IETF Logo Mail Archive

Re: [nfsv4] Name Mappings for NFSv4 in Active Directory

Nicolas Williams <Nicolas.Williams@sun.com> Wed, 08 October 2003 21:55 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA11027 for <nfsv4-archive@odin.ietf.org>; Wed, 8 Oct 2003 17:55:23 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1A7MGt-0004nm-N0 for nfsv4-archive@odin.ietf.org; Wed, 08 Oct 2003 17:55:04 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h98Lt3aW018447 for nfsv4-archive@odin.ietf.org; Wed, 8 Oct 2003 17:55:03 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1A7MGs-0004mx-Rf for nfsv4-web-archive@optimus.ietf.org; Wed, 08 Oct 2003 17:55:02 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA11009 for <nfsv4-web-archive@ietf.org>; Wed, 8 Oct 2003 17:54:52 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1A7MGq-0004yq-00 for nfsv4-web-archive@ietf.org; Wed, 08 Oct 2003 17:55:00 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1A7MGp-0004yn-00 for nfsv4-web-archive@ietf.org; Wed, 08 Oct 2003 17:54:59 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1A7MGr-0004mD-Cd; Wed, 08 Oct 2003 17:55:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1A7MG8-0004kM-MB for nfsv4@optimus.ietf.org; Wed, 08 Oct 2003 17:54:16 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA10996 for <nfsv4@ietf.org>; Wed, 8 Oct 2003 17:54:05 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1A7MG5-0004yI-00 for nfsv4@ietf.org; Wed, 08 Oct 2003 17:54:14 -0400
Received: from brmea-mail-2.sun.com ([192.18.98.43]) by ietf-mx with esmtp (Exim 4.12) id 1A7MG5-0004yD-00 for nfsv4@ietf.org; Wed, 08 Oct 2003 17:54:13 -0400
Received: from centralmail1brm.Central.Sun.COM ([129.147.62.1]) by brmea-mail-2.sun.com (8.12.10/8.12.9) with ESMTP id h98LrmaV016437; Wed, 8 Oct 2003 15:53:48 -0600 (MDT)
Received: from binky.central.sun.com (binky.Central.Sun.COM [129.153.128.104]) by centralmail1brm.Central.Sun.COM (8.12.10+Sun/8.12.10/ENSMAIL,v2.2) with ESMTP id h98Lrm2o016494; Wed, 8 Oct 2003 15:53:48 -0600 (MDT)
Received: from binky.central.sun.com (localhost [127.0.0.1]) by binky.central.sun.com (8.12.5+Sun/8.12.3) with ESMTP id h98LnrQx021082; Wed, 8 Oct 2003 14:49:53 -0700 (PDT)
Received: (from nw141292@localhost) by binky.central.sun.com (8.12.5+Sun/8.12.3/Submit) id h98LnqhE021081; Wed, 8 Oct 2003 14:49:52 -0700 (PDT)
From: Nicolas Williams <Nicolas.Williams@sun.com>
To: "Wachdorf, Daniel R" <drwachd@sandia.gov>
Cc: nfsv4@ietf.org
Subject: Re: [nfsv4] Name Mappings for NFSv4 in Active Directory
Message-ID: <20031008214952.GW17088@binky.central.sun.com>
Mail-Followup-To: "Wachdorf, Daniel R" <drwachd@sandia.gov>, nfsv4@ietf.org
References: <AC89BDA1E3CCBC42B9CA5B50FE7934D3032D08F2@es10snlnt.sandia.gov>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <AC89BDA1E3CCBC42B9CA5B50FE7934D3032D08F2@es10snlnt.sandia.gov>
User-Agent: Mutt/1.4i
Sender: nfsv4-admin@ietf.org
Errors-To: nfsv4-admin@ietf.org
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/mail-archive/working-groups/nfsv4/>
X-Original-Date: Wed, 8 Oct 2003 14:49:52 -0700
Date: Wed, 08 Oct 2003 14:49:52 -0700

Please see:

http://www.ietf.org/internet-drafts/draft-williams-nfsv4-ace-mapping-01.txt

This draft describes:

 - how to map user|group@domain names from multiple domains to UIDs/GIDs
   in one domain

    - including how to deal with foreign domain name reuse

 - how to do this on demand (as opposed to having to have meta-directory
   style synchronization)

 - how to make such mappings consistent to any of: a single host, a
   cluster of hosts, an entire domain

 - a new Kerberos V authorization data type that lists a principal's
   NFSv4-style user@domain and group@domain name lists

Cheers,

Nico

On Wed, Oct 08, 2003 at 03:34:57PM -0600, Wachdorf, Daniel R wrote:
> I have been working with CITI on finding a way to use Active Directory to
> use map NFSv4 names into active directory user accounts.
> I wrote a document that describes a scheme to map NFSv4 names and
> authentication principals into an Active Directory Domain.  
> I would be interested in what the members of the list thought.  Thanks.
> 
> -dan
> 
> --------------------------------------
> Daniel Wachdorf
> drwachd@sandia.gov
> Sandia National Laboratories
> System Security Research and Integration
> 505-284-8060
> 
> 
> 
> 



_______________________________________________
nfsv4 mailing list
nfsv4@ietf.org
https://www1.ietf.org/mailman/listinfo/nfsv4

v2.23.0 | Report a Bug | By Email