Heterogeneous file sharing

In a heterogeneous environment (for example, both UNIX-based and Windows-based clients), SAN File System provides flexible yet secure sharing of files between UNIX® and Windows® platforms. It implements cross-platform access checking such that files created on Windows can be accessed by authorized users on UNIX, and files created on UNIX can be accessed by authorized users on Windows. SAN File System uses a user map to control cross-platform authorization. Each entry in the user map identifies a UNIX domain-qualified user and a Windows domain-qualified user that are to be treated as equivalent for the purpose of checking file-access permissions across platforms. The SAN File system cluster accesses your UNIX or Windows directory service to obtain user ID and group level information. Currently, you can use only a single NIS or LDAP directory service for UNIX clients and a single Active Directory controller for Windows clients. The mapping is defined between users in one UNIX domain and users in any Windows domain that is served by a single Active Directory instance.

The user map enables SAN File System to perform access checking and to provide a limited presentation of the security attributes for an object (file or directory) created on a different platform. Access to an object is determined in the context where the object was created. Presentation of ownership and permissions (for example, using the ls –l command on UNIX, or a Properties panel on Windows) must occur in the context where it is requested. Presentation might be approximate because permissions do not map perfectly between UNIX and Windows platforms. In some cases, presentation might not match the result of access checks, which are more precise.

When an object is accessed from the platform where it was created, no mapping is required, and the local platform rules apply. The following sections describe the behavior when user mappings have been established and the behavior in the absence of an appropriate mapping.

Parent topic: File sharing

Library | Support | Terms of use | Feedback
(C) Copyright IBM Corporation 2003, 2004. All Rights Reserved.
IBM TotalStorage SAN File System v2.2