mirror of
https://github.com/samba-team/samba.git
synced 2025-01-22 22:04:08 +03:00
Adding new series of text-to-sgml converted files.
Removed OS2-Client-HOWTO and put it into Other-Clients.sgml (This used to be commit 076f34af8e5af7fb2d07b724522ef77f33559c82)
This commit is contained in:
parent
772e9b2ac8
commit
147e2a8253
@ -50,7 +50,8 @@ all:
|
||||
@echo "manpages - Build manpages"
|
||||
@echo "ps - Build PostScript version of HOWTO Collection"
|
||||
@echo "pdf - Build PDF version of HOWTO Collection"
|
||||
@echo "html-single - Build single HTML version of HOWTO Collection"
|
||||
@echo -n "html-single - Build single file HTML version of HOWTO Collection"
|
||||
@echo "and developers guide"
|
||||
@echo "html - Build HTML version of HOWTO Collection and manpages"
|
||||
@echo "txt - Build plain text version of HOWTO Collection"
|
||||
|
||||
@ -58,8 +59,8 @@ manpages: $(MANPAGES)
|
||||
pdf: ../Samba-HOWTO-Collection.pdf
|
||||
ps: ../Samba-HOWTO-Collection.ps
|
||||
txt: ../Samba-HOWTO-Collection.txt
|
||||
html: $(HTMLDIR)/samba-doc.html
|
||||
html-single: ../Samba-HOWTO-Collection.html $(MANPAGES_HTML)
|
||||
html: $(HTMLDIR)/samba-doc.html $(MANPAGES_HTML)
|
||||
html-single: ../Samba-HOWTO-Collection.html ../Samba-Developers-Guide.html
|
||||
|
||||
../Samba-HOWTO-Collection.txt: $(SGMLDIR)/samba-doc.sgml
|
||||
$(DOCBOOK2TXT) -o .. $<
|
||||
@ -76,6 +77,10 @@ html-single: ../Samba-HOWTO-Collection.html $(MANPAGES_HTML)
|
||||
$(DOCBOOK2HTML) -u -o .. $<
|
||||
mv ../samba-doc.html $@
|
||||
|
||||
../Samba-Developers-Guide.html: devdoc/dev-doc.sgml
|
||||
$(DOCBOOK2HTML) -u -o .. $<
|
||||
mv ../dev-doc.html $@
|
||||
|
||||
$(HTMLDIR)/samba-doc.html: $(SGMLDIR)/samba-doc.sgml
|
||||
$(DOCBOOK2HTML) -o $(HTMLDIR) $<
|
||||
|
||||
|
154
docs/docbook/devdoc/NetBIOS.sgml
Normal file
154
docs/docbook/devdoc/NetBIOS.sgml
Normal file
@ -0,0 +1,154 @@
|
||||
<chapter id="netbios">
|
||||
<chapterinfo>
|
||||
<author>
|
||||
<firstname>Luke</firstname><surname>Leighton</surname>
|
||||
</author>
|
||||
<pubdate>12 June 1997</pubdate>
|
||||
</chapterinfo>
|
||||
|
||||
<title>Definition of NetBIOS Protocol and Name Resolution Modes</title>
|
||||
|
||||
<sect1>
|
||||
<title>NETBIOS</title>
|
||||
|
||||
<para>
|
||||
NetBIOS runs over the following tranports: TCP/IP; NetBEUI and IPX/SPX.
|
||||
Samba only uses NetBIOS over TCP/IP. For details on the TCP/IP NetBIOS
|
||||
Session Service NetBIOS Datagram Service, and NetBIOS Names, see
|
||||
rfc1001.txt and rfc1002.txt.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
NetBEUI is a raw NetBIOS frame protocol implementation that allows NetBIOS
|
||||
datagrams to be sent out over the 'wire' embedded within LLC frames.
|
||||
NetBEUI is not required when using NetBIOS over TCP/IP protocols and it
|
||||
is preferable NOT to install NetBEUI if it can be avoided.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
IPX/SPX is also not required when using NetBIOS over TCP/IP, and it is
|
||||
preferable NOT to install the IPX/SPX transport unless you are using Novell
|
||||
servers. At the very least, it is recommended that you do not install
|
||||
'NetBIOS over IPX/SPX'.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
[When installing Windows 95, you will find that NetBEUI and IPX/SPX are
|
||||
installed as the default protocols. This is because they are the simplest
|
||||
to manage: no Windows 95 user-configuration is required].
|
||||
</para>
|
||||
|
||||
<para>
|
||||
NetBIOS applications (such as samba) offer their services (for example,
|
||||
SMB file and print sharing) on a NetBIOS name. They must claim this name
|
||||
on the network before doing so. The NetBIOS session service will then
|
||||
accept connections on the application's behalf (on the NetBIOS name
|
||||
claimed by the application). A NetBIOS session between the application
|
||||
and the client can then commence.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
NetBIOS names consist of 15 characters plus a 'type' character. This is
|
||||
similar, in concept, to an IP address and a TCP port number, respectively.
|
||||
A NetBIOS-aware application on a host will offer different services under
|
||||
different NetBIOS name types, just as a host will offer different TCP/IP
|
||||
services on different port numbers.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
NetBIOS names must be claimed on a network, and must be defended. The use
|
||||
of NetBIOS names is most suitable on a single subnet; a Local Area Network
|
||||
or a Wide Area Network.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
NetBIOS names are either UNIQUE or GROUP. Only one application can claim a
|
||||
UNIQUE NetBIOS name on a network.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
There are two kinds of NetBIOS Name resolution: Broadcast and Point-to-Point.
|
||||
</para>
|
||||
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>BROADCAST NetBIOS</title>
|
||||
|
||||
<para>
|
||||
Clients can claim names, and therefore offer services on successfully claimed
|
||||
names, on their broadcast-isolated subnet. One way to get NetBIOS services
|
||||
(such as browsing: see ftp.microsoft.com/drg/developr/CIFS/browdiff.txt; and
|
||||
SMB file/print sharing: see cifs4.txt) working on a LAN or WAN is to make
|
||||
your routers forward all broadcast packets from TCP/IP ports 137, 138 and 139.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
This, however, is not recommended. If you have a large LAN or WAN, you will
|
||||
find that some of your hosts spend 95 percent of their time dealing with
|
||||
broadcast traffic. [If you have IPX/SPX on your LAN or WAN, you will find
|
||||
that this is already happening: a packet analyzer will show, roughly
|
||||
every twelve minutes, great swathes of broadcast traffic!].
|
||||
</para>
|
||||
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>NBNS NetBIOS</title>
|
||||
|
||||
<para>
|
||||
rfc1001.txt describes, amongst other things, the implementation and use
|
||||
of, a 'NetBIOS Name Service'. NT/AS offers 'Windows Internet Name Service'
|
||||
which is fully rfc1001/2 compliant, but has had to take specific action
|
||||
with certain NetBIOS names in order to make it useful. (for example, it
|
||||
deals with the registration of <1c> <1d> <1e> names all in different ways.
|
||||
I recommend the reading of the Microsoft WINS Server Help files for full
|
||||
details).
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The use of a WINS server cuts down on broadcast network traffic for
|
||||
NetBIOS name resolution. It has the effect of pulling all the broadcast
|
||||
isolated subnets together into a single NetBIOS scope, across your LAN
|
||||
or WAN, while avoiding the use of TCP/IP broadcast packets.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
When you have a WINS server on your LAN, WINS clients will be able to
|
||||
contact the WINS server to resolve NetBIOS names. Note that only those
|
||||
WINS clients that have registered with the same WINS server will be
|
||||
visible. The WINS server _can_ have static NetBIOS entries added to its
|
||||
database (usually for security reasons you might want to consider putting
|
||||
your domain controllers or other important servers as static entries,
|
||||
but you should not rely on this as your sole means of security), but for
|
||||
the most part, NetBIOS names are registered dynamically.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
This provides some confusion for lots of people, and is worth mentioning
|
||||
here: a Browse Server is NOT a WINS Server, even if these services are
|
||||
implemented in the same application. A Browse Server _needs_ a WINS server
|
||||
because a Browse Server is a WINS client, which is _not_ the same thing].
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Clients can claim names, and therefore offer services on successfully claimed
|
||||
names, on their broadcast-isolated subnet. One way to get NetBIOS services
|
||||
(such as browsing: see ftp.microsoft.com/drg/developr/CIFS/browdiff.txt; and
|
||||
SMB file/print sharing: see cifs6.txt) working on a LAN or WAN is to make
|
||||
your routers forward all broadcast packets from TCP/IP ports 137, 138 and 139.
|
||||
You will find, however, if you do this on a large LAN or a WAN, that your
|
||||
network is completely swamped by NetBIOS and browsing packets, which is why
|
||||
WINS was developed to minimise the necessity of broadcast traffic.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
WINS Clients therefore claim names from the WINS server. If the WINS
|
||||
server allows them to register a name, the client's NetBIOS session service
|
||||
can then offer services on this name. Other WINS clients will then
|
||||
contact the WINS server to resolve a NetBIOS name.
|
||||
</para>
|
||||
|
||||
</sect1>
|
||||
|
||||
</chapter>
|
44
docs/docbook/devdoc/dev-doc.sgml
Normal file
44
docs/docbook/devdoc/dev-doc.sgml
Normal file
@ -0,0 +1,44 @@
|
||||
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [
|
||||
<!ENTITY NetBIOS SYSTEM "NetBIOS.sgml">
|
||||
]>
|
||||
|
||||
<book id="Samba-Developer-Documentation">
|
||||
|
||||
<title>SAMBA Deverlopers Guide</title>
|
||||
|
||||
<bookinfo>
|
||||
<author>
|
||||
<surname>SAMBA Team</surname>
|
||||
</author>
|
||||
<address><email>samba@samba.org</email></address>
|
||||
</bookinfo>
|
||||
|
||||
<dedication>
|
||||
<title>Abstract</title>
|
||||
|
||||
<para>
|
||||
<emphasis>Last Update</emphasis> : Mon aug 26 12:41:19 CEST 2002
|
||||
</para>
|
||||
|
||||
<para>
|
||||
This book is a collection of documents that might be useful for
|
||||
people developing samba or those interested in doing so.
|
||||
than one person can maintain. The most recent version of this document
|
||||
can be found at <ulink url="http://www.samba.org/">http://www.samba.org/</ulink>
|
||||
on the "Documentation" page. Please send updates to <ulink
|
||||
url="mailto:jerry@samba.org">jerry@samba.org</ulink>.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
This documentation is distributed under the GNU General Public License (GPL)
|
||||
version 2. A copy of the license is included with the Samba source
|
||||
distribution. A copy can be found on-line at <ulink
|
||||
url="http://www.fsf.org/licenses/gpl.txt">http://www.fsf.org/licenses/gpl.txt</ulink>
|
||||
</para>
|
||||
|
||||
</dedication>
|
||||
|
||||
<!-- Chapters -->
|
||||
&NetBIOS;
|
||||
|
||||
</book>
|
@ -190,7 +190,7 @@
|
||||
<refsect1>
|
||||
<title>VERSION</title>
|
||||
|
||||
<para>This man page is correct for version 2.2 of
|
||||
<para>This man page is correct for version 3.0 of
|
||||
the Samba suite.</para>
|
||||
</refsect1>
|
||||
|
||||
|
@ -52,7 +52,8 @@
|
||||
<term>-d|--debug=debuglevel</term>
|
||||
<listitem><para>set the debuglevel. Debug level 0 is the lowest
|
||||
and 100 being the highest. This should be set to 100 if you are
|
||||
planning on submitting a bug report to the Samba team (see <filename>BUGS.txt</filename>).
|
||||
planning on submitting a bug report to the Samba team (see
|
||||
<filename>BUGS.txt</filename>).
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
78
docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml
Normal file
78
docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml
Normal file
@ -0,0 +1,78 @@
|
||||
<chapter id="groupmapping">
|
||||
<chapterinfo>
|
||||
<author>
|
||||
<firstname>Jean François</firstname><surname>Micouleau</surname>
|
||||
</author>
|
||||
</chapterinfo>
|
||||
|
||||
<title>Group mapping HOWTO</title>
|
||||
|
||||
<para>
|
||||
Starting with Samba 3.0 alpha 2, a new group mapping function is available. The
|
||||
current method (likely to change) to manage the groups is a new command called
|
||||
<command>smbgroupedit</command>.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The first immediate reason to use the group mapping on a PDC, is that
|
||||
the <command>domain admin group</command> of <filename>smb.conf</filename> is
|
||||
now gone. This parameter was used to give the listed users local admin rights
|
||||
on their workstations. It was some magic stuff that simply worked but didn't
|
||||
scale very well for complex setups.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Let me explain how it works on NT/W2K, to have this magic fade away.
|
||||
When installing NT/W2K on a computer, the installer program creates some users
|
||||
and groups. Notably the 'Administrators' group, and gives to that group some
|
||||
privileges like the ability to change the date and time or to kill any process
|
||||
(or close too) running on the local machine. The 'Administrator' user is a
|
||||
member of the 'Administrators' group, and thus 'inherit' the 'Administrators'
|
||||
group privileges. If a 'joe' user is created and become a member of the
|
||||
'Administrator' group, 'joe' has exactly the same rights as 'Administrator'.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
When a NT/W2K machine is joined to a domain, during that phase, the "Domain
|
||||
Administrators' group of the PDC is added to the 'Administrators' group of the
|
||||
workstation. Every members of the 'Domain Administrators' group 'inherit' the
|
||||
rights of the 'Administrators' group when logging on the workstation.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
You are now wondering how to make some of your samba PDC users members of the
|
||||
'Domain Administrators' ? That's really easy.
|
||||
</para>
|
||||
|
||||
<orderedlist>
|
||||
<listitem><para>create a unix group (usually in <filename>/etc/group</filename>), let's call it domadm</para></listitem>
|
||||
<listitem><para>add to this group the users that must be Administrators. For example if you want joe,john and mary, your entry in <filename>/etc/group</filename> will look like:</para>
|
||||
|
||||
<para><programlisting>
|
||||
domadm:x:502:joe,john,mary
|
||||
</programlisting></para>
|
||||
|
||||
</listitem>
|
||||
|
||||
<listitem><para>Map this domadm group to the <command>domain admins</command> group by running the command:</para>
|
||||
|
||||
<para><command>smbgroupedit -c "Domain Admins" -u domadm</command></para></listitem>
|
||||
|
||||
</orderedlist>
|
||||
|
||||
<para>You're set, joe, john and mary are domain administrators !</para>
|
||||
|
||||
<para>
|
||||
Like the Domain Admins group, you can map any arbitrary Unix group to any NT
|
||||
group. You can also make any Unix group a domain group. For example, on a domain
|
||||
member machine (an NT/W2K or a samba server running winbind), you would like to
|
||||
give access to a certain directory to some users who are member of a group on
|
||||
your samba PDC. Flag that group as a domain group by running:
|
||||
</para>
|
||||
|
||||
<para><command>smbgroupedit -a unixgroup -td</command></para>
|
||||
|
||||
<para>You can list the various groups in the mapping database like this</para>
|
||||
<para><command>smbgroupedit -v</command></para>
|
||||
|
||||
</chapter>
|
@ -1,142 +0,0 @@
|
||||
<chapter id="os2">
|
||||
|
||||
|
||||
<chapterinfo>
|
||||
<author>
|
||||
<firstname>Jim</firstname><surname>McDonough</surname>
|
||||
<affiliation>
|
||||
<orgname>IBM</orgname>
|
||||
<address>
|
||||
<email>jerry@samba.org</email>
|
||||
</address>
|
||||
</affiliation>
|
||||
</author>
|
||||
|
||||
|
||||
<pubdate>5 Mar 2001</pubdate>
|
||||
</chapterinfo>
|
||||
|
||||
<title>OS2 Client HOWTO</title>
|
||||
|
||||
<sect1>
|
||||
<title>FAQs</title>
|
||||
|
||||
<sect2>
|
||||
<title>How can I configure OS/2 Warp Connect or
|
||||
OS/2 Warp 4 as a client for Samba?</title>
|
||||
|
||||
<para>A more complete answer to this question can be
|
||||
found on <ulink url="http://carol.wins.uva.nl/~leeuw/samba/warp.html">
|
||||
http://carol.wins.uva.nl/~leeuw/samba/warp.html</ulink>.</para>
|
||||
|
||||
<para>Basically, you need three components:</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem><para>The File and Print Client ('IBM Peer')
|
||||
</para></listitem>
|
||||
<listitem><para>TCP/IP ('Internet support')
|
||||
</para></listitem>
|
||||
<listitem><para>The "NetBIOS over TCP/IP" driver ('TCPBEUI')
|
||||
</para></listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>Installing the first two together with the base operating
|
||||
system on a blank system is explained in the Warp manual. If Warp
|
||||
has already been installed, but you now want to install the
|
||||
networking support, use the "Selective Install for Networking"
|
||||
object in the "System Setup" folder.</para>
|
||||
|
||||
<para>Adding the "NetBIOS over TCP/IP" driver is not described
|
||||
in the manual and just barely in the online documentation. Start
|
||||
MPTS.EXE, click on OK, click on "Configure LAPS" and click
|
||||
on "IBM OS/2 NETBIOS OVER TCP/IP" in 'Protocols'. This line
|
||||
is then moved to 'Current Configuration'. Select that line,
|
||||
click on "Change number" and increase it from 0 to 1. Save this
|
||||
configuration.</para>
|
||||
|
||||
<para>If the Samba server(s) is not on your local subnet, you
|
||||
can optionally add IP names and addresses of these servers
|
||||
to the "Names List", or specify a WINS server ('NetBIOS
|
||||
Nameserver' in IBM and RFC terminology). For Warp Connect you
|
||||
may need to download an update for 'IBM Peer' to bring it on
|
||||
the same level as Warp 4. See the webpage mentioned above.</para>
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>How can I configure OS/2 Warp 3 (not Connect),
|
||||
OS/2 1.2, 1.3 or 2.x for Samba?</title>
|
||||
|
||||
<para>You can use the free Microsoft LAN Manager 2.2c Client
|
||||
for OS/2 from
|
||||
<ulink url="ftp://ftp.microsoft.com/BusSys/Clients/LANMAN.OS2/">
|
||||
ftp://ftp.microsoft.com/BusSys/Clients/LANMAN.OS2/</ulink>.
|
||||
See <ulink url="http://carol.wins.uva.nl/~leeuw/lanman.html">
|
||||
http://carol.wins.uva.nl/~leeuw/lanman.html</ulink> for
|
||||
more information on how to install and use this client. In
|
||||
a nutshell, edit the file \OS2VER in the root directory of
|
||||
the OS/2 boot partition and add the lines:</para>
|
||||
|
||||
<para><programlisting>
|
||||
20=setup.exe
|
||||
20=netwksta.sys
|
||||
20=netvdd.sys
|
||||
</programlisting></para>
|
||||
|
||||
<para>before you install the client. Also, don't use the
|
||||
included NE2000 driver because it is buggy. Try the NE2000
|
||||
or NS2000 driver from
|
||||
<ulink url="ftp://ftp.cdrom.com/pub/os2/network/ndis/">
|
||||
ftp://ftp.cdrom.com/pub/os2/network/ndis/</ulink> instead.
|
||||
</para>
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>Are there any other issues when OS/2 (any version)
|
||||
is used as a client?</title>
|
||||
|
||||
<para>When you do a NET VIEW or use the "File and Print
|
||||
Client Resource Browser", no Samba servers show up. This can
|
||||
be fixed by a patch from <ulink
|
||||
url="http://carol.wins.uva.nl/~leeuw/samba/fix.html">
|
||||
http://carol.wins.uva.nl/~leeuw/samba/fix.html</ulink>.
|
||||
The patch will be included in a later version of Samba. It also
|
||||
fixes a couple of other problems, such as preserving long
|
||||
filenames when objects are dragged from the Workplace Shell
|
||||
to the Samba server. </para>
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>How do I get printer driver download working
|
||||
for OS/2 clients?</title>
|
||||
|
||||
<para>First, create a share called [PRINTDRV] that is
|
||||
world-readable. Copy your OS/2 driver files there. Note
|
||||
that the .EA_ files must still be separate, so you will need
|
||||
to use the original install files, and not copy an installed
|
||||
driver from an OS/2 system.</para>
|
||||
|
||||
<para>Install the NT driver first for that printer. Then,
|
||||
add to your smb.conf a parameter, "os2 driver map =
|
||||
<replaceable>filename</replaceable>". Then, in the file
|
||||
specified by <replaceable>filename</replaceable>, map the
|
||||
name of the NT driver name to the OS/2 driver name as
|
||||
follows:</para>
|
||||
|
||||
<para><nt driver name> = <os2 driver
|
||||
name>.<device name>, e.g.:
|
||||
HP LaserJet 5L = LASERJET.HP LaserJet 5L</para>
|
||||
|
||||
<para>You can have multiple drivers mapped in this file.</para>
|
||||
|
||||
<para>If you only specify the OS/2 driver name, and not the
|
||||
device name, the first attempt to download the driver will
|
||||
actually download the files, but the OS/2 client will tell
|
||||
you the driver is not available. On the second attempt, it
|
||||
will work. This is fixed simply by adding the device name
|
||||
to the mapping, after which it will work on the first attempt.
|
||||
</para>
|
||||
</sect2>
|
||||
</sect1>
|
||||
|
||||
</chapter>
|
||||
|
332
docs/docbook/projdoc/Other-Clients.sgml
Normal file
332
docs/docbook/projdoc/Other-Clients.sgml
Normal file
@ -0,0 +1,332 @@
|
||||
<chapter id="Other-Clients">
|
||||
<chapterinfo>
|
||||
<author>
|
||||
<firstname>Jim</firstname><surname>McDonough</surname>
|
||||
<affiliation>
|
||||
<orgname>IBM</orgname>
|
||||
</affiliation>
|
||||
<firstname>Jelmer</firstname><surname>Vernooij</surname>
|
||||
<affiliation>
|
||||
<orgname>Samba Team</orgname>
|
||||
<address>jelmer@samba.org</address>
|
||||
</affiliation>
|
||||
</author>
|
||||
|
||||
<pubdate>5 Mar 2001</pubdate>
|
||||
</chapterinfo>
|
||||
|
||||
<title>Samba and other CIFS clients</title>
|
||||
|
||||
<para>This chapter contains client-specific information.</para>
|
||||
|
||||
<sect1>
|
||||
<title>Macintosh clients?</title>
|
||||
|
||||
<para>
|
||||
Yes. <ulink url="http://www.thursby.com/">Thursby</ulink> now have a CIFS Client / Server called DAVE - see
|
||||
</para>
|
||||
|
||||
<para>
|
||||
They test it against Windows 95, Windows NT and samba for
|
||||
compatibility issues. At the time of writing, DAVE was at version
|
||||
1.0.1. The 1.0.0 to 1.0.1 update is available as a free download from
|
||||
the Thursby web site (the speed of finder copies has been greatly
|
||||
enhanced, and there are bug-fixes included).
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Alternatives - There are two free implementations of AppleTalk for
|
||||
several kinds of UNIX machnes, and several more commercial ones.
|
||||
These products allow you to run file services and print services
|
||||
natively to Macintosh users, with no additional support required on
|
||||
the Macintosh. The two free omplementations are
|
||||
<ulink url="http://www.umich.edu/~rsug/netatalk/">Netatalk</ulink>, and
|
||||
<ulink url="http://www.cs.mu.oz.au/appletalk/atalk.html">CAP</ulink>.
|
||||
What Samba offers MS
|
||||
Windows users, these packages offer to Macs. For more info on these
|
||||
packages, Samba, and Linux (and other UNIX-based systems) see
|
||||
<ulink url="http://www.eats.com/linux_mac_win.html">http://www.eats.com/linux_mac_win.html</ulink>
|
||||
</para>
|
||||
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>OS2 Client</title>
|
||||
|
||||
<sect2>
|
||||
<title>How can I configure OS/2 Warp Connect or
|
||||
OS/2 Warp 4 as a client for Samba?</title>
|
||||
|
||||
<para>A more complete answer to this question can be
|
||||
found on <ulink url="http://carol.wins.uva.nl/~leeuw/samba/warp.html">
|
||||
http://carol.wins.uva.nl/~leeuw/samba/warp.html</ulink>.</para>
|
||||
|
||||
<para>Basically, you need three components:</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem><para>The File and Print Client ('IBM Peer')
|
||||
</para></listitem>
|
||||
<listitem><para>TCP/IP ('Internet support')
|
||||
</para></listitem>
|
||||
<listitem><para>The "NetBIOS over TCP/IP" driver ('TCPBEUI')
|
||||
</para></listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>Installing the first two together with the base operating
|
||||
system on a blank system is explained in the Warp manual. If Warp
|
||||
has already been installed, but you now want to install the
|
||||
networking support, use the "Selective Install for Networking"
|
||||
object in the "System Setup" folder.</para>
|
||||
|
||||
<para>Adding the "NetBIOS over TCP/IP" driver is not described
|
||||
in the manual and just barely in the online documentation. Start
|
||||
MPTS.EXE, click on OK, click on "Configure LAPS" and click
|
||||
on "IBM OS/2 NETBIOS OVER TCP/IP" in 'Protocols'. This line
|
||||
is then moved to 'Current Configuration'. Select that line,
|
||||
click on "Change number" and increase it from 0 to 1. Save this
|
||||
configuration.</para>
|
||||
|
||||
<para>If the Samba server(s) is not on your local subnet, you
|
||||
can optionally add IP names and addresses of these servers
|
||||
to the "Names List", or specify a WINS server ('NetBIOS
|
||||
Nameserver' in IBM and RFC terminology). For Warp Connect you
|
||||
may need to download an update for 'IBM Peer' to bring it on
|
||||
the same level as Warp 4. See the webpage mentioned above.</para>
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>How can I configure OS/2 Warp 3 (not Connect),
|
||||
OS/2 1.2, 1.3 or 2.x for Samba?</title>
|
||||
|
||||
<para>You can use the free Microsoft LAN Manager 2.2c Client
|
||||
for OS/2 from
|
||||
<ulink url="ftp://ftp.microsoft.com/BusSys/Clients/LANMAN.OS2/">
|
||||
ftp://ftp.microsoft.com/BusSys/Clients/LANMAN.OS2/</ulink>.
|
||||
See <ulink url="http://carol.wins.uva.nl/~leeuw/lanman.html">
|
||||
http://carol.wins.uva.nl/~leeuw/lanman.html</ulink> for
|
||||
more information on how to install and use this client. In
|
||||
a nutshell, edit the file \OS2VER in the root directory of
|
||||
the OS/2 boot partition and add the lines:</para>
|
||||
|
||||
<para><programlisting>
|
||||
20=setup.exe
|
||||
20=netwksta.sys
|
||||
20=netvdd.sys
|
||||
</programlisting></para>
|
||||
|
||||
<para>before you install the client. Also, don't use the
|
||||
included NE2000 driver because it is buggy. Try the NE2000
|
||||
or NS2000 driver from
|
||||
<ulink url="ftp://ftp.cdrom.com/pub/os2/network/ndis/">
|
||||
ftp://ftp.cdrom.com/pub/os2/network/ndis/</ulink> instead.
|
||||
</para>
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>Are there any other issues when OS/2 (any version)
|
||||
is used as a client?</title>
|
||||
|
||||
<para>When you do a NET VIEW or use the "File and Print
|
||||
Client Resource Browser", no Samba servers show up. This can
|
||||
be fixed by a patch from <ulink
|
||||
url="http://carol.wins.uva.nl/~leeuw/samba/fix.html">
|
||||
http://carol.wins.uva.nl/~leeuw/samba/fix.html</ulink>.
|
||||
The patch will be included in a later version of Samba. It also
|
||||
fixes a couple of other problems, such as preserving long
|
||||
filenames when objects are dragged from the Workplace Shell
|
||||
to the Samba server. </para>
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>How do I get printer driver download working
|
||||
for OS/2 clients?</title>
|
||||
|
||||
<para>First, create a share called [PRINTDRV] that is
|
||||
world-readable. Copy your OS/2 driver files there. Note
|
||||
that the .EA_ files must still be separate, so you will need
|
||||
to use the original install files, and not copy an installed
|
||||
driver from an OS/2 system.</para>
|
||||
|
||||
<para>Install the NT driver first for that printer. Then,
|
||||
add to your smb.conf a parameter, os2 driver map =
|
||||
<replaceable>filename</replaceable>". Then, in the file
|
||||
specified by <replaceable>filename</replaceable>, map the
|
||||
name of the NT driver name to the OS/2 driver name as
|
||||
follows:</para>
|
||||
|
||||
<para><command>nt driver name = os2 "driver
|
||||
name"."device name"</command>, e.g.:
|
||||
HP LaserJet 5L = LASERJET.HP LaserJet 5L</para>
|
||||
|
||||
<para>You can have multiple drivers mapped in this file.</para>
|
||||
|
||||
<para>If you only specify the OS/2 driver name, and not the
|
||||
device name, the first attempt to download the driver will
|
||||
actually download the files, but the OS/2 client will tell
|
||||
you the driver is not available. On the second attempt, it
|
||||
will work. This is fixed simply by adding the device name
|
||||
to the mapping, after which it will work on the first attempt.
|
||||
</para>
|
||||
</sect2>
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>Windows for Workgroups</title>
|
||||
|
||||
<sect2>
|
||||
<title>Use latest TCP/IP stack from Microsoft</title>
|
||||
|
||||
<para>Use the latest TCP/IP stack from microsoft if you use Windows
|
||||
for workgroups.</para>
|
||||
|
||||
<para>The early TCP/IP stacks had lots of bugs.</para>
|
||||
|
||||
<para>
|
||||
Microsoft has released an incremental upgrade to their TCP/IP 32-Bit
|
||||
VxD drivers. The latest release can be found on their ftp site at
|
||||
ftp.microsoft.com, located in /peropsys/windows/public/tcpip/wfwt32.exe.
|
||||
There is an update.txt file there that describes the problems that were
|
||||
fixed. New files include WINSOCK.DLL, TELNET.EXE, WSOCK.386, VNBT.386,
|
||||
WSTCP.386, TRACERT.EXE, NETSTAT.EXE, and NBTSTAT.EXE.
|
||||
</para>
|
||||
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>Delete .pwl files after password change</title>
|
||||
|
||||
<para>
|
||||
WfWg does a lousy job with passwords. I find that if I change my
|
||||
password on either the unix box or the PC the safest thing to do is to
|
||||
delete the .pwl files in the windows directory. The PC will complain about not finding the files, but will soon get over it, allowing you to enter the new password.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
If you don't do this you may find that WfWg remembers and uses the old
|
||||
password, even if you told it a new one.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Often WfWg will totally ignore a password you give it in a dialog box.
|
||||
</para>
|
||||
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>Configure WfW password handling</title>
|
||||
|
||||
<para>
|
||||
There is a program call admincfg.exe
|
||||
on the last disk (disk 8) of the WFW 3.11 disk set. To install it
|
||||
type EXPAND A:\ADMINCFG.EX_ C:\WINDOWS\ADMINCFG.EXE Then add an icon
|
||||
for it via the "Progam Manager" "New" Menu. This program allows you
|
||||
to control how WFW handles passwords. ie disable Password Caching etc
|
||||
for use with <command>security = user</command>
|
||||
</para>
|
||||
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>Case handling of passwords</title>
|
||||
|
||||
<para>Windows for Workgroups uppercases the password before sending it to the server. Unix passwords can be case-sensitive though. Check the <ulink url="smb.conf.5.html">smb.conf(5)</ulink> information on <command>password level</command> to specify what characters samba should try to uppercase when checking.</para>
|
||||
|
||||
</sect2>
|
||||
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>Windows '95/'98</title>
|
||||
|
||||
<para>
|
||||
When using Windows 95 OEM SR2 the following updates are recommended where Samba
|
||||
is being used. Please NOTE that the above change will affect you once these
|
||||
updates have been installed.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
There are more updates than the ones mentioned here. You are referred to the
|
||||
Microsoft Web site for all currently available updates to your specific version
|
||||
of Windows 95.
|
||||
</para>
|
||||
|
||||
<orderedlist>
|
||||
<listitem><para>Kernel Update: KRNLUPD.EXE</para></listitem>
|
||||
<listitem><para>Ping Fix: PINGUPD.EXE</para></listitem>
|
||||
<listitem><para>RPC Update: RPCRTUPD.EXE</para></listitem>
|
||||
<listitem><para>TCP/IP Update: VIPUPD.EXE</para></listitem>
|
||||
<listitem><para>Redirector Update: VRDRUPD.EXE</para></listitem>
|
||||
</orderedlist>
|
||||
|
||||
<para>
|
||||
Also, if using MS OutLook it is desirable to install the OLEUPD.EXE fix. This
|
||||
fix may stop your machine from hanging for an extended period when exiting
|
||||
OutLook and you may also notice a significant speedup when accessing network
|
||||
neighborhood services.
|
||||
</para>
|
||||
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>Windows 2000 Service Pack 2</title>
|
||||
|
||||
<para>
|
||||
There are several annoyances with Windows 2000 SP2. One of which
|
||||
only appears when using a Samba server to host user profiles
|
||||
to Windows 2000 SP2 clients in a Windows domain. This assumes
|
||||
that Samba is a member of the domain, but the problem will
|
||||
likely occur if it is not.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
In order to server profiles successfully to Windows 2000 SP2
|
||||
clients (when not operating as a PDC), Samba must have
|
||||
<command>nt acl support = no</command>
|
||||
added to the file share which houses the roaming profiles.
|
||||
If this is not done, then the Windows 2000 SP2 client will
|
||||
complain about not being able to access the profile (Access
|
||||
Denied) and create multiple copies of it on disk (DOMAIN.user.001,
|
||||
DOMAIN.user.002, etc...). See the
|
||||
<ulink url="smb.conf.5.html">smb.conf(5)</ulink> man page
|
||||
for more details on this option. Also note that the
|
||||
<command>nt acl support</command> parameter was formally a global parameter in
|
||||
releases prior to Samba 2.2.2.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The following is a minimal profile share:
|
||||
</para>
|
||||
|
||||
<para><programlisting>
|
||||
[profile]
|
||||
path = /export/profile
|
||||
create mask = 0600
|
||||
directory mask = 0700
|
||||
nt acl support = no
|
||||
read only = no
|
||||
</programlisting></para>
|
||||
|
||||
<para>
|
||||
The reason for this bug is that the Win2k SP2 client copies
|
||||
the security descriptor for the profile which contains
|
||||
the Samba server's SID, and not the domain SID. The client
|
||||
compares the SID for SAMBA\user and realizes it is
|
||||
different that the one assigned to DOMAIN\user. Hence the reason
|
||||
for the "access denied" message.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
By disabling the <command>nt acl support</command> parameter, Samba will send
|
||||
the Win2k client a response to the QuerySecurityDescriptor
|
||||
trans2 call which causes the client to set a default ACL
|
||||
for the profile. This default ACL includes
|
||||
</para>
|
||||
|
||||
<para><command>DOMAIN\user "Full Control"</command></para>
|
||||
|
||||
<para><emphasis>NOTE : This bug does not occur when using winbind to
|
||||
create accounts on the Samba host for Domain users.</emphasis></para>
|
||||
|
||||
</sect1>
|
||||
|
||||
</chapter>
|
148
docs/docbook/projdoc/Portability.sgml
Normal file
148
docs/docbook/projdoc/Portability.sgml
Normal file
@ -0,0 +1,148 @@
|
||||
<chapter id="Portability">
|
||||
<chapterinfo>
|
||||
<author>
|
||||
<firstname>Jelmer</firstname><surname>Vernooij</surname>
|
||||
</author>
|
||||
</chapterinfo>
|
||||
|
||||
<title>Portability</title>
|
||||
|
||||
<para>Samba works on a wide range of platforms but the interface all the
|
||||
platforms provide is not always compatible. This chapter contains
|
||||
platform-specific information about compiling and using samba.</para>
|
||||
|
||||
<sect1>
|
||||
<title>HPUX</title>
|
||||
|
||||
<para>
|
||||
HP's implementation of supplementary groups is, er, non-standard (for
|
||||
hysterical reasons). There are two group files, /etc/group and
|
||||
/etc/logingroup; the system maps UIDs to numbers using the former, but
|
||||
initgroups() reads the latter. Most system admins who know the ropes
|
||||
symlink /etc/group to /etc/logingroup (hard link doesn't work for reasons
|
||||
too stupid to go into here). initgroups() will complain if one of the
|
||||
groups you're in in /etc/logingroup has what it considers to be an invalid
|
||||
ID, which means outside the range [0..UID_MAX], where UID_MAX is (I think)
|
||||
60000 currently on HP-UX. This precludes -2 and 65534, the usual 'nobody'
|
||||
GIDs.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
If you encounter this problem, make sure that the programs that are failing
|
||||
to initgroups() be run as users not in any groups with GIDs outside the
|
||||
allowed range.
|
||||
</para>
|
||||
|
||||
<para>This is documented in the HP manual pages under setgroups(2) and passwd(4).
|
||||
</para>
|
||||
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>SCO Unix</title>
|
||||
|
||||
<para>
|
||||
If you run an old version of SCO Unix then you may need to get important
|
||||
TCP/IP patches for Samba to work correctly. Without the patch, you may
|
||||
encounter corrupt data transfers using samba.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The patch you need is UOD385 Connection Drivers SLS. It is available from
|
||||
SCO (ftp.sco.com, directory SLS, files uod385a.Z and uod385a.ltr.Z).
|
||||
</para>
|
||||
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>DNIX</title>
|
||||
|
||||
<para>
|
||||
DNIX has a problem with seteuid() and setegid(). These routines are
|
||||
needed for Samba to work correctly, but they were left out of the DNIX
|
||||
C library for some reason.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
For this reason Samba by default defines the macro NO_EID in the DNIX
|
||||
section of includes.h. This works around the problem in a limited way,
|
||||
but it is far from ideal, some things still won't work right.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
To fix the problem properly you need to assemble the following two
|
||||
functions and then either add them to your C library or link them into
|
||||
Samba.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
put this in the file <filename>setegid.s</filename>:
|
||||
</para>
|
||||
|
||||
<para><programlisting>
|
||||
.globl _setegid
|
||||
_setegid:
|
||||
moveq #47,d0
|
||||
movl #100,a0
|
||||
moveq #1,d1
|
||||
movl 4(sp),a1
|
||||
trap #9
|
||||
bccs 1$
|
||||
jmp cerror
|
||||
1$:
|
||||
clrl d0
|
||||
rts
|
||||
</programlisting></para>
|
||||
|
||||
<para>
|
||||
put this in the file <filename>seteuid.s</filename>:
|
||||
</para>
|
||||
|
||||
<para><programlisting>
|
||||
.globl _seteuid
|
||||
_seteuid:
|
||||
moveq #47,d0
|
||||
movl #100,a0
|
||||
moveq #0,d1
|
||||
movl 4(sp),a1
|
||||
trap #9
|
||||
bccs 1$
|
||||
jmp cerror
|
||||
1$:
|
||||
clrl d0
|
||||
rts
|
||||
</programlisting></para>
|
||||
|
||||
<para>
|
||||
after creating the above files you then assemble them using
|
||||
</para>
|
||||
|
||||
<para><command>as seteuid.s</command></para>
|
||||
<para><command>as setegid.s</command></para>
|
||||
|
||||
<para>
|
||||
that should produce the files <filename>seteuid.o</filename> and
|
||||
<filename>setegid.o</filename>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
then you need to add these to the LIBSM line in the DNIX section of
|
||||
the Samba Makefile. Your LIBSM line will then look something like this:
|
||||
</para>
|
||||
|
||||
<para><programlisting>
|
||||
LIBSM = setegid.o seteuid.o -ln
|
||||
</programlisting></para>
|
||||
|
||||
<para>
|
||||
You should then remove the line:
|
||||
</para>
|
||||
|
||||
<para><programlisting>
|
||||
#define NO_EID
|
||||
</programlisting></para>
|
||||
|
||||
<para>from the DNIX section of <filename>includes.h</filename></para>
|
||||
|
||||
</sect1>
|
||||
</chapter>
|
@ -6,7 +6,6 @@
|
||||
<!ENTITY DOMAIN-MEMBER SYSTEM "DOMAIN_MEMBER.sgml">
|
||||
<!ENTITY WINBIND SYSTEM "winbind.sgml">
|
||||
<!ENTITY NT-Security SYSTEM "NT_Security.sgml">
|
||||
<!ENTITY OS2-Client SYSTEM "OS2-Client-HOWTO.sgml">
|
||||
<!ENTITY Samba-PDC-HOWTO SYSTEM "Samba-PDC-HOWTO.sgml">
|
||||
<!ENTITY Samba-BDC-HOWTO SYSTEM "Samba-BDC-HOWTO.sgml">
|
||||
<!ENTITY CVS-Access SYSTEM "CVS-Access.sgml">
|
||||
@ -19,6 +18,9 @@
|
||||
<!ENTITY SECURITY-LEVEL SYSTEM "security_level.sgml">
|
||||
<!ENTITY SPEED SYSTEM "Speed.sgml">
|
||||
<!ENTITY BROWSING SYSTEM "Browsing.sgml">
|
||||
<!ENTITY GROUP-MAPPING-HOWTO "GROUP-MAPPING-HOWTO.sgml">
|
||||
<!ENTITY Portability "Portability.sgml">
|
||||
<!ENTITY Other-Clients "Other-Clients.sgml">
|
||||
]>
|
||||
|
||||
<book id="Samba-Project-Documentation">
|
||||
@ -78,8 +80,10 @@ Cheers, jerry
|
||||
&Samba-LDAP;
|
||||
&BROWSING;
|
||||
&SPEED;
|
||||
&OS2-Client;
|
||||
&Other-Clients;
|
||||
&CVS-Access;
|
||||
&BUGS;
|
||||
&GROUP-MAPPING-HOWTO;
|
||||
&Portability;
|
||||
|
||||
</book>
|
||||
|
Loading…
x
Reference in New Issue
Block a user