Solaris CIFS Service CIFS. Alan Wright amw@sun.com



Similar documents
A COMPARISON BETWEEN THE SAMBA3 AND LIKEWISE LWIOD FILE SERVERS

<Samba status report>

USING USER ACCESS CONTROL LISTS (ACLS) TO MANAGE FILE PERMISSIONS WITH A LENOVO NETWORK STORAGE DEVICE

Sun ZFS Storage Appliance Rule-Based Identity Mapping Between Active Directory and Network Information Services Implementation Guide

How To Manage File Access On Data Ontap On A Pc Or Mac Or Mac (For A Mac) On A Network (For Mac) With A Network Or Ipad (For An Ipad) On An Ipa (For Pc Or

SerNet. Clustered Samba. Nürnberg April 29, Volker Lendecke SerNet Samba Team. Network Service in a Service Network

Configuring and Managing CIFS on VNX

Clustered Data ONTAP 8.2

EMC Celerra Network Server

EMC VNX Series. Configuring and Managing CIFS on VNX. Version VNX1, VNX2 P/N REV. 03

EMC Celerra Network Server

MSRPC NULL sessions. Exploitation and protection. Jean-Baptiste Marchand

SerNet. Samba Status Update. Linuxkongress Hamburg October 10, Volker Lendecke SerNet Samba Team. Network Service in a Service Network

Integrating Red Hat Enterprise Linux 6 with Microsoft Active Directory Presentation

CIFS/NFS Gateway Product Release Notes. Version May 2015 Revision A0

Windows network services for Samba folks

About Microsoft Windows Server 2003

Implementing Alternate Data Streams in Likewise Storage Services Wei Fu Software Engineer Likewise Software

Windows Services. Support Windows and mixed-platform workgroups with high-performance, affordable network services. Features

How To Configure the Oracle ZFS Storage Appliance for Quest Authentication for Oracle Solaris

Managing Celerra for the Windows Environment

How the Active Directory Installation Wizard Works

Introduction to Computer Security

ONEFS MULTIPROTOCOL SECURITY UNTANGLED

Migrating Your Windows File Server to a CTERA Cloud Gateway. Cloud Attached Storage. February 2015 Version 4.1

Intel Entry Storage System SS4200-E Active Directory Implementation and Troubleshooting

Isilon OneFS. Version OneFS Migration Tools Guide

WHITE PAPER. Understanding Windows & UNIX File Permissions on GuardianOS

Oracle Solaris Security: Mitigate Risk by Isolating Users, Applications, and Data

The Best of Both Worlds Sharing Mac Files on Windows Servers

ACE Names and UID/GID/SIDs

Univention Corporate Server. Operation of a Samba domain based on Windows NT domain services

SMB in the Cloud David Disseldorp

Quality of Service (bandwidth limitation): Default is 2 megabits per second.

Samba. Samba. Samba 2.2.x. Limitations of Samba 2.2.x 1. Interoperating with Windows. Implements Microsoft s SMB protocol

Solaris For The Modern Data Center. Taking Advantage of Solaris 11 Features

CONFIGURING ACTIVE DIRECTORY IN LIFELINE

Samba and Vista with IPv6

GuardianOS Data Migration Tool Enables Ease of Snap Server Deployment and Data Consolidation WHITE PAPER

Common Internet File System

Integration with Active Directory. Jeremy Allison Samba Team

Default configuration for the Workstation service and the Server service

Linuxdays 2005, Samba Tutorial

OS-9 for 68K Samba File Manager. Reference manual

OpenVMS Update & OpenVMS Common Internet File System based on SAMBA

TECHNICAL TRACKSNETWORKING ESSENTIALS OPPORTUNISTIC LOCKING

Chapter 15 Windows Operating Systems

Setting Up Scan to SMB on TaskALFA series MFP s.

Security IIS Service Lesson 6

Using Samba to play nice with Windows. Bill Moran Potential Technologies

Isilon OneFS. Version 7.2. OneFS Migration Tools Guide

Instructions for Adding a MacOS 10.4.x Server to ASURITE for File Sharing. Installation Section

FreeIPA Cross Forest Trusts

Oracle ZFS Storage Appliance Security Guide

CommVault Simpana Archive 8.0 Integration Guide

Managing SMB File Sharing andwindows Interoperability in Oracle Solaris 11.1

File Access and Protocols Management Guide For 7-Mode

Data ONTAP 8.2. MultiStore Management Guide For 7-Mode. NetApp, Inc. 495 East Java Drive Sunnyvale, CA U.S.

Chapter 11 Distributed File Systems. Distributed File Systems

Windows Security. CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger.

Implementing the Hadoop Distributed File System Protocol on OneFS Jeff Hughes EMC Isilon

MULTIPROTOCOL DATA ACCESS: NFS, CIFS, AND HTTP

Samba on HP StorageWorks Enterprise File Services (EFS) Clustered File System Software

Windows Server 2003 default services

EMC ISILON MULTIPROTOCOL DATA ACCESS WITH A UNIFIED SECURITY MODEL

IDENTITIES, ACCESS TOKENS, AND THE ISILON ONEFS USER MAPPING SERVICE

NetApp Storage System Plug-In for Oracle Enterprise Manager 12c Installation and Administration Guide

# Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable its WINS Server ; wins support = no

Active Directory network protocols and traffic

Walton Centre. Document History Date Version Author Changes 01/10/ A Cobain L Wyatt 31/03/ L Wyatt Update to procedure

Active Directory network protocols and traffic

EMC VNXe Series. Security Configuration Guide. Version REV 04

Introduction to Highly Available NFS Server on scale out storage systems based on GlusterFS

Windows Assessment. Vulnerability Assessment Course

Defense Security Service Office of the Designated Approving Authority Standardization of Baseline Technical Security Configurations

Mac OS X Directory Services

Product Specification

NETASQ SSO Agent Installation and deployment

CIFS Permissions Best Practices Nasuni Corporation Natick, MA

File Services. File Services at a Glance

The Win32 Network Management APIs

Samba 4 AD + Fileserver

How To Set Up Egnyte For Netapp Sync For Netapp

Synology NAS Server Windows ADS FAQ

Migrating from NFSv3 to NFSv4. Migrating from NFSv3 to NFSv4. March of STORAGE NETWORKING INDUSTRY ASSOCIATION

Transparent fileservices for Windows, Unix and Mac

Using Windows Administrative Tools on VNX

Mac OS X Server. File Services Administration For Version 10.4 or Later

The Mac OS X Server Essentials v10.5 Exam Skills Assessment Guide

Configuring Active Directory Binding for OS X (10.4.x) within Miami Dade Schools

SGI NAS. CIFS User Guide Release 3.1.x

SerNet. Samba Status Update. Munich 13. March Volker Lendecke SerNet Samba Team. Network Service in a Service Network

Parallels Plesk Panel

Transcription:

Solaris CIFS Service CIFS Alan Wright amw@sun.com

Solaris CIFS Service Windows Interoperability opensolaris First-class Solaris Citizen kernel based protocol (a la NFS) file system (vfs and zfs) support credential (access token) support kernel i18n support sharemgr command line utilities

Windows Interoperability Requirements SMB Authentication Unicode and Windows OEM code pages NetBIOS-less SMB (SMB-over-TCP) Share management Active Directory support Local Authentication (PAM) Local Windows groups Support for large group membership Mandatory locking Oplocks Case-insensitive file operations Open (share/deny) modes Packet signing and sealing DOS attributes (Hidden, Read-Only, System, Archive)

Windows Interoperability Requirements (2) File Change Notification Access Tokens (Windows credentials) SID (GUID) rather than POSIX UID SIDs in access tokens have attributes Groups can have 1000s of members SIDs in groups have attributes Security Descriptors (Super-set of ACLs) NTFS Alternate Data Streams MacOS resource forks, Solaris extended attributes Name mangling SMB/CIFS Mac Extensions File delete-on-close

Solaris CIFS Service SMB/CIFS LM 0.12 protocol Legacy dialects somewhat supported MSRPC/DCERPC NDL Compiler and Library Core MSRPC Services SMB/CIFS Redirector NetBIOS transport and services Name Service, Datagram Service, Transport, Browser client ADS Client Join Domain, Dynamically publish shares in ADS Dynamic DNS client Dynamically publish hostname-ip mappings in DNS SMB Autohome Dynamically publish home directory shares PRIV_SYS_SMB

Windows Core MSRPC Services SRVSVC Server Service Workstation Workstation Service LSARPC Local Security Authority SAMR Security Accounts Manager NETR NetLogon (authentication with DC) SVCCTL Service Control Service (read-only) WINREG Windows Registry (read-only) SPOOLSS Print Spool Service (access denied) LOGR Event Log Service (disabled by default)

SMB/CIFS Project PSARC/2006/715 CIFS Service Commitment review: approved September 2007 Putback: October 2007 Related PSARC cases 2000/007 CIFS Locking and File Sharing 2006/315 Winchester 2007/064 Unified POSIX and Windows Credentials for Solaris 2007/149 UTF-8 Text Preparation 2007/173 kiconv 2007/177 SMF Sensitive Property Storage 2007/218 VOP Caller Context 2007/227 VFS Feature Registration and ACL-on-Create 2007/244 ZFS Case-Insensitive Support 2007/268 CIFS share reservations

CIFS Related PSARC Cases (cont) 2007/280 CIFS Support for sharemgr 2007/281 NFS share properties for Montana compatibility 2007/315 Extensible Attribute Interfaces 2007/394 ls(1) '-/' and '-%' options for system attributes 2007/403 Modified Access Checks for CIFS 2007/410 Add system attribute to chmod 2007/432 CIFS system attributes support for cp(1), pack(1), unpack(1), compress(1) and uncompress(1) 2007/440 nbmand changes for CIFS Service 2007/444 Rescind SETTABLE Attribute 2007/458 User land UTF-8 text preparation functions 2007/459 CIFS system attributes support for cpio, pax and tar 2007/476 OPAQUE Moved to Readonly View 2007/544 pam_smb_passwd 2007/546 Update utilities to match CIFS system attributes changes

ZFS NFS and ZFS 2007/171 ZFS Separate Intent Log 2007/197 ZFS hotplug 2007/199 zfs {create,clone,rename} -p 2007/227 VFS Feature Registration and ACL-on-Create 2007/244 ZFS Case-Insensitive Support 2007/315 Extensible Attribute Interfaces 2007/403 Modified Access Checks for CIFS NFS PSARC/2007/280 CIFS Support for sharemgr Multiple resource names per shared path sharemgr support for the smb protocol PSARC/2007/281 NFS share properties for Montana compatibility New share access properties: none, root_mapping Host based character mapping: iso8859/euc to UTF-8

Multi-protocol File Server Features ZFS Case-sensitive, case-insensitive or mixed-case datasets Unified access control Identity mapping (via Winchester) Atomic ACL-on-create Access granted masks UTF-8 names on disk DOS and system attributes Cross-protocol features Mandatory locking Integrated range locking CIFS oplock/ NFSv4 delegation synchronization User and group identity mapping (SID <-> UID) Unified support for open (share/deny) modes

Solaris CIFS Architecture MS-RPC Services SMB CLI Winchester UID-SID Mapping ShareMgr NetBIOS Browser ADS Client MS-RPC Library smbd smbrdr SMF (Config Data) User Kernel sockets ksmb VFS ZFS

SMB/CIFS Roadmap (post putback) Performance Server Manager Host-based access control Invalid character mapping Share-level ACLs MS-DFS (SMB referrals) NT4.0 domain support (Winchester update) Print support Ipv6 Kerberos user authentication Mac/DAVE and UNIX extensions

opensolaris URLs http://opensolaris.org/os/ http://www.opensolaris.org/os/community/storage/ http://opensolaris.org/os/project/smbfs/ http://www.opensolaris.org/os/community/zfs/ http://opensolaris.org/os/community/nfs/ http://opensolaris.org/os/project/nfsv41/

Solaris CIFS Service CIFS Alan Wright amw@sun.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information