From rruther Thu Oct 21 10:41:51 1993 (5.65c/IDA-1.4.4 for ); Thu, 21 Oct 1993 10:38:45 +1000 Date: Thu, 21 Oct 1993 10:38:45 +1000 From: Ralf Rutherford To: info@ubermacht.dataspace.com Subject: Re: NFS for NT request Cc: rruther Content-Length: 1624 The software I build has the following specs.: Based on SOSSNT Plus NTFS filename support, up to 256 bytes, case insensitive, but with case preservation. NTFS security mapping, Owner -> Unix User id Group -> Unix group id, first matching group out of "group" file Group -> Unix world, first matching group out of "world" file, ie "Everyone" The matching works as follows: The permissions on a file/dir are checked against the groups in the group/world file, the first match get's mapped. A file should only have one mapped group-> unix group and one mapped group to unix world. The admin must provide for files: export.us for export directories and hosts user NT user name -> unix id mapping group NT group name -> unix id world NT group name -> unix world access Restrictions: 1. Security validations is partly left to the client NFS module, works with our SUn network. 2. Chgrp will not work if there is no mapped group already in the permissions of the file/dir 3. Owner/Group/Access rights and all map-files are cached. If you change them, ie access rights for mapped groups on a file which has been accessed by the NFS client, these changes won't take effect until the file is not cached any more, or the NFS server has been restarted. 4. The source code for the NTFS security will not be provided, they are propriatry. Every user who is satisfied, might wish to donate to a charity organisation of his choice, not to myself. This is on voluntary basis and will not be controlled. I offer to publish donations in appropiate user groups. Ralf rruther@cssc-melb.tansu.com.au