From rruther Thu Oct 21 10:41:51 1993
  (5.65c/IDA-1.4.4 for <rruther>); Thu, 21 Oct 1993 10:38:45 +1000
Date: Thu, 21 Oct 1993 10:38:45 +1000
From: Ralf Rutherford <rruther>
To: info@ubermacht.dataspace.com
Subject: Re: NFS for NT request
Cc: rruther
Content-Length: 1624



The software I build has the following specs.:
	Based on SOSSNT
Plus
	NTFS filename support, up to 256 bytes, case insensitive,
	but with case preservation.

	NTFS security mapping, 
		Owner -> Unix User id
		Group -> Unix group id, first matching group out of
			"group" file
		Group -> Unix world, first matching group out of
			"world" file, ie "Everyone"
	
	The matching works as follows:
		The permissions on a file/dir are checked against the
		groups in the group/world file, the first match get's 
		mapped.
		A file should only have one mapped group-> unix group
		and one mapped group to unix world.
 
	The admin must provide for files:
		export.us for export directories and hosts
		user      NT user name -> unix id mapping
		group     NT group name -> unix id
		world     NT group name -> unix world access

Restrictions:
1. Security validations is partly left to the client NFS module, works with our
	SUn network.
2. Chgrp will not work if there is no mapped group already in the permissions
		  of the file/dir
3. Owner/Group/Access rights and all map-files are cached.
	If you change them, ie access rights for mapped groups on a file which
	has been accessed by the NFS client, these changes won't take effect
	until the file is not cached any more, or the NFS server has been
	 restarted.
4. The source code for the NTFS security will not be provided, they are
	propriatry.


Every user who is satisfied, might wish to donate to a charity organisation
of his choice, not to myself.
This is on voluntary basis and will not be controlled.
I offer to publish donations in appropiate user groups.

Ralf


rruther@cssc-melb.tansu.com.au

