Hewlett-Packard NetStorage 6000 Manual
Download Manual of HP NetStorage 6000 Storage for Free or View it Online on All-Guides.com.
Copyright © 2000 Hewlett-Packard Company Page 17 of 28
All Rights Reserved
q The HP NetStorage 6000 is designed to authenticate users directly with the appropriate NT account
domain. It does not pass authentication requests through it’s own resource domain. This allows the HP
NetStorage 6000 to participate on networks where the user accounts are separated from the NT resources
(Master Domain model), as well as on networks where user accounts and resources are contained in a
single domain. However, on networks designed around the Multiple Master Domain model, the HP
NetStorage 6000 may only be configured to authenticate users through only one of the account domains.
q The HP NetStorage 6000 can discover an appropriate domain controller to communicate with, given the
NT domain name. This allows the server to connect to any available domain controller within a domain.
q The HP NetStorage 6000 can obtain and store Security Descriptor information (ACLs) for its files. This is
accomplished through a user account logon to the resource domain. The user account information is
provided by the administrator when the system is configured for user level security.
3.4.3 DOS attributes
The DOS attributes are integrated with the file system and may be viewed, set or cleared via Windows
applications or utilities. The behavior associated with these attributes is detailed below:
archive Whenever a file is modified, locally, via NFS or SMB, this attribute is set. The archive attribute
may be used for operations such as network backup via NT systems.
hidden If a file is created via NFS whose name begins with “.”, this attribute will be set. It is otherwise
ignored by the system.
read-only If this attribute is set on a file, it will have the effect of making the file read-only regardless of the
UNIX or NT permissions.
system This attribute is ignored by the system.
4 Security on Mixed (UNIX/Windows) Networks
4.1 General Overview
The HP NetStorage 6000 works in a heterogeneous environment and supports file sharing between Windows
and UNIX clients using CIFS/SMB or NFS file access protocols respectively. In order to understand file sharing
in a heterogeneous environment it is necessary to understand the file system that the HP NetStorage 6000 uses,
how clients or users are identified in each protocol and how users can be mapped.
The HP NetStorage 6000 utilizes a UNIX file system. Objects that are created with NFS protocol and stored on
the HP NetStorage 6000 will have UNIX security attributes and classified as UNIX objects. Objects that are
created via SMB protocol have both UNIX and Windows security attributes and are classified as NT objects.
Since the native file system used by the HP NetStorage 6000 is a UNIX file system, any Windows objects that
are created will have both UNIX and NT security attributes associated with these objects. It is possible for a
Windows user to modify a UNIX objects' security attribute. After this modification, however, the object will be
considered an NT object. As a security policy it is not possible to modify the security attributes on a Windows