When a user logs on to a UNIX host computer, the user's name and password are compared to those in a password file. If they match a user name and password in the file, the server returns a corresponding user identifier (UID) and group identifier (GID). The UID and GID identify the user for Network File System (NFS) browsing and mounting operations.
Server for NFS makes it possible for clients to access NFS resources without separately logging on to Server for NFS. Instead, the first time you try to access an NFS resource, Server for NFS looks up your UNIX UID and GID information in either Active Directory Domain Services or User Name Mapping. If your UNIX UID and GID information is mapped to Windows user and group accounts, the Windows names are returned to Server for NFS, which then uses the Windows user and group names to grant file access. If your UNIX UID and GID information is not mapped, then Server for NFS will deny file access.
Note | |
User Name Mapping has changed. Server functionality no longer exists, but client functionality is present. Services for NFS can still retrieve mappings from existing legacy User Name Mapping servers. |
Specifying how Server for NFS obtains Windows user and group information
You can perform this procedure using the following methods:
To specify how Server for NFS obtains UID and GID information using the Windows interface |
-
Open Services for Network File System: click Start, point to Administrative Tools, and then click Services for Network File System (NFS).
-
If necessary, connect to the computer you want to manage.
-
Right-click Services for NFS, and then click Properties.
-
Specify how Server for NFS obtains UID and GID information for users:
- To use Active Directory Lookup, select the
Active Directory domain name check box, type the domain
name, and then click Apply.
- To use User Name Mapping, select the User
Name Mapping check box, type the name of the mapping server you
want to use for authentication, and then click Apply.
Notes - Before using Active Directory Lookup, you must install and populate the Identity Management for UNIX Active Directory schema extension, included in Windows Server 2008, or use an equivalent schema that includes UNIX UID and GID fields. Identity Management for UNIX greatly simplifies this aspect of Windows-to-UNIX user account management in Active Directory Domain Services.
- You can specify the IP address of the User Name Mapping server instead of the name of the server.
- Before using User Name Mapping, the computer running Server for NFS must be listed in the .maphosts file on the computer running User Name Mapping.
- To use Active Directory Lookup, select the
Active Directory domain name check box, type the domain
name, and then click Apply.
To specify how Server for NFS obtains UID and GID information using the command line |
-
Open a command prompt with elevated privileges.
- Click Start, and then click All Programs.
- Point to Accessories, right-click the Command Prompt
icon, and then click Run as administrator.
- Click Start, and then click All Programs.
-
Specify how Server for NFS obtains user UID and GID information for users.
- To use Active Directory Lookup, type:
nfsadmin mapping [ComputerName] config adlookup=yes addomain=DomainName
Argument Description DomainName
The name of the domain controller you want to use.
ComputerName
The name of the computer you want to manage.
Notes - To view the complete syntax for this command, at a command prompt, type: nfsadmin mapping /?
- Before using Active Directory Lookup, you must install and populate the Identity Management for UNIX Active Directory schema extension, included in Windows Server 2008, or use an equivalent schema that includes UNIX UID and GID fields. Identity Management for UNIX simplifies this aspect of Windows-to-UNIX user account management in Active Directory Domain Services.
- To use Active Directory Lookup, type: