your environment is important because
directories and files populate file systems with permissions based on the identities of the owners.
Over time, the difficulty of changing user maps will increase unless the proper configuration is
chosen initially. This chapter will help you understand winbind and configure CIFS appropriately.
NOTE: Winbind user mapping is only appropriate when the HP CIFS Server is a member server
of a Microsoft Windows domain.
For more information about winbind, refer to chapter 23, "Winbind:Use of Domain Accounts"
in the Samba 3.0 HOWTO Reference Guide at the following web site:
http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/
Winbind Features
Winbind provides the following features:
Identity resolution via the Name Services Switch (NSS) (as configured in /etc/
nsswitch.conf)
The Name Service Switch (NSS) is an HP-UX feature which allows system information such as
host names, user names, and group names to be resolved from different sources.
96 Winbind Support