Understanding authentication

In a UNIX environment, authentication is the process of providing a user identifier (UID) and group identifier (GID) to a user who presents a valid user name and password. UNIX hosts provide these identifiers when a user logs on to the host. When the user logs on, the user's name and password are compared to those in a password file. If they correspond with a user name and password in the file, the server returns a corresponding UID and GID. The UID and GID identify the user for network file system (NFS) browsing and mounting operations.

Client for NFS makes it possible for you to access NFS resources without logging on to the NFS server. Instead, the first time you try to access an NFS resource, Client for NFS sends your Windows user name to User Name Mapping. User Name Mapping checks to see if your user name has been mapped to a UNIX account; if it has been, User Name Mapping returns the UID and GID to Client for NFS, which then sends those identifiers with the file-access request to the NFS server.

If your user name does not match, then Client for NFS assigns the –2 (anonymous) for the UID and –2 (anonymous) for the GID. If the NFS server is configured for anonymous access, you can mount and access files. Anonymous connections are usually limited to read-only operations, however. In addition, you can still provide the user name and password of a UNIX account any time you mount an NFS volume, and you can also mount the volume as an anonymous user (for example, by using the –o anon option with the mount command). You can also use PCNFS for authentication instead of User Name Mapping. For more information about mounting NFS volumes, see To map a network drive in Windows 2000 or Windows XP and To map a network drive in Windows NT 4.0.

Access to NFS servers is controlled by the name or Internet Protocol (IP) address of the client. Access to directories and files is controlled by the read, write, and execute privileges granted to various users and groups, who are identified by their UID and GID.