Authentication table – HP StorageWorks 1200 All-in-One Storage System User Manual

Page 164

Advertising
background image

Refer to

Table 47

for guidance as to when to use NFS Authentication DLL instead of S4U legacy NFS

and R2 MSNFS.

Table 47 Authentication table

MSNFS (WSS2003 R2)

Legacy NFS (pre-WSS2003
R2)

Domain controller type

Requires NFS Authentication DLL on
domain controller

Requires NFS Authentication DLL
on domain controller

Legacy domain controller
(pre-WSS2003)

Uses the built-in S4U (on the domain
controller). It is unaffected by the NFS
Authentication DLL on the domain
controller.

Requires NFS Authentication DLL
on domain controller

Recent domain controllers
(WSS2003 and later)

The S4U set of extensions to the Kerberos protocol consists of the Service-for-User-to-Proxy (S4U2Proxy)
extension and the Service-for-User-to-Self (S4U2Self) extension. For more information about the S4U2
extensions, see the Kerberos articles at the following URLs:

http://

searchwindowssecurity.techtarget.com/originalContent/0,289142,sid45_gci1013484,00.html

(intended for IT professionals) and

http://msdn.microsoft.com/msdnmag/issues/03/04/SecurityBriefs/

default.aspx

(intended for developers).

Installing NFS Authentication DLL on domain controllers

NOTE:

If the authentication software is not installed on all domain controllers that have user name mappings,
including primary domain controllers, backup domain controllers, and Active Directory domains, then
domain user name mappings will not work correctly.
You need to install the version of NFS Authentication included with Services for UNIX 3.5. You can download
Services for UNIX 3.5 at no charge from

http://go.microsoft.com/fwlink/?LinkId=44501

.

To install the Authentication software on the domain controllers:

1.

From the SFU 3.5 files, locate the directory named SFU35SEL_EN.

2.

On the domain controller where the Authentication software is being installed use Windows
Explorer to:

a.

Open the shared directory containing setup.exe.

b.

Double-click the file to open it. Windows Installer is opened.

NOTE:

If the domain controller used does not have Windows Installer installed, locate the file
InstMSI.exe

on the SFU 3.5 directory and run it. After this installation, the Windows

Installer program starts when opening setup.exe.

3.

In the Microsoft Windows Services for UNIX Setup Wizard dialog box, click Next.

4.

In the User name box, enter your name. If the name of your organization does not appear in the
Organization box, enter the name of your organization there.

Microsoft Services for Network File System (MSNFS)

164

Advertising
This manual is related to the following products:

400r All-in-One Storage System, 400t All-in-One Storage System, StorageWorks 400 All-in-One Storage-System, StorageWorks 600 All-in-One Storage-System

Popular Brands
Popular manuals