Hewlett-Packard NetStorage 6000 Manual

Download Manual  of HP NetStorage 6000 Storage for Free or View it Online on All-Guides.com.

Brand: HP

Category: Storage

Type: Manual  for HP NetStorage 6000

Pages: 28 (0.13 Mb)

Download HP NetStorage 6000 Manual 

HP NetStorage 6000 Manual  - Page 1
1
HP NetStorage 6000 Manual  - Page 2
2
HP NetStorage 6000 Manual  - Page 3
3
HP NetStorage 6000 Manual  - Page 4
4
HP NetStorage 6000 Manual  - Page 5
5
HP NetStorage 6000 Manual  - Page 6
6
HP NetStorage 6000 Manual  - Page 7
7
HP NetStorage 6000 Manual  - Page 8
8
HP NetStorage 6000 Manual  - Page 9
9
HP NetStorage 6000 Manual  - Page 10
10
HP NetStorage 6000 Manual  - Page 11
11
HP NetStorage 6000 Manual  - Page 12
12
HP NetStorage 6000 Manual  - Page 13
13
HP NetStorage 6000 Manual  - Page 14
14
HP NetStorage 6000 Manual  - Page 15
15
HP NetStorage 6000 Manual  - Page 16
16
HP NetStorage 6000 Manual  - Page 17
17
HP NetStorage 6000 Manual  - Page 18
18
HP NetStorage 6000 Manual  - Page 19
19
HP NetStorage 6000 Manual  - Page 20
20
HP NetStorage 6000 Manual  - Page 21
21
HP NetStorage 6000 Manual  - Page 22
22
HP NetStorage 6000 Manual  - Page 23
23
HP NetStorage 6000 Manual  - Page 24
24
HP NetStorage 6000 Manual  - Page 25
25
HP NetStorage 6000 Manual  - Page 26
26
HP NetStorage 6000 Manual  - Page 27
27
HP NetStorage 6000 Manual  - Page 28
28
Copyright © 2000 Hewlett-Packard Company Page 16 of 28
All Rights Reserved
Note: If the object has no DACL, also known as a NULL DACL, the object has no protection and access is
granted to everyone. On the other hand, if the object has a DACL with no entries in it (termed an empty DACL),
no accesses are specifically granted, so access is implicitly denied to everyone. In all cases, the owner of an
object can modify the permissions of the object, regardless of the status of the DACL.
3.4 Considerations for the HP NetStorage 6000
3.4.1 Share Level Security
By default, the HP NetStorage 6000 accepts encrypted passwords for verification. In these cases, Windows
NT (also known as NT LM 0.12) password encryption is used. The HP NetStorage 6000 will also accept
plaintext passwords from older clients, for backward compatibility.
Since the native file system on the HP NetStorage 6000 is UNIX based, all files must have a UID and GID
associated with them. However, since Share Level security does not support the concept of users or groups, a
single UID and GID is assigned to each share, such that all files created in the share from Windows clients will
be assigned the UID and GID of the share.
When shares are managed through the web based administration tool, shares are automatically assigned a UID
and GID of zero (UID = 0, GID = 0). Since UID of zero effectively gives the share user root privileges, it is up to
the administrator to ensure that the Windows shares are created in such places so as not to expose sensitive
system files, or the resources of other UNIX users.
For administrators with special needs, the default UID and GID of zero may be changed for a given share. The
telnet interface of the HP NetStorage 6000 allows the user to specify the UID and the GID to be used for a
particular share. In this case, ALL directories and files created in the share will be assigned the UID and GID
specified by the administrator.
3.4.2 User Level Security
The HP HP NetStorage 6000 fully supports the security model of Windows NT systems. This includes the
assignment and enforcement of Security Descriptors to objects on the file system, as well as the authentication of
users attempting to access resources.
The CIFS protocol is documented in a public specification. The NetLogon service is not. NetLogon is a
proprietary Microsoft service that is used for establishing secure communications with a domain controller, and
providing pass-through authentication, as needed. Since a public specification for providing the same service as
NetLogon does not exist, the HP NetStorage 6000 must emulate the features of NetLogon where necessary.
q The HP NetStorage 6000 does not logon to the domain with a machine account. Thus, it is not a trusted
member of the domain. However, it can still advertise its resources through the domain that it is associated
with (the resource domain).
q The HP NetStorage 6000 is designed to authenticate users under the NT LM 0.12 or the Lan Man 1.2
dialects of SMB. The HP NetStorage 6000 simply forwards these requests to an NT domain controller for
authentication. The server is not designed to authenticate user accounts that are maintained locally.