5.4 Third-Party Domain Authentication

For third-party domain authentication, the clients are members of a third-party domain such as Windows. A Windows domain controller performs the user authentication. The username and password on the domain controller must match the username and password used to log in to the Windows workstation.

Ensure that you understand and meet the following prerequisites before setting up third-party authentication:

5.4.1 Prerequisites

Prerequisites for the Primary Domain Controller

  • Ensure that the Primary Domain Controller (PDC) is up and reachable by using the NETBIOS name of the PDC from the CIFS server.

    For example, WINPDC_W.

  • Disable autodisconnect feature in PDC to avoid resetting connection from PDC to CIFS server by configuring timeout value to infinity i.e 65535. For more information, see “How Autodisconnect Works in Windows NT and Windows 2000”.

  • Disable SMB signing by following the instructions in “Overview of Server Message Block Signing”

  • The desktop user or the user that has joined the domain must be same as the CIFS user.

  • For Widows 2008 Server and later versions, apply the changes as per the Microsoft Knowledge Base article.

NOTE:The Windows client might be required to log in as the same user with the same password to access the CIFS shares when you are using third-party authentication.

Prerequisites for the CIFS Server

5.4.2 Using iManager to Enable Third-Party Authentication

  1. In a Web browser, specify the following in the address (URL) field:

    http://server_IP_address/nps/iManager.html
    

    For example:

    http://192.168.0.1/nps/iManager.html
    
  2. At the login prompt, specify the server administrator username and password and click Login.

    For more information on iManager administration, see the Novell iManager 2.7.4 Administration Guide.

  3. In the iManager application left frame, click File Protocols > CIFS.

    The default CIFS parameters page is displayed. Use this page to configure and manage CIFS.

  4. Select the CIFS server you want to manage.

  5. Select General > Authentication

  6. Select Third party Domain as the mode of authentication.

  7. Specify the Work Group/Domain Name of the Windows environment.

  8. Specify the LMCompatibility level. For details, see Table 5-2, CIFS Authentication Page Parameters.

  9. Specify the name of the Primary Domain Controller. Ensure that the name does not exceed 15 characters.

  10. Specify the IP address of the Primary Domain Controller.

  11. Click OK to save the changes in the CIFS properties.