1.1 Glossary

This document uses the following terms:

advanced map: Used to map accounts that have different names on the UNIX and Windows systems. Advanced maps are also used to map users from different Windows domains, and they can also explicitly map accounts that would generally be mapped by simple maps. For more information, see [NFSAUTH].

domain: A set of users and computers sharing a common namespace and management infrastructure. At least one computer member of the set must act as a domain controller (DC) and host a member list that identifies all members of the domain, as well as optionally hosting the Active Directory service. The domain controller provides authentication of members, creating a unit of trust for its members. Each domain has an identifier that is shared among its members. For more information, see [MS-AUTHSOD] section and [MS-ADTS].


group identifier (group ID or GID): A number that identifies a group of users to a UNIX operating system. The scope of the number is at least machine-wide but can also be coordinated across a group of machines by means of services, such as the Network Information Service (NIS).

group map: An association between a Windows group account name, a UNIX group account name, and a GID.

little-endian: Multiple-byte values that are byte-ordered with the least significant byte stored in the memory location with the lowest address.

map: An association between a Windows-based network user or group name and a UNIX-based network user or group name.

multibyte character set (MBCS): An alternative to Unicode for supporting character sets, like Japanese and Chinese, that cannot be represented in a single byte. Under MBCS, characters are encoded in either one or two bytes. In two-byte characters, the first byte, or "lead" byte, signals that both it and the following byte are to be interpreted as one character. The first byte comes from a range of codes reserved for use as lead bytes. Which ranges of bytes can be lead bytes depends on the code page in use. For example, Japanese code page 932 uses the range 0x81 through 0x9F as lead bytes, but Korean code page 949 uses a different range.

Network File System (NFS): A Network File System protocol, as specified in [RFC1094] and [RFC1813]. This protocol is compatible with NFS version 3 (NFSv3). NFS version 4 (NFSv4) obviates the need for this protocol by allowing Windows and UNIX domains to interoperate using Kerberos version 5, which allows them to share the same namespace.

OEMCP: The default OEM code page of the system. The OEM code page is used for conversions of MS-DOS–based, text-mode applications.

portmapper service: A portmapper service is a SUNRPC service that provides discovery services; clients of the portmapper service can use it to discover other SUNRPC services running on the same computer. The information returned by the portmapper service is then used by the client of the portmapper service to act as a client for the discovered SUNRPC service. The portmapper service runs on a specific well-known port (Port 111 on TCP/UDP).

POSIX: Portable Operating System Interface, as specified in [IEEE1003.1]. POSIX is a set of standard operating system interfaces based on UNIX. This term is used interchangeably with UNIX in the rest of this document, as described in [IEEE1003.1].

primary map: When multiple Windows accounts are mapped to a single UNIX account, one of these mappings can be designated as a "primary" mapping. For more information, see [NFSAUTH].

security identifier (SID): An identifier for security principals that is used to identify an account or a group. Conceptually, the SID is composed of an account authority portion (typically a domain) and a smaller integer representing an identity relative to the account authority, termed the relative identifier (RID). The SID format is specified in [MS-DTYP] section 2.4.2; a string representation of SIDs is specified in [MS-DTYP] section 2.4.2 and [MS-AZOD] section

simple map: Maps between accounts with the exact same name in UNIX as in Windows. For more information, see [NFSAUTH].

SUNRPC: A remote procedure call (RPC) protocol from Sun Microsystems [RFC1057]. SUNRPC forms the basis of the Network File System (NFS) Protocol. SUNRPC has no relationship to Remote Procedure Call Protocol Extensions, as specified in [MS-RPCE].

Unicode: A character encoding standard developed by the Unicode Consortium that represents almost all of the written languages of the world. The Unicode standard [UNICODE5.0.0/2007] provides three forms (UTF-8, UTF-16, and UTF-32) and seven schemes (UTF-8, UTF-16, UTF-16 BE, UTF-16 LE, UTF-32, UTF-32 LE, and UTF-32 BE).

UNIX: A multiuser, multitasking operating system developed at Bell Laboratories in the 1970s. In this document, the term "UNIX" is used to refer to any derivatives of this operating system.

user identifier (user ID or UID): A number that identifies a particular user to a UNIX operating system. The scope of the number is at least machine-wide and can be coordinated across a group of machines by means of services such as NIS.

user map: An association between a Windows user account name, a UNIX user account name, and a UID.

wide characters: Characters represented by a 2-byte value that are encoded using Unicode UTF-16. Unless otherwise stated, no range restrictions apply.

XDR: The data encoding standard used by SUNRPC for a selection of common data types such as strings, integers, and arrays of integers, as specified in [RFC4506].

MAY, SHOULD, MUST, SHOULD NOT, MUST NOT: These terms (in all caps) are used as defined in [RFC2119]. All statements of optional behavior use either MAY, SHOULD, or SHOULD NOT.