sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-28 17:47:29 +03:00
Code

Remove old faq - all the useful information it contained is now in the new FAQ

Browse Source 
(This used to be commit 5998dbe84bf3388d27597a5cb0b398b6f7840951)
This commit is contained in:
Jelmer Vernooij 2002-10-02 19:28:33 +00:00
parent 8ab937c344
commit 1a66b224ed
22 changed files with 0 additions and 6717 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/faq/README
View File

@ -1,8 +0,0 @@
This directory contains the old Samba FAQ.
It is now horribly outdated and unmaintained.
It is being left here in case there is some
useful information within.
--jerry@samba.org

77
docs/faq/Samba-Server-FAQ-1.html
View File

@ -1,77 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba Server FAQ: What is Samba?</TITLE>
</HEAD>
<BODY>
Previous
<A HREF="Samba-Server-FAQ-2.html">Next</A>
<A HREF="Samba-Server-FAQ.html#toc1">Table of Contents</A>
<HR>
<H2><A NAME="s1">1. What is Samba?</A></H2>
<P>
<A NAME="WhatIsSamba"></A>
</P>
<P>See the
<A HREF="Samba-meta-FAQ.html#introduction">meta FAQ introduction</A> if you don't have any idea what Samba does.</P>
<P>Samba has many features that are not supported in other CIFS and SMB
implementations, all of which are commercial. It approaches some
problems from a different angle.</P>
<P>Some of its features include:
<UL>
<LI>extremely dynamic runtime configuration</LI>
<LI>host as well as username/password security</LI>
<LI>scriptable SMB client</LI>
<LI>automatic home directory exporting</LI>
<LI>automatic printer exporting</LI>
<LI>intelligent dead connection timeouts</LI>
<LI>guest connections</LI>
</UL>
</P>
<P>Look at the
<A HREF="samba-man-index.html">manual pages</A> included with the package for a full list of
features. The components of the suite are (in summary):</P>
<P>
<DL>
<DT><B>smbd</B><DD><P>the SMB server. This handles actual connections from clients,
doing all the interfacing with the
<A HREF="Samba-meta-FAQ.html#DomainModeSecurity">authentication database</A> for file, permission and username work.</P>
<DT><B>nmbd</B><DD><P>the NetBIOS name server, which helps clients locate servers,
maintaining the
<A HREF="Samba-meta-FAQ.html#BrowseAndDomainDefs">authentication database</A> doing the browsing work and managing
domains as this capability is being built into Samba.</P>
<DT><B>smbclient</B><DD><P>the scriptable commandline SMB client program.
Useful for automated work, printer filters and testing purposes. It is
more CIFS-compliant than most commercial implementations. Note that this
is not a filesystem. The Samba team does not supply a network filesystem
driver, although the smbfs filesystem for Linux is derived from
smbclient code.</P>
<DT><B>smbrun</B><DD><P>a little 'glue' program to help the server run
external programs.</P>
<DT><B>testprns</B><DD><P>a program to test server access to printers</P>
<DT><B>testparms</B><DD><P>a program to test the Samba configuration file
for correctness</P>
<DT><B>smb.conf</B><DD><P>the Samba configuration file</P>
<DT><B>examples</B><DD><P>many examples have been put together for the different
operating systems that Samba supports.</P>
<DT><B>Documentation!</B><DD><P>DON'T neglect to read it - you will save a great
deal of time!</P>
</DL>
</P>
<HR>
Previous
<A HREF="Samba-Server-FAQ-2.html">Next</A>
<A HREF="Samba-Server-FAQ.html#toc1">Table of Contents</A>
</BODY>
</HTML>

500
docs/faq/Samba-Server-FAQ-2.html
View File

@ -1,500 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba Server FAQ: How do I get the CIFS, SMB and NetBIOS protocols?</TITLE>
</HEAD>
<BODY>
<A HREF="Samba-Server-FAQ-1.html">Previous</A>
Next
<A HREF="Samba-Server-FAQ.html#toc2">Table of Contents</A>
<HR>
<H2><A NAME="s2">2. How do I get the CIFS, SMB and NetBIOS protocols?</A></H2>
<P>
<A NAME="ServerProtocols"></A>
</P>
<P>See the
<A HREF="Samba-meta-FAQ.html#CifsSmb">meta FAQ on CIFS and SMB</A> if you don't have any idea what these protocols are.</P>
<P>CIFS and SMB are implemented by the main Samba fileserving daemon, smbd.
<F>.....</F></P>
<P>nmbd speaks a limited amount of CIFS (...) but is mostly concerned with
NetBIOS. NetBIOS is <F>....</F></P>
<P>RFC1001, RFC1002 <F>...</F></P>
<P>So, provided you have got Samba correctly installed and running you have
all three of these protocols. Some operating systems already come with
stacks for all or some of these, such as SCO Unix, OS/2 and <F>...</F> In this
case you must <F>...</F></P>
<H2><A NAME="ss2.1">2.1 What server operating systems are supported?</A></H2>
<P>
<A NAME="PortInfo"></A>
</P>
<P>At the last count, Samba runs on about 40 operating systems! This
section looks at general questions about running Samba on the different
platforms. Issues specific to particular operating systems are dealt
with in elsewhere in this document.</P>
<P>Many of the ports have been done by people outside the Samba team keen
to get the advantages of Samba. The Samba team is currently trying to
bring as many of these ports as possible into the main source tree and
integrate the documentation. Samba is an integration tool, and so it has
been made as easy as possible to port. The platforms most widely used
and thus best tested are Linux and SunOS.</P>
<P>This migration has not been completed yet. This means that some
documentation is on web sites <F>...</F></P>
<P>There are two main families of Samba ports, Unix and other. The Unix
ports cover anything that remotely resembles Unix and includes some
extremely old products as well as best-sellers, tiny PCs to massive
multiprocessor machines supporting hundreds of thousands of users. Samba
has been run on more than 30 Unix and Unix-like operating systems.</P>
<H3>Running Samba on a Unix or Unix-like system</H3>
<P>
<A NAME="OnUnix"></A>
</P>
<P>
<A HREF="../UNIX-SMB.txt">../UNIX-SMB.txt</A> describes some of the issues that confront a
SMB implementation on unix, and how Samba copes with them. They may help
people who are looking at unix<->PC interoperability.</P>
<P>There is great variation between Unix implementations, especially those
not adhering to the Common Unix Specification agreed to in 1996. Things
that can be quite tricky are <F>.....</F></P>
<P>There are also some considerable advantages conferred on Samba running
under Unix compared to, say, Windows NT or LAN Server. Unix has <F>...</F></P>
<P>At time of writing, the Makefile claimed support for:
<UL>
<LI> A/UX 3.0</LI>
<LI> AIX</LI>
<LI> Altos Series 386/1000</LI>
<LI> Amiga</LI>
<LI> Apollo Domain/OS sr10.3</LI>
<LI> BSDI </LI>
<LI> B.O.S. (Bull Operating System)</LI>
<LI> Cray, Unicos 8.0</LI>
<LI> Convex</LI>
<LI> DGUX. </LI>
<LI> DNIX.</LI>
<LI> FreeBSD</LI>
<LI> HP-UX</LI>
<LI> Intergraph. </LI>
<LI> Linux with/without shadow passwords and quota</LI>
<LI> LYNX 2.3.0</LI>
<LI> MachTen (a unix like system for Macintoshes)</LI>
<LI> Motorola 88xxx/9xx range of machines</LI>
<LI> NetBSD</LI>
<LI> NEXTSTEP Release 2.X, 3.0 and greater (including OPENSTEP for Mach).</LI>
<LI> OS/2 using EMX 0.9b</LI>
<LI> OSF1</LI>
<LI> QNX 4.22</LI>
<LI> RiscIX. </LI>
<LI> RISCOs 5.0B</LI>
<LI> SEQUENT. </LI>
<LI> SCO (including: 3.2v2, European dist., OpenServer 5)</LI>
<LI> SGI.</LI>
<LI> SMP_DC.OSx v1.1-94c079 on Pyramid S series</LI>
<LI> SONY NEWS, NEWS-OS (4.2.x and 6.1.x)</LI>
<LI> SUNOS 4</LI>
<LI> SUNOS 5.2, 5.3, and 5.4 (Solaris 2.2, 2.3, and '2.4 and later')</LI>
<LI> Sunsoft ISC SVR3V4</LI>
<LI> SVR4</LI>
<LI> System V with some berkely extensions (Motorola 88k R32V3.2).</LI>
<LI> ULTRIX.</LI>
<LI> UNIXWARE</LI>
<LI> UXP/DS</LI>
</UL>
</P>
<H3>Running Samba on systems unlike Unix</H3>
<P>
<A NAME="OnUnlikeUnix"></A>
</P>
<P>More recently Samba has been ported to a number of operating systems
which can provide a BSD Unix-like implementation of TCP/IP sockets.
These include OS/2, Netware, VMS, StratOS, Amiga and MVS. BeOS,
Windows NT and several others are being worked on but not yet available
for use.</P>
<P>Home pages for these ports are:</P>
<P><F>... </F></P>
<H2><A NAME="ss2.2">2.2 Exporting server resources with Samba</A></H2>
<P>
<A NAME="Exporting"></A>
</P>
<P>Files, printers, CD ROMs and other local devices. Network devices,
including networked filesystems and remote printer queues. Other devices
such as <F>....</F></P>
<P>1.4) Configuring SHARES
1.4.1) Homes service
1.4.2) Public services
1.4.3) Application serving
1.4.4) Team sharing a Samba resource</P>
<P>1.5) Printer configuration
1.5.1) Berkeley LPR/LPD systems
1.5.2) ATT SysV lp systems
1.5.3) Using a private printcap file
1.5.4) Use of the smbprint utility
1.5.5) Printing from Windows to Unix
1.5.6) Printing from Unix to Windows</P>
<H2><A NAME="ss2.3">2.3 Name Resolution and Browsing</A></H2>
<P>
<A NAME="NameBrowsing"></A>
</P>
<P>See also
<A HREF="../BROWSING.txt">../BROWSING.txt</A></P>
<P>1.6) Name resolution issues
1.6.1) LMHOSTS file and when to use it
1.6.2) configuring WINS (support, server, proxy)
1.6.3) configuring DNS proxy</P>
<P>1.7) Problem Diagnosis
1.8) What NOT to do!!!!</P>
<P>3.2) Browse list managment
3.3) Name resolution mangement</P>
<H2><A NAME="ss2.4">2.4 Handling SMB Encryption</A></H2>
<P>
<A NAME="SMBEncryptionSteps"></A>
</P>
<P>SMB encryption is ...</P>
<P>...in
<A HREF="../ENCRYPTION.txt">../ENCRYPTION.txt</A> there is...</P>
<P>Samba compiled with libdes - enabling encrypted passwords</P>
<H3>Laws in different countries affecting Samba</H3>
<P>
<A NAME="CryptoLaws"></A>
</P>
<H3>Relationship between encryption and Domain Authentication</H3>
<H2><A NAME="ss2.5">2.5 Files and record locking</A> 3.1.1) Old DOS clients 3.1.2) Opportunistic locking and the consequences 3.1.3) Files caching under Windows for Workgroups, Win95 and NT Some of the foregoing links into Client-FAQ</H2>
<H2><A NAME="ss2.6">2.6 Managing Samba Log files</A></H2>
<P>
<A NAME="LogFiles"></A>
</P>
<H2><A NAME="ss2.7">2.7 I can't see the Samba server in any browse lists!</A></H2>
<P>
<A NAME="no_browse"></A>
See
<A HREF="ftp://samba.org/pub/samba/BROWSING.txt">BROWSING.txt</A>
for more information on browsing. Browsing.txt can also be found
in the docs directory of the Samba source.</P>
<P>If your GUI client does not permit you to select non-browsable
servers, you may need to do so on the command line. For example, under
Lan Manager you might connect to the above service as disk drive M:
thusly:
<BLOCKQUOTE><CODE>
<PRE>
net use M: \\mary\fred
</PRE>
</CODE></BLOCKQUOTE>
The details of how to do this and the specific syntax varies from
client to client - check your client's documentation.</P>
<H2><A NAME="ss2.8">2.8 Some files that I KNOW are on the server doesn't show up when I view the files from my client! </A></H2>
<P>
<A NAME="missing_files"></A>
See the next question.</P>
<H2><A NAME="ss2.9">2.9 Some files on the server show up with really wierd filenames when I view the files from my client! </A></H2>
<P>
<A NAME="strange_filenames"></A>
If you check what files are not showing up, you will note that they
are files which contain upper case letters or which are otherwise not
DOS-compatible (ie, they are not legal DOS filenames for some reason).</P>
<P>The Samba server can be configured either to ignore such files
completely, or to present them to the client in "mangled" form. If you
are not seeing the files at all, the Samba server has most likely been
configured to ignore them. Consult the man page smb.conf(5) for
details of how to change this - the parameter you need to set is
"mangled names = yes".</P>
<H2><A NAME="ss2.10">2.10 My client reports "cannot locate specified computer" or similar</A></H2>
<P>
<A NAME="cant_see_server"></A>
This indicates one of three things: You supplied an incorrect server
name, the underlying TCP/IP layer is not working correctly, or the
name you specified cannot be resolved.</P>
<P>After carefully checking that the name you typed is the name you
should have typed, try doing things like pinging a host or telnetting
to somewhere on your network to see if TCP/IP is functioning OK. If it
is, the problem is most likely name resolution.</P>
<P>If your client has a facility to do so, hardcode a mapping between the
hosts IP and the name you want to use. For example, with Man Manager
or Windows for Workgroups you would put a suitable entry in the file
LMHOSTS. If this works, the problem is in the communication between
your client and the netbios name server. If it does not work, then
there is something fundamental wrong with your naming and the solution
is beyond the scope of this document.</P>
<P>If you do not have any server on your subnet supplying netbios name
resolution, hardcoded mappings are your only option. If you DO have a
netbios name server running (such as the Samba suite's nmbd program),
the problem probably lies in the way it is set up. Refer to Section
Two of this FAQ for more ideas.</P>
<P>By the way, remember to REMOVE the hardcoded mapping before further
tests :-) </P>
<H2><A NAME="ss2.11">2.11 My client reports "cannot locate specified share name" or similar</A></H2>
<P>
<A NAME="cant_see_share"></A>
This message indicates that your client CAN locate the specified
server, which is a good start, but that it cannot find a service of
the name you gave.</P>
<P>The first step is to check the exact name of the service you are
trying to connect to (consult your system administrator). Assuming it
exists and you specified it correctly (read your client's doco on how
to specify a service name correctly), read on:</P>
<P>
<UL>
<LI> Many clients cannot accept or use service names longer than eight characters.</LI>
<LI> Many clients cannot accept or use service names containing spaces.</LI>
<LI> Some servers (not Samba though) are case sensitive with service names.</LI>
<LI> Some clients force service names into upper case.</LI>
</UL>
</P>
<H2><A NAME="ss2.12">2.12 My client reports "cannot find domain controller", "cannot log on to the network" or similar </A></H2>
<P>
<A NAME="cant_see_net"></A>
Nothing is wrong - Samba does not implement the primary domain name
controller stuff for several reasons, including the fact that the
whole concept of a primary domain controller and "logging in to a
network" doesn't fit well with clients possibly running on multiuser
machines (such as users of smbclient under Unix). Having said that,
several developers are working hard on building it in to the next
major version of Samba. If you can contribute, send a message to
<A HREF="mailto:samba@samba.org">samba@samba.org</A> !</P>
<P>Seeing this message should not affect your ability to mount redirected
disks and printers, which is really what all this is about.</P>
<P>For many clients (including Windows for Workgroups and Lan Manager),
setting the domain to STANDALONE at least gets rid of the message.</P>
<H2><A NAME="ss2.13">2.13 Printing doesn't work :-(</A></H2>
<P>
<A NAME="no_printing"></A>
</P>
<P>Make sure that the specified print command for the service you are
connecting to is correct and that it has a fully-qualified path (eg.,
use "/usr/bin/lpr" rather than just "lpr", if you happen to be using
Unix).</P>
<P>Make sure that the spool directory specified for the service is
writable by the user connected to the service. </P>
<P>Make sure that the user specified in the service is permitted to use
the printer.</P>
<P>Check the debug log produced by smbd. Search for the printer name and
see if the log turns up any clues. Note that error messages to do with
a service ipc$ are meaningless - they relate to the way the client
attempts to retrieve status information when using the LANMAN1
protocol.</P>
<P>If using WfWg then you need to set the default protocol to TCP/IP, not
Netbeui. This is a WfWg bug.</P>
<P>If using the Lanman1 protocol (the default) then try switching to
coreplus. Also not that print status error messages don't mean
printing won't work. The print status is received by a different
mechanism.</P>
<H2><A NAME="ss2.14">2.14 My programs install on the server OK, but refuse to work properly</A></H2>
<P>
<A NAME="programs_wont_run"></A>
There are numerous possible reasons for this, but one MAJOR
possibility is that your software uses locking. Make sure you are
using Samba 1.6.11 or later. It may also be possible to work around
the problem by setting "locking=no" in the Samba configuration file
for the service the software is installed on. This should be regarded
as a strictly temporary solution.</P>
<P>In earlier Samba versions there were some difficulties with the very
latest Microsoft products, particularly Excel 5 and Word for Windows
6. These should have all been solved. If not then please let Andrew
Tridgell know via email at
<A HREF="mailto:sambas@samba.org">samba@samba.org</A>.</P>
<H2><A NAME="ss2.15">2.15 My "server string" doesn't seem to be recognised</A></H2>
<P>
<A NAME="bad_server_string"></A>
OR My client reports the default setting, eg. "Samba 1.9.15p4", instead
of what I have changed it to in the smb.conf file.</P>
<P>You need to use the -C option in nmbd. The "server string" affects
what smbd puts out and -C affects what nmbd puts out.</P>
<P>Current versions of Samba (1.9.16 +) have combined these options into
the "server string" field of smb.conf, -C for nmbd is now obsolete.</P>
<H2><A NAME="ss2.16">2.16 My client reports "This server is not configured to list shared resources" </A></H2>
<P>
<A NAME="cant_list_shares"></A>
Your guest account is probably invalid for some reason. Samba uses the
guest account for browsing in smbd. Check that your guest account is
valid.</P>
<P>See also 'guest account' in smb.conf man page.</P>
<H2><A NAME="ss2.17">2.17 Issues specific to Unix and Unix-like systems</A></H2>
<P>
<A NAME="UnixIssues"></A>
</P>
<H3>Printing doesn't work with my Unix Samba server</H3>
<P>
<A NAME="no_printing"></A>
</P>
<P>The user "nobody" often has problems with printing, even if it worked
with an earlier version of Samba. Try creating another guest user other
than "nobody".</P>
<H3>Log message "you appear to have a trapdoor uid system" </H3>
<P>
<A NAME="trapdoor_uid"></A>
This can have several causes. It might be because you are using a uid
or gid of 65535 or -1. This is a VERY bad idea, and is a big security
hole. Check carefully in your /etc/passwd file and make sure that no
user has uid 65535 or -1. Especially check the "nobody" user, as many
broken systems are shipped with nobody setup with a uid of 65535.</P>
<P>It might also mean that your OS has a trapdoor uid/gid system :-)</P>
<P>This means that once a process changes effective uid from root to
another user it can't go back to root. Unfortunately Samba relies on
being able to change effective uid from root to non-root and back
again to implement its security policy. If your OS has a trapdoor uid
system this won't work, and several things in Samba may break. Less
things will break if you use user or server level security instead of
the default share level security, but you may still strike
problems.</P>
<P>The problems don't give rise to any security holes, so don't panic,
but it does mean some of Samba's capabilities will be unavailable.
In particular you will not be able to connect to the Samba server as
two different uids at once. This may happen if you try to print as a
"guest" while accessing a share as a normal user. It may also affect
your ability to list the available shares as this is normally done as
the guest user.</P>
<P>Complain to your OS vendor and ask them to fix their system.</P>
<P>Note: the reason why 65535 is a VERY bad choice of uid and gid is that
it casts to -1 as a uid, and the setreuid() system call ignores (with
no error) uid changes to -1. This means any daemon attempting to run
as uid 65535 will actually run as root. This is not good!</P>
<H2><A NAME="ss2.18">2.18 Issues specific to IBM OS/2 systems</A></H2>
<P>
<A NAME="OS2Issues"></A>
</P>
<P>
<A HREF="http://carol.wins.uva.nl/~leeuw/samba/samba2.html">Samba for OS/2</A></P>
<H2><A NAME="ss2.19">2.19 Issues specific to IBM MVS systems</A></H2>
<P>
<A NAME="MVSIssues"></A>
</P>
<P>
<A HREF="ftp://ftp.mks.com/pub/samba/">Samba for OS/390 MVS</A></P>
<H2><A NAME="ss2.20">2.20 Issues specific to Digital VMS systems</A></H2>
<P>
<A NAME="VMSIssues"></A>
</P>
<H2><A NAME="ss2.21">2.21 Issues specific to Amiga systems</A></H2>
<P>
<A NAME="AmigaIssues"></A>
</P>
<P>
<A HREF="http://www.gbar.dtu.dk/~c948374/Amiga/Samba/">Samba for Amiga</A></P>
<P>There is a mailing list for Samba on the Amiga.</P>
<P>Subscribing.</P>
<P>Send an email to rask-samba-request@kampsax.dtu.dk with the word subscribe
in the message. The list server will use the address in the Reply-To: or
From: header field, in that order.</P>
<P>Unsubscribing.</P>
<P>Send an email to rask-samba-request@kampsax.dtu.dk with the word
unsubscribe in the message. The list server will use the address in the
Reply-To: or From: header field, in that order. If you are unsure which
address you are subscribed with, look at the headers. You should see a
"From " (no colon) or Return-Path: header looking something like</P>
<P>rask-samba-owner-myname=my.domain@kampsax.dtu.dk</P>
<P>where myname=my.domain gives you the address myname@my.domain. This also
means that I will always be able to find out which address is causing
bounces, for example.
List archive.</P>
<P>Messages sent to the list are archived in HTML. See the mailing list home
page at
<A HREF="http://www.gbar.dtu.dk/~c948374/Amiga/Samba/mailinglist/">http://www.gbar.dtu.dk/~c948374/Amiga/Samba/mailinglist/</A></P>
<H2><A NAME="ss2.22">2.22 Issues specific to Novell IntraNetware systems</A></H2>
<P>
<A NAME="NetwareIssues"></A>
</P>
<H2><A NAME="ss2.23">2.23 Issues specific to Stratus VOS systems</A></H2>
<P>
<A NAME="NetwareIssues"></A>
</P>
<P>
<A HREF="ftp://ftp.stratus.com/pub/vos/tools/">Samba for Stratus VOS</A></P>
<HR>
<A HREF="Samba-Server-FAQ-1.html">Previous</A>
Next
<A HREF="Samba-Server-FAQ.html#toc2">Table of Contents</A>
</BODY>
</HTML>

88
docs/faq/Samba-Server-FAQ.html
View File

@ -1,88 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba Server FAQ</TITLE>
</HEAD>
<BODY>
Previous
<A HREF="Samba-Server-FAQ-1.html">Next</A>
Table of Contents
<HR>
<H1> Samba Server FAQ</H1>
<H2>Dan Shearer & Paul Blackman, <CODE>ictinus@samba.org</CODE></H2>v 0.3, 7 Oct '97
<P><HR><EM> This is the <EM>Server</EM> Frequently Asked Questions (FAQ)
document for Samba, the free and very popular SMB and CIFS server
product. A general
<A HREF="Samba-meta-FAQ.html">meta FAQ</A>
exists and also a companion
<A HREF="Samba-Client-FAQ.html">Client FAQ</A>, together with more detailed HOWTO documents on
topics to do with Samba software. This is current to Samba version
1.9.17. Please send any corrections to the author. </EM><HR></P>
<P>
<H2><A NAME="toc1">1.</A> <A HREF="Samba-Server-FAQ-1.html">What is Samba?</A></H2>
<P>
<H2><A NAME="toc2">2.</A> <A HREF="Samba-Server-FAQ-2.html">How do I get the CIFS, SMB and NetBIOS protocols?</A></H2>
<UL>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.1">2.1 What server operating systems are supported?</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.2">2.2 Exporting server resources with Samba</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.3">2.3 Name Resolution and Browsing</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.4">2.4 Handling SMB Encryption</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.5">2.5 Files and record locking</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.6">2.6 Managing Samba Log files</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.7">2.7 I can't see the Samba server in any browse lists!</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.8">2.8 Some files that I KNOW are on the server doesn't show up when I view the files from my client! </A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.9">2.9 Some files on the server show up with really wierd filenames when I view the files from my client! </A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.10">2.10 My client reports "cannot locate specified computer" or similar</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.11">2.11 My client reports "cannot locate specified share name" or similar</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.12">2.12 My client reports "cannot find domain controller", "cannot log on to the network" or similar </A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.13">2.13 Printing doesn't work :-(</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.14">2.14 My programs install on the server OK, but refuse to work properly</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.15">2.15 My "server string" doesn't seem to be recognised</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.16">2.16 My client reports "This server is not configured to list shared resources" </A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.17">2.17 Issues specific to Unix and Unix-like systems</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.18">2.18 Issues specific to IBM OS/2 systems</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.19">2.19 Issues specific to IBM MVS systems</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.20">2.20 Issues specific to Digital VMS systems</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.21">2.21 Issues specific to Amiga systems</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.22">2.22 Issues specific to Novell IntraNetware systems</A>
<LI><A HREF="Samba-Server-FAQ-2.html#ss2.23">2.23 Issues specific to Stratus VOS systems</A>
</UL>
<HR>
Previous
<A HREF="Samba-Server-FAQ-1.html">Next</A>
Table of Contents
</BODY>
</HTML>

407
docs/faq/Samba-Server-FAQ.sgml
View File

@ -1,407 +0,0 @@
<!doctype linuxdoc system> <!-- -*- SGML -*- -->
<!--
v 0.1 23 Aug 1997 Dan Shearer
Original Samba-Client-FAQ.sgml from Paul's sambafaq.sgml
v 0.2 25 Aug 1997 Dan
v 0.3 7 Oct 1997 Paul, changed email address from ictinus@lake... to ictinus@samba.anu
-->
<article>
<title> Samba Server FAQ
<author>Dan Shearer & Paul Blackman, <tt>ictinus@samba.org</tt>
<date>v 0.3, 7 Oct '97
<abstract> This is the <em>Server</em> Frequently Asked Questions (FAQ)
document for Samba, the free and very popular SMB and CIFS server
product. A general <url url="Samba-meta-FAQ.html" name="meta FAQ">
exists and also a companion <url url="Samba-Client-FAQ.html"
name="Client FAQ">, together with more detailed HOWTO documents on
topics to do with Samba software. This is current to Samba version
1.9.17. Please send any corrections to the author.
</abstract>
<toc>
<sect>What is Samba?<p><label id="WhatIsSamba">
See the <url url="Samba-meta-FAQ.html#introduction" name="meta FAQ
introduction"> if you don't have any idea what Samba does.
Samba has many features that are not supported in other CIFS and SMB
implementations, all of which are commercial. It approaches some
problems from a different angle.
Some of its features include:
<itemize>
<item>extremely dynamic runtime configuration
<item>host as well as username/password security
<item>scriptable SMB client
<item>automatic home directory exporting
<item>automatic printer exporting
<item>intelligent dead connection timeouts
<item>guest connections
</itemize>
Look at the <url url="samba-man-index.html" name="manual pages"> included with the package for a full list of
features. The components of the suite are (in summary):
<descrip>
<tag/smbd/ the SMB server. This handles actual connections from clients,
doing all the interfacing with the <url
url="Samba-meta-FAQ.html#DomainModeSecurity" name="authentication
database"> for file, permission and username work.
<tag/nmbd/ the NetBIOS name server, which helps clients locate servers,
maintaining the <url url="Samba-meta-FAQ.html#BrowseAndDomainDefs"
name="authentication database"> doing the browsing work and managing
domains as this capability is being built into Samba.
<tag/smbclient/ the scriptable commandline SMB client program.
Useful for automated work, printer filters and testing purposes. It is
more CIFS-compliant than most commercial implementations. Note that this
is not a filesystem. The Samba team does not supply a network filesystem
driver, although the smbfs filesystem for Linux is derived from
smbclient code.
<tag/smbrun/ a little 'glue' program to help the server run
external programs.
<tag/testprns/ a program to test server access to printers
<tag/testparms/ a program to test the Samba configuration file
for correctness
<tag/smb.conf/ the Samba configuration file
<tag/examples/ many examples have been put together for the different
operating systems that Samba supports.
<tag/Documentation!/ DON'T neglect to read it - you will save a great
deal of time!
</descrip>
<sect>How do I get the CIFS, SMB and NetBIOS protocols?<p><label id="ServerProtocols">
See the <url url="Samba-meta-FAQ.html#CifsSmb" name="meta FAQ
on CIFS and SMB"> if you don't have any idea what these protocols are.
CIFS and SMB are implemented by the main Samba fileserving daemon, smbd.
[.....]
nmbd speaks a limited amount of CIFS (...) but is mostly concerned with
NetBIOS. NetBIOS is [....]
RFC1001, RFC1002 [...]
So, provided you have got Samba correctly installed and running you have
all three of these protocols. Some operating systems already come with
stacks for all or some of these, such as SCO Unix, OS/2 and [...] In this
case you must [...]
<sect1>What server operating systems are supported?<p><label id="PortInfo">
At the last count, Samba runs on about 40 operating systems! This
section looks at general questions about running Samba on the different
platforms. Issues specific to particular operating systems are dealt
with in elsewhere in this document.
Many of the ports have been done by people outside the Samba team keen
to get the advantages of Samba. The Samba team is currently trying to
bring as many of these ports as possible into the main source tree and
integrate the documentation. Samba is an integration tool, and so it has
been made as easy as possible to port. The platforms most widely used
and thus best tested are Linux and SunOS.
This migration has not been completed yet. This means that some
documentation is on web sites [...]
There are two main families of Samba ports, Unix and other. The Unix
ports cover anything that remotely resembles Unix and includes some
extremely old products as well as best-sellers, tiny PCs to massive
multiprocessor machines supporting hundreds of thousands of users. Samba
has been run on more than 30 Unix and Unix-like operating systems.
<sect2>Running Samba on a Unix or Unix-like system<p><label id="OnUnix">
<url url="../UNIX-SMB.txt"> describes some of the issues that confront a
SMB implementation on unix, and how Samba copes with them. They may help
people who are looking at unix<->PC interoperability.
There is great variation between Unix implementations, especially those
not adhering to the Common Unix Specification agreed to in 1996. Things
that can be quite tricky are [.....]
There are also some considerable advantages conferred on Samba running
under Unix compared to, say, Windows NT or LAN Server. Unix has [...]
At time of writing, the Makefile claimed support for:
<itemize>
<item> A/UX 3.0
<item> AIX
<item> Altos Series 386/1000
<item> Amiga
<item> Apollo Domain/OS sr10.3
<item> BSDI
<item> B.O.S. (Bull Operating System)
<item> Cray, Unicos 8.0
<item> Convex
<item> DGUX.
<item> DNIX.
<item> FreeBSD
<item> HP-UX
<item> Intergraph.
<item> Linux with/without shadow passwords and quota
<item> LYNX 2.3.0
<item> MachTen (a unix like system for Macintoshes)
<item> Motorola 88xxx/9xx range of machines
<item> NetBSD
<item> NEXTSTEP Release 2.X, 3.0 and greater (including OPENSTEP for Mach).
<item> OS/2 using EMX 0.9b
<item> OSF1
<item> QNX 4.22
<item> RiscIX.
<item> RISCOs 5.0B
<item> SEQUENT.
<item> SCO (including: 3.2v2, European dist., OpenServer 5)
<item> SGI.
<item> SMP_DC.OSx v1.1-94c079 on Pyramid S series
<item> SONY NEWS, NEWS-OS (4.2.x and 6.1.x)
<item> SUNOS 4
<item> SUNOS 5.2, 5.3, and 5.4 (Solaris 2.2, 2.3, and '2.4 and later')
<item> Sunsoft ISC SVR3V4
<item> SVR4
<item> System V with some berkely extensions (Motorola 88k R32V3.2).
<item> ULTRIX.
<item> UNIXWARE
<item> UXP/DS
</itemize>
<sect2>Running Samba on systems unlike Unix<p><label id="OnUnlikeUnix">
More recently Samba has been ported to a number of operating systems
which can provide a BSD Unix-like implementation of TCP/IP sockets.
These include OS/2, Netware, VMS, StratOS, Amiga and MVS. BeOS,
Windows NT and several others are being worked on but not yet available
for use.
Home pages for these ports are:
[... ]
<sect1>Exporting server resources with Samba<p><label id="Exporting">
Files, printers, CD ROMs and other local devices. Network devices,
including networked filesystems and remote printer queues. Other devices
such as [....]
1.4) Configuring SHARES
1.4.1) Homes service
1.4.2) Public services
1.4.3) Application serving
1.4.4) Team sharing a Samba resource
1.5) Printer configuration
1.5.1) Berkeley LPR/LPD systems
1.5.2) ATT SysV lp systems
1.5.3) Using a private printcap file
1.5.4) Use of the smbprint utility
1.5.5) Printing from Windows to Unix
1.5.6) Printing from Unix to Windows
<sect1>Name Resolution and Browsing<p><label id="NameBrowsing">
See also <url url="../BROWSING.txt">
1.6) Name resolution issues
1.6.1) LMHOSTS file and when to use it
1.6.2) configuring WINS (support, server, proxy)
1.6.3) configuring DNS proxy
1.7) Problem Diagnosis
1.8) What NOT to do!!!!
3.2) Browse list managment
3.3) Name resolution mangement
<sect1>Handling SMB Encryption<p><label id="SMBEncryptionSteps">
SMB encryption is ...
...in <url url="../ENCRYPTION.txt"> there is...
Samba compiled with libdes - enabling encrypted passwords
<sect2>Laws in different countries affecting Samba<p><label id="CryptoLaws">
<sect2>Relationship between encryption and Domain Authentication<p>
<sect1> Files and record locking
3.1.1) Old DOS clients
3.1.2) Opportunistic locking and the consequences
3.1.3) Files caching under Windows for Workgroups, Win95 and NT
Some of the foregoing links into Client-FAQ
<sect1>Managing Samba Log files<p><label id="LogFiles">
<sect1>I can't see the Samba server in any browse lists!<p><label id="no_browse">
See <url url="ftp://samba.org/pub/samba/BROWSING.txt" name="BROWSING.txt">
for more information on browsing. Browsing.txt can also be found
in the docs directory of the Samba source.
If your GUI client does not permit you to select non-browsable
servers, you may need to do so on the command line. For example, under
Lan Manager you might connect to the above service as disk drive M:
thusly:
<tscreen><verb>
net use M: \\mary\fred
</verb></tscreen>
The details of how to do this and the specific syntax varies from
client to client - check your client's documentation.
<sect1>Some files that I KNOW are on the server doesn't show up when I view the files from my client! <p> <label id="missing_files">
See the next question.
<sect1>Some files on the server show up with really wierd filenames when I view the files from my client! <p> <label id="strange_filenames">
If you check what files are not showing up, you will note that they
are files which contain upper case letters or which are otherwise not
DOS-compatible (ie, they are not legal DOS filenames for some reason).
The Samba server can be configured either to ignore such files
completely, or to present them to the client in "mangled" form. If you
are not seeing the files at all, the Samba server has most likely been
configured to ignore them. Consult the man page smb.conf(5) for
details of how to change this - the parameter you need to set is
"mangled names = yes".
<sect1>My client reports "cannot locate specified computer" or similar<p><label id="cant_see_server">
This indicates one of three things: You supplied an incorrect server
name, the underlying TCP/IP layer is not working correctly, or the
name you specified cannot be resolved.
After carefully checking that the name you typed is the name you
should have typed, try doing things like pinging a host or telnetting
to somewhere on your network to see if TCP/IP is functioning OK. If it
is, the problem is most likely name resolution.
If your client has a facility to do so, hardcode a mapping between the
hosts IP and the name you want to use. For example, with Lan Manager
or Windows for Workgroups you would put a suitable entry in the file
LMHOSTS. If this works, the problem is in the communication between
your client and the netbios name server. If it does not work, then
there is something fundamental wrong with your naming and the solution
is beyond the scope of this document.
If you do not have any server on your subnet supplying netbios name
resolution, hardcoded mappings are your only option. If you DO have a
netbios name server running (such as the Samba suite's nmbd program),
the problem probably lies in the way it is set up. Refer to Section
Two of this FAQ for more ideas.
By the way, remember to REMOVE the hardcoded mapping before further
tests :-)
<sect1>My client reports "cannot locate specified share name" or similar<p> <label id="cant_see_share">
This message indicates that your client CAN locate the specified
server, which is a good start, but that it cannot find a service of
the name you gave.
The first step is to check the exact name of the service you are
trying to connect to (consult your system administrator). Assuming it
exists and you specified it correctly (read your client's docs on how
to specify a service name correctly), read on:
<itemize>
<item> Many clients cannot accept or use service names longer than eight characters.
<item> Many clients cannot accept or use service names containing spaces.
<item> Some servers (not Samba though) are case sensitive with service names.
<item> Some clients force service names into upper case.
</itemize>
<sect1>Printing doesn't work :-(<p> <label id="no_printing">
Make sure that the specified print command for the service you are
connecting to is correct and that it has a fully-qualified path (eg.,
use "/usr/bin/lpr" rather than just "lpr", if you happen to be using
Unix).
Make sure that the spool directory specified for the service is
writable by the user connected to the service.
Make sure that the user specified in the service is permitted to use
the printer.
Check the debug log produced by smbd. Search for the printer name and
see if the log turns up any clues. Note that error messages to do with
a service ipc$ are meaningless - they relate to the way the client
attempts to retrieve status information when using the LANMAN1
protocol.
If using WfWg then you need to set the default protocol to TCP/IP, not
Netbeui. This is a WfWg bug.
If using the Lanman1 protocol (the default) then try switching to
coreplus. Also not that print status error messages don't mean
printing won't work. The print status is received by a different
mechanism.
<sect1>My client reports "This server is not configured to list shared resources" <p> <label id="cant_list_shares">
Your guest account is probably invalid for some reason. Samba uses the
guest account for browsing in smbd. Check that your guest account is
valid.
See also 'guest account' in smb.conf man page.
<sect1>Issues specific to Unix and Unix-like systems<p><label id="UnixIssues">
<sect2>Printing doesn't work with my Unix Samba server<p> <label id="no_printing">
The user "nobody" often has problems with printing, even if it worked
with an earlier version of Samba. Try creating another guest user other
than "nobody".
<sect2>Log message "you appear to have a trapdoor uid system" <p><label id="trapdoor_uid">
This can have several causes. It might be because you are using a uid
or gid of 65535 or -1. This is a VERY bad idea, and is a big security
hole. Check carefully in your /etc/passwd file and make sure that no
user has uid 65535 or -1. Especially check the "nobody" user, as many
broken systems are shipped with nobody setup with a uid of 65535.
It might also mean that your OS has a trapdoor uid/gid system :-)
This means that once a process changes effective uid from root to
another user it can't go back to root. Unfortunately Samba relies on
being able to change effective uid from root to non-root and back
again to implement its security policy. If your OS has a trapdoor uid
system this won't work, and several things in Samba may break. Less
things will break if you use user or server level security instead of
the default share level security, but you may still strike
problems.
The problems don't give rise to any security holes, so don't panic,
but it does mean some of Samba's capabilities will be unavailable.
In particular you will not be able to connect to the Samba server as
two different uids at once. This may happen if you try to print as a
"guest" while accessing a share as a normal user. It may also affect
your ability to list the available shares as this is normally done as
the guest user.
Complain to your OS vendor and ask them to fix their system.
Note: the reason why 65535 is a VERY bad choice of uid and gid is that
it casts to -1 as a uid, and the setreuid() system call ignores (with
no error) uid changes to -1. This means any daemon attempting to run
as uid 65535 will actually run as root. This is not good!
</article>

160
docs/faq/Samba-meta-FAQ-1.html
View File

@ -1,160 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba meta FAQ: Quick Reference Guides to Samba Documentation</TITLE>
</HEAD>
<BODY>
Previous
<A HREF="Samba-meta-FAQ-2.html">Next</A>
<A HREF="Samba-meta-FAQ.html#toc1">Table of Contents</A>
<HR>
<H2><A NAME="s1">1. Quick Reference Guides to Samba Documentation</A></H2>
<P>
<A NAME="quickref"></A>
</P>
<P>We are endeavouring to provide links here to every major class of
information about Samba or things related to Samba. We cannot list every
document, but we are aiming for all documents to be at most two
referrals from those listed here. This needs constant maintaining, so
please send the author your feedback.</P>
<H2><A NAME="ss1.1">1.1 Samba for the Impatient</A></H2>
<P>
<A NAME="impatient"></A>
</P>
<P>You know you should read the documentation but can't wait to start? What
you need to do then is follow the instructions in the following
documents in the order given. This should be enough to get a fairly
simple site going quickly. If you have any problems, refer back to this
meta-FAQ and follow the links to find more reading material.</P>
<P>
<DL>
<P>
<A NAME="ImpGet"></A>
</P>
<DT><B>Getting Samba:</B><DD><P>The fastest way to get Samba
going is and install it is to have an operating system for which the
Samba team has put together an installation package. To see if your OS
is included have a look at the directory
/pub/samba/Binary_Packages/"OS_Vendor" on your nearest
<A HREF="../MIRRORS">mirror site</A>. If it is included follow the
installation instructions in the README file there and then do some
<A HREF="#ImpTest">basic testing</A>. If you are not so fortunate, follow the normal
<A HREF="Samba-meta-FAQ-2.html#WhereFrom">download instructions</A> and then continue with
<A HREF="#ImpInst">building and installing Samba</A>.</P>
<P>
<A NAME="ImpInst"></A>
</P>
<DT><B>Building and Installing Samba:</B><DD><P>At the moment
there are two kinds of Samba server installs besides the prepackaged
binaries mentioned in the previous step. You need to decide if you have a
<A HREF="../UNIX_INSTALL.txt">Unix or close relative</A> or
<A HREF="Samba-Server-FAQ.html#PortInfo">other supported operating system</A>.</P>
<P>
<A NAME="ImpTest"></A>
</P>
<DT><B>Basic Testing:</B><DD><P>Try to connect using the
supplied smbclient command-line program. You need to know the IP
hostname of your server. A service name must be defined in smb.conf, as
given in the examples (under many operating systems if there is a
<F>homes</F> service you can just use a valid username.) Then type
<CODE>smbclient \\hostname\servicename</CODE>
Under most Unixes you will need to put the parameters within quotation
marks. If this works, try connecting from one of the SMB clients you
were planning to use with Samba.</P>
<P>
<A NAME="ImpDebug"></A>
</P>
<DT><B>Debug sequence:</B><DD><P>If you think you have completed the
previous step and things aren't working properly work through
<A HREF="../DIAGNOSIS.txt">the diagnosis recipe.</A></P>
<P>
<A NAME="ImpExp"></A>
</P>
<DT><B>Exporting files to SMB clients:</B><DD><P>You should read the manual pages
for smb.conf, but here is a
<A HREF="Samba-Server-FAQ.html#Exporting">quick answer guide.</A></P>
<P>
<A NAME="ImpControl"></A>
</P>
<DT><B>Controlling user access:</B><DD><P>the quickest and dirtiest way of sharing
resources is to use
<A HREF="Samba-meta-FAQ-4.html#ShareModeSecurity">share level security.</A> If you want to spend more time and have a proper username
and password database you must read the paragraph on
<A HREF="Samba-meta-FAQ-4.html#DomainModeSecurity">domain mode security.</A> If you want
encryption (eg you are using Windows NT clients) follow the
<A HREF="Samba-Server-FAQ.html#SMBEncryptionSteps">SMB encryption instructions.</A></P>
<P>
<A NAME="ImpBrowse"></A>
</P>
<DT><B>Browsing:</B><DD><P>if you are happy to type in "\\samba-server\sharename"
at the client end then do not read any further. Otherwise you need to
understand the
browsing terminology</A>
and read
<A HREF="Samba-Server-FAQ.html#NameBrowsing">Samba-Server-FAQ.html#NameBrowsing</A>. </P>
<P>
<A NAME="ImpPrint"></A>
</P>
<DT><B>Printing:</B><DD><P>See the
<A HREF="Samba-Server-FAQ.html#Printing">printing quick answer guide.</A></P>
</DL>
</P>
<P>If you have got everything working to this point, you can expect Samba
to be stable and secure: these are its greatest strengths. However Samba
has a great deal to offer and to go further you must do some more
reading. Speed and security optimisations, printer accounting, network
logons, roving profiles, browsing across multiple subnets and so on are
all covered either in this document or in those it refers to.</P>
<H2><A NAME="ss1.2">1.2 All Samba Documentation</A></H2>
<P>
<A NAME="AllDocs"></A>
</P>
<P>
<UL>
<LI> Meta-FAQ. This is the mother of all documents, and is the one you
are reading now. The latest version is always at
<A HREF="http://samba.org/[.....]">http://samba.org/[.....]</A> but there is probably a much
nearer
<A HREF="../MIRRORS">mirror site</A> which you should use
instead.
</LI>
<LI>
<A HREF="Samba-Server-FAQ.html">Samba-Server-FAQ.html</A> is the best starting point for
information about server-side issues. Includes configuration tips and
pointers for Samba on particular operating systems (with 40 to choose
from...)
</LI>
<LI>
<A HREF="Samba-Client-FAQ.html">Samba-Client-FAQ.html</A> is the best starting point for
information about client-side issues, includes a list of all clients
that are known to work with Samba.
</LI>
<LI>
<A HREF="samba-man-index.html">manual pages</A> contains
descriptions of and links to all the Samba manual pages, in Unix man and
postscript format.
</LI>
<LI>
<A HREF="samba-txt-index.html">samba-txt-index.html</A> has descriptions of and links to
a large number of text files have been contributed to samba covering
many topics. These are gradually being absorbed into the FAQs and HOWTOs
but in the meantime you might find helpful answers here.
</LI>
<LI>
</LI>
</UL>
</P>
<HR>
Previous
<A HREF="Samba-meta-FAQ-2.html">Next</A>
<A HREF="Samba-meta-FAQ.html#toc1">Table of Contents</A>
</BODY>
</HTML>

384
docs/faq/Samba-meta-FAQ-2.html
View File

@ -1,384 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba meta FAQ: General Information</TITLE>
</HEAD>
<BODY>
<A HREF="Samba-meta-FAQ-1.html">Previous</A>
<A HREF="Samba-meta-FAQ-3.html">Next</A>
<A HREF="Samba-meta-FAQ.html#toc2">Table of Contents</A>
<HR>
<H2><A NAME="s2">2. General Information</A></H2>
<P>
<A NAME="general_info"></A>
</P>
<P>All about Samba - what it is, how to get it, related sources of
information, how to understand the numbering scheme, pizza
details.</P>
<H2><A NAME="ss2.1">2.1 What is Samba?</A></H2>
<P>
<A NAME="introduction"></A>
</P>
<P>Samba is a suite of programs which work together to allow clients to
access to a server's filespace and printers via the SMB (Server Message
Block) and CIFS (Common Internet Filesystem) protocols. Initially
written for Unix, Samba now also runs on Netware, OS/2, VMS, StratOS and
Amigas. Ports to BeOS and other operating systems are underway. Samba
gives the capability for these operating systems to behave much like a
LAN Server, Windows NT Server or Pathworks machine, only with added
functionality and flexibility designed to make life easier for
administrators. </P>
<P>This means that using Samba you can share a server's disks and printers
to many sorts of network clients, including Lan Manager, Windows for
Workgroups, Windows NT, Linux, OS/2, and AIX. There is also a generic
client program supplied as part of the Samba suite which gives a user on
the server an ftp-like interface to access filespace and printers on any
other SMB/CIFS servers.</P>
<P>SMB has been implemented over many protocols, including XNS, NBT, IPX,
NetBEUI and TCP/IP. Samba only uses TCP/IP. This is not likely to change
although there have been some requests for NetBEUI support.</P>
<P>Many users report that compared to other SMB implementations Samba is
more stable, faster, and compatible with more clients. Administrators of
some large installations say that Samba is the only SMB server available
which will scale to many tens of thousands of users without crashing.
The easy way to test these claims is to download it and try it for
yourself!</P>
<P>The suite is supplied with full source code under the
<A HREF="../COPYING">GNU Public License</A>. The GPL means that you can
use Samba for whatever purpose you wish (including changing the source
or selling it for money) but under all circumstances the source code
must be made freely available. A copy of the GPL must always be included
in any copy of the package.</P>
<P>The primary creator of the Samba suite is Andrew Tridgell. Later
versions incorporate much effort by many net.helpers. The man pages
and this FAQ were originally written by Karl Auer.</P>
<H2><A NAME="ss2.2">2.2 What is the current version of Samba?</A></H2>
<P>
<A NAME="current_version"></A>
</P>
<P>At time of writing, the current version was 1.9.17. If you want to be
sure check the bottom of the change-log file.
<A HREF="ftp://samba.org/pub/samba/alpha/change-log">ftp://samba.org/pub/samba/alpha/change-log</A></P>
<P>For more information see
<A HREF="#version_nums">What do the version numbers mean?</A></P>
<H2><A NAME="ss2.3">2.3 Where can I get it? </A></H2>
<P>
<A NAME="WhereFrom"></A>
</P>
<P>The Samba suite is available via anonymous ftp from samba.org and
many
<A HREF="../MIRRORS">mirror</A> sites. You will get much
faster performance if you use a mirror site. The latest and greatest
versions of the suite are in the directory:</P>
<P>/pub/samba/</P>
<P>Development (read "alpha") versions, which are NOT necessarily stable
and which do NOT necessarily have accurate documentation, are available
in the directory:</P>
<P>/pub/samba/alpha</P>
<P>Note that binaries are NOT included in any of the above. Samba is
distributed ONLY in source form, though binaries may be available from
other sites. Most Linux distributions, for example, do contain Samba
binaries for that platform. The VMS, OS/2, Netware and Amiga and other
ports typically have binaries made available.</P>
<P>A special case is vendor-provided binary packages. Samba binaries and
default configuration files are put into packages for a specific
operating system. RedHat Linux and Sun Solaris (Sparc and x86) is
already included, and others such as OS/2 may follow. All packages are
in the directory:</P>
<P>/pub/samba/Binary_Packages/"OS_Vendor"</P>
<H2><A NAME="ss2.4">2.4 What do the version numbers mean?</A></H2>
<P>
<A NAME="version_nums"></A>
</P>
<P>It is not recommended that you run a version of Samba with the word
"alpha" in its name unless you know what you are doing and are willing
to do some debugging. Many, many people just get the latest
recommended stable release version and are happy. If you are brave, by
all means take the plunge and help with the testing and development -
but don't install it on your departmental server. Samba is typically
very stable and safe, and this is mostly due to the policy of many
public releases.</P>
<P>How the scheme works:</P>
<P>
<OL>
<LI>When major changes are made the version number is increased. For
example, the transition from 1.9.16 to 1.9.17. However, this version
number will not appear immediately and people should continue to use
1.9.15 for production systems (see next point.)
</LI>
<LI>Just after major changes are made the software is considered
unstable, and a series of alpha releases are distributed, for example
1.9.16alpha1. These are for testing by those who know what they are
doing. The "alpha" in the filename will hopefully scare off those who
are just looking for the latest version to install.
</LI>
<LI>When Andrew thinks that the alphas have stabilised to the point
where he would recommend new users install it, he renames it to the
same version number without the alpha, for example 1.9.17.
</LI>
<LI>Inevitably bugs are found in the "stable" releases and minor patch
levels are released which give us the pXX series, for example 1.9.17p2.
</LI>
</OL>
</P>
<P>So the progression goes:</P>
<P>
<PRE>
1.9.16p10 (production)
1.9.16p11 (production)
1.9.17alpha1 (test sites only)
:
1.9.17alpha20 (test sites only)
1.9.17 (production)
1.9.17p1 (production)
</PRE>
</P>
<P>The above system means that whenever someone looks at the samba ftp
site they will be able to grab the highest numbered release without an
alpha in the name and be sure of getting the current recommended
version.</P>
<H2><A NAME="ss2.5">2.5 Where can I go for further information?</A></H2>
<P>
<A NAME="more"></A>
</P>
<P>There are a number of places to look for more information on Samba,
including:</P>
<P>
<UL>
<LI>Two mailing lists devoted to discussion of Samba-related matters.
See below for subscription information.
</LI>
<LI>The newsgroup comp.protocols.smb, which has a great deal of
discussion about Samba.
</LI>
<LI>The WWW site 'SAMBA Web Pages' at
<A HREF="http://samba.org/samba/">http://samba.org/samba/</A> includes:
<UL>
<LI>Links to man pages and documentation, including this FAQ</LI>
<LI>A comprehensive survey of Samba users</LI>
<LI>A searchable hypertext archive of the Samba mailing list</LI>
<LI>Links to Samba source code, binaries, and mirrors of both</LI>
<LI>This FAQ and the rest in its family</LI>
</UL>
</LI>
</UL>
</P>
<H2><A NAME="ss2.6">2.6 How do I subscribe to the Samba Mailing Lists?</A></H2>
<P>
<A NAME="mailinglist"></A>
</P>
<P>Send email to
<A HREF="mailto:listproc@samba.org">listproc@samba.org</A>. Make sure the subject line is blank,
and include the following two lines in the body of the message:</P>
<P>
<BLOCKQUOTE><CODE>
<PRE>
subscribe samba Firstname Lastname
subscribe samba-announce Firstname Lastname
</PRE>
</CODE></BLOCKQUOTE>
</P>
<P>Obviously you should substitute YOUR first name for "Firstname" and
YOUR last name for "Lastname"! Try not to send any signature, it
sometimes confuses the list processor.</P>
<P>The samba list is a digest list - every eight hours or so it sends a
single message containing all the messages that have been received by
the list since the last time and sends a copy of this message to all
subscribers. There are thousands of people on this list.</P>
<P>If you stop being interested in Samba, please send another email to
<A HREF="mailto:listproc@samba.org">listproc@samba.org</A>. Make sure the subject line is blank, and
include the following two lines in the body of the message:</P>
<P>
<BLOCKQUOTE><CODE>
<PRE>
unsubscribe samba
unsubscribe samba-announce
</PRE>
</CODE></BLOCKQUOTE>
</P>
<P>The <B>From:</B> line in your message <EM>MUST</EM> be the same
address you used when you subscribed.</P>
<H2><A NAME="ss2.7">2.7 Something's gone wrong - what should I do?</A></H2>
<P>
<A NAME="wrong"></A>
</P>
<P><B><F>#</F> *** IMPORTANT! *** <F>#</F></B></P>
<P>DO NOT post messages on mailing lists or in newsgroups until you have
carried out the first three steps given here!</P>
<P>
<OL>
<LI> See if there are any likely looking entries in this FAQ!
If you have just installed Samba, have you run through the checklist in
<A HREF="ftp://samba.org/pub/samba/DIAGNOSIS.txt">DIAGNOSIS.txt</A>? It can save you a lot of time and effort.
DIAGNOSIS.txt can also be found in the docs directory of the Samba
distribution.
</LI>
<LI> Read the man pages for smbd, nmbd and smb.conf, looking for
topics that relate to what you are trying to do.
</LI>
<LI> If there is no obvious solution to hand, try to get a look at
the log files for smbd and/or nmbd for the period during which you
were having problems. You may need to reconfigure the servers to
provide more extensive debugging information - usually level 2 or
level 3 provide ample debugging info. Inspect these logs closely,
looking particularly for the string "Error:".
</LI>
<LI> If you need urgent help and are willing to pay for it see
<A HREF="#PaidSupport">Paid Support</A>.
</LI>
</OL>
</P>
<P>If you still haven't got anywhere, ask the mailing list or newsgroup. In
general nobody minds answering questions provided you have followed the
preceding steps. It might be a good idea to scan the archives of the
mailing list, which are available through the Samba web site described
in the previous section. When you post be sure to include a good
description of your environment and your problem.</P>
<P>If you successfully solve a problem, please mail the FAQ maintainer a
succinct description of the symptom, the problem and the solution, so
that an explanation can be incorporated into the next version.</P>
<H2><A NAME="ss2.8">2.8 How do I submit patches or bug reports?</A></H2>
<P>If you make changes to the source code, <EM>please</EM> submit these patches
so that everyone else gets the benefit of your work. This is one of
the most important aspects to the maintainence of Samba. Send all
patches to
<A HREF="mailto:samba@samba.org">samba@samba.org</A>. Do not send patches to Andrew Tridgell or any
other individual, they may be lost if you do.</P>
<P>Patch format
------------</P>
<P>If you are sending a patch to fix a problem then please don't just use
standard diff format. As an example, samba@samba.org received this patch from
someone:</P>
<P>382a
#endif
..
381a
#if !defined(NEWS61)</P>
<P>How are we supposed to work out what this does and where it goes? These
sort of patches only work if we both have identical files in the first
place. The Samba sources are constantly changing at the hands of multiple
developers, so it doesn't work.</P>
<P>Please use either context diffs or (even better) unified diffs. You
get these using "diff -c4" or "diff -u". If you don't have a diff that
can generate these then please send manualy commented patches to I
know what is being changed and where. Most patches are applied by hand so
the info must be clear.</P>
<P>This is a basic guideline that will assist us with assessing your problem
more efficiently :</P>
<P>Machine Arch:
Machine OS:
OS Version:
Kernel:</P>
<P>Compiler:
Libc Version:</P>
<P>Samba Version:</P>
<P>Network Layout (description):</P>
<P>What else is on machine (services, etc):</P>
<P>Some extras :</P>
<P>
<UL>
<LI> what you did and what happened
</LI>
<LI> relevant parts of a debugging output file with debuglevel higher.
If you can't find the relevant parts, please ask before mailing
huge files.
</LI>
<LI> anything else you think is useful to trace down the bug
</LI>
</UL>
</P>
<H2><A NAME="ss2.9">2.9 What if I have an URGENT message for the developers?</A></H2>
<P>If you have spotted something very serious and believe that it is
important to contact the developers quickly send a message to
samba-urgent@samba.org. This will be processed more quickly than
mail to samba@samba.org. Please think carefully before using this address. An
example of its use might be to report a security hole.</P>
<P>Examples of things <EM>not</EM> to send to samba-urgent include problems
getting Samba to work at all and bugs that cannot potentially cause damage.</P>
<H2><A NAME="ss2.10">2.10 What if I need paid-for support?</A></H2>
<P>
<A NAME="PaidSupport"></A>
</P>
<P>Samba has a large network of consultants who provide Samba support on a
commercial basis. The list is included in the package in
<A HREF="../Support.txt">../Support.txt</A>, and the latest version will always be on the main
samba ftp site. Any company in the world can request that the samba team
include their details in Support.txt so we can give no guarantee of
their services.</P>
<H2><A NAME="ss2.11">2.11 Pizza supply details</A></H2>
<P>
<A NAME="pizza"></A>
Those who have registered in the Samba survey as "Pizza Factory" will
already know this, but the rest may need some help. Andrew doesn't ask
for payment, but he does appreciate it when people give him
pizza. This calls for a little organisation when the pizza donor is
twenty thousand kilometres away, but it has been done.</P>
<P>
<OL>
<LI> Ring up your local branch of an international pizza chain
and see if they honour their vouchers internationally. Pizza Hut do,
which is how the entire Canberra Linux Users Group got to eat pizza
one night, courtesy of someone in the US.
</LI>
<LI>Ring up a local pizza shop in Canberra and quote a credit
card number for a certain amount, and tell them that Andrew will be
collecting it (don't forget to tell him.) One kind soul from Germany
did this.
</LI>
<LI>Purchase a pizza voucher from your local pizza shop that has
no international affiliations and send it to Andrew. It is completely
useless but he can hang it on the wall next to the one he already has
from Germany :-)
</LI>
<LI>Air freight him a pizza with your favourite regional
flavours. It will probably get stuck in customs or torn apart by
hungry sniffer dogs but it will have been a noble gesture.
</LI>
</OL>
</P>
<HR>
<A HREF="Samba-meta-FAQ-1.html">Previous</A>
<A HREF="Samba-meta-FAQ-3.html">Next</A>
<A HREF="Samba-meta-FAQ.html#toc2">Table of Contents</A>
</BODY>
</HTML>

101
docs/faq/Samba-meta-FAQ-3.html
View File

@ -1,101 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba meta FAQ: About the CIFS and SMB Protocols</TITLE>
</HEAD>
<BODY>
<A HREF="Samba-meta-FAQ-2.html">Previous</A>
<A HREF="Samba-meta-FAQ-4.html">Next</A>
<A HREF="Samba-meta-FAQ.html#toc3">Table of Contents</A>
<HR>
<H2><A NAME="s3">3. About the CIFS and SMB Protocols</A></H2>
<P>
<A NAME="CifsSmb"></A>
</P>
<H2><A NAME="ss3.1">3.1 What is the Server Message Block (SMB) Protocol?</A></H2>
<P>SMB is a filesharing protocol that has had several maintainers and
contributors over the years including Xerox, 3Com and most recently
Microsoft. Names for this protocol include LAN Manager and Microsoft
Networking. Parts of the specification has been made public at several
versions including in an X/Open document, as listed at
<A HREF="ftp://ftp.microsoft.com/developr/drg/CIFS/">ftp://ftp.microsoft.com/developr/drg/CIFS/</A>. No specification
releases were made between 1992 and 1996, and during that period
Microsoft became the SMB implementor with the largest market share.
Microsoft developed the specification further for its products but for
various reasons connected with developer's workload rather than market
strategy did not make the changes public. This culminated with the
"Windows NT 0.12" version released with NT 3.5 in 1995 which had significant
improvements and bugs. Because Microsoft client systems are so popular,
it is fair to say that what Microsoft with Windows affects all suppliers
of SMB server products.</P>
<P>From 1994 Andrew Tridgell began doing some serious work on his
Smbserver (now Samba) product and with some helpers started to
implement more and more of these protocols. Samba began to take
a significant share of the SMB server market.</P>
<H2><A NAME="ss3.2">3.2 What is the Common Internet Filesystem (CIFS)?</A></H2>
<P>The initial pressure for Microsoft to document their current SMB
implementation came from the Samba team, who kept coming across things
on the wire that Microsoft either didn't know about or hadn't documented
anywhere (even in the sourcecode to Windows NT.) Then Sun Microsystems
came out with their WebNFS initiative, designed to replace FTP for file
transfers on the Internet. There are many drawbacks to WebNFS (including
its scope - it aims to replace HTTP as well!) but the concept was
attractive. FTP is not very clever, and why should it be harder to get
files from across the world than across the room? </P>
<P>Some hasty revisions were made and an Internet Draft for the Common
Internet Filesystem (CIFS) was released. Note that CIFS is not an
Internet standard and is a very long way from becoming one, BUT the
protocol specification is in the public domain and ongoing discussions
concerning the spec take place on a public mailing list according to the
rules of the Internet Engineering Task Force. For more information and
pointers see
<A HREF="http://samba.org/cifs/">http://samba.org/cifs/</A></P>
<P>The following is taken from
<A HREF="http://www.microsoft.com/intdev/cifs/">http://www.microsoft.com/intdev/cifs/</A></P>
<P>
<PRE>
CIFS defines a standard remote file system access protocol for use
over the Internet, enabling groups of users to work together and
share documents across the Internet or within their corporate
intranets. CIFS is an open, cross-platform technology based on the
native file-sharing protocols built into Microsoft® Windows® and
other popular PC operating systems, and supported on dozens of
other platforms, including UNIX®. With CIFS, millions of computer
users can open and share remote files on the Internet without having
to install new software or change the way they work.&quot;
</PRE>
</P>
<P>If you consider CIFS as a backwardsly-compatible refinement of SMB that
will work reasonably efficiently over the Internet you won't be too far
wrong.</P>
<P>The net effect is that Microsoft is now documenting large parts of their
Windows NT fileserver protocols. The security concepts embodied in
Windows NT are part of the specification, which is why Samba
documentation often talks in terms of Windows NT. However there is no
reason why a site shouldn't conduct all its file and printer sharing
with CIFS and yet have no Microsoft products at all.</P>
<H2><A NAME="ss3.3">3.3 What is Browsing? </A></H2>
<P>The term "Browsing" causes a lot of confusion. It is the part of the
SMB/CIFS protocol which allows for resource discovery. For example, in
the Windows NT Explorer it is possible to see a "Network Neighbourhood"
of computers in the same SMB workgroup. Clicking on the name of one of
these machines brings up a list of file and printer resources for
connecting to. In this way you can cruise the network, seeing what
things are available. How this scales to the Internet is a subject for
debate. Look at the CIFS list archives to see what the experts think.</P>
<HR>
<A HREF="Samba-meta-FAQ-2.html">Previous</A>
<A HREF="Samba-meta-FAQ-4.html">Next</A>
<A HREF="Samba-meta-FAQ.html#toc3">Table of Contents</A>
</BODY>
</HTML>

215
docs/faq/Samba-meta-FAQ-4.html
View File

@ -1,215 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba meta FAQ: Designing A SMB and CIFS Network</TITLE>
</HEAD>
<BODY>
<A HREF="Samba-meta-FAQ-3.html">Previous</A>
<A HREF="Samba-meta-FAQ-5.html">Next</A>
<A HREF="Samba-meta-FAQ.html#toc4">Table of Contents</A>
<HR>
<H2><A NAME="s4">4. Designing A SMB and CIFS Network</A></H2>
<P>The big issues for installing any network of LAN or WAN file and print
servers are </P>
<P>
<UL>
<LI>How and where usernames, passwords and other security information
is stored
</LI>
<LI>What method can be used for locating the resources that users have
permission to use
</LI>
<LI>What protocols the clients can converse with
</LI>
</UL>
</P>
<P>If you buy Netware, Windows NT or just about any other LAN fileserver
product you are expected to lock yourself into the product's preferred
answers to these questions. This tendancy is restrictive and often very
expensive for a site where there is only one kind of client or server,
and for sites with a mixture of operating systems it often makes it
impossible to share resources between some sets of users.</P>
<P>The Samba philosophy is to make things as easy as possible for
administators, which means allowing as many combinations of clients,
servers, operating systems and protocols as possible.</P>
<H2><A NAME="ss4.1">4.1 Workgroups, Domains, Authentication and Browsing</A></H2>
<P>From the point of view of networking implementation, Domains and
Workgroups are <EM>exactly</EM> the same, except for the client logon
sequence. Some kind of distributed authentication database is associated
with a domain (there are quite a few choices) and this adds so much
flexibility that many people think of a domain as a completely different
entity to a workgroup. From Samba's point of view a client connecting to
a service presents an authentication token, and it if it is valid they
have access. Samba does not care what mechanism was used to generate
that token in the first place.</P>
<P>The SMB client logging on to a domain has an expectation that every other
server in the domain should accept the same authentication information.
However the network browsing functionality of domains and workgroups is
identical and is explained in
<A HREF="../BROWSING.txt">../BROWSING.txt</A>.</P>
<P>There are some implementation differences: Windows 95 can be a member of
both a workgroup and a domain, but Windows NT cannot. Windows 95 also
has the concept of an "alternative workgroup". Samba can only be a
member of a single workgroup or domain, although this is due to change
with a future version when nmbd will be split into two daemons, one for
WINS and the other for browsing (
<A HREF="../NetBIOS.txt">../NetBIOS.txt</A> explains
what WINS is.)</P>
<H3>Defining the Terms</H3>
<P>
<A NAME="BrowseAndDomainDefs"></A>
</P>
<P>
<DL>
<DT><B>Workgroup</B><DD><P>means a collection of machines that maintain a common
browsing database containing information about their shared resources.
They do not necessarily have any security information in common (if they
do, it gets called a Domain.) The browsing database is dynamic, modified
as servers come and go on the network and as resources are added or
deleted. The term "browsing" refers to a user accessing the database via
whatever interface the client provides, eg the OS/2 Workplace Shell or
Windows 95 Explorer. SMB servers agree between themselves as to which
ones will maintain the browsing database. Workgroups can be anywhere on
a connected TCP/IP network, including on different subnets or even on
the Interet. This is a very tricky part of SMB to implement.</P>
<DT><B>Master Browsers</B><DD><P>are machines which holds the master browsing
database for a workgroup or domain. There are two kinds of Master Browser:</P>
<P>
<UL>
<LI> Domain Master Browser, which holds the master browsing
information for an entire domain, which may well cross multiple TCP/IP
subnets.
</LI>
<LI> Local Master Browser, which holds the master browsing database
for a particular subnet and communicates with the Domain Master Browser
to get information on other subnets.
</LI>
</UL>
</P>
<P>Subnets are differentiated because browsing is based on broadcasts, and
broadcasts do not pass through routers. Subnets are not routed: while it
is possible to have more than one subnet on a single network segment
this is regarded as very bad practice.</P>
<P>Master Browsers (both Domain and Local) are elected dynamically
according to an algorithm which is supposed to take into account the
machine's ability to sustain the browsing load. Samba can be configured
to always act as a master browser, ie it always wins elections under all
circumstances, even against systems such as a Windows NT Primary Domain
Controller which themselves expect to win. </P>
<P>There are also Backup Browsers which are promoted to Master Browsers in
the event of a Master Browser disappearing from the network.</P>
<P>Alternative terms include confusing variations such as "Browse Master",
and "Master Browser" which we are trying to eliminate from the Samba
documentation. </P>
<DT><B>Domain Controller</B><DD><P>is a term which comes from the Microsoft and IBM
etc implementation of the LAN Manager protocols. It is tied to
authentication. There are other ways of doing domain authentication, but
the Windows NT method has a large market share. The general issues are
discussed in
<A HREF="../DOMAIN.txt">../DOMAIN.txt</A> and a Windows NT-specific
discussion is in
<A HREF="../DOMAIN_CONTROL.txt">../DOMAIN_CONTROL.txt</A>.</P>
</DL>
</P>
<H3>Sharelevel (Workgroup) Security Services</H3>
<P>
<A NAME="ShareModeSecurity"></A>
</P>
<P>With the Samba setting "security = SHARE", all shared resources
information about what password is associated with them but only hints
as to what usernames might be valid (the hint can be 'all users', in
which case any username will work. This is usually a bad idea, but
reflects both the initial implementations of SMB in the mid-80s and
its reincarnation with Windows for Workgroups in 1992. The idea behind
workgroup security was that small independant groups of people could
share information on an ad-hoc basis without there being an
authentication infrastructure present or requiring them to do more than
fill in a dialogue box.</P>
<H3>Authentication Domain Mode Services</H3>
<P>
<A NAME="DomainModeSecurity"></A>
</P>
<P>With the Samba settings "security = USER" or "security = SERVER"
accesses to all resources are checked for username/password pair matches
in a more rigorous manner. To the client, this has the effect of
emulating a Microsoft Domain. The client is not concerned whether or not
Samba looks up a Windows NT SAM or does it in some other way.</P>
<H2><A NAME="ss4.2">4.2 Authentication Schemes</A></H2>
<P>In the simple case authentication information is stored on a single
server and the user types a password on connecting for the first time.
However client operating systems often require a password before they
can be used at all, and in addition users usually want access to more
than one server. Asking users to remember many different passwords in
different contexts just does not work. Some kind of distributed
authentication database is needed. It must cope with password changes
and provide for assigning groups of users the same level of access
permissions. This is why Samba installations often choose to implement a
Domain model straight away.</P>
<P>Authentication decisions are some of the biggest in designing a network.
Are you going to use a scheme native to the client operating system,
native to the server operating system, or newly installed on both? A
list of options relevant to Samba (ie that make sense in the context of
the SMB protocol) follows. Any experiences with other setups would be
appreciated. <F>refer to server FAQ for "passwd chat" passwd program
password server etc etc...</F></P>
<H3>NIS</H3>
<P>For Windows 95, Windows for Workgroups and most other clients Samba can
be a domain controller and share the password database via NIS
transparently. Windows NT is different.
<A HREF="http://www.dcs.qmw.ac.uk/~williams">Free NIS NT client</A></P>
<H3>Kerberos</H3>
<P>Kerberos for US users only:
<A HREF="http://www.cygnus.com/product/unifying-security.html">Kerberos overview</A>
<A HREF="http://www.cygnus.com/product/kerbnet-download.html">Download Kerberos</A></P>
<H3>FTP</H3>
<P>Other NT w/s logon hack via NT</P>
<H3>Default Server Method</H3>
<H3>Client-side Database Only</H3>
<H2><A NAME="ss4.3">4.3 Post-Authentication: Netlogon, Logon Scripts, Profiles</A></H2>
<P>See
<A HREF="../DOMAIN.txt">../DOMAIN.txt</A></P>
<HR>
<A HREF="Samba-meta-FAQ-3.html">Previous</A>
<A HREF="Samba-meta-FAQ-5.html">Next</A>
<A HREF="Samba-meta-FAQ.html#toc4">Table of Contents</A>
</BODY>
</HTML>

30
docs/faq/Samba-meta-FAQ-5.html
View File

@ -1,30 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba meta FAQ: Cross-Protocol File Sharing</TITLE>
</HEAD>
<BODY>
<A HREF="Samba-meta-FAQ-4.html">Previous</A>
<A HREF="Samba-meta-FAQ-6.html">Next</A>
<A HREF="Samba-meta-FAQ.html#toc5">Table of Contents</A>
<HR>
<H2><A NAME="s5">5. Cross-Protocol File Sharing</A></H2>
<P>Samba is an important tool for...</P>
<P>It is possible to...</P>
<P>File protocol gateways...</P>
<P>"Setting up a Linux File Server" http://vetrec.mit.edu/people/narf/linux.html</P>
<P>Two free implementations of Appletalk for Unix are Netatalk,
<A HREF="http://www.umich.edu/~rsug/netatalk/">http://www.umich.edu/~rsug/netatalk/</A>, and CAP,
<A HREF="http://www.cs.mu.oz.au/appletalk/atalk.html">http://www.cs.mu.oz.au/appletalk/atalk.html</A>. What Samba offers MS
Windows users, these packages offer to Macs. For more info on these
packages, Samba, and Linux (and other UNIX-based systems) see
<A HREF="http://www.eats.com/linux_mac_win.html">http://www.eats.com/linux_mac_win.html</A> 3.5) Sniffing your nework</P>
<HR>
<A HREF="Samba-meta-FAQ-4.html">Previous</A>
<A HREF="Samba-meta-FAQ-6.html">Next</A>
<A HREF="Samba-meta-FAQ.html#toc5">Table of Contents</A>
</BODY>
</HTML>

30
docs/faq/Samba-meta-FAQ-6.html
View File

@ -1,30 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba meta FAQ: Miscellaneous</TITLE>
</HEAD>
<BODY>
<A HREF="Samba-meta-FAQ-5.html">Previous</A>
Next
<A HREF="Samba-meta-FAQ.html#toc6">Table of Contents</A>
<HR>
<H2><A NAME="s6">6. Miscellaneous</A></H2>
<P>
<A NAME="miscellaneous"></A>
</P>
<H2><A NAME="ss6.1">6.1 Is Samba Year 2000 compliant?</A></H2>
<P>
<A NAME="Year2000Compliant"></A>
The CIFS protocol that Samba implements
negotiates times in various formats, all of which
are able to cope with dates beyond 2000.</P>
<HR>
<A HREF="Samba-meta-FAQ-5.html">Previous</A>
Next
<A HREF="Samba-meta-FAQ.html#toc6">Table of Contents</A>
</BODY>
</HTML>

102
docs/faq/Samba-meta-FAQ.html
View File

@ -1,102 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba meta FAQ</TITLE>
</HEAD>
<BODY>
Previous
<A HREF="Samba-meta-FAQ-1.html">Next</A>
Table of Contents
<HR>
<H1> Samba meta FAQ</H1>
<H2>Dan Shearer & Paul Blackman, <CODE>ictinus@samba.org</CODE></H2>v 0.3, 7 Oct '97
<P><HR><EM> This is the meta-Frequently Asked Questions (FAQ) document
for Samba, the free and very popular SMB and CIFS server product. It
contains overview information for the Samba suite of programs, a
quick-start guide, and pointers to all other Samba documentation. Other
FAQs exist for specific client and server issues, and HOWTO documents
for more extended topics to do with Samba software. Current to version
Samba 1.9.17. Please send any corrections to the author. </EM><HR></P>
<P>
<H2><A NAME="toc1">1.</A> <A HREF="Samba-meta-FAQ-1.html">Quick Reference Guides to Samba Documentation</A></H2>
<UL>
<LI><A HREF="Samba-meta-FAQ-1.html#ss1.1">1.1 Samba for the Impatient</A>
<LI><A HREF="Samba-meta-FAQ-1.html#ss1.2">1.2 All Samba Documentation</A>
</UL>
<P>
<H2><A NAME="toc2">2.</A> <A HREF="Samba-meta-FAQ-2.html">General Information</A></H2>
<UL>
<LI><A HREF="Samba-meta-FAQ-2.html#ss2.1">2.1 What is Samba?</A>
<LI><A HREF="Samba-meta-FAQ-2.html#ss2.2">2.2 What is the current version of Samba?</A>
<LI><A HREF="Samba-meta-FAQ-2.html#ss2.3">2.3 Where can I get it? </A>
<LI><A HREF="Samba-meta-FAQ-2.html#ss2.4">2.4 What do the version numbers mean?</A>
<LI><A HREF="Samba-meta-FAQ-2.html#ss2.5">2.5 Where can I go for further information?</A>
<LI><A HREF="Samba-meta-FAQ-2.html#ss2.6">2.6 How do I subscribe to the Samba Mailing Lists?</A>
<LI><A HREF="Samba-meta-FAQ-2.html#ss2.7">2.7 Something's gone wrong - what should I do?</A>
<LI><A HREF="Samba-meta-FAQ-2.html#ss2.8">2.8 How do I submit patches or bug reports?</A>
<LI><A HREF="Samba-meta-FAQ-2.html#ss2.9">2.9 What if I have an URGENT message for the developers?</A>
<LI><A HREF="Samba-meta-FAQ-2.html#ss2.10">2.10 What if I need paid-for support?</A>
<LI><A HREF="Samba-meta-FAQ-2.html#ss2.11">2.11 Pizza supply details</A>
</UL>
<P>
<H2><A NAME="toc3">3.</A> <A HREF="Samba-meta-FAQ-3.html">About the CIFS and SMB Protocols</A></H2>
<UL>
<LI><A HREF="Samba-meta-FAQ-3.html#ss3.1">3.1 What is the Server Message Block (SMB) Protocol?</A>
<LI><A HREF="Samba-meta-FAQ-3.html#ss3.2">3.2 What is the Common Internet Filesystem (CIFS)?</A>
<LI><A HREF="Samba-meta-FAQ-3.html#ss3.3">3.3 What is Browsing? </A>
</UL>
<P>
<H2><A NAME="toc4">4.</A> <A HREF="Samba-meta-FAQ-4.html">Designing A SMB and CIFS Network</A></H2>
<UL>
<LI><A HREF="Samba-meta-FAQ-4.html#ss4.1">4.1 Workgroups, Domains, Authentication and Browsing</A>
<LI><A HREF="Samba-meta-FAQ-4.html#ss4.2">4.2 Authentication Schemes</A>
<LI><A HREF="Samba-meta-FAQ-4.html#ss4.3">4.3 Post-Authentication: Netlogon, Logon Scripts, Profiles</A>
</UL>
<P>
<H2><A NAME="toc5">5.</A> <A HREF="Samba-meta-FAQ-5.html">Cross-Protocol File Sharing</A></H2>
<P>
<H2><A NAME="toc6">6.</A> <A HREF="Samba-meta-FAQ-6.html">Miscellaneous</A></H2>
<UL>
<LI><A HREF="Samba-meta-FAQ-6.html#ss6.1">6.1 Is Samba Year 2000 compliant?</A>
</UL>
<HR>
Previous
<A HREF="Samba-meta-FAQ-1.html">Next</A>
Table of Contents
</BODY>
</HTML>

644
docs/faq/Samba-meta-FAQ.sgml
View File

@ -1,644 +0,0 @@
<!doctype linuxdoc system> <!-- -*- SGML -*- -->
<!--
v 0.1 23 Aug 1997 Dan Shearer
Original Samba-meta-FAQ.sgml from Paul's sambafaq.sgml
v 0.2 25 Aug 1997 Dan
v 0.3 7 Oct 1997 Paul
Changed samba.canberra refs to samba.anu.../samba/
-->
<article>
<title> Samba meta FAQ
<author>Dan Shearer & Paul Blackman, <tt>ictinus@samba.org</tt>
<date>v 0.3, 7 Oct '97
<abstract> This is the meta-Frequently Asked Questions (FAQ) document
for Samba, the free and very popular SMB and CIFS server product. It
contains overview information for the Samba suite of programs, a
quick-start guide, and pointers to all other Samba documentation. Other
FAQs exist for specific client and server issues, and HOWTO documents
for more extended topics to do with Samba software. Current to version
Samba 1.9.17. Please send any corrections to the author.
</abstract>
<toc>
<sect> Quick Reference Guides to Samba Documentation<p><label id=quickref>
We are endeavouring to provide links here to every major class of
information about Samba or things related to Samba. We cannot list every
document, but we are aiming for all documents to be at most two
referrals from those listed here. This needs constant maintaining, so
please send the author your feedback.
<sect1> Samba for the Impatient<p><label id="impatient">
You know you should read the documentation but can't wait to start? What
you need to do then is follow the instructions in the following
documents in the order given. This should be enough to get a fairly
simple site going quickly. If you have any problems, refer back to this
meta-FAQ and follow the links to find more reading material.
<descrip>
<label id="ImpGet"><tag/Getting Samba:/ The fastest way to get Samba
going is and install it is to have an operating system for which the
Samba team has put together an installation package. To see if your OS
is included have a look at the directory
/pub/samba/Binary_Packages/"OS_Vendor" on your nearest <url
url="../MIRRORS" name="mirror site">. If it is included follow the
installation instructions in the README file there and then do some <ref id="ImpTest"
name="basic testing">. If you are not so fortunate, follow the normal <ref
id="WhereFrom" name="download instructions"> and then continue with <ref
id="ImpInst" name="building and installing Samba">.
<label id="ImpInst"><tag/Building and Installing Samba:/ At the moment
there are two kinds of Samba server installs besides the prepackaged
binaries mentioned in the previous step. You need to decide if you have a <url url="../UNIX_INSTALL.txt"
name="Unix or close relative"> or <url
url="Samba-Server-FAQ.html#PortInfo" name="other supported operating system">.
<label id="ImpTest"><tag/Basic Testing:/ Try to connect using the
supplied smbclient command-line program. You need to know the IP
hostname of your server. A service name must be defined in smb.conf, as
given in the examples (under many operating systems if there is a
[homes] service you can just use a valid username.) Then type
<tt>
smbclient \\hostname\servicename
</tt>
Under most Unixes you will need to put the parameters within quotation
marks. If this works, try connecting from one of the SMB clients you
were planning to use with Samba.
<label id="ImpDebug"><tag/Debug sequence:/ If you think you have completed the
previous step and things aren't working properly work through
<url url="../DIAGNOSIS.txt" name="the diagnosis recipe.">
<label id="ImpExp"><tag/Exporting files to SMB clients:/ You should read the manual pages
for smb.conf, but here is a <url url="Samba-Server-FAQ.html#Exporting"
name="quick answer guide.">
<label id="ImpControl"><tag/Controlling user access:/ the quickest and dirtiest way of sharing
resources is to use <ref id="ShareModeSecurity" name="share level
security."> If you want to spend more time and have a proper username
and password database you must read the paragraph on <ref
id="DomainModeSecurity" name="domain mode security."> If you want
encryption (eg you are using Windows NT clients) follow the <url
url="Samba-Server-FAQ.html#SMBEncryptionSteps" name="SMB encryption
instructions.">
<label id="ImpBrowse"><tag/Browsing:/ if you are happy to type in "\\samba-server\sharename"
at the client end then do not read any further. Otherwise you need to
understand the <ref id="BrowsingDefinitions" name="browsing terminology">
and read <url url="Samba-Server-FAQ.html#NameBrowsing">.
<label id="ImpPrint"><tag/Printing:/ See the <url url="Samba-Server-FAQ.html#Printing"
name="printing quick answer guide.">
</descrip>
If you have got everything working to this point, you can expect Samba
to be stable and secure: these are its greatest strengths. However Samba
has a great deal to offer and to go further you must do some more
reading. Speed and security optimisations, printer accounting, network
logons, roving profiles, browsing across multiple subnets and so on are
all covered either in this document or in those it refers to.
<sect1> All Samba Documentation<p><label id=AllDocs>
<itemize>
<item> Meta-FAQ. This is the mother of all documents, and is the one you
are reading now. The latest version is always at <url
url="http://samba.org/[.....]"> but there is probably a much
nearer <url url="../MIRRORS" name="mirror site"> which you should use
instead.
<item> <url url="Samba-Server-FAQ.html"> is the best starting point for
information about server-side issues. Includes configuration tips and
pointers for Samba on particular operating systems (with 40 to choose
from...)
<item> <url url="Samba-Client-FAQ.html"> is the best starting point for
information about client-side issues, includes a list of all clients
that are known to work with Samba.
</itemize>
<sect> General Information<p><label id="general_info">
All about Samba - what it is, how to get it, related sources of
information, how to understand the numbering scheme, pizza
details.
<sect1> What is Samba?<p><label id="introduction">
Samba is a suite of programs which work together to allow clients to
access to a server's filespace and printers via the SMB (Server Message
Block) and CIFS (Common Internet Filesystem) protocols. Initially
written for Unix, Samba now also runs on Netware, OS/2, VMS, StratOS and
Amigas. Ports to BeOS and other operating systems are underway. Samba
gives the capability for these operating systems to behave much like a
LAN Server, Windows NT Server or Pathworks machine, only with added
functionality and flexibility designed to make life easier for
administrators.
This means that using Samba you can share a server's disks and printers
to many sorts of network clients, including Lan Manager, Windows for
Workgroups, Windows NT, Linux, OS/2, and AIX. There is also a generic
client program supplied as part of the Samba suite which gives a user on
the server an ftp-like interface to access filespace and printers on any
other SMB/CIFS servers.
SMB has been implemented over many protocols, including XNS, NBT, IPX,
NetBEUI and TCP/IP. Samba only uses TCP/IP. This is not likely to change
although there have been some requests for NetBEUI support.
Many users report that compared to other SMB implementations Samba is
more stable, faster, and compatible with more clients. Administrators of
some large installations say that Samba is the only SMB server available
which will scale to many tens of thousands of users without crashing.
The easy way to test these claims is to download it and try it for
yourself!
The suite is supplied with full source code under the <url
url="../COPYING" name="GNU Public License">. The GPL means that you can
use Samba for whatever purpose you wish (including changing the source
or selling it for money) but under all circumstances the source code
must be made freely available. A copy of the GPL must always be included
in any copy of the package.
The primary creator of the Samba suite is Andrew Tridgell. Later
versions incorporate much effort by many helpers. The man pages
and this FAQ were originally written by Karl Auer.
<sect1> Where can I go for further information?<p><label id="more">
There are a number of places to look for more information on Samba,
including:
<itemize>
<item>The mailing lists devoted to discussion of Samba-related matters.
See below for subscription information.
<item>The newsgroup comp.protocols.smb, which has a great deal of
discussion about Samba.
<item>The WWW site 'SAMBA Web Pages' at <url
url="http://samba.org/samba/"> includes:
<itemize>
<item>Links to man pages and documentation, including this FAQ
<item>A comprehensive survey of Samba users
<item>A searchable hypertext archive of the Samba mailing list
<item>Links to Samba source code, binaries, and mirrors of both
<item>This FAQ and the rest in its family
</itemize>
</itemize>
<sect1>How do I subscribe to the Samba Mailing Lists?<p><label id="mailinglist">
Surf to <url url="http://lists.samba.org/"> for an overview of all the mailing lists.
<sect1> Something's gone wrong - what should I do?<p><label id="wrong">
<bf>[#] *** IMPORTANT! *** [#]</bf>
<p>
DO NOT post messages on mailing lists or in newsgroups until you have
carried out the first three steps given here!
<enum> <item> See if there are any likely looking entries in this FAQ!
If you have just installed Samba, have you run through the checklist in
<url url="ftp://samba.org/pub/samba/DIAGNOSIS.txt"
name="DIAGNOSIS.txt">? It can save you a lot of time and effort.
DIAGNOSIS.txt can also be found in the docs directory of the Samba
distribution.
<item> Read the man pages for smbd, nmbd and smb.conf, looking for
topics that relate to what you are trying to do.
<item> If there is no obvious solution to hand, try to get a look at
the log files for smbd and/or nmbd for the period during which you
were having problems. You may need to reconfigure the servers to
provide more extensive debugging information - usually level 2 or
level 3 provide ample debugging info. Inspect these logs closely,
looking particularly for the string "Error:".
<item> If you need urgent help and are willing to pay for it see
<ref id="PaidSupport" name="Paid Support">.
</enum>
If you still haven't got anywhere, ask the mailing list or newsgroup. In
general nobody minds answering questions provided you have followed the
preceding steps. It might be a good idea to scan the archives of the
mailing list, which are available through the Samba web site described
in the previous section. When you post be sure to include a good
description of your environment and your problem.
If you successfully solve a problem, please mail the FAQ maintainer a
succinct description of the symptom, the problem and the solution, so
that an explanation can be incorporated into the next version.
<sect1> How do I submit patches or bug reports?<p>
If you make changes to the source code, <em>please</em> submit these patches
so that everyone else gets the benefit of your work. This is one of
the most important aspects to the maintainence of Samba. Send all
patches to <htmlurl url="mailto:samba@samba.org" name="samba@samba.org">. Do not send patches to Andrew Tridgell or any
other individual, they may be lost if you do.
Patch format
------------
If you are sending a patch to fix a problem then please don't just use
standard diff format. As an example, samba@samba.org received this patch from
someone:
382a
#endif
..
381a
#if !defined(NEWS61)
How are we supposed to work out what this does and where it goes? These
sort of patches only work if we both have identical files in the first
place. The Samba sources are constantly changing at the hands of multiple
developers, so it doesn't work.
Please use either context diffs or (even better) unified diffs. You
get these using "diff -c4" or "diff -u". If you don't have a diff that
can generate these then please send manualy commented patches to I
know what is being changed and where. Most patches are applied by hand so
the info must be clear.
This is a basic guideline that will assist us with assessing your problem
more efficiently :
Machine Arch:
Machine OS:
OS Version:
Kernel:
Compiler:
Libc Version:
Samba Version:
Network Layout (description):
What else is on machine (services, etc):
Some extras :
<itemize>
<item> what you did and what happened
<item> relevant parts of a debugging output file with debuglevel higher.
If you can't find the relevant parts, please ask before mailing
huge files.
<item> anything else you think is useful to trace down the bug
</itemize>
<sect1> What if I have an URGENT message for the developers?<p>
If you have spotted something very serious and believe that it is
important to contact the developers quickly send a message to
samba-urgent@samba.org. This will be processed more quickly than
mail to samba@samba.org. Please think carefully before using this address. An
example of its use might be to report a security hole.
Examples of things <em>not</em> to send to samba-urgent include problems
getting Samba to work at all and bugs that cannot potentially cause damage.
<sect1> What if I need paid-for support?<p><label id=PaidSupport>
Samba has a large network of consultants who provide Samba support on a
commercial basis. The list is included in the package in <url
url="../Support.txt">, and the latest version will always be on the main
samba ftp site. Any company in the world can request that the samba team
include their details in Support.txt so we can give no guarantee of
their services.
<sect1> Pizza supply details<p><label id="pizza">
Those who have registered in the Samba survey as "Pizza Factory" will
already know this, but the rest may need some help. Andrew doesn't ask
for payment, but he does appreciate it when people give him
pizza. This calls for a little organisation when the pizza donor is
twenty thousand kilometres away, but it has been done.
<enum>
<item> Ring up your local branch of an international pizza chain
and see if they honour their vouchers internationally. Pizza Hut do,
which is how the entire Canberra Linux Users Group got to eat pizza
one night, courtesy of someone in the US.
<item>Ring up a local pizza shop in Canberra and quote a credit
card number for a certain amount, and tell them that Andrew will be
collecting it (don't forget to tell him.) One kind soul from Germany
did this.
<item>Purchase a pizza voucher from your local pizza shop that has
no international affiliations and send it to Andrew. It is completely
useless but he can hang it on the wall next to the one he already has
from Germany :-)
<item>Air freight him a pizza with your favourite regional
flavours. It will probably get stuck in customs or torn apart by
hungry sniffer dogs but it will have been a noble gesture.
</enum>
<sect>About the CIFS and SMB Protocols<p><label id="CifsSmb">
<sect1> What is the Server Message Block (SMB) Protocol?<p>
SMB is a filesharing protocol that has had several maintainers and
contributors over the years including Xerox, 3Com and most recently
Microsoft. Names for this protocol include LAN Manager and Microsoft
Networking. Parts of the specification has been made public at several
versions including in an X/Open document, as listed at
<url url="ftp://ftp.microsoft.com/developr/drg/CIFS/">. No specification
releases were made between 1992 and 1996, and during that period
Microsoft became the SMB implementor with the largest market share.
Microsoft developed the specification further for its products but for
various reasons connected with developer's workload rather than market
strategy did not make the changes public. This culminated with the
"Windows NT 0.12" version released with NT 3.5 in 1995 which had significant
improvements and bugs. Because Microsoft client systems are so popular,
it is fair to say that what Microsoft with Windows affects all suppliers
of SMB server products.
From 1994 Andrew Tridgell began doing some serious work on his
Smbserver (now Samba) product and with some helpers started to
implement more and more of these protocols. Samba began to take
a significant share of the SMB server market.
<sect1> What is the Common Internet Filesystem (CIFS)?<p>
The initial pressure for Microsoft to document their current SMB
implementation came from the Samba team, who kept coming across things
on the wire that Microsoft either didn't know about or hadn't documented
anywhere (even in the sourcecode to Windows NT.) Then Sun Microsystems
came out with their WebNFS initiative, designed to replace FTP for file
transfers on the Internet. There are many drawbacks to WebNFS (including
its scope - it aims to replace HTTP as well!) but the concept was
attractive. FTP is not very clever, and why should it be harder to get
files from across the world than across the room?
Some hasty revisions were made and an Internet Draft for the Common
Internet Filesystem (CIFS) was released. Note that CIFS is not an
Internet standard and is a very long way from becoming one, BUT the
protocol specification is in the public domain and ongoing discussions
concerning the spec take place on a public mailing list according to the
rules of the Internet Engineering Task Force. For more information and
pointers see <url url="http://samba.org/cifs/">
The following is taken from <url url="http://www.microsoft.com/intdev/cifs/">
<verb>
CIFS defines a standard remote file system access protocol for use
over the Internet, enabling groups of users to work together and
share documents across the Internet or within their corporate
intranets. CIFS is an open, cross-platform technology based on the
native file-sharing protocols built into Microsoft® Windows® and
other popular PC operating systems, and supported on dozens of
other platforms, including UNIX®. With CIFS, millions of computer
users can open and share remote files on the Internet without having
to install new software or change the way they work."
</verb>
If you consider CIFS as a backwardsly-compatible refinement of SMB that
will work reasonably efficiently over the Internet you won't be too far
wrong.
The net effect is that Microsoft is now documenting large parts of their
Windows NT fileserver protocols. The security concepts embodied in
Windows NT are part of the specification, which is why Samba
documentation often talks in terms of Windows NT. However there is no
reason why a site shouldn't conduct all its file and printer sharing
with CIFS and yet have no Microsoft products at all.
<sect1> What is Browsing? <p>
The term "Browsing" causes a lot of confusion. It is the part of the
SMB/CIFS protocol which allows for resource discovery. For example, in
the Windows NT Explorer it is possible to see a "Network Neighbourhood"
of computers in the same SMB workgroup. Clicking on the name of one of
these machines brings up a list of file and printer resources for
connecting to. In this way you can cruise the network, seeing what
things are available. How this scales to the Internet is a subject for
debate. Look at the CIFS list archives to see what the experts think.
<sect>Designing A SMB and CIFS Network<p>
The big issues for installing any network of LAN or WAN file and print
servers are
<itemize>
<item>How and where usernames, passwords and other security information
is stored
<item>What method can be used for locating the resources that users have
permission to use
<item>What protocols the clients can converse with
</itemize>
If you buy Netware, Windows NT or just about any other LAN fileserver
product you are expected to lock yourself into the product's preferred
answers to these questions. This tendancy is restrictive and often very
expensive for a site where there is only one kind of client or server,
and for sites with a mixture of operating systems it often makes it
impossible to share resources between some sets of users.
The Samba philosophy is to make things as easy as possible for
administators, which means allowing as many combinations of clients,
servers, operating systems and protocols as possible.
<sect1>Workgroups, Domains, Authentication and Browsing<p>
From the point of view of networking implementation, Domains and
Workgroups are <em>exactly</em> the same, except for the client logon
sequence. Some kind of distributed authentication database is associated
with a domain (there are quite a few choices) and this adds so much
flexibility that many people think of a domain as a completely different
entity to a workgroup. From Samba's point of view a client connecting to
a service presents an authentication token, and it if it is valid they
have access. Samba does not care what mechanism was used to generate
that token in the first place.
The SMB client logging on to a domain has an expectation that every other
server in the domain should accept the same authentication information.
However the network browsing functionality of domains and workgroups is
identical and is explained in <url url="../BROWSING.txt">.
There are some implementation differences: Windows 95 can be a member of
both a workgroup and a domain, but Windows NT cannot. Windows 95 also
has the concept of an "alternative workgroup". Samba can only be a
member of a single workgroup or domain, although this is due to change
with a future version when nmbd will be split into two daemons, one for
WINS and the other for browsing (<url url="../NetBIOS.txt"> explains
what WINS is.)
<sect2> Defining the Terms<p><label id="BrowseAndDomainDefs">
<descrip>
<tag/Workgroup/ means a collection of machines that maintain a common
browsing database containing information about their shared resources.
They do not necessarily have any security information in common (if they
do, it gets called a Domain.) The browsing database is dynamic, modified
as servers come and go on the network and as resources are added or
deleted. The term "browsing" refers to a user accessing the database via
whatever interface the client provides, eg the OS/2 Workplace Shell or
Windows 95 Explorer. SMB servers agree between themselves as to which
ones will maintain the browsing database. Workgroups can be anywhere on
a connected TCP/IP network, including on different subnets or even on
the Interet. This is a very tricky part of SMB to implement.
<tag/Master Browsers/ are machines which holds the master browsing
database for a workgroup or domain. There are two kinds of Master Browser:
<itemize>
<item> Domain Master Browser, which holds the master browsing
information for an entire domain, which may well cross multiple TCP/IP
subnets.
<item> Local Master Browser, which holds the master browsing database
for a particular subnet and communicates with the Domain Master Browser
to get information on other subnets.
</itemize>
Subnets are differentiated because browsing is based on broadcasts, and
broadcasts do not pass through routers. Subnets are not routed: while it
is possible to have more than one subnet on a single network segment
this is regarded as very bad practice.
Master Browsers (both Domain and Local) are elected dynamically
according to an algorithm which is supposed to take into account the
machine's ability to sustain the browsing load. Samba can be configured
to always act as a master browser, ie it always wins elections under all
circumstances, even against systems such as a Windows NT Primary Domain
Controller which themselves expect to win.
There are also Backup Browsers which are promoted to Master Browsers in
the event of a Master Browser disappearing from the network.
Alternative terms include confusing variations such as "Browse Master",
and "Master Browser" which we are trying to eliminate from the Samba
documentation.
<tag/Domain Controller/ is a term which comes from the Microsoft and IBM
etc implementation of the LAN Manager protocols. It is tied to
authentication. There are other ways of doing domain authentication, but
the Windows NT method has a large market share. The general issues are
discussed in <url url="../DOMAIN.txt"> and a Windows NT-specific
discussion is in <url url="../DOMAIN_CONTROL.txt">.
</descrip>
<sect2>Sharelevel (Workgroup) Security Services<p><label id="ShareModeSecurity">
With the Samba setting "security = SHARE", all shared resources
information about what password is associated with them but only hints
as to what usernames might be valid (the hint can be 'all users', in
which case any username will work. This is usually a bad idea, but
reflects both the initial implementations of SMB in the mid-80s and
its reincarnation with Windows for Workgroups in 1992. The idea behind
workgroup security was that small independant groups of people could
share information on an ad-hoc basis without there being an
authentication infrastructure present or requiring them to do more than
fill in a dialogue box.
<sect2>Authentication Domain Mode Services<p><label id="DomainModeSecurity">
With the Samba settings "security = USER" or "security = SERVER"
accesses to all resources are checked for username/password pair matches
in a more rigorous manner. To the client, this has the effect of
emulating a Microsoft Domain. The client is not concerned whether or not
Samba looks up a Windows NT SAM or does it in some other way.
<sect1>Authentication Schemes<p>
In the simple case authentication information is stored on a single
server and the user types a password on connecting for the first time.
However client operating systems often require a password before they
can be used at all, and in addition users usually want access to more
than one server. Asking users to remember many different passwords in
different contexts just does not work. Some kind of distributed
authentication database is needed. It must cope with password changes
and provide for assigning groups of users the same level of access
permissions. This is why Samba installations often choose to implement a
Domain model straight away.
Authentication decisions are some of the biggest in designing a network.
Are you going to use a scheme native to the client operating system,
native to the server operating system, or newly installed on both? A
list of options relevant to Samba (ie that make sense in the context of
the SMB protocol) follows. Any experiences with other setups would be
appreciated. [refer to server FAQ for "passwd chat" passwd program
password server etc etc...]
<sect2>NIS<p>
For Windows 95, Windows for Workgroups and most other clients Samba can
be a domain controller and share the password database via NIS
transparently. Windows NT is different.
<url url="http://www.dcs.qmw.ac.uk/~williams" name="Free NIS NT client">
<sect2>Kerberos<p>
Kerberos for US users only:
<url url="http://www.cygnus.com/product/unifying-security.html"
name="Kerberos overview">
<url url="http://www.cygnus.com/product/kerbnet-download.html"
name="Download Kerberos">
<sect2>FTP<p>
Other NT w/s logon hack via NT
<sect2>Default Server Method<p>
<sect2>Client-side Database Only<p>
<sect1>Post-Authentication: Netlogon, Logon Scripts, Profiles<p>
See <url url="../DOMAIN.txt">
<sect>Cross-Protocol File Sharing<p>
Samba is an important tool for...
It is possible to...
File protocol gateways...
"Setting up a Linux File Server" http://vetrec.mit.edu/people/narf/linux.html
Two free implementations of Appletalk for Unix are Netatalk, <url
url="http://www.umich.edu/~rsug/netatalk/">, and CAP, <url
url="http://www.cs.mu.oz.au/appletalk/atalk.html">. What Samba offers MS
Windows users, these packages offer to Macs. For more info on these
packages, Samba, and Linux (and other UNIX-based systems) see <url
url="http://www.eats.com/linux_mac_win.html"> 3.5) Sniffing your nework
<sect>Miscellaneous<p><label id="miscellaneous">
<sect1>Is Samba Year 2000 compliant?<p><label id="Year2000Compliant">
The CIFS protocol that Samba implements
negotiates times in various formats, all of which
are able to cope with dates beyond 2000.
</article>

924
docs/faq/Samba-meta-FAQ.txt
View File

@ -1,924 +0,0 @@
Samba meta FAQ
Dan Shearer & Paul Blackman, ictinus@samba.org
v 0.3, 7 Oct '97
This is the meta-Frequently Asked Questions (FAQ) document for Samba,
the free and very popular SMB and CIFS server product. It contains
overview information for the Samba suite of programs, a quick-start
guide, and pointers to all other Samba documentation. Other FAQs exist
for specific client and server issues, and HOWTO documents for more
extended topics to do with Samba software. Current to version Samba
1.9.17. Please send any corrections to the author.
______________________________________________________________________
Table of Contents:
1. Quick Reference Guides to Samba Documentation
1.1. Samba for the Impatient
1.2. All Samba Documentation
2. General Information
2.1. What is Samba?
2.2. What is the current version of Samba?
2.3. Where can I get it?
2.4. What do the version numbers mean?
2.5. Where can I go for further information?
2.6. How do I subscribe to the Samba Mailing Lists?
2.7. Something's gone wrong - what should I do?
2.8. How do I submit patches or bug reports?
2.9. What if I have an URGENT message for the developers?
2.10. What if I need paid-for support?
2.11. Pizza supply details
3. About the CIFS and SMB Protocols
3.1. What is the Server Message Block (SMB) Protocol?
3.2. What is the Common Internet Filesystem (CIFS)?
3.3. What is Browsing?
4. Designing A SMB and CIFS Network
4.1. Workgroups, Domains, Authentication and Browsing
4.1.1. Defining the Terms
4.1.2. Sharelevel (Workgroup) Security Services
4.1.3. Authentication Domain Mode Services
4.2. Authentication Schemes
4.2.1. NIS
4.2.2. Kerberos
4.2.3. FTP
4.2.4. Default Server Method
4.2.5. Client-side Database Only
4.3. Post-Authentication: Netlogon, Logon Scripts, Profiles
5. Cross-Protocol File Sharing
6. Miscellaneous
6.1. Is Samba Year 2000 compliant?
______________________________________________________________________
11.. QQuuiicckk RReeffeerreennccee GGuuiiddeess ttoo SSaammbbaa DDooccuummeennttaattiioonn
We are endeavouring to provide links here to every major class of
information about Samba or things related to Samba. We cannot list
every document, but we are aiming for all documents to be at most two
referrals from those listed here. This needs constant maintaining, so
please send the author your feedback.
11..11.. SSaammbbaa ffoorr tthhee IImmppaattiieenntt
You know you should read the documentation but can't wait to start?
What you need to do then is follow the instructions in the following
documents in the order given. This should be enough to get a fairly
simple site going quickly. If you have any problems, refer back to
this meta-FAQ and follow the links to find more reading material.
GGeettttiinngg SSaammbbaa::
The fastest way to get Samba going is and install it is to have
an operating system for which the Samba team has put together an
installation package. To see if your OS is included have a look
at the directory /pub/samba/Binary_Packages/"OS_Vendor" on your
nearest mirror site <../MIRRORS>. If it is included follow the
installation instructions in the README file there and then do
some ``basic testing''. If you are not so fortunate, follow the
normal ``download instructions'' and then continue with
``building and installing Samba''.
BBuuiillddiinngg aanndd IInnssttaalllliinngg SSaammbbaa::
At the moment there are two kinds of Samba server installs
besides the prepackaged binaries mentioned in the previous step.
You need to decide if you have a Unix or close relative
<../UNIX_INSTALL.txt> or other supported operating system
<Samba-Server-FAQ.html#PortInfo>.
BBaassiicc TTeessttiinngg::
Try to connect using the supplied smbclient command-line
program. You need to know the IP hostname of your server. A
service name must be defined in smb.conf, as given in the
examples (under many operating systems if there is a homes
service you can just use a valid username.) Then type smbclient
\hostnamevicename Under most Unixes you will need to put the
parameters within quotation marks. If this works, try connecting
from one of the SMB clients you were planning to use with Samba.
DDeebbuugg sseeqquueennccee::
If you think you have completed the previous step and things
aren't working properly work through the diagnosis recipe.
<../DIAGNOSIS.txt>
EExxppoorrttiinngg ffiilleess ttoo SSMMBB cclliieennttss::
You should read the manual pages for smb.conf, but here is a
quick answer guide. <Samba-Server-FAQ.html#Exporting>
CCoonnttrroolllliinngg uusseerr aacccceessss::
the quickest and dirtiest way of sharing resources is to use
``share level security.'' If you want to spend more time and
have a proper username and password database you must read the
paragraph on ``domain mode security.'' If you want encryption
(eg you are using Windows NT clients) follow the SMB encryption
instructions. <Samba-Server-FAQ.html#SMBEncryptionSteps>
BBrroowwssiinngg::
if you are happy to type in "\samba-serverrename" at the client
end then do not read any further. Otherwise you need to
understand the ``browsing terminology'' and read <Samba-Server-
FAQ.html#NameBrowsing>.
PPrriinnttiinngg::
See the printing quick answer guide. <Samba-Server-
FAQ.html#Printing>
If you have got everything working to this point, you can expect Samba
to be stable and secure: these are its greatest strengths. However
Samba has a great deal to offer and to go further you must do some
more reading. Speed and security optimisations, printer accounting,
network logons, roving profiles, browsing across multiple subnets and
so on are all covered either in this document or in those it refers
to.
11..22.. AAllll SSaammbbaa DDooccuummeennttaattiioonn
+o Meta-FAQ. This is the mother of all documents, and is the one you
are reading now. The latest version is always at
<http://samba.org/[.....]> but there is probably a much
nearer mirror site <../MIRRORS> which you should use instead.
+o <Samba-Server-FAQ.html> is the best starting point for information
about server-side issues. Includes configuration tips and pointers
for Samba on particular operating systems (with 40 to choose
from...)
+o <Samba-Client-FAQ.html> is the best starting point for information
about client-side issues, includes a list of all clients that are
known to work with Samba.
+o manual pages <samba-man-index.html> contains descriptions of and
links to all the Samba manual pages, in Unix man and postscript
format.
+o <samba-txt-index.html> has descriptions of and links to a large
number of text files have been contributed to samba covering many
topics. These are gradually being absorbed into the FAQs and HOWTOs
but in the meantime you might find helpful answers here.
+o
22.. GGeenneerraall IInnffoorrmmaattiioonn
All about Samba - what it is, how to get it, related sources of
information, how to understand the numbering scheme, pizza details.
22..11.. WWhhaatt iiss SSaammbbaa??
Samba is a suite of programs which work together to allow clients to
access to a server's filespace and printers via the SMB (Server
Message Block) and CIFS (Common Internet Filesystem) protocols.
Initially written for Unix, Samba now also runs on Netware, OS/2, VMS,
StratOS and Amigas. Ports to BeOS and other operating systems are
underway. Samba gives the capability for these operating systems to
behave much like a LAN Server, Windows NT Server or Pathworks machine,
only with added functionality and flexibility designed to make life
easier for administrators.
This means that using Samba you can share a server's disks and
printers to many sorts of network clients, including Lan Manager,
Windows for Workgroups, Windows NT, Linux, OS/2, and AIX. There is
also a generic client program supplied as part of the Samba suite
which gives a user on the server an ftp-like interface to access
filespace and printers on any other SMB/CIFS servers.
SMB has been implemented over many protocols, including XNS, NBT, IPX,
NetBEUI and TCP/IP. Samba only uses TCP/IP. This is not likely to
change although there have been some requests for NetBEUI support.
Many users report that compared to other SMB implementations Samba is
more stable, faster, and compatible with more clients. Administrators
of some large installations say that Samba is the only SMB server
available which will scale to many tens of thousands of users without
crashing. The easy way to test these claims is to download it and try
it for yourself!
The suite is supplied with full source code under the GNU Public
License <../COPYING>. The GPL means that you can use Samba for
whatever purpose you wish (including changing the source or selling it
for money) but under all circumstances the source code must be made
freely available. A copy of the GPL must always be included in any
copy of the package.
The primary creator of the Samba suite is Andrew Tridgell. Later
versions incorporate much effort by many net.helpers. The man pages
and this FAQ were originally written by Karl Auer.
22..22.. WWhhaatt iiss tthhee ccuurrrreenntt vveerrssiioonn ooff SSaammbbaa??
At time of writing, the current version was 1.9.17. If you want to be
sure check the bottom of the change-log file.
<ftp://samba.org/pub/samba/alpha/change-log>
For more information see ``What do the version numbers mean?''
22..33.. WWhheerree ccaann II ggeett iitt??
The Samba suite is available via anonymous ftp from samba.org
and many mirror <../MIRRORS> sites. You will get much faster
performance if you use a mirror site. The latest and greatest versions
of the suite are in the directory:
/pub/samba/
Development (read "alpha") versions, which are NOT necessarily stable
and which do NOT necessarily have accurate documentation, are
available in the directory:
/pub/samba/alpha
Note that binaries are NOT included in any of the above. Samba is
distributed ONLY in source form, though binaries may be available from
other sites. Most Linux distributions, for example, do contain Samba
binaries for that platform. The VMS, OS/2, Netware and Amiga and other
ports typically have binaries made available.
A special case is vendor-provided binary packages. Samba binaries and
default configuration files are put into packages for a specific
operating system. RedHat Linux and Sun Solaris (Sparc and x86) is
already included, and others such as OS/2 may follow. All packages are
in the directory:
/pub/samba/Binary_Packages/"OS_Vendor"
22..44.. WWhhaatt ddoo tthhee vveerrssiioonn nnuummbbeerrss mmeeaann??
It is not recommended that you run a version of Samba with the word
"alpha" in its name unless you know what you are doing and are willing
to do some debugging. Many, many people just get the latest
recommended stable release version and are happy. If you are brave, by
all means take the plunge and help with the testing and development -
but don't install it on your departmental server. Samba is typically
very stable and safe, and this is mostly due to the policy of many
public releases.
How the scheme works:
1. When major changes are made the version number is increased. For
example, the transition from 1.9.16 to 1.9.17. However, this
version number will not appear immediately and people should
continue to use 1.9.15 for production systems (see next point.)
2. Just after major changes are made the software is considered
unstable, and a series of alpha releases are distributed, for
example 1.9.16alpha1. These are for testing by those who know what
they are doing. The "alpha" in the filename will hopefully scare
off those who are just looking for the latest version to install.
3. When Andrew thinks that the alphas have stabilised to the point
where he would recommend new users install it, he renames it to the
same version number without the alpha, for example 1.9.17.
4. Inevitably bugs are found in the "stable" releases and minor patch
levels are released which give us the pXX series, for example
1.9.17p2.
So the progression goes:
1.9.16p10 (production)
1.9.16p11 (production)
1.9.17alpha1 (test sites only)
:
1.9.17alpha20 (test sites only)
1.9.17 (production)
1.9.17p1 (production)
The above system means that whenever someone looks at the samba ftp
site they will be able to grab the highest numbered release without an
alpha in the name and be sure of getting the current recommended
version.
22..55.. WWhheerree ccaann II ggoo ffoorr ffuurrtthheerr iinnffoorrmmaattiioonn??
There are a number of places to look for more information on Samba,
including:
+o Two mailing lists devoted to discussion of Samba-related matters.
See below for subscription information.
+o The newsgroup comp.protocols.smb, which has a great deal of
discussion about Samba.
+o The WWW site 'SAMBA Web Pages' at <http://samba.org/samba/>
includes:
+o Links to man pages and documentation, including this FAQ
+o A comprehensive survey of Samba users
+o A searchable hypertext archive of the Samba mailing list
+o Links to Samba source code, binaries, and mirrors of both
+o This FAQ and the rest in its family
22..66.. HHooww ddoo II ssuubbssccrriibbee ttoo tthhee SSaammbbaa MMaaiilliinngg LLiissttss??
Send email to listproc@samba.org. Make sure the subject line is
blank, and include the following two lines in the body of the message:
subscribe samba Firstname Lastname
subscribe samba-announce Firstname Lastname
Obviously you should substitute YOUR first name for "Firstname" and
YOUR last name for "Lastname"! Try not to send any signature, it
sometimes confuses the list processor.
The samba list is a digest list - every eight hours or so it sends a
single message containing all the messages that have been received by
the list since the last time and sends a copy of this message to all
subscribers. There are thousands of people on this list.
If you stop being interested in Samba, please send another email to
listproc@samba.org. Make sure the subject line is blank, and
include the following two lines in the body of the message:
unsubscribe samba
unsubscribe samba-announce
The FFrroomm:: line in your message _M_U_S_T be the same address you used when
you subscribed.
22..77.. SSoommeetthhiinngg''ss ggoonnee wwrroonngg -- wwhhaatt sshhoouulldd II ddoo??
## ****** IIMMPPOORRTTAANNTT!! ****** ##
DO NOT post messages on mailing lists or in newsgroups until you have
carried out the first three steps given here!
1. See if there are any likely looking entries in this FAQ! If you
have just installed Samba, have you run through the checklist in
DIAGNOSIS.txt <ftp://samba.org/pub/samba/DIAGNOSIS.txt>? It
can save you a lot of time and effort. DIAGNOSIS.txt can also be
found in the docs directory of the Samba distribution.
2. Read the man pages for smbd, nmbd and smb.conf, looking for topics
that relate to what you are trying to do.
3. If there is no obvious solution to hand, try to get a look at the
log files for smbd and/or nmbd for the period during which you were
having problems. You may need to reconfigure the servers to provide
more extensive debugging information - usually level 2 or level 3
provide ample debugging info. Inspect these logs closely, looking
particularly for the string "Error:".
4. If you need urgent help and are willing to pay for it see ``Paid
Support''.
If you still haven't got anywhere, ask the mailing list or newsgroup.
In general nobody minds answering questions provided you have followed
the preceding steps. It might be a good idea to scan the archives of
the mailing list, which are available through the Samba web site
described in the previous section. When you post be sure to include a
good description of your environment and your problem.
If you successfully solve a problem, please mail the FAQ maintainer a
succinct description of the symptom, the problem and the solution, so
that an explanation can be incorporated into the next version.
22..88.. HHooww ddoo II ssuubbmmiitt ppaattcchheess oorr bbuugg rreeppoorrttss??
If you make changes to the source code, _p_l_e_a_s_e submit these patches so
that everyone else gets the benefit of your work. This is one of the
most important aspects to the maintainence of Samba. Send all patches
to samba@samba.org. Do not send patches to Andrew Tridgell
or any other individual, they may be lost if you do.
Patch format ------------
If you are sending a patch to fix a problem then please don't just use
standard diff format. As an example, samba@samba.org received this patch
from someone:
382a #endif 381a #if !defined(NEWS61)
How are we supposed to work out what this does and where it goes?
These sort of patches only work if we both have identical files in the
first place. The Samba sources are constantly changing at the hands of
multiple developers, so it doesn't work.
Please use either context diffs or (even better) unified diffs. You
get these using "diff -c4" or "diff -u". If you don't have a diff that
can generate these then please send manualy commented patches to I
know what is being changed and where. Most patches are applied by hand
so the info must be clear.
This is a basic guideline that will assist us with assessing your
problem more efficiently :
Machine Arch: Machine OS: OS Version: Kernel:
Compiler: Libc Version:
Samba Version:
Network Layout (description):
What else is on machine (services, etc):
Some extras :
+o what you did and what happened
+o relevant parts of a debugging output file with debuglevel higher.
If you can't find the relevant parts, please ask before mailing
huge files.
+o anything else you think is useful to trace down the bug
22..99.. WWhhaatt iiff II hhaavvee aann UURRGGEENNTT mmeessssaaggee ffoorr tthhee ddeevveellooppeerrss??
If you have spotted something very serious and believe that it is
important to contact the developers quickly send a message to samba-
urgent@samba.org. This will be processed more quickly than mail
to samba@samba.org. Please think carefully before using this address. An
example of its use might be to report a security hole.
Examples of things _n_o_t to send to samba-urgent include problems
getting Samba to work at all and bugs that cannot potentially cause
damage.
22..1100.. WWhhaatt iiff II nneeeedd ppaaiidd--ffoorr ssuuppppoorrtt??
Samba has a large network of consultants who provide Samba support on
a commercial basis. The list is included in the package in
<../Support.txt>, and the latest version will always be on the main
samba ftp site. Any company in the world can request that the samba
team include their details in Support.txt so we can give no guarantee
of their services.
22..1111.. PPiizzzzaa ssuuppppllyy ddeettaaiillss
Those who have registered in the Samba survey as "Pizza Factory" will
already know this, but the rest may need some help. Andrew doesn't ask
for payment, but he does appreciate it when people give him pizza.
This calls for a little organisation when the pizza donor is twenty
thousand kilometres away, but it has been done.
1. Ring up your local branch of an international pizza chain and see
if they honour their vouchers internationally. Pizza Hut do, which
is how the entire Canberra Linux Users Group got to eat pizza one
night, courtesy of someone in the US.
2. Ring up a local pizza shop in Canberra and quote a credit card
number for a certain amount, and tell them that Andrew will be
collecting it (don't forget to tell him.) One kind soul from
Germany did this.
3. Purchase a pizza voucher from your local pizza shop that has no
international affiliations and send it to Andrew. It is completely
useless but he can hang it on the wall next to the one he already
has from Germany :-)
4. Air freight him a pizza with your favourite regional flavours. It
will probably get stuck in customs or torn apart by hungry sniffer
dogs but it will have been a noble gesture.
33.. AAbboouutt tthhee CCIIFFSS aanndd SSMMBB PPrroottooccoollss
33..11.. WWhhaatt iiss tthhee SSeerrvveerr MMeessssaaggee BBlloocckk ((SSMMBB)) PPrroottooccooll??
SMB is a filesharing protocol that has had several maintainers and
contributors over the years including Xerox, 3Com and most recently
Microsoft. Names for this protocol include LAN Manager and Microsoft
Networking. Parts of the specification has been made public at several
versions including in an X/Open document, as listed at
<ftp://ftp.microsoft.com/developr/drg/CIFS/>. No specification
releases were made between 1992 and 1996, and during that period
Microsoft became the SMB implementor with the largest market share.
Microsoft developed the specification further for its products but for
various reasons connected with developer's workload rather than market
strategy did not make the changes public. This culminated with the
"Windows NT 0.12" version released with NT 3.5 in 1995 which had
significant improvements and bugs. Because Microsoft client systems
are so popular, it is fair to say that what Microsoft with Windows
affects all suppliers of SMB server products.
From 1994 Andrew Tridgell began doing some serious work on his
Smbserver (now Samba) product and with some helpers started to
implement more and more of these protocols. Samba began to take a
significant share of the SMB server market.
33..22.. WWhhaatt iiss tthhee CCoommmmoonn IInntteerrnneett FFiilleessyysstteemm ((CCIIFFSS))??
The initial pressure for Microsoft to document their current SMB
implementation came from the Samba team, who kept coming across things
on the wire that Microsoft either didn't know about or hadn't
documented anywhere (even in the sourcecode to Windows NT.) Then Sun
Microsystems came out with their WebNFS initiative, designed to
replace FTP for file transfers on the Internet. There are many
drawbacks to WebNFS (including its scope - it aims to replace HTTP as
well!) but the concept was attractive. FTP is not very clever, and why
should it be harder to get files from across the world than across the
room?
Some hasty revisions were made and an Internet Draft for the Common
Internet Filesystem (CIFS) was released. Note that CIFS is not an
Internet standard and is a very long way from becoming one, BUT the
protocol specification is in the public domain and ongoing discussions
concerning the spec take place on a public mailing list according to
the rules of the Internet Engineering Task Force. For more information
and pointers see <http://samba.org/cifs/>
The following is taken from <http://www.microsoft.com/intdev/cifs/>
CIFS defines a standard remote file system access protocol for use
over the Internet, enabling groups of users to work together and
share documents across the Internet or within their corporate
intranets. CIFS is an open, cross-platform technology based on the
native file-sharing protocols built into Microsoft Windows and
other popular PC operating systems, and supported on dozens of
other platforms, including UNIX. With CIFS, millions of computer
users can open and share remote files on the Internet without having
to install new software or change the way they work."
If you consider CIFS as a backwardsly-compatible refinement of SMB
that will work reasonably efficiently over the Internet you won't be
too far wrong.
The net effect is that Microsoft is now documenting large parts of
their Windows NT fileserver protocols. The security concepts embodied
in Windows NT are part of the specification, which is why Samba
documentation often talks in terms of Windows NT. However there is no
reason why a site shouldn't conduct all its file and printer sharing
with CIFS and yet have no Microsoft products at all.
33..33.. WWhhaatt iiss BBrroowwssiinngg??
The term "Browsing" causes a lot of confusion. It is the part of the
SMB/CIFS protocol which allows for resource discovery. For example, in
the Windows NT Explorer it is possible to see a "Network
Neighbourhood" of computers in the same SMB workgroup. Clicking on the
name of one of these machines brings up a list of file and printer
resources for connecting to. In this way you can cruise the network,
seeing what things are available. How this scales to the Internet is a
subject for debate. Look at the CIFS list archives to see what the
experts think.
44.. DDeessiiggnniinngg AA SSMMBB aanndd CCIIFFSS NNeettwwoorrkk
The big issues for installing any network of LAN or WAN file and print
servers are
+o How and where usernames, passwords and other security information
is stored
+o What method can be used for locating the resources that users have
permission to use
+o What protocols the clients can converse with
If you buy Netware, Windows NT or just about any other LAN fileserver
product you are expected to lock yourself into the product's preferred
answers to these questions. This tendancy is restrictive and often
very expensive for a site where there is only one kind of client or
server, and for sites with a mixture of operating systems it often
makes it impossible to share resources between some sets of users.
The Samba philosophy is to make things as easy as possible for
administators, which means allowing as many combinations of clients,
servers, operating systems and protocols as possible.
44..11.. WWoorrkkggrroouuppss,, DDoommaaiinnss,, AAuutthheennttiiccaattiioonn aanndd BBrroowwssiinngg
From the point of view of networking implementation, Domains and
Workgroups are _e_x_a_c_t_l_y the same, except for the client logon sequence.
Some kind of distributed authentication database is associated with a
domain (there are quite a few choices) and this adds so much
flexibility that many people think of a domain as a completely
different entity to a workgroup. From Samba's point of view a client
connecting to a service presents an authentication token, and it if it
is valid they have access. Samba does not care what mechanism was used
to generate that token in the first place.
The SMB client logging on to a domain has an expectation that every
other server in the domain should accept the same authentication
information. However the network browsing functionality of domains
and workgroups is identical and is explained in <../BROWSING.txt>.
There are some implementation differences: Windows 95 can be a member
of both a workgroup and a domain, but Windows NT cannot. Windows 95
also has the concept of an "alternative workgroup". Samba can only be
a member of a single workgroup or domain, although this is due to
change with a future version when nmbd will be split into two daemons,
one for WINS and the other for browsing ( <../NetBIOS.txt> explains
what WINS is.)
44..11..11.. DDeeffiinniinngg tthhee TTeerrmmss
WWoorrkkggrroouupp
means a collection of machines that maintain a common browsing
database containing information about their shared resources.
They do not necessarily have any security information in common
(if they do, it gets called a Domain.) The browsing database is
dynamic, modified as servers come and go on the network and as
resources are added or deleted. The term "browsing" refers to a
user accessing the database via whatever interface the client
provides, eg the OS/2 Workplace Shell or Windows 95 Explorer.
SMB servers agree between themselves as to which ones will
maintain the browsing database. Workgroups can be anywhere on a
connected TCP/IP network, including on different subnets or even
on the Interet. This is a very tricky part of SMB to implement.
MMaasstteerr BBrroowwsseerrss
are machines which holds the master browsing database for a
workgroup or domain. There are two kinds of Master Browser:
+o Domain Master Browser, which holds the master browsing
information for an entire domain, which may well cross multiple
TCP/IP subnets.
+o Local Master Browser, which holds the master browsing database
for a particular subnet and communicates with the Domain Master
Browser to get information on other subnets.
Subnets are differentiated because browsing is based on
broadcasts, and broadcasts do not pass through routers. Subnets
are not routed: while it is possible to have more than one
subnet on a single network segment this is regarded as very bad
practice.
Master Browsers (both Domain and Local) are elected dynamically
according to an algorithm which is supposed to take into account
the machine's ability to sustain the browsing load. Samba can be
configured to always act as a master browser, ie it always wins
elections under all circumstances, even against systems such as
a Windows NT Primary Domain Controller which themselves expect
to win.
There are also Backup Browsers which are promoted to Master
Browsers in the event of a Master Browser disappearing from the
network.
Alternative terms include confusing variations such as "Browse
Master", and "Master Browser" which we are trying to eliminate
from the Samba documentation.
DDoommaaiinn CCoonnttrroolllleerr
is a term which comes from the Microsoft and IBM etc
implementation of the LAN Manager protocols. It is tied to
authentication. There are other ways of doing domain
authentication, but the Windows NT method has a large market
share. The general issues are discussed in <../DOMAIN.txt> and
a Windows NT-specific discussion is in <../DOMAIN_CONTROL.txt>.
44..11..22.. SShhaarreelleevveell ((WWoorrkkggrroouupp)) SSeeccuurriittyy SSeerrvviicceess
With the Samba setting "security = SHARE", all shared resources
information about what password is associated with them but only hints
as to what usernames might be valid (the hint can be 'all users', in
which case any username will work. This is usually a bad idea, but
reflects both the initial implementations of SMB in the mid-80s and
its reincarnation with Windows for Workgroups in 1992. The idea behind
workgroup security was that small independant groups of people could
share information on an ad-hoc basis without there being an
authentication infrastructure present or requiring them to do more
than fill in a dialogue box.
44..11..33.. AAuutthheennttiiccaattiioonn DDoommaaiinn MMooddee SSeerrvviicceess
With the Samba settings "security = USER" or "security = SERVER"
accesses to all resources are checked for username/password pair
matches in a more rigorous manner. To the client, this has the effect
of emulating a Microsoft Domain. The client is not concerned whether
or not Samba looks up a Windows NT SAM or does it in some other way.
44..22.. AAuutthheennttiiccaattiioonn SScchheemmeess
In the simple case authentication information is stored on a single
server and the user types a password on connecting for the first time.
However client operating systems often require a password before they
can be used at all, and in addition users usually want access to more
than one server. Asking users to remember many different passwords in
different contexts just does not work. Some kind of distributed
authentication database is needed. It must cope with password changes
and provide for assigning groups of users the same level of access
permissions. This is why Samba installations often choose to implement
a Domain model straight away.
Authentication decisions are some of the biggest in designing a
network. Are you going to use a scheme native to the client operating
system, native to the server operating system, or newly installed on
both? A list of options relevant to Samba (ie that make sense in the
context of the SMB protocol) follows. Any experiences with other
setups would be appreciated. refer to server FAQ for "passwd chat"
passwd program password server etc etc...
44..22..11.. NNIISS
For Windows 95, Windows for Workgroups and most other clients Samba
can be a domain controller and share the password database via NIS
transparently. Windows NT is different. Free NIS NT client
<http://www.dcs.qmw.ac.uk/~williams>
44..22..22.. KKeerrbbeerrooss
Kerberos for US users only: Kerberos overview
<http://www.cygnus.com/product/unifying-security.html> Download
Kerberos <http://www.cygnus.com/product/kerbnet-download.html>
44..22..33.. FFTTPP
Other NT w/s logon hack via NT
44..22..44.. DDeeffaauulltt SSeerrvveerr MMeetthhoodd
44..22..55.. CClliieenntt--ssiiddee DDaattaabbaassee OOnnllyy
44..33.. PPoosstt--AAuutthheennttiiccaattiioonn:: NNeettllooggoonn,, LLooggoonn SSccrriippttss,, PPrrooffiilleess
See <../DOMAIN.txt>
55.. CCrroossss--PPrroottooccooll FFiillee SShhaarriinngg
Samba is an important tool for...
It is possible to...
File protocol gateways...
"Setting up a Linux File Server"
http://vetrec.mit.edu/people/narf/linux.html
Two free implementations of Appletalk for Unix are Netatalk,
<http://www.umich.edu/~rsug/netatalk/>, and CAP,
<http://www.cs.mu.oz.au/appletalk/atalk.html>. What Samba offers MS
Windows users, these packages offer to Macs. For more info on these
packages, Samba, and Linux (and other UNIX-based systems) see
<http://www.eats.com/linux_mac_win.html> 3.5) Sniffing your nework
66.. MMiisscceellllaanneeoouuss
66..11.. IIss SSaammbbaa YYeeaarr 22000000 ccoommpplliiaanntt??
The CIFS protocol that Samba implements negotiates times in various
formats, all of which are able to cope with dates beyond 2000.

392
docs/faq/sambafaq-1.html
View File

@ -1,392 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba FAQ: General Information</TITLE>
</HEAD>
<BODY>
Previous
<A HREF="sambafaq-2.html">Next</A>
<A HREF="sambafaq.html#toc1">Table of Contents</A>
<HR>
<H2><A NAME="s1">1. General Information</A></H2>
<P>
<A NAME="general_info"></A>
</P>
<P>All about Samba - what it is, how to get it, related sources of
information, how to understand the version numbering scheme, pizza
details</P>
<H2><A NAME="ss1.1">1.1 What is Samba? </A></H2>
<P>
<A NAME="introduction"></A>
Samba is a suite of programs which work together to allow clients to
access to a server's filespace and printers via the SMB (Server
Message Block) protocol. Initially written for Unix, Samba now also
runs on Netware, OS/2 and VMS.</P>
<P>In practice, this means that you can redirect disks and printers to
Unix disks and printers from Lan Manager clients, Windows for
Workgroups 3.11 clients, Windows NT clients, Linux clients and OS/2
clients. There is also a generic Unix client program supplied as part
of the suite which allows Unix users to use an ftp-like interface to
access filespace and printers on any other SMB servers. This gives the
capability for these operating systems to behave much like a LAN
Server or Windows NT Server machine, only with added functionality and
flexibility designed to make life easier for administrators.</P>
<P>The components of the suite are (in summary):</P>
<P>
<UL>
<LI><B>smbd</B>, the SMB server. This handles actual connections from clients, doing all the file, permission and username work</LI>
<LI><B>nmbd</B>, the Netbios name server, which helps clients locate servers, doing the browsing work and managing domains as this capability is being built into Samba</LI>
<LI><B>smbclient</B>, the Unix-hosted client program</LI>
<LI><B>smbrun</B>, a little 'glue' program to help the server run external programs</LI>
<LI><B>testprns</B>, a program to test server access to printers</LI>
<LI><B>testparms</B>, a program to test the Samba configuration file for correctness</LI>
<LI><B>smb.conf</B>, the Samba configuration file</LI>
<LI><B>smbprint</B>, a sample script to allow a Unix host to use smbclient to print to an SMB server</LI>
<LI><B>Documentation!</B> DON'T neglect to read it - you will save a great deal of time!</LI>
</UL>
</P>
<P>The suite is supplied with full source (of course!) and is GPLed.</P>
<P>The primary creator of the Samba suite is Andrew Tridgell. Later
versions incorporate much effort by many net.helpers. The man pages
and this FAQ were originally written by Karl Auer.</P>
<H2><A NAME="ss1.2">1.2 What is the current version of Samba? </A></H2>
<P>
<A NAME="current_version"></A>
At time of writing, the current version was 1.9.17. If you want to be
sure check the bottom of the change-log file.
<A HREF="ftp://samba.org/pub/samba/alpha/change-log">ftp://samba.org/pub/samba/alpha/change-log</A></P>
<P>For more information see
<A HREF="#version_nums">What do the version numbers mean?</A></P>
<H2><A NAME="ss1.3">1.3 Where can I get it? </A></H2>
<P>
<A NAME="where"></A>
The Samba suite is available via anonymous ftp from
samba.org. The latest and greatest versions of the suite are in
the directory:</P>
<P>/pub/samba/</P>
<P>Development (read "alpha") versions, which are NOT necessarily stable
and which do NOT necessarily have accurate documentation, are
available in the directory:</P>
<P>/pub/samba/alpha</P>
<P>Note that binaries are NOT included in any of the above. Samba is
distributed ONLY in source form, though binaries may be available from
other sites. Recent versions of some Linux distributions, for example,
do contain Samba binaries for that platform.</P>
<H2><A NAME="ss1.4">1.4 What do the version numbers mean? </A></H2>
<P>
<A NAME="version_nums"></A>
It is not recommended that you run a version of Samba with the word
"alpha" in its name unless you know what you are doing and are willing
to do some debugging. Many, many people just get the latest
recommended stable release version and are happy. If you are brave, by
all means take the plunge and help with the testing and development -
but don't install it on your departmental server. Samba is typically
very stable and safe, and this is mostly due to the policy of many
public releases.</P>
<P>How the scheme works:
<OL>
<LI>When major changes are made the version number is increased. For
example, the transition from 1.9.15 to 1.9.16. However, this version
number will not appear immediately and people should continue to use
1.9.15 for production systems (see next point.)
</LI>
<LI>Just after major changes are made the software is considered
unstable, and a series of alpha releases are distributed, for example
1.9.16alpha1. These are for testing by those who know what they are
doing. The "alpha" in the filename will hopefully scare off those who
are just looking for the latest version to install.
</LI>
<LI>When Andrew thinks that the alphas have stabilised to the point
where he would recommend new users install it, he renames it to the
same version number without the alpha, for example 1.9.16.
</LI>
<LI>Inevitably bugs are found in the "stable" releases and minor patch
levels are released which give us the pXX series, for example 1.9.16p2.</LI>
</OL>
So the progression goes:
<PRE>
1.9.15p7 (production)
1.9.15p8 (production)
1.9.16alpha1 (test sites only)
:
1.9.16alpha20 (test sites only)
1.9.16 (production)
1.9.16p1 (production)
</PRE>
The above system means that whenever someone looks at the samba ftp
site they will be able to grab the highest numbered release without an
alpha in the name and be sure of getting the current recommended
version.</P>
<H2><A NAME="ss1.5">1.5 What platforms are supported? </A></H2>
<P>
<A NAME="platforms"></A>
Many different platforms have run Samba successfully. The platforms
most widely used and thus best tested are Linux and SunOS.</P>
<P>At time of writing, the Makefile claimed support for:
<UL>
<LI> A/UX 3.0</LI>
<LI> AIX</LI>
<LI> Altos Series 386/1000</LI>
<LI> Amiga</LI>
<LI> Apollo Domain/OS sr10.3</LI>
<LI> BSDI </LI>
<LI> B.O.S. (Bull Operating System)</LI>
<LI> Cray, Unicos 8.0</LI>
<LI> Convex</LI>
<LI> DGUX. </LI>
<LI> DNIX.</LI>
<LI> FreeBSD</LI>
<LI> HP-UX</LI>
<LI> Intergraph. </LI>
<LI> Linux with/without shadow passwords and quota</LI>
<LI> LYNX 2.3.0</LI>
<LI> MachTen (a unix like system for Macintoshes)</LI>
<LI> Motorola 88xxx/9xx range of machines</LI>
<LI> NetBSD</LI>
<LI> NEXTSTEP Release 2.X, 3.0 and greater (including OPENSTEP for Mach).</LI>
<LI> OS/2 using EMX 0.9b</LI>
<LI> OSF1</LI>
<LI> QNX 4.22</LI>
<LI> RiscIX. </LI>
<LI> RISCOs 5.0B</LI>
<LI> SEQUENT. </LI>
<LI> SCO (including: 3.2v2, European dist., OpenServer 5)</LI>
<LI> SGI.</LI>
<LI> SMP_DC.OSx v1.1-94c079 on Pyramid S series</LI>
<LI> SONY NEWS, NEWS-OS (4.2.x and 6.1.x)</LI>
<LI> SUNOS 4</LI>
<LI> SUNOS 5.2, 5.3, and 5.4 (Solaris 2.2, 2.3, and '2.4 and later')</LI>
<LI> Sunsoft ISC SVR3V4</LI>
<LI> SVR4</LI>
<LI> System V with some berkely extensions (Motorola 88k R32V3.2).</LI>
<LI> ULTRIX.</LI>
<LI> UNIXWARE</LI>
<LI> UXP/DS</LI>
</UL>
</P>
<H2><A NAME="ss1.6">1.6 How can I find out more about Samba? </A></H2>
<P>
<A NAME="more"></A>
There are a number of places to look for more information on Samba, including:
<UL>
<LI>Two mailing lists devoted to discussion of Samba-related matters. </LI>
<LI>The newsgroup, comp.protocols.smb, which has a great deal of discussion on Samba. </LI>
<LI>The WWW site 'SAMBA Web Pages' at
<A HREF="http://samba.edu.au/samba/">http://samba.edu.au/samba/</A> includes:
<UL>
<LI>Links to man pages and documentation, including this FAQ</LI>
<LI>A comprehensive survey of Samba users.</LI>
<LI>A searchable hypertext archive of the Samba mailing list.</LI>
<LI>Links to Samba source code, binaries, and mirrors of both.</LI>
</UL>
</LI>
<LI>The long list of topic documentation. These files can be found in the 'docs' directory of the Samba source, or at
<A HREF="ftp://samba.org/pub/samba/docs/">ftp://samba.org/pub/samba/docs/</A>
<UL>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/Application_Serving.txt">Application_Serving.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/BROWSING.txt">BROWSING.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/BUGS.txt">BUGS.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/DIAGNOSIS.txt">DIAGNOSIS.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/DNIX.txt">DNIX.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/DOMAIN.txt">DOMAIN.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/DOMAIN_CONTROL.txt">CONTROL.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/ENCRYPTION.txt">ENCRYPTION.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/Faxing.txt">Faxing.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/GOTCHAS.txt">GOTCHAS.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/HINTS.txt">HINTS.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/INSTALL.sambatar">INSTALL.sambatar</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/INSTALL.txt">INSTALL.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/MIRRORS">MIRRORS</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/NetBIOS.txt">NetBIOS.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/OS2.txt">OS2.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/PROJECTS">PROJECTS</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/Passwords.txt">Passwords.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/Printing.txt">Printing.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/README.DCEDFS">README.DCEDFS</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/README.OS2">README.OS2</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/README.jis">README.jis</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/README.sambatar">README.sambatar</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/SCO.txt">SCO.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/SMBTAR.notes">SMBTAR.notes</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/Speed.txt">Speed.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/Support.txt">Support.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/THANKS">THANKS</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/Tracing.txt">Tracing.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/UNIX-SMB.txt">SMB.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/Warp.txt">Warp.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/WinNT.txt">WinNT.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/history">history</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/security_level.txt">level.txt</A></LI>
<LI>
<A HREF="ftp://samba.org/pub/samba/docs/wfw_slip.htm">slip.htm</A></LI>
</UL>
</LI>
</UL>
</P>
<H2><A NAME="ss1.7">1.7 How do I subscribe to the Samba Mailing Lists?</A></H2>
<P>
<A NAME="mailinglist"></A>
Send email to
<A HREF="mailto:listproc@samba.org">listproc@samba.org</A>. Make sure the subject line is
blank, and include the following two lines in the body of the message:
<BLOCKQUOTE><CODE>
<PRE>
subscribe samba Firstname Lastname
subscribe samba-announce Firstname Lastname
</PRE>
</CODE></BLOCKQUOTE>
Obviously you should substitute YOUR first name for "Firstname" and
YOUR last name for "Lastname"! Try not to send any signature stuff, it
sometimes confuses the list processor.</P>
<P>The samba list is a digest list - every eight hours or so it
regurgitates a single message containing all the messages that have
been received by the list since the last time and sends a copy of this
message to all subscribers.</P>
<P>If you stop being interested in Samba, please send another email to
<A HREF="mailto:listproc@samba.org">listproc@samba.org</A>. Make sure the subject line is blank, and
include the following two lines in the body of the message:
<BLOCKQUOTE><CODE>
<PRE>
unsubscribe samba
unsubscribe samba-announce
</PRE>
</CODE></BLOCKQUOTE>
The <B>From:</B> line in your message <EM>MUST</EM> be the same address you used when
you subscribed.</P>
<H2><A NAME="ss1.8">1.8 Something's gone wrong - what should I do? </A></H2>
<P>
<A NAME="wrong"></A>
<B><F>#</F> *** IMPORTANT! *** <F>#</F></B></P>
<P>DO NOT post messages on mailing lists or in newsgroups until you have
carried out the first three steps given here!</P>
<P>Firstly, see if there are any likely looking entries in this FAQ! If
you have just installed Samba, have you run through the checklist in
<A HREF="ftp://samba.org/pub/samba/DIAGNOSIS.txt">DIAGNOSIS.txt</A>? It can save you a lot of time and effort.
DIAGNOSIS.txt can also be found in the docs directory of the Samba distribution.</P>
<P>Secondly, read the man pages for smbd, nmbd and smb.conf, looking for
topics that relate to what you are trying to do.</P>
<P>Thirdly, if there is no obvious solution to hand, try to get a look at
the log files for smbd and/or nmbd for the period during which you
were having problems. You may need to reconfigure the servers to
provide more extensive debugging information - usually level 2 or
level 3 provide ample debugging info. Inspect these logs closely,
looking particularly for the string "Error:".</P>
<P>Fourthly, if you still haven't got anywhere, ask the mailing list or
newsgroup. In general nobody minds answering questions provided you
have followed the preceding steps. It might be a good idea to scan the
archives of the mailing list, which are available through the Samba
web site described in the previous
section.</P>
<P>If you successfully solve a problem, please mail the FAQ maintainer a
succinct description of the symptom, the problem and the solution, so
I can incorporate it in the next version.</P>
<P>If you make changes to the source code, _please_ submit these patches
so that everyone else gets the benefit of your work. This is one of
the most important aspects to the maintainence of Samba. Send all
patches to
<A HREF="mailto:samba@samba.org">samba@samba.org</A>. Do not send patches to Andrew Tridgell or any
other individual, they may be lost if you do.</P>
<H2><A NAME="ss1.9">1.9 Pizza supply details </A></H2>
<P>
<A NAME="pizza"></A>
Those who have registered in the Samba survey as "Pizza Factory" will
already know this, but the rest may need some help. Andrew doesn't ask
for payment, but he does appreciate it when people give him
pizza. This calls for a little organisation when the pizza donor is
twenty thousand kilometres away, but it has been done.</P>
<P>Method 1: Ring up your local branch of an international pizza chain
and see if they honour their vouchers internationally. Pizza Hut do,
which is how the entire Canberra Linux Users Group got to eat pizza
one night, courtesy of someone in the US</P>
<P>Method 2: Ring up a local pizza shop in Canberra and quote a credit
card number for a certain amount, and tell them that Andrew will be
collecting it (don't forget to tell him.) One kind soul from Germany
did this.</P>
<P>Method 3: Purchase a pizza voucher from your local pizza shop that has
no international affiliations and send it to Andrew. It is completely
useless but he can hang it on the wall next to the one he already has
from Germany :-)</P>
<P>Method 4: Air freight him a pizza with your favourite regional
flavours. It will probably get stuck in customs or torn apart by
hungry sniffer dogs but it will have been a noble gesture.</P>
<HR>
Previous
<A HREF="sambafaq-2.html">Next</A>
<A HREF="sambafaq.html#toc1">Table of Contents</A>
</BODY>
</HTML>

236
docs/faq/sambafaq-2.html
View File

@ -1,236 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba FAQ: Compiling and installing Samba on a Unix host</TITLE>
</HEAD>
<BODY>
<A HREF="sambafaq-1.html">Previous</A>
<A HREF="sambafaq-3.html">Next</A>
<A HREF="sambafaq.html#toc2">Table of Contents</A>
<HR>
<H2><A NAME="s2">2. Compiling and installing Samba on a Unix host</A></H2>
<P>
<A NAME="unix_install"></A>
</P>
<H2><A NAME="ss2.1">2.1 I can't see the Samba server in any browse lists!</A></H2>
<P>
<A NAME="no_browse"></A>
See BROWSING.txt for more information on browsing. BROWSING.txt can
be found in the docs directory of the Samba source.</P> <P>If your GUI
client does not permit you to select non-browsable servers, you may
need to do so on the command line. For example, under Lan Manager you
might connect to the above service as disk drive M: thusly:
<BLOCKQUOTE><CODE>
<PRE>
net use M: \\mary\fred
</PRE>
</CODE></BLOCKQUOTE>
The details of how to do this and the specific syntax varies from
client to client - check your client's documentation.</P>
<H2><A NAME="ss2.2">2.2 Some files that I KNOW are on the server doesn't show up when I view the files from my client! </A></H2>
<P>
<A NAME="missing_files"></A>
See the next question.</P>
<H2><A NAME="ss2.3">2.3 Some files on the server show up with really wierd filenames when I view the files from my client! </A></H2>
<P>
<A NAME="strange_filenames"></A>
If you check what files are not showing up, you will note that they
are files which contain upper case letters or which are otherwise not
DOS-compatible (ie, they are not legal DOS filenames for some reason).</P>
<P>The Samba server can be configured either to ignore such files
completely, or to present them to the client in "mangled" form. If you
are not seeing the files at all, the Samba server has most likely been
configured to ignore them. Consult the man page smb.conf(5) for
details of how to change this - the parameter you need to set is
"mangled names = yes".</P>
<H2><A NAME="ss2.4">2.4 My client reports "cannot locate specified computer" or similar</A></H2>
<P>
<A NAME="cant_see_server"></A>
This indicates one of three things: You supplied an incorrect server
name, the underlying TCP/IP layer is not working correctly, or the
name you specified cannot be resolved.</P>
<P>After carefully checking that the name you typed is the name you
should have typed, try doing things like pinging a host or telnetting
to somewhere on your network to see if TCP/IP is functioning OK. If it
is, the problem is most likely name resolution.</P>
<P>If your client has a facility to do so, hardcode a mapping between the
hosts IP and the name you want to use. For example, with Man Manager
or Windows for Workgroups you would put a suitable entry in the file
LMHOSTS. If this works, the problem is in the communication between
your client and the netbios name server. If it does not work, then
there is something fundamental wrong with your naming and the solution
is beyond the scope of this document.</P>
<P>If you do not have any server on your subnet supplying netbios name
resolution, hardcoded mappings are your only option. If you DO have a
netbios name server running (such as the Samba suite's nmbd program),
the problem probably lies in the way it is set up. Refer to Section
Two of this FAQ for more ideas.</P>
<P>By the way, remember to REMOVE the hardcoded mapping before further
tests :-) </P>
<H2><A NAME="ss2.5">2.5 My client reports "cannot locate specified share name" or similar</A></H2>
<P>
<A NAME="cant_see_share"></A>
This message indicates that your client CAN locate the specified
server, which is a good start, but that it cannot find a service of
the name you gave.</P>
<P>The first step is to check the exact name of the service you are
trying to connect to (consult your system administrator). Assuming it
exists and you specified it correctly (read your client's doco on how
to specify a service name correctly), read on:</P>
<P>
<UL>
<LI> Many clients cannot accept or use service names longer than eight characters.</LI>
<LI> Many clients cannot accept or use service names containing spaces.</LI>
<LI> Some servers (not Samba though) are case sensitive with service names.</LI>
<LI> Some clients force service names into upper case.</LI>
</UL>
</P>
<H2><A NAME="ss2.6">2.6 My client reports "cannot find domain controller", "cannot log on to the network" or similar </A></H2>
<P>
<A NAME="cant_see_net"></A>
Nothing is wrong - Samba does not implement the primary domain name
controller stuff for several reasons, including the fact that the
whole concept of a primary domain controller and "logging in to a
network" doesn't fit well with clients possibly running on multiuser
machines (such as users of smbclient under Unix). Having said that,
several developers are working hard on building it in to the next
major version of Samba. If you can contribute, send a message to
<A HREF="mailto:samba@samba.org">samba@samba.org</A> !</P>
<P>Seeing this message should not affect your ability to mount redirected
disks and printers, which is really what all this is about.</P>
<P>For many clients (including Windows for Workgroups and Lan Manager),
setting the domain to STANDALONE at least gets rid of the message.</P>
<H2><A NAME="ss2.7">2.7 Printing doesn't work :-(</A></H2>
<P>
<A NAME="no_printing"></A>
Make sure that the specified print command for the service you are
connecting to is correct and that it has a fully-qualified path (eg.,
use "/usr/bin/lpr" rather than just "lpr").</P>
<P>Make sure that the spool directory specified for the service is
writable by the user connected to the service. In particular the user
"nobody" often has problems with printing, even if it worked with an
earlier version of Samba. Try creating another guest user other than
"nobody".</P>
<P>Make sure that the user specified in the service is permitted to use
the printer.</P>
<P>Check the debug log produced by smbd. Search for the printer name and
see if the log turns up any clues. Note that error messages to do with
a service ipc$ are meaningless - they relate to the way the client
attempts to retrieve status information when using the LANMAN1
protocol.</P>
<P>If using WfWg then you need to set the default protocol to TCP/IP, not
Netbeui. This is a WfWg bug.</P>
<P>If using the Lanman1 protocol (the default) then try switching to
coreplus. Also not that print status error messages don't mean
printing won't work. The print status is received by a different
mechanism.</P>
<H2><A NAME="ss2.8">2.8 My programs install on the server OK, but refuse to work properly</A></H2>
<P>
<A NAME="programs_wont_run"></A>
There are numerous possible reasons for this, but one MAJOR
possibility is that your software uses locking. Make sure you are
using Samba 1.6.11 or later. It may also be possible to work around
the problem by setting "locking=no" in the Samba configuration file
for the service the software is installed on. This should be regarded
as a strictly temporary solution.</P>
<P>In earlier Samba versions there were some difficulties with the very
latest Microsoft products, particularly Excel 5 and Word for Windows
6. These should have all been solved. If not then please let Andrew
Tridgell know via email at
<A HREF="mailto:samba@samba.org">samba@samba.org</A>.</P>
<H2><A NAME="ss2.9">2.9 My "server string" doesn't seem to be recognised</A></H2>
<P>
<A NAME="bad_server_string"></A>
OR My client reports the default setting, eg. "Samba 1.9.15p4", instead
of what I have changed it to in the smb.conf file.</P>
<P>You need to use the -C option in nmbd. The "server string" affects
what smbd puts out and -C affects what nmbd puts out.</P>
<P>Current versions of Samba (1.9.16 +) have combined these options into
the "server string" field of smb.conf, -C for nmbd is now obsolete.</P>
<H2><A NAME="ss2.10">2.10 My client reports "This server is not configured to list shared resources" </A></H2>
<P>
<A NAME="cant_list_shares"></A>
Your guest account is probably invalid for some reason. Samba uses the
guest account for browsing in smbd. Check that your guest account is
valid.</P>
<P>See also 'guest account' in smb.conf man page.</P>
<H2><A NAME="ss2.11">2.11 Log message "you appear to have a trapdoor uid system" </A></H2>
<P>
<A NAME="trapdoor_uid"></A>
This can have several causes. It might be because you are using a uid
or gid of 65535 or -1. This is a VERY bad idea, and is a big security
hole. Check carefully in your /etc/passwd file and make sure that no
user has uid 65535 or -1. Especially check the "nobody" user, as many
broken systems are shipped with nobody setup with a uid of 65535.</P>
<P>It might also mean that your OS has a trapdoor uid/gid system :-)</P>
<P>This means that once a process changes effective uid from root to
another user it can't go back to root. Unfortunately Samba relies on
being able to change effective uid from root to non-root and back
again to implement its security policy. If your OS has a trapdoor uid
system this won't work, and several things in Samba may break. Less
things will break if you use user or server level security instead of
the default share level security, but you may still strike
problems.</P>
<P>The problems don't give rise to any security holes, so don't panic,
but it does mean some of Samba's capabilities will be unavailable.
In particular you will not be able to connect to the Samba server as
two different uids at once. This may happen if you try to print as a
"guest" while accessing a share as a normal user. It may also affect
your ability to list the available shares as this is normally done as
the guest user.</P>
<P>Complain to your OS vendor and ask them to fix their system.</P>
<P>Note: the reason why 65535 is a VERY bad choice of uid and gid is that
it casts to -1 as a uid, and the setreuid() system call ignores (with
no error) uid changes to -1. This means any daemon attempting to run
as uid 65535 will actually run as root. This is not good!</P>
<HR>
<A HREF="sambafaq-1.html">Previous</A>
<A HREF="sambafaq-3.html">Next</A>
<A HREF="sambafaq.html#toc2">Table of Contents</A>
</BODY>
</HTML>

322
docs/faq/sambafaq-3.html
View File

@ -1,322 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba FAQ: Common client questions</TITLE>
</HEAD>
<BODY>
<A HREF="sambafaq-2.html">Previous</A>
<A HREF="sambafaq-4.html">Next</A>
<A HREF="sambafaq.html#toc3">Table of Contents</A>
<HR>
<H2><A NAME="s3">3. Common client questions</A></H2>
<P>
<A NAME="client_questions"></A>
</P>
<H2><A NAME="ss3.1">3.1 Are there any Macintosh clients for Samba?</A></H2>
<P>
<A NAME="mac_clients"></A>
Yes! Thursby now have a CIFS Client / Server called DAVE - see
<A HREF="http://www.thursby.com/">http://www.thursby.com/</A>.
They test it against Windows 95, Windows NT and samba for compatibility issues.
At the time of writing, DAVE was at version 1.0.1. The 1.0.0 to 1.0.1 update is available
as a free download from the Thursby web site (the speed of finder copies has
been greatly enhanced, and there are bug-fixes included).</P>
<P>Alternatives - There are two free implementations of AppleTalk for
several kinds of UNIX machnes, and several more commercial ones.
These products allow you to run file services and print services
natively to Macintosh users, with no additional support required on
the Macintosh. The two free omplementations are Netatalk,
<A HREF="http://www.umich.edu/~rsug/netatalk/">http://www.umich.edu/~rsug/netatalk/</A>, and CAP,
<A HREF="http://www.cs.mu.oz.au/appletalk/atalk.html">http://www.cs.mu.oz.au/appletalk/atalk.html</A>. What Samba offers
MS Windows users, these packages offer to Macs. For more info on
these packages, Samba, and Linux (and other UNIX-based systems)
see
<A HREF="http://www.eats.com/linux_mac_win.html">http://www.eats.com/linux_mac_win.html</A></P>
<H2><A NAME="ss3.2">3.2 "Session request failed (131,130)" error</A></H2>
<P>
<A NAME="sess_req_fail"></A>
The following answer is provided by John E. Miller:</P>
<P>I'll assume that you're able to ping back and forth between the
machines by IP address and name, and that you're using some security
model where you're confident that you've got user IDs and passwords
right. The logging options (-d3 or greater) can help a lot with that.
DNS and WINS configuration can also impact connectivity as well.</P>
<P>Now, on to 'scope id's. Somewhere in your Win95 TCP/IP network
configuration (I'm too much of an NT bigot to know where it's located
in the Win95 setup, but I'll have to learn someday since I teach for a
Microsoft Solution Provider Authorized Tech Education Center - what an
acronym...) <F>Note: It's under Control Panel | Network | TCP/IP | WINS
Configuration</F> there's a little text entry field called something like
'Scope ID'.</P>
<P>This field essentially creates 'invisible' sub-workgroups on the same
wire. Boxes can only see other boxes whose Scope IDs are set to the
exact same value - it's sometimes used by OEMs to configure their
boxes to browse only other boxes from the same vendor and, in most
environments, this field should be left blank. If you, in fact, have
something in this box that EXACT value (case-sensitive!) needs to be
provided to smbclient and nmbd as the -i (lowercase) parameter. So, if
your Scope ID is configured as the string 'SomeStr' in Win95 then
you'd have to use smbclient -iSomeStr <F>otherparms</F> in connecting to
it.</P>
<H2><A NAME="ss3.3">3.3 How do I synchronise my PC's clock with my Samba server? </A></H2>
<P>
<A NAME="synchronise_clock"></A>
To syncronize your PC's clock with your Samba server:
<UL>
<LI> Copy timesync.pif to your windows directory</LI>
<LI> timesync.pif can be found at:
<A HREF="http://samba.org/samba/binaries/miscellaneous/timesync.pif">http://samba.org/samba/binaries/miscellaneous/timesync.pif</A></LI>
<LI> Add timesync.pif to your 'Start Up' group/folder</LI>
<LI> Open the properties dialog box for the program/icon</LI>
<LI> Make sure the 'Run Minimized' option is set in program 'Properties'</LI>
<LI> Change the command line section that reads <F>\\sambahost</F> to reflect the name of your server.</LI>
<LI> Close the properties dialog box by choosing 'OK'</LI>
</UL>
Each time you start your computer (or login for Win95) your PC will
synchronize its clock with your Samba server.</P>
<P>Alternativley, if you clients support Domain Logons, you can setup Domain Logons with Samba
- see:
<A HREF="ftp://samba.org/pub/samba/docs/BROWSING.txt">BROWSING.txt</A> *** for more information.</P>
<P>Then add
<BLOCKQUOTE><CODE>
<PRE>
NET TIME \\%L /SET /YES
</PRE>
</CODE></BLOCKQUOTE>
as one of the lines in the logon script.</P>
<H2><A NAME="ss3.4">3.4 Problems with WinDD, NTrigue, WinCenterPro etc</A></H2>
<P>
<A NAME="multiple_session_clients"></A>
</P>
<P>All of the above programs are applications that sit on an NT box and
allow multiple users to access the NT GUI applications from remote
workstations (often over X).</P>
<P>What has this got to do with Samba? The problem comes when these users
use filemanager to mount shares from a Samba server. The most common
symptom is that the first user to connect get correct file permissions
and has a nice day, but subsequent connections get logged in as the
same user as the first person to login. They find that they cannot
access files in their own home directory, but that they can access
files in the first users home directory (maybe not such a nice day
after all?)</P>
<P>Why does this happen? The above products all share a common heritage
(and code base I believe). They all open just a single TCP based SMB
connection to the Samba server, and requests from all users are piped
over this connection. This is unfortunate, but not fatal.</P>
<P>It means that if you run your Samba server in share level security
(the default) then things will definately break as described
above. The share level SMB security model has no provision for
multiple user IDs on the one SMB connection. See
<A HREF="ftp://samba.org/pub/samba/docs/security_level.txt">security_level.txt</A> in
the docs for more info on share/user/server level security.</P>
<P>If you run in user or server level security then you have a chance,
but only if you have a recent version of Samba (at least 1.9.15p6). In
older versions bugs in Samba meant you still would have had problems.</P>
<P>If you have a trapdoor uid system in your OS then it will never work
properly. Samba needs to be able to switch uids on the connection and
it can't if your OS has a trapdoor uid system. You'll know this
because Samba will note it in your logs.</P>
<P>Also note that you should not use the magic "homes" share name with
products like these, as otherwise all users will end up with the same
home directory. Use <F>\\server\username</F> instead.</P>
<H2><A NAME="ss3.5">3.5 Problem with printers under NT</A></H2>
<P>
<A NAME="nt_printers"></A>
This info from Stefan Hergeth
hergeth@f7axp1.informatik.fh-muenchen.de may be useful:</P>
<P>A network-printer (with ethernetcard) is connected to the NT-Clients
via our UNIX-Fileserver (SAMBA-Server), like the configuration told by
Matthew Harrell harrell@leech.nrl.navy.mil (see WinNT.txt)
<OL>
<LI>If a user has choosen this printer as the default printer in his
NT-Session and this printer is not connected to the network
(e.g. switched off) than this user has a problem with the SAMBA-
connection of his filesystems. It's very slow.
</LI>
<LI>If the printer is connected to the network everything works fine.
</LI>
<LI>When the smbd ist started with debug level 3, you can see that the
NT spooling system try to connect to the printer many times. If the
printer ist not connected to the network this request fails and the
NT spooler is wasting a lot of time to connect to the printer service.
This seems to be the reason for the slow network connection.
</LI>
<LI>Maybe it's possible to change this behaviour by setting different
printer properties in the Print-Manager-Menu of NT, but i didn't try it yet.</LI>
</OL>
</P>
<H2><A NAME="ss3.6">3.6 Why are my file's timestamps off by an hour, or by a few hours?</A></H2>
<P>
<A NAME="dst_bugs"></A>
This is from Paul Eggert eggert@twinsun.com.</P>
<P>Most likely it's a problem with your time zone settings.</P>
<P>Internally, Samba maintains time in traditional Unix format,
namely, the number of seconds since 1970-01-01 00:00:00 Universal Time
(or ``GMT''), not counting leap seconds.</P>
<P>On the server side, Samba uses the Unix TZ variable to convert
internal timestamps to and from local time. So on the server side, there are
two things to get right.
<OL>
<LI>The Unix system clock must have the correct Universal time.
Use the shell command "sh -c 'TZ=UTC0 date'" to check this.
</LI>
<LI>The TZ environment variable must be set on the server
before Samba is invoked. The details of this depend on the
server OS, but typically you must edit a file whose name is
/etc/TIMEZONE or /etc/default/init, or run the command `zic -l'.
</LI>
<LI>TZ must have the correct value.
<OL>
<LI>If possible, use geographical time zone settings
(e.g. TZ='America/Los_Angeles' or perhaps
TZ=':US/Pacific'). These are supported by most
popular Unix OSes, are easier to get right, and are
more accurate for historical timestamps. If your
operating system has out-of-date tables, you should be
able to update them from the public domain time zone
tables at
<A HREF="ftp://elsie.nci.nih.gov/pub/">ftp://elsie.nci.nih.gov/pub/</A>.
</LI>
<LI>If your system does not support geographical timezone
settings, you must use a Posix-style TZ strings, e.g.
TZ='PST8PDT,M4.1.0/2,M10.5.0/2' for US Pacific time.
Posix TZ strings can take the following form (with optional
items in brackets):
<PRE>
StdOffset[Dst[Offset],Date/Time,Date/Time]
</PRE>
where:
<UL>
<LI> `Std' is the standard time designation (e.g. `PST').
</LI>
<LI> `Offset' is the number of hours behind UTC (e.g. `8').
Prepend a `-' if you are ahead of UTC, and
append `:30' if you are at a half-hour offset.
Omit all the remaining items if you do not use
daylight-saving time.
</LI>
<LI> `Dst' is the daylight-saving time designation
(e.g. `PDT').
The optional second `Offset' is the number of
hours that daylight-saving time is behind UTC.
The default is 1 hour ahead of standard time.
</LI>
<LI> `Date/Time,Date/Time' specify when daylight-saving
time starts and ends. The format for a date is
`Mm.n.d', which specifies the dth day (0 is Sunday)
of the nth week of the mth month, where week 5 means
the last such day in the month. The format for a
time is <F>h</F>h<F>:mm[:ss</F>], using a 24-hour clock.</LI>
</UL>
Other Posix string formats are allowed but you don't want
to know about them.</LI>
</OL>
</LI>
</OL>
On the client side, you must make sure that your client's clock and
time zone is also set appropriately. <F>[I don't know how to do this.</F>]
Samba traditionally has had many problems dealing with time zones, due
to the bizarre ways that Microsoft network protocols handle time
zones. A common symptom is for file timestamps to be off by an hour.
To work around the problem, try disconnecting from your Samba server
and then reconnecting to it; or upgrade your Samba server to
1.9.16alpha10 or later.</P>
<H2><A NAME="ss3.7">3.7 How do I set the printer driver name correctly? </A></H2>
<P>
<A NAME="printer_driver_name"></A>
Question:
On NT, I opened "Printer Manager" and "Connect to Printer".
Enter <F>"\\ptdi270\ps1"</F> in the box of printer. I got the
following error message:
<BLOCKQUOTE><CODE>
<PRE>
You do not have sufficient access to your machine
to connect to the selected printer, since a driver
needs to be installed locally.
</PRE>
</CODE></BLOCKQUOTE>
Answer:</P>
<P>In the more recent versions of Samba you can now set the "printer
driver" in smb.conf. This tells the client what driver to use. For
example:
<BLOCKQUOTE><CODE>
<PRE>
printer driver = HP LaserJet 4L
</PRE>
</CODE></BLOCKQUOTE>
with this, NT knows to use the right driver. You have to get this string
exactly right.</P>
<P>To find the exact string to use, you need to get to the dialog box in
your client where you select which printer driver to install. The
correct strings for all the different printers are shown in a listbox
in that dialog box.</P>
<P>You could also try setting the driver to NULL like this:
<BLOCKQUOTE><CODE>
<PRE>
printer driver = NULL
</PRE>
</CODE></BLOCKQUOTE>
this is effectively what older versions of Samba did, so if that
worked for you then give it a go. If this does work then let us know via
<A HREF="mailto:samba@samba.org">samba@samba.org</A>,
and we'll make it the default. Currently the default is a 0 length
string.</P>
<H2><A NAME="ss3.8">3.8 I've applied NT 4.0 SP3, and now I can't access Samba shares, Why?</A></H2>
<P>
<A NAME="NT_SP3_FIX"></A>
As of SP3, Microsoft has decided that they will no longer default to
passing clear text passwords over the network. To enable access to
Samba shares from NT 4.0 SP3, you must do <B>ONE</B> of two things:
<OL>
<LI> Set the Samba configuration option 'security = user' and implement all of the stuff detailed in
<A HREF="ftp://samba.org/pub/samba/docs/ENCRYPTION.txt">ENCRYPTION.txt</A>.</LI>
<LI> Follow Microsoft's directions for setting your NT box to allow plain text passwords. see
<A HREF="http://www.microsoft.com/kb/articles/q166/7/30.htm">Knowledge Base Article Q166730</A></LI>
</OL>
</P>
<HR>
<A HREF="sambafaq-2.html">Previous</A>
<A HREF="sambafaq-4.html">Next</A>
<A HREF="sambafaq.html#toc3">Table of Contents</A>
</BODY>
</HTML>

37
docs/faq/sambafaq-4.html
View File

@ -1,37 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba FAQ: Specific client application problems</TITLE>
</HEAD>
<BODY>
<A HREF="sambafaq-3.html">Previous</A>
<A HREF="sambafaq-5.html">Next</A>
<A HREF="sambafaq.html#toc4">Table of Contents</A>
<HR>
<H2><A NAME="s4">4. Specific client application problems</A></H2>
<P>
<A NAME="client_problems"></A>
</P>
<H2><A NAME="ss4.1">4.1 MS Office Setup reports "Cannot change properties of '\MSOFFICE\SETUP.INI'"</A></H2>
<P>
<A NAME="cant_change_properties"></A>
When installing MS Office on a Samba drive for which you have admin
user permissions, ie. admin users = username, you will find the
setup program unable to complete the installation.</P>
<P>To get around this problem, do the installation without admin user
permissions The problem is that MS Office Setup checks that a file is
rdonly by trying to open it for writing.</P>
<P>Admin users can always open a file for writing, as they run as root.
You just have to install as a non-admin user and then use "chown -R"
to fix the owner.</P>
<HR>
<A HREF="sambafaq-3.html">Previous</A>
<A HREF="sambafaq-5.html">Next</A>
<A HREF="sambafaq.html#toc4">Table of Contents</A>
</BODY>
</HTML>

30
docs/faq/sambafaq-5.html
View File

@ -1,30 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba FAQ: Miscellaneous</TITLE>
</HEAD>
<BODY>
<A HREF="sambafaq-4.html">Previous</A>
Next
<A HREF="sambafaq.html#toc5">Table of Contents</A>
<HR>
<H2><A NAME="s5">5. Miscellaneous</A></H2>
<P>
<A NAME="miscellaneous"></A>
</P>
<H2><A NAME="ss5.1">5.1 Is Samba Year 2000 compliant?</A></H2>
<P>
<A NAME="Year2000Compliant"></A>
The CIFS protocol that Samba implements
negotiates times in various formats, all of which
are able to cope with dates beyond 2000.</P>
<HR>
<A HREF="sambafaq-4.html">Previous</A>
Next
<A HREF="sambafaq.html#toc5">Table of Contents</A>
</BODY>
</HTML>

115
docs/faq/sambafaq.html
View File

@ -1,115 +0,0 @@
<HTML>
<HEAD>
<TITLE> Samba FAQ</TITLE>
</HEAD>
<BODY>
Previous
<A HREF="sambafaq-1.html">Next</A>
Table of Contents
<HR>
<H1> Samba FAQ</H1>
<H2>Paul Blackman, <CODE>ictinus@samba.org</CODE></H2>v 0.8, June '97
<P><HR><EM> This is the Frequently Asked Questions (FAQ) document for
Samba, the free and very popular SMB server product. An SMB server
allows file and printer connections from clients such as Windows,
OS/2, Linux and others. Current to version 1.9.17. Please send any
corrections to the author.</EM><HR></P>
<P>
<H2><A NAME="toc1">1.</A> <A HREF="sambafaq-1.html">General Information</A></H2>
<UL>
<LI><A HREF="sambafaq-1.html#ss1.1">1.1 What is Samba? </A>
<LI><A HREF="sambafaq-1.html#ss1.2">1.2 What is the current version of Samba? </A>
<LI><A HREF="sambafaq-1.html#ss1.3">1.3 Where can I get it? </A>
<LI><A HREF="sambafaq-1.html#ss1.4">1.4 What do the version numbers mean? </A>
<LI><A HREF="sambafaq-1.html#ss1.5">1.5 What platforms are supported? </A>
<LI><A HREF="sambafaq-1.html#ss1.6">1.6 How can I find out more about Samba? </A>
<LI><A HREF="sambafaq-1.html#ss1.7">1.7 How do I subscribe to the Samba Mailing Lists?</A>
<LI><A HREF="sambafaq-1.html#ss1.8">1.8 Something's gone wrong - what should I do? </A>
<LI><A HREF="sambafaq-1.html#ss1.9">1.9 Pizza supply details </A>
</UL>
<P>
<H2><A NAME="toc2">2.</A> <A HREF="sambafaq-2.html">Compiling and installing Samba on a Unix host</A></H2>
<UL>
<LI><A HREF="sambafaq-2.html#ss2.1">2.1 I can't see the Samba server in any browse lists!</A>
<LI><A HREF="sambafaq-2.html#ss2.2">2.2 Some files that I KNOW are on the server doesn't show up when I view the files from my client! </A>
<LI><A HREF="sambafaq-2.html#ss2.3">2.3 Some files on the server show up with really wierd filenames when I view the files from my client! </A>
<LI><A HREF="sambafaq-2.html#ss2.4">2.4 My client reports "cannot locate specified computer" or similar</A>
<LI><A HREF="sambafaq-2.html#ss2.5">2.5 My client reports "cannot locate specified share name" or similar</A>
<LI><A HREF="sambafaq-2.html#ss2.6">2.6 My client reports "cannot find domain controller", "cannot log on to the network" or similar </A>
<LI><A HREF="sambafaq-2.html#ss2.7">2.7 Printing doesn't work :-(</A>
<LI><A HREF="sambafaq-2.html#ss2.8">2.8 My programs install on the server OK, but refuse to work properly</A>
<LI><A HREF="sambafaq-2.html#ss2.9">2.9 My "server string" doesn't seem to be recognised</A>
<LI><A HREF="sambafaq-2.html#ss2.10">2.10 My client reports "This server is not configured to list shared resources" </A>
<LI><A HREF="sambafaq-2.html#ss2.11">2.11 Log message "you appear to have a trapdoor uid system" </A>
</UL>
<P>
<H2><A NAME="toc3">3.</A> <A HREF="sambafaq-3.html">Common client questions</A></H2>
<UL>
<LI><A HREF="sambafaq-3.html#ss3.1">3.1 Are there any Macintosh clients for Samba?</A>
<LI><A HREF="sambafaq-3.html#ss3.2">3.2 "Session request failed (131,130)" error</A>
<LI><A HREF="sambafaq-3.html#ss3.3">3.3 How do I synchronise my PC's clock with my Samba server? </A>
<LI><A HREF="sambafaq-3.html#ss3.4">3.4 Problems with WinDD, NTrigue, WinCenterPro etc</A>
<LI><A HREF="sambafaq-3.html#ss3.5">3.5 Problem with printers under NT</A>
<LI><A HREF="sambafaq-3.html#ss3.6">3.6 Why are my file's timestamps off by an hour, or by a few hours?</A>
<LI><A HREF="sambafaq-3.html#ss3.7">3.7 How do I set the printer driver name correctly? </A>
<LI><A HREF="sambafaq-3.html#ss3.8">3.8 I've applied NT 4.0 SP3, and now I can't access Samba shares, Why?</A>
</UL>
<P>
<H2><A NAME="toc4">4.</A> <A HREF="sambafaq-4.html">Specific client application problems</A></H2>
<UL>
<LI><A HREF="sambafaq-4.html#ss4.1">4.1 MS Office Setup reports "Cannot change properties of '\MSOFFICE\SETUP.INI'"</A>
</UL>
<P>
<H2><A NAME="toc5">5.</A> <A HREF="sambafaq-5.html">Miscellaneous</A></H2>
<UL>
<LI><A HREF="sambafaq-5.html#ss5.1">5.1 Is Samba Year 2000 compliant?</A>
</UL>
<HR>
Previous
<A HREF="sambafaq-1.html">Next</A>
Table of Contents
</BODY>
</HTML>

793
docs/faq/sambafaq.sgml
View File

@ -1,793 +0,0 @@
<!doctype linuxdoc system> <!-- -*- SGML -*- -->
<!--
v 0.5 18 Oct 1996 Dan Shearer Dan.Shearer@unisa.edu.au
First linuxdoc-sgml version, outline only
v 0.6 25 Oct 1996 Dan
Filled in from current text faq
v 0.7 1 June 1997 Paul
Replicated changes in txt faq to sgml faq
9 June 1997 Paul
Lots of changes, added doco list, updated compatible systems list
added NT SP3 entry, added Year 2000 entry, Getting ready for 1.9.17
v 0.8 7th Oct 97 Paul
changed samba.canberra entries to samba.anu.../samba/
-->
<article>
<title> Samba FAQ
<author>Paul Blackman, <tt>ictinus@samba.org</tt>
<author>Jelmer Vernooij, <tt>jelmer@samba.org</tt>
<date>v 1.0, August 2002
<abstract> This is the Frequently Asked Questions (FAQ) document for
Samba, the free and very popular SMB server product. An SMB server
allows file and printer connections from clients such as Windows,
OS/2, Linux and others. Current to version 3.0. Please send any
corrections to the author.
</abstract>
<toc>
<sect> General Information<p> <label id="general_info">
All about Samba - what it is, how to get it, related sources of
information, how to understand the version numbering scheme, pizza
details
<sect1> What is Samba? <p> <label id="introduction">
Samba is a suite of programs which work together to allow clients to
access to a server's filespace and printers via the SMB (Server
Message Block) protocol. Initially written for Unix, Samba now also
runs on Netware, OS/2 and VMS.
In practice, this means that you can redirect disks and printers to
Unix disks and printers from Lan Manager clients, Windows for
Workgroups 3.11 clients, Windows NT clients, Linux clients and OS/2
clients. There is also a generic Unix client program supplied as part
of the suite which allows Unix users to use an ftp-like interface to
access filespace and printers on any other SMB servers. This gives the
capability for these operating systems to behave much like a LAN
Server or Windows NT Server machine, only with added functionality and
flexibility designed to make life easier for administrators.
The components of the suite are (in summary):
<itemize>
<item><bf>smbd</bf>, the SMB server. This handles actual connections from clients, doing all the file, permission and username work
<item><bf>nmbd</bf>, the Netbios name server, which helps clients locate servers, doing the browsing work and managing domains as this capability is being built into Samba
<item><bf>smbclient</bf>, the Unix-hosted client program
<item><bf>smbrun</bf>, a little 'glue' program to help the server run external programs
<item><bf>testprns</bf>, a program to test server access to printers
<item><bf>testparms</bf>, a program to test the Samba configuration file for correctness
<item><bf>smb.conf</bf>, the Samba configuration file
<item><bf>smbprint</bf>, a sample script to allow a Unix host to use smbclient to print to an SMB server
<item><bf>Documentation!</bf> DON'T neglect to read it - you will save a great deal of time!
</itemize>
The suite is supplied with full source (of course!) and is GPLed.
The primary creator of the Samba suite is Andrew Tridgell. Later
versions incorporate much effort by many net.helpers. The man pages
and this FAQ were originally written by Karl Auer.
<sect1> What is the current version of Samba? <p><label id="current_version">
At time of writing, the current version was 1.9.17. If you want to be
sure check the bottom of the change-log file. <url url="ftp://samba.org/pub/samba/alpha/change-log">
For more information see <ref id="version_nums" name="What do the
version numbers mean?">
<sect1> Where can I get it? <p> <label id="where">
The Samba suite is available via anonymous ftp from
samba.org. The latest and greatest versions of the suite are in
the directory:
/pub/samba/
Development (read "alpha") versions, which are NOT necessarily stable
and which do NOT necessarily have accurate documentation, are
available in the directory:
/pub/samba/alpha
Note that binaries are NOT included in any of the above. Samba is
distributed ONLY in source form, though binaries may be available from
other sites. Recent versions of some Linux distributions, for example,
do contain Samba binaries for that platform.
<sect1> What do the version numbers mean? <p> <label id="version_nums">
It is not recommended that you run a version of Samba with the word
"alpha" in its name unless you know what you are doing and are willing
to do some debugging. Many, many people just get the latest
recommended stable release version and are happy. If you are brave, by
all means take the plunge and help with the testing and development -
but don't install it on your departmental server. Samba is typically
very stable and safe, and this is mostly due to the policy of many
public releases.
How the scheme works:
<enum>
<item>When major changes are made the version number is increased. For
example, the transition from 1.9.15 to 1.9.16. However, this version
number will not appear immediately and people should continue to use
1.9.15 for production systems (see next point.)
<item>Just after major changes are made the software is considered
unstable, and a series of alpha releases are distributed, for example
1.9.16alpha1. These are for testing by those who know what they are
doing. The "alpha" in the filename will hopefully scare off those who
are just looking for the latest version to install.
<item>When Andrew thinks that the alphas have stabilised to the point
where he would recommend new users install it, he renames it to the
same version number without the alpha, for example 1.9.16.
<item>Inevitably bugs are found in the "stable" releases and minor patch
levels are released which give us the pXX series, for example 1.9.16p2.
</enum>
So the progression goes:
<verb>
1.9.15p7 (production)
1.9.15p8 (production)
1.9.16alpha1 (test sites only)
:
1.9.16alpha20 (test sites only)
1.9.16 (production)
1.9.16p1 (production)
</verb>
The above system means that whenever someone looks at the samba ftp
site they will be able to grab the highest numbered release without an
alpha in the name and be sure of getting the current recommended
version.
<sect1> What platforms are supported? <p> <label id="platforms">
Many different platforms have run Samba successfully. The platforms
most widely used and thus best tested are Linux and SunOS.
At time of writing, the Makefile claimed support for:
<itemize>
<item> A/UX 3.0
<item> AIX
<item> Altos Series 386/1000
<item> Amiga
<item> Apollo Domain/OS sr10.3
<item> BSDI
<item> B.O.S. (Bull Operating System)
<item> Cray, Unicos 8.0
<item> Convex
<item> DGUX.
<item> DNIX.
<item> FreeBSD
<item> HP-UX
<item> Intergraph.
<item> Linux with/without shadow passwords and quota
<item> LYNX 2.3.0
<item> MachTen (a unix like system for Macintoshes)
<item> Motorola 88xxx/9xx range of machines
<item> NetBSD
<item> NEXTSTEP Release 2.X, 3.0 and greater (including OPENSTEP for Mach).
<item> OS/2 using EMX 0.9b
<item> OSF1
<item> QNX 4.22
<item> RiscIX.
<item> RISCOs 5.0B
<item> SEQUENT.
<item> SCO (including: 3.2v2, European dist., OpenServer 5)
<item> SGI.
<item> SMP_DC.OSx v1.1-94c079 on Pyramid S series
<item> SONY NEWS, NEWS-OS (4.2.x and 6.1.x)
<item> SUNOS 4
<item> SUNOS 5.2, 5.3, and 5.4 (Solaris 2.2, 2.3, and '2.4 and later')
<item> Sunsoft ISC SVR3V4
<item> SVR4
<item> System V with some berkely extensions (Motorola 88k R32V3.2).
<item> ULTRIX.
<item> UNIXWARE
<item> UXP/DS
</itemize>
<sect1> How can I find out more about Samba? <p> <label id="more">
There are a number of places to look for more information on Samba, including:
<itemize>
<item>Two mailing lists devoted to discussion of Samba-related matters.
<item>The newsgroup, comp.protocols.smb, which has a great deal of discussion on Samba.
<item>The WWW site 'SAMBA Web Pages' at <url url="http://samba.edu.au/samba/"> includes:
<itemize>
<item>Links to man pages and documentation, including this FAQ
<item>A comprehensive survey of Samba users.
<item>A searchable hypertext archive of the Samba mailing list.
<item>Links to Samba source code, binaries, and mirrors of both.
</itemize>
<item>The long list of topic documentation. These files can be found in the 'docs' directory of the Samba source, or at <url url="ftp://samba.org/pub/samba/docs/">
<itemize>
<item><url url="ftp://samba.org/pub/samba/docs/Application_Serving.txt" name="Application_Serving.txt">
<item><url url="ftp://samba.org/pub/samba/docs/BROWSING.txt" name="BROWSING.txt">
<item><url url="ftp://samba.org/pub/samba/docs/BUGS.txt" name="BUGS.txt">
<item><url url="ftp://samba.org/pub/samba/docs/DIAGNOSIS.txt" name="DIAGNOSIS.txt">
<item><url url="ftp://samba.org/pub/samba/docs/DNIX.txt" name="DNIX.txt">
<item><url url="ftp://samba.org/pub/samba/docs/DOMAIN.txt" name="DOMAIN.txt">
<item><url url="ftp://samba.org/pub/samba/docs/DOMAIN_CONTROL.txt" name="CONTROL.txt">
<item><url url="ftp://samba.org/pub/samba/docs/ENCRYPTION.txt" name="ENCRYPTION.txt">
<item><url url="ftp://samba.org/pub/samba/docs/Faxing.txt" name="Faxing.txt">
<item><url url="ftp://samba.org/pub/samba/docs/GOTCHAS.txt" name="GOTCHAS.txt">
<item><url url="ftp://samba.org/pub/samba/docs/HINTS.txt" name="HINTS.txt">
<item><url url="ftp://samba.org/pub/samba/docs/INSTALL.sambatar" name="INSTALL.sambatar">
<item><url url="ftp://samba.org/pub/samba/docs/INSTALL.txt" name="INSTALL.txt">
<item><url url="ftp://samba.org/pub/samba/docs/MIRRORS" name="MIRRORS">
<item><url url="ftp://samba.org/pub/samba/docs/NetBIOS.txt" name="NetBIOS.txt">
<item><url url="ftp://samba.org/pub/samba/docs/OS2.txt" name="OS2.txt">
<item><url url="ftp://samba.org/pub/samba/docs/PROJECTS" name="PROJECTS">
<item><url url="ftp://samba.org/pub/samba/docs/Passwords.txt" name="Passwords.txt">
<item><url url="ftp://samba.org/pub/samba/docs/Printing.txt" name="Printing.txt">
<item><url url="ftp://samba.org/pub/samba/docs/README.DCEDFS" name="README.DCEDFS">
<item><url url="ftp://samba.org/pub/samba/docs/README.OS2" name="README.OS2">
<item><url url="ftp://samba.org/pub/samba/docs/README.jis" name="README.jis">
<item><url url="ftp://samba.org/pub/samba/docs/README.sambatar" name="README.sambatar">
<item><url url="ftp://samba.org/pub/samba/docs/SCO.txt" name="SCO.txt">
<item><url url="ftp://samba.org/pub/samba/docs/SMBTAR.notes" name="SMBTAR.notes">
<item><url url="ftp://samba.org/pub/samba/docs/Speed.txt" name="Speed.txt">
<item><url url="ftp://samba.org/pub/samba/docs/Support.txt" name="Support.txt">
<item><url url="ftp://samba.org/pub/samba/docs/THANKS" name="THANKS">
<item><url url="ftp://samba.org/pub/samba/docs/Tracing.txt" name="Tracing.txt">
<item><url url="ftp://samba.org/pub/samba/docs/UNIX-SMB.txt" name="SMB.txt">
<item><url url="ftp://samba.org/pub/samba/docs/Warp.txt" name="Warp.txt">
<item><url url="ftp://samba.org/pub/samba/docs/WinNT.txt" name="WinNT.txt">
<item><url url="ftp://samba.org/pub/samba/docs/history" name="history">
<item><url url="ftp://samba.org/pub/samba/docs/security_level.txt" name="level.txt">
<item><url url="ftp://samba.org/pub/samba/docs/wfw_slip.htm" name="slip.htm">
</itemize>
</itemize>
<sect1>How do I subscribe to the Samba Mailing Lists?<p><label id="mailinglist">
Send email to <htmlurl url="mailto:listproc@samba.org" name="listproc@samba.org">. Make sure the subject line is
blank, and include the following two lines in the body of the message:
<tscreen><verb>
subscribe samba Firstname Lastname
subscribe samba-announce Firstname Lastname
</verb></tscreen>
Obviously you should substitute YOUR first name for "Firstname" and
YOUR last name for "Lastname"! Try not to send any signature stuff, it
sometimes confuses the list processor.
The samba list is a digest list - every eight hours or so it
regurgitates a single message containing all the messages that have
been received by the list since the last time and sends a copy of this
message to all subscribers.
If you stop being interested in Samba, please send another email to
<htmlurl url="mailto:listproc@samba.org" name="listproc@samba.org">. Make sure the subject line is blank, and
include the following two lines in the body of the message:
<tscreen><verb>
unsubscribe samba
unsubscribe samba-announce
</verb></tscreen>
The <bf>From:</bf> line in your message <em>MUST</em> be the same address you used when
you subscribed.
<sect1> Something's gone wrong - what should I do? <p> <label id="wrong">
<bf>[#] *** IMPORTANT! *** [#]</bf>
<p>DO NOT post messages on mailing lists or in newsgroups until you have
carried out the first three steps given here!
Firstly, see if there are any likely looking entries in this FAQ! If
you have just installed Samba, have you run through the checklist in
<url url="ftp://samba.org/pub/samba/DIAGNOSIS.txt" name="DIAGNOSIS.txt">? It can save you a lot of time and effort.
DIAGNOSIS.txt can also be found in the docs directory of the Samba distribution.
Secondly, read the man pages for smbd, nmbd and smb.conf, looking for
topics that relate to what you are trying to do.
Thirdly, if there is no obvious solution to hand, try to get a look at
the log files for smbd and/or nmbd for the period during which you
were having problems. You may need to reconfigure the servers to
provide more extensive debugging information - usually level 2 or
level 3 provide ample debugging info. Inspect these logs closely,
looking particularly for the string "Error:".
Fourthly, if you still haven't got anywhere, ask the mailing list or
newsgroup. In general nobody minds answering questions provided you
have followed the preceding steps. It might be a good idea to scan the
archives of the mailing list, which are available through the Samba
web site described in the previous
section.
If you successfully solve a problem, please mail the FAQ maintainer a
succinct description of the symptom, the problem and the solution, so
I can incorporate it in the next version.
If you make changes to the source code, _please_ submit these patches
so that everyone else gets the benefit of your work. This is one of
the most important aspects to the maintainence of Samba. Send all
patches to <htmlurl url="mailto:samba-patches@samba.org" name="samba-patches@samba.org">. Do not send patches to Andrew Tridgell or any
other individual, they may be lost if you do.
<sect1> Pizza supply details <p> <label id="pizza">
Those who have registered in the Samba survey as "Pizza Factory" will
already know this, but the rest may need some help. Andrew doesn't ask
for payment, but he does appreciate it when people give him
pizza. This calls for a little organisation when the pizza donor is
twenty thousand kilometres away, but it has been done.
Method 1: Ring up your local branch of an international pizza chain
and see if they honour their vouchers internationally. Pizza Hut do,
which is how the entire Canberra Linux Users Group got to eat pizza
one night, courtesy of someone in the US
Method 2: Ring up a local pizza shop in Canberra and quote a credit
card number for a certain amount, and tell them that Andrew will be
collecting it (don't forget to tell him.) One kind soul from Germany
did this.
Method 3: Purchase a pizza voucher from your local pizza shop that has
no international affiliations and send it to Andrew. It is completely
useless but he can hang it on the wall next to the one he already has
from Germany :-)
Method 4: Air freight him a pizza with your favourite regional
flavours. It will probably get stuck in customs or torn apart by
hungry sniffer dogs but it will have been a noble gesture.
<sect>Compiling and installing Samba on a Unix host<p><label id="unix_install">
<sect1>I can't see the Samba server in any browse lists!<p><label id="no_browse">
See <url url="ftp://samba.org/pub/samba/BROWSING.txt" name="BROWSING.txt">
for more information on browsing. Browsing.txt can also be found
in the docs directory of the Samba source.
If your GUI client does not permit you to select non-browsable
servers, you may need to do so on the command line. For example, under
Lan Manager you might connect to the above service as disk drive M:
thusly:
<tscreen><verb>
net use M: \\mary\fred
</verb></tscreen>
The details of how to do this and the specific syntax varies from
client to client - check your client's documentation.
<sect1>Some files that I KNOW are on the server doesn't show up when I view the files from my client! <p> <label id="missing_files">
See the next question.
<sect1>Some files on the server show up with really wierd filenames when I view the files from my client! <p> <label id="strange_filenames">
If you check what files are not showing up, you will note that they
are files which contain upper case letters or which are otherwise not
DOS-compatible (ie, they are not legal DOS filenames for some reason).
The Samba server can be configured either to ignore such files
completely, or to present them to the client in "mangled" form. If you
are not seeing the files at all, the Samba server has most likely been
configured to ignore them. Consult the man page smb.conf(5) for
details of how to change this - the parameter you need to set is
"mangled names = yes".
<sect1>My client reports "cannot locate specified computer" or similar<p><label id="cant_see_server">
This indicates one of three things: You supplied an incorrect server
name, the underlying TCP/IP layer is not working correctly, or the
name you specified cannot be resolved.
After carefully checking that the name you typed is the name you
should have typed, try doing things like pinging a host or telnetting
to somewhere on your network to see if TCP/IP is functioning OK. If it
is, the problem is most likely name resolution.
If your client has a facility to do so, hardcode a mapping between the
hosts IP and the name you want to use. For example, with Lan Manager
or Windows for Workgroups you would put a suitable entry in the file
LMHOSTS. If this works, the problem is in the communication between
your client and the netbios name server. If it does not work, then
there is something fundamental wrong with your naming and the solution
is beyond the scope of this document.
If you do not have any server on your subnet supplying netbios name
resolution, hardcoded mappings are your only option. If you DO have a
netbios name server running (such as the Samba suite's nmbd program),
the problem probably lies in the way it is set up. Refer to Section
Two of this FAQ for more ideas.
By the way, remember to REMOVE the hardcoded mapping before further
tests :-)
<sect1>My client reports "cannot locate specified share name" or similar<p> <label id="cant_see_share">
This message indicates that your client CAN locate the specified
server, which is a good start, but that it cannot find a service of
the name you gave.
The first step is to check the exact name of the service you are
trying to connect to (consult your system administrator). Assuming it
exists and you specified it correctly (read your client's docs on how
to specify a service name correctly), read on:
<itemize>
<item> Many clients cannot accept or use service names longer than eight characters.
<item> Many clients cannot accept or use service names containing spaces.
<item> Some servers (not Samba though) are case sensitive with service names.
<item> Some clients force service names into upper case.
</itemize>
<sect1>My client reports "cannot find domain controller", "cannot log on to the network" or similar <p> <label id="cant_see_net">
Nothing is wrong - Samba does not implement the primary domain name
controller stuff for several reasons, including the fact that the
whole concept of a primary domain controller and "logging in to a
network" doesn't fit well with clients possibly running on multiuser
machines (such as users of smbclient under Unix). Having said that,
several developers are working hard on building it in to the next
major version of Samba. If you can contribute, send a message to
<htmlurl url="mailto:samba@samba.org" name="samba@samba.org"> !
Seeing this message should not affect your ability to mount redirected
disks and printers, which is really what all this is about.
For many clients (including Windows for Workgroups and Lan Manager),
setting the domain to STANDALONE at least gets rid of the message.
<sect1>Printing doesn't work :-(<p> <label id="no_printing">
Make sure that the specified print command for the service you are
connecting to is correct and that it has a fully-qualified path (eg.,
use "/usr/bin/lpr" rather than just "lpr").
Make sure that the spool directory specified for the service is
writable by the user connected to the service. In particular the user
"nobody" often has problems with printing, even if it worked with an
earlier version of Samba. Try creating another guest user other than
"nobody".
Make sure that the user specified in the service is permitted to use
the printer.
Check the debug log produced by smbd. Search for the printer name and
see if the log turns up any clues. Note that error messages to do with
a service ipc$ are meaningless - they relate to the way the client
attempts to retrieve status information when using the LANMAN1
protocol.
If using WfWg then you need to set the default protocol to TCP/IP, not
Netbeui. This is a WfWg bug.
If using the Lanman1 protocol (the default) then try switching to
coreplus. Also not that print status error messages don't mean
printing won't work. The print status is received by a different
mechanism.
<sect1>My programs install on the server OK, but refuse to work properly<p><label id="programs_wont_run">
There are numerous possible reasons for this, but one MAJOR
possibility is that your software uses locking. Make sure you are
using Samba 1.6.11 or later. It may also be possible to work around
the problem by setting "locking=no" in the Samba configuration file
for the service the software is installed on. This should be regarded
as a strictly temporary solution.
In earlier Samba versions there were some difficulties with the very
latest Microsoft products, particularly Excel 5 and Word for Windows
6. These should have all been solved. If not then please let Andrew
Tridgell know via email at <htmlurl url="mailto:samba@samba.org" name="samba@samba.org">.
<sect1>My "server string" doesn't seem to be recognised<p><label id="bad_server_string">
OR My client reports the default setting, eg. "Samba 1.9.15p4", instead
of what I have changed it to in the smb.conf file.
You need to use the -C option in nmbd. The "server string" affects
what smbd puts out and -C affects what nmbd puts out.
Current versions of Samba (1.9.16 +) have combined these options into
the "server string" field of smb.conf, -C for nmbd is now obsolete.
<sect1>My client reports "This server is not configured to list shared resources" <p> <label id="cant_list_shares">
Your guest account is probably invalid for some reason. Samba uses the
guest account for browsing in smbd. Check that your guest account is
valid.
See also 'guest account' in smb.conf man page.
<sect1>Log message "you appear to have a trapdoor uid system" <p><label id="trapdoor_uid">
This can have several causes. It might be because you are using a uid
or gid of 65535 or -1. This is a VERY bad idea, and is a big security
hole. Check carefully in your /etc/passwd file and make sure that no
user has uid 65535 or -1. Especially check the "nobody" user, as many
broken systems are shipped with nobody setup with a uid of 65535.
It might also mean that your OS has a trapdoor uid/gid system :-)
This means that once a process changes effective uid from root to
another user it can't go back to root. Unfortunately Samba relies on
being able to change effective uid from root to non-root and back
again to implement its security policy. If your OS has a trapdoor uid
system this won't work, and several things in Samba may break. Less
things will break if you use user or server level security instead of
the default share level security, but you may still strike
problems.
The problems don't give rise to any security holes, so don't panic,
but it does mean some of Samba's capabilities will be unavailable.
In particular you will not be able to connect to the Samba server as
two different uids at once. This may happen if you try to print as a
"guest" while accessing a share as a normal user. It may also affect
your ability to list the available shares as this is normally done as
the guest user.
Complain to your OS vendor and ask them to fix their system.
Note: the reason why 65535 is a VERY bad choice of uid and gid is that
it casts to -1 as a uid, and the setreuid() system call ignores (with
no error) uid changes to -1. This means any daemon attempting to run
as uid 65535 will actually run as root. This is not good!
<sect>Common client questions<p> <label id="client_questions">
<sect1>Are there any Macintosh clients for Samba?<p> <label id="mac_clients">
Yes! Thursby now have a CIFS Client / Server called DAVE - see <url url="http://www.thursby.com/">.
They test it against Windows 95, Windows NT and samba for compatibility issues.
At the time of writing, DAVE was at version 1.0.1. The 1.0.0 to 1.0.1 update is available
as a free download from the Thursby web site (the speed of finder copies has
been greatly enhanced, and there are bug-fixes included).
Alternatives - There are two free implementations of AppleTalk for
several kinds of UNIX machnes, and several more commercial ones.
These products allow you to run file services and print services
natively to Macintosh users, with no additional support required on
the Macintosh. The two free omplementations are Netatalk,
<url url="http://www.umich.edu/~rsug/netatalk/">, and CAP,
<url url="http://www.cs.mu.oz.au/appletalk/atalk.html">. What Samba offers
MS Windows users, these packages offer to Macs. For more info on
these packages, Samba, and Linux (and other UNIX-based systems)
see <url url="http://www.eats.com/linux_mac_win.html">
<sect1>"Session request failed (131,130)" error<p> <label id="sess_req_fail">
The following answer is provided by John E. Miller:
I'll assume that you're able to ping back and forth between the
machines by IP address and name, and that you're using some security
model where you're confident that you've got user IDs and passwords
right. The logging options (-d3 or greater) can help a lot with that.
DNS and WINS configuration can also impact connectivity as well.
Now, on to 'scope id's. Somewhere in your Win95 TCP/IP network
configuration (I'm too much of an NT bigot to know where it's located
in the Win95 setup, but I'll have to learn someday since I teach for a
Microsoft Solution Provider Authorized Tech Education Center - what an
acronym...) [Note: It's under Control Panel | Network | TCP/IP | WINS
Configuration] there's a little text entry field called something like
'Scope ID'.
This field essentially creates 'invisible' sub-workgroups on the same
wire. Boxes can only see other boxes whose Scope IDs are set to the
exact same value - it's sometimes used by OEMs to configure their
boxes to browse only other boxes from the same vendor and, in most
environments, this field should be left blank. If you, in fact, have
something in this box that EXACT value (case-sensitive!) needs to be
provided to smbclient and nmbd as the -i (lowercase) parameter. So, if
your Scope ID is configured as the string 'SomeStr' in Win95 then
you'd have to use smbclient -iSomeStr [otherparms] in connecting to
it.
<sect1>How do I synchronise my PC's clock with my Samba server? <p><label id="synchronise_clock">
To syncronize your PC's clock with your Samba server:
<itemize>
<item> Copy timesync.pif to your windows directory
<item> timesync.pif can be found at:
<url
url="http://samba.org/samba/binaries/miscellaneous/timesync.pif">
<item> Add timesync.pif to your 'Start Up' group/folder
<item> Open the properties dialog box for the program/icon
<item> Make sure the 'Run Minimized' option is set in program 'Properties'
<iteM> Change the command line section that reads [\\sambahost] to reflect the name of your server.
<item> Close the properties dialog box by choosing 'OK'
</itemize>
Each time you start your computer (or login for Win95) your PC will
synchronize its clock with your Samba server.
Alternativley, if you clients support Domain Logons, you can setup Domain Logons with Samba
- see: <url url="ftp://samba.org/pub/samba/docs/BROWSING.txt" name="BROWSING.txt"> *** for more information.
<p>Then add
<tscreen><verb>
NET TIME \\%L /SET /YES
</verb></tscreen>
as one of the lines in the logon script.
<sect1>Problems with WinDD, NTrigue, WinCenterPro etc<p>
<label id="multiple_session_clients">
All of the above programs are applications that sit on an NT box and
allow multiple users to access the NT GUI applications from remote
workstations (often over X).
What has this got to do with Samba? The problem comes when these users
use filemanager to mount shares from a Samba server. The most common
symptom is that the first user to connect get correct file permissions
and has a nice day, but subsequent connections get logged in as the
same user as the first person to login. They find that they cannot
access files in their own home directory, but that they can access
files in the first users home directory (maybe not such a nice day
after all?)
Why does this happen? The above products all share a common heritage
(and code base I believe). They all open just a single TCP based SMB
connection to the Samba server, and requests from all users are piped
over this connection. This is unfortunate, but not fatal.
It means that if you run your Samba server in share level security
(the default) then things will definately break as described
above. The share level SMB security model has no provision for
multiple user IDs on the one SMB connection. See <url url="ftp://samba.org/pub/samba/docs/security_level.txt" name="security_level.txt"> in
the docs for more info on share/user/server level security.
If you run in user or server level security then you have a chance,
but only if you have a recent version of Samba (at least 1.9.15p6). In
older versions bugs in Samba meant you still would have had problems.
If you have a trapdoor uid system in your OS then it will never work
properly. Samba needs to be able to switch uids on the connection and
it can't if your OS has a trapdoor uid system. You'll know this
because Samba will note it in your logs.
Also note that you should not use the magic "homes" share name with
products like these, as otherwise all users will end up with the same
home directory. Use [\\server\username] instead.
<sect1>Problem with printers under NT<p> <label id="nt_printers">
This info from Stefan Hergeth
hergeth@f7axp1.informatik.fh-muenchen.de may be useful:
A network-printer (with ethernetcard) is connected to the NT-Clients
via our UNIX-Fileserver (SAMBA-Server), like the configuration told by
Matthew Harrell harrell@leech.nrl.navy.mil (see WinNT.txt)
<enum>
<item>If a user has choosen this printer as the default printer in his
NT-Session and this printer is not connected to the network
(e.g. switched off) than this user has a problem with the SAMBA-
connection of his filesystems. It's very slow.
<item>If the printer is connected to the network everything works fine.
<item>When the smbd ist started with debug level 3, you can see that the
NT spooling system try to connect to the printer many times. If the
printer ist not connected to the network this request fails and the
NT spooler is wasting a lot of time to connect to the printer service.
This seems to be the reason for the slow network connection.
<item>Maybe it's possible to change this behaviour by setting different
printer properties in the Print-Manager-Menu of NT, but i didn't try it yet.
</enum>
<sect1>Why are my file's timestamps off by an hour, or by a few hours?<p><label id="dst_bugs">
This is from Paul Eggert eggert@twinsun.com.
Most likely it's a problem with your time zone settings.
Internally, Samba maintains time in traditional Unix format,
namely, the number of seconds since 1970-01-01 00:00:00 Universal Time
(or ``GMT''), not counting leap seconds.
On the server side, Samba uses the Unix TZ variable to convert
internal timestamps to and from local time. So on the server side, there are
two things to get right.
<enum>
<item>The Unix system clock must have the correct Universal time.
Use the shell command "sh -c 'TZ=UTC0 date'" to check this.
<item>The TZ environment variable must be set on the server
before Samba is invoked. The details of this depend on the
server OS, but typically you must edit a file whose name is
/etc/TIMEZONE or /etc/default/init, or run the command `zic -l'.
<item>TZ must have the correct value.
<enum>
<item>If possible, use geographical time zone settings
(e.g. TZ='America/Los_Angeles' or perhaps
TZ=':US/Pacific'). These are supported by most
popular Unix OSes, are easier to get right, and are
more accurate for historical timestamps. If your
operating system has out-of-date tables, you should be
able to update them from the public domain time zone
tables at <url url="ftp://elsie.nci.nih.gov/pub/">.
<item>If your system does not support geographical timezone
settings, you must use a Posix-style TZ strings, e.g.
TZ='PST8PDT,M4.1.0/2,M10.5.0/2' for US Pacific time.
Posix TZ strings can take the following form (with optional
items in brackets):
<verb>
StdOffset[Dst[Offset],Date/Time,Date/Time]
</verb>
where:
<itemize>
<item> `Std' is the standard time designation (e.g. `PST').
<item> `Offset' is the number of hours behind UTC (e.g. `8').
Prepend a `-' if you are ahead of UTC, and
append `:30' if you are at a half-hour offset.
Omit all the remaining items if you do not use
daylight-saving time.
<item> `Dst' is the daylight-saving time designation
(e.g. `PDT').
The optional second `Offset' is the number of
hours that daylight-saving time is behind UTC.
The default is 1 hour ahead of standard time.
<item> `Date/Time,Date/Time' specify when daylight-saving
time starts and ends. The format for a date is
`Mm.n.d', which specifies the dth day (0 is Sunday)
of the nth week of the mth month, where week 5 means
the last such day in the month. The format for a
time is [h]h[:mm[:ss]], using a 24-hour clock.
</itemize>
Other Posix string formats are allowed but you don't want
to know about them.
</enum>
</enum>
On the client side, you must make sure that your client's clock and
time zone is also set appropriately. [[I don't know how to do this.]]
Samba traditionally has had many problems dealing with time zones, due
to the bizarre ways that Microsoft network protocols handle time
zones. A common symptom is for file timestamps to be off by an hour.
To work around the problem, try disconnecting from your Samba server
and then reconnecting to it; or upgrade your Samba server to
1.9.16alpha10 or later.
<sect1> How do I set the printer driver name correctly? <p><label id="printer_driver_name">
Question:
On NT, I opened "Printer Manager" and "Connect to Printer".
Enter ["\\ptdi270\ps1"] in the box of printer. I got the
following error message:
<tscreen><verb>
You do not have sufficient access to your machine
to connect to the selected printer, since a driver
needs to be installed locally.
</verb></tscreen>
Answer:
In the more recent versions of Samba you can now set the "printer
driver" in smb.conf. This tells the client what driver to use. For
example:
<tscreen><verb>
printer driver = HP LaserJet 4L
</verb></tscreen>
with this, NT knows to use the right driver. You have to get this string
exactly right.
To find the exact string to use, you need to get to the dialog box in
your client where you select which printer driver to install. The
correct strings for all the different printers are shown in a listbox
in that dialog box.
You could also try setting the driver to NULL like this:
<tscreen><verb>
printer driver = NULL
</verb></tscreen>
this is effectively what older versions of Samba did, so if that
worked for you then give it a go. If this does work then let us know via <htmlurl url="mailto:samba@samba.org" name="samba@samba.org">,
and we'll make it the default. Currently the default is a 0 length
string.
<sect1>I've applied NT 4.0 SP3, and now I can't access Samba shares, Why?<p><label id="NT_SP3_FIX">
As of SP3, Microsoft has decided that they will no longer default to
passing clear text passwords over the network. To enable access to
Samba shares from NT 4.0 SP3, you must do <bf>ONE</bf> of two things:
<enum>
<item> Set the Samba configuration option 'security = user' and implement all of the stuff detailed in <url url="ftp://samba.org/pub/samba/docs/ENCRYPTION.txt" name="ENCRYPTION.txt">.
<item> Follow Microsoft's directions for setting your NT box to allow plain text passwords. see <url url="http://www.microsoft.com/kb/articles/q166/7/30.htm" name="Knowledge Base Article Q166730">
</enum>
<sect>Specific client application problems<p> <label id="client_problems">
<sect1>MS Office Setup reports "Cannot change properties of '\MSOFFICE\SETUP.INI'"<p> <label id="cant_change_properties">
When installing MS Office on a Samba drive for which you have admin
user permissions, ie. admin users = username, you will find the
setup program unable to complete the installation.
To get around this problem, do the installation without admin user
permissions The problem is that MS Office Setup checks that a file is
rdonly by trying to open it for writing.
Admin users can always open a file for writing, as they run as root.
You just have to install as a non-admin user and then use "chown -R"
to fix the owner.
<sect>Miscellaneous<p> <label id="miscellaneous">
<sect1>Is Samba Year 2000 compliant?<p><label id="Year2000Compliant">
The CIFS protocol that Samba implements
negotiates times in various formats, all of which
are able to cope with dates beyond 2000.
</article>

1122
docs/faq/sambafaq.txt
View File

File diff suppressed because it is too large Load Diff