Hp Nas Va Security In An Nt-Only Environment; Share-Level Security; User Level (Domain) Security - HP J3278B - SureStore CD-ROM Server/Tower 7 NAS Server User Manual

Surestore network attached storage (nas) va solution

Hide thumbs Also See for J3278B - SureStore CD-ROM Server/Tower 7 NAS Server:

Administrator's manual (306 pages)

User manual (168 pages)

Manual (28 pages)

Table Of Contents

100

Table of Contents

HP NAS VA Security in an NT -only Environment

The security schema for NT systems is different from that of UNIX, but there are two similarities:

You can set up the security model to allow user authentication at the share level;

alternatively, you use a security domain, in which authentication is handled by a

Primary Domain Controller (PDC) or Backup Domain Controller (BDC).

Processes are run with an identity of a user and any groups to which that user

belongs for either that workstation or the domain. Each data object is associated with

meta-data, sometimes called a security descriptor (SD). The security descriptor

contains a list of permissions or denials in the Access Control List (ACL), which

contains an almost limitless number of permutations that can be associated with a

data object.

The HP NAS VA lets you choose between two security models:

Share-level security

User-level (Domain) security

Additionally, host access is available in the NT environment to control which client machines are

allowed access to the HP NAS VA, regardless of the user. The allowed clients are specified by a

list of IP addresses or hostnames representing those machines. Host access controls access by

machine, not user.

Share-Level Security

With share-level security, the server explicitly asks for permission (password) every time a user

connects to a share on the HP NAS VA. Thus, any user on the network who knows the name of

the HP NAS VA, the name of the resource (or file), and the password has access to the resource.

When you are using share-level security, you can assign shares a read-only password and/or a

read-write password.

User Level (Domain) Security

With user-level security, the client accessing the HP NAS VA passes the credentials of the

logged-on user to the HP NAS VA system transparently. The HP NAS VA in turn queries the

Primary Domain Controller (PDC) or Backup Domain Controller (BDC) to authenticate the user.

Once the user is authenticated, the PDC or BDC returns a Security ID (SID) that the HP NAS VA

uses to check the client's access rights. This token is then used with all subsequent requests

from that client.

The HP NAS VA supports the NT Master Domain model. This allows the HP NAS VA to

participate in a resource domain that is separate from the domain in which users are

authenticated.

Table of Contents

This manual is also suitable for:

J3278b 7

Hp Nas Va Security In An Nt-Only Environment; Share-Level Security; User Level (Domain) Security - HP J3278B - SureStore CD-ROM Server/Tower 7 NAS Server User Manual

Share-level security

User Level (Domain) Security

Related Manuals for HP J3278B - SureStore CD-ROM Server/Tower 7 NAS Server

Related Content for HP J3278B - SureStore CD-ROM Server/Tower 7 NAS Server

This manual is also suitable for:

Table of Contents