Winbind Process Flow

Figure 7–1 shows winbind process flow in a Windows ADS Domain environment.

Figure 7-1 Winbind Process Flow

The following describes winbind process flow shown in Figure 7–1:

1. A Windows client logs in to the domain (authentication).

2. The Windows 2003 domain controller authenticates client and passes user security data.

3. The Windows client maps an HP CIFS share.

4. The HP CIFS Server passes the user name to Windows Domain Controller to verify the user is a domain member.

5. The Windows Domain Controller returns the user authorization and member SID list.

6. The smbd daemon passes the SID and user information to the winbind daemon.

7. The Winbind daemon checks the SID and user name against ID mapping data in the Trivial Database (TDB).Winbind either finds the existing mappings between the Windows SID and the HP-UX UID/GID or creates a new map if no mapping currently exists.

8. Return mapped UID or GID from TDB database.

9. Winbind returns UID and GID mappings to smbd.

10. The HP CIFS Server presents the mapped share to the Windows client.

11. The Windows client opens file on the HP CIFS server share.

12. UID and GID are compared with file owner, group, and any ACE on ACL in the file system.

13. The File open action is accepted or denied based on the checking result in step 12.

14. The Samba sever displays the open status to the Windows client.