Configuring adlds – HP X1000 Network Storage Systems User Manual
Page 43
services domain, you can use Active Directory Application Mode and Active Directory Lightweight
Data Services; both of these services are installed in your system at the factory. Microsoft Services for
NFS can also use any RFC 2307 compliant Lightweight Directory Access Protocol (LDAP) service or
an existing Windows Server 2003R2 User Name Mapping server to provide username mapping
services.
For more information, see the Windows Storage Server 2008 Help.
Active Directory Lightweight Directory Services (ADLDS)
Windows Storage Server 2008 no longer includes the User Name Mapping (UNM) service for UNIX
to Windows user mapping. The Services for Network File System feature now requires that users
utilize an existing UNM server or utilize Active Directory to map UNIX users to Windows users. HP
X1000 and X3000 systems utilize the Active Directory Lightweight Directory Services (ADLDS) role
to eliminate these requirements for standalone servers. Additionally, a utility script is provided to assist
in configuring ADLDS.
Configuring ADLDS
The following examples describe the format of a password and a group file. Password and group
files can be created or copied from the NFS client system.
Password file syntax
Each line of a standard UNIX password file follows this format:
user:password:UID:GID:comment:home directory:command shell
All fields are required, but the only fields that are used are the user, UID, and GID fields.
Group file syntax
Each line of a standard UNIX group file follows this format:
Group:password:GID:group list
All fields are required, but only the Group and GID fields are used. The GID field value must match
the GID field value in the password file for those users that belong to the group.
IMPORTANT:
•
User names in the password file cannot match group names in the group file. Windows does not
allow user names and group names to be the same.
•
All users included in the password file are imported. Consider removing some users from the file
before running the configuration script.
•
All groups in the group file are imported. Consider removing some groups from the group file
before running the configuration script.
•
Every imported user must have a password before that user can be used for user name mapping.
You can specify a common password for all imported users on the script command line.
•
If specifying the password on the command line, you must use a password that meets the password
strength requirements of your system. By default Windows Storage Server 2008 requires strong
passwords.
HP X1000 and X3000 Network Storage System User Guide
43