Identity management on Windows
GPFS™ allows file sharing among AIX®, Linux, and Windows nodes. AIX and Linux rely on 32-bit user and group IDs for file ownership and access control purposes, while Windows uses variable-length security identifiers (SIDs). The difference in the user identity description models presents a challenge to any subsystem that allows for heterogeneous file sharing.
GPFS uses 32-bit ID namespace
as the canonical namespace, and Windows SIDs
are mapped into this namespace as needed. Two different mapping algorithms
are used (depending on system configuration):
- GPFS built-in auto-generated mapping
- User-defined mappings stored in the Microsoft Windows Active Directory using the Microsoft Identity Management for UNIX (IMU) component