Dell PowerStore 1000T EMC PowerStore Security Configuration Guide - Page 21
UID to SID mapping, Process for resolving an SID to a UID, primary GID mapping
View all Dell PowerStore 1000T manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 21 highlights
SID sseeccmImnaapp? Yes UID and Primary GID No In Local Files Yes or UDS? No UID and Primary GID In Local Group Yes Database? No Windows Name used for SMB-only access Automatic Yes Mapping? No UID and Primary GID In Domain Controller? Windows Yes Name In ntxmap? Yes UNIX Name No Unknown SID Access Denied No Windows Name = UNIX Name Figure 1. Process for resolving an SID to a UID, primary GID mapping Default UNIX Yes Account? No Failed Mapping Access Denied UID and Primary GID UID to SID mapping The following sequence is the process used to resolve a UID to an SID mapping: 1. secmap is searched for the UID. If the UID is found, the SID mapping is resolved. 2. If the UID is not found in secmap, the UNIX name related to the UID must be found. a. The UDS (NIS server, LDAP server, or local files) is searched using the UID. If the UID is found, the related UNIX name is the user name. b. If the UID is not found in the UDS but there is a default Windows account, the UID is mapped to the SID of the default Windows account. 3. If the default Windows account information is not used, the UNIX name is translated into a Windows name. The ntxmap is used for this purpose. a. If the UNIX name is found in ntxmap, the entry is used as the Windows name. b. If the UNIX name is not found in ntxmap, the UNIX name is used as the Windows name. 4. The Windows DC or the local group database is searched using the Windows name. a. If the Windows name is found, the SID mapping is resolved. b. If the Windows name contains a period, and the part of the name following the last period (.) matches an SMB server name, the local group database of that SMB server is searched to resolve the SID mapping. c. If the Windows name is not found but there is a default Windows account, the SID is mapped to that of the default Windows account. d. If the SID is not resolvable, access is denied. If the mapping is found, it is added in the persistent secmap database. If the mapping is not found, the failed mapping is added to the persistent secmap database. The following diagram illustrates the process used to resolve a UID to an SID mapping: Authentication and access 21