HP SureStore CD-ROM Server/Tower User's Guide - 5967-2149
Setup for Microsoft Networks (SMB) 4-15
User-Level Access Control
You can implement user-level security authenticated by an NT
domain controller. A user logging in to the server must provide
her identity (name and domain) and password. The server uses
this information to validate her identity against the primary
domain controller (PDC). It actually logs in to the PDC, reads
the user's group membership, and then logs out. If its login is
successful, the user is allowed access to the server.
For SMB, the server maintains an administrator account that is
never authenticated against the primary domain controller,
because some method of access must be maintained in case the
PDC becomes unavailable.
For this access control, set the following SMB (Windows) para-
meters (stored in the config.ini file in the config folder):
Logging in.
Then, to log in as the local administrator on the
server, you will need to specify:
•
Domain: the name of the server
•
User: the administrator
•
Password: the contents of AdministratorPassword
parameter (see above)
Controlling Rights.
Under user-level SMB access control,
security rights can be set individually or by group membership.
The SMBUser/Group access-control parameter is used to create
entries for the user and group rights (in the relevant files stored
in the volumes folder). There can be as many of these entries as
needed in a particular file.
Parameter Name Value Description
SecurityMode userLevel
Implements user-level access con-
trol (authentication against PDC),
rather than share-level control.
Authentica-
tionDomain
<15-byte
string>
Name of the domain that all user's
identities are verified against.
User's account must reside within.
Administra-
torPassword
<15-byte
string>
Password of the
local
administrator
of the server (not the same as an
administrator with an account in the
domain).