Shulou(Shulou.com)06/01 Report--

How to understand the NFS role of account mapping between Unix and Windows, I believe many inexperienced people are helpless about this, for this reason this article summarizes the causes and solutions of the problem, through this article I hope you can solve this problem.

Most of the discussion of what's in Windows Server 2008 R2 centers on Windows itself, of course, but features such as UNIX services for Windows Server are rarely mentioned. If you are not in a mixed Unix and Windows Server environment where these features are important, these features will not attract much attention.

An important element of any Unix environment is the Network File System (NFS), a remote access protocol that allows files and directories to be shared over a network. Windows has been supporting NFS for years as a Unix add-on service, but Windows Server 2008 R2 added NFS support as a core component, a role service called NFS-oriented service, which fits perfectly. (After looking at what's new about NFS in Windows Server 2008 R2 in general, Microsoft has briefly analyzed these features in TechNet documentation.)

A common problem with implementing NFS in mixed environments is how different systems handle access rights and user accounts. To illustrate Windows Server 2008 R2's approach to NFS implementation at this point, Microsoft has published an article titled NFS Mapping in Windows Server 2008 R2. Because it shows how elements (especially user and group objects) interact with each other and complement each other through Windows Server's support for NFS, it is useful for beginners who are neither familiar with Windows Server nor Unix/NFS.

NFS-oriented services can check user access to network file system shares in two basic ways:

Mapping user access creates an explicit link between Unix user/group identities to Windows identities through one of Active Directory Domain Services (AD DS) or Create Active Directory Lightweight Directory Services (AS LDS) This is useful if you already have an existing Active Directory installation and want to authenticate your users for access.

Unmapped user access does not create a direct link between Unix and Windows identities. Instead, it can automatically generate Windows security identities from Unix identities or anonymous access from unauthenticated clients. If you're not basing it on an existing cache of user/group identities in Windows Server, this is the appropriate approach.

This Microsoft article gives readers a general idea of the two methods by explaining them, along with their subiterations and a detailed description of how to set them up. This document also contains a lot of discussion about Unix and Windows identity management features and how they are consistent (or inconsistent) with each other.

Many of these illustrations come with illustrations of how the process in question works, such as how to automatically generate custom SIDs in Windows Server with unmapped Unix user access. Here's an interesting touch: The Unix account license bit-screen code is included in the name of the auto-generated SID, so a glance at the SID and its license assignment is immediately visible.

*** One of the most time-consuming tasks described in this document is to set up all the individual user/group mappings. Fortunately, there are many ways to speed up this work, such as importing. Map and apply CSV lists in Windows PowerShell under the command to automate this process.

After reading the above, do you know how to understand the NFS role of account mapping between Unix and Windows? If you still want to learn more skills or want to know more related content, welcome to pay attention to the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.