Manualshelf

HP CIFS Server Administrator's Guide Version A.03.01.04 (5900-2303), April 2012

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
71727374757677787980
HP CIFS server advantages
The HP CIFS Server with the LDAP support provides the following benefits to the customer:
Reduces the need to maintain user account information across multiple HP CIFS servers, as
LDAP provides a centralized user database management.
Easily adds multiple HP CIFS servers or users to the LDAP directory environment. This greatly
improves the scalability of the HP CIFS Server.
Stores and looks up user account information in the LDAP directory. This reduces the user
lookup time for large databases by providing an indexed search rather than a sequential
search.
The amount of information stored in the smbpasswd file has no room for additional attributes.
With the LDAP support, the schema is extensible, you can store more user information into the
LDAP directory. This also eliminates the need for additional employee and user databases.
Network environments
The HP CIFS Server supports many different network environments. Features such as WINS, browser
control, domain logons, roaming profiles, and many others continue to be available to support a
diverse range of network environments. LDAP integration provides one more alternative solution
for Samba user authentication.
Domain model networks
CIFS Server acting as the Primary Domain Controller (PDC)
Since PDCs are responsible for Windows authentication, HP CIFS Servers configured as PDCs will
replace smbpasswd with LDAP enabled directory servers for Windows authentication. Other
Samba configuration items may remain unchanged. Administrators of new LDAP configurations
must also install the HP LDAP-UX Integration software and configure the LDAP client. This will also
permit the consolidation of Posix and Windows users on the LDAP directory server.
CIFS Server acting as the member server
HP CIFS Servers acting as member servers in the domain model network environment can continue
to operate as member servers by leaving their Samba configuration unchanged. The Windows
authentication requests will continue to be managed by the PDC whether through LDAP or
smbpasswd. Administrators of new LDAP configurations may want to install the HP LDAP-UX
Integration software and configure the LDAP client to consolidate Posix and Windows users on the
LDAP directory server.
If a member server (security = domain) is also configured to enable LDAP, then it will still try
to authenticate via the PDC. If the PDC authentication fails, then it will try to authenticate directly
via the LDAP directory server set in its own smb.conf configuration file.
CIFS Server acting as Backup Domain Controller (BDC) to Samba PDC
Since BDCs are also responsible for Windows authentication, HP CIFS Servers configured as BDCs
can access the LDAP directory for user authentication. BDC configuration is vey similar to PDC
configuration with the exception that you set both master browser and domain master to
no.
CIFS server acting as an Active Directory Service (ADS) member server
ADS Member Servers use LDAP libriaries and Kerberos security to access ADS Domain Controllers'
authentication services. Therefore, LDAP-UX Integration and HP Kerberos Client Library products
are required. See “Windows 2003 and Windows 2008 domains” (page 68) for details.
Network environments 79