1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-15 23:24:37 +03:00

This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This used to be commit aafa32d6809e1bc60a8186140f2f3cf2bf6bff16)

This commit is contained in:
cvs2svn Import User 2002-11-07 19:45:56 +00:00
commit 2446d245df
10 changed files with 4057 additions and 0 deletions

View File

@ -0,0 +1,196 @@
<chapter id="pwencrypt">
<chapterinfo>
<author>
<firstname>Jeremy</firstname><surname>Allison</surname>
<affiliation>
<orgname>Samba Team</orgname>
<address>
<email>samba@samba.org</email>
</address>
</affiliation>
</author>
<pubdate>19 Apr 1999</pubdate>
</chapterinfo>
<title>LanMan and NT Password Encryption</title>
<sect1>
<title>Introduction</title>
<para>With the development of LanManager and Windows NT
compatible password encryption for Samba, it is now able
to validate user connections in exactly the same way as
a LanManager or Windows NT server.</para>
<para>This document describes how the SMB password encryption
algorithm works and what issues there are in choosing whether
you want to use it. You should read it carefully, especially
the part about security and the "PROS and CONS" section.</para>
</sect1>
<sect1>
<title>How does it work?</title>
<para>LanManager encryption is somewhat similar to UNIX
password encryption. The server uses a file containing a
hashed value of a user's password. This is created by taking
the user's plaintext password, capitalising it, and either
truncating to 14 bytes or padding to 14 bytes with null bytes.
This 14 byte value is used as two 56 bit DES keys to encrypt
a 'magic' eight byte value, forming a 16 byte value which is
stored by the server and client. Let this value be known as
the "hashed password".</para>
<para>Windows NT encryption is a higher quality mechanism,
consisting of doing an MD4 hash on a Unicode version of the user's
password. This also produces a 16 byte hash value that is
non-reversible.</para>
<para>When a client (LanManager, Windows for WorkGroups, Windows
95 or Windows NT) wishes to mount a Samba drive (or use a Samba
resource), it first requests a connection and negotiates the
protocol that the client and server will use. In the reply to this
request the Samba server generates and appends an 8 byte, random
value - this is stored in the Samba server after the reply is sent
and is known as the "challenge". The challenge is different for
every client connection.</para>
<para>The client then uses the hashed password (16 byte values
described above), appended with 5 null bytes, as three 56 bit
DES keys, each of which is used to encrypt the challenge 8 byte
value, forming a 24 byte value known as the "response".</para>
<para>In the SMB call SMBsessionsetupX (when user level security
is selected) or the call SMBtconX (when share level security is
selected), the 24 byte response is returned by the client to the
Samba server. For Windows NT protocol levels the above calculation
is done on both hashes of the user's password and both responses are
returned in the SMB call, giving two 24 byte values.</para>
<para>The Samba server then reproduces the above calculation, using
its own stored value of the 16 byte hashed password (read from the
<filename>smbpasswd</filename> file - described later) and the challenge
value that it kept from the negotiate protocol reply. It then checks
to see if the 24 byte value it calculates matches the 24 byte value
returned to it from the client.</para>
<para>If these values match exactly, then the client knew the
correct password (or the 16 byte hashed value - see security note
below) and is thus allowed access. If not, then the client did not
know the correct password and is denied access.</para>
<para>Note that the Samba server never knows or stores the cleartext
of the user's password - just the 16 byte hashed values derived from
it. Also note that the cleartext password or 16 byte hashed values
are never transmitted over the network - thus increasing security.</para>
</sect1>
<sect1>
<title><anchor id="SMBPASSWDFILEFORMAT">The smbpasswd file</title>
<para>In order for Samba to participate in the above protocol
it must be able to look up the 16 byte hashed values given a user name.
Unfortunately, as the UNIX password value is also a one way hash
function (ie. it is impossible to retrieve the cleartext of the user's
password given the UNIX hash of it), a separate password file
containing this 16 byte value must be kept. To minimise problems with
these two password files, getting out of sync, the UNIX <filename>
/etc/passwd</filename> and the <filename>smbpasswd</filename> file,
a utility, <command>mksmbpasswd.sh</command>, is provided to generate
a smbpasswd file from a UNIX <filename>/etc/passwd</filename> file.
</para
<para>To generate the smbpasswd file from your <filename>/etc/passwd
</filename> file use the following command :</para>
<para><prompt>$ </prompt><userinput>cat /etc/passwd | mksmbpasswd.sh
&gt; /usr/local/samba/private/smbpasswd</userinput></para>
<para>If you are running on a system that uses NIS, use</para>
<para><prompt>$ </prompt><userinput>ypcat passwd | mksmbpasswd.sh
&gt; /usr/local/samba/private/smbpasswd</userinput></para>
<para>The <command>mksmbpasswd.sh</command> program is found in
the Samba source directory. By default, the smbpasswd file is
stored in :</para>
<para><filename>/usr/local/samba/private/smbpasswd</filename></para>
<para>The owner of the <filename>/usr/local/samba/private/</filename>
directory should be set to root, and the permissions on it should
be set to 0500 (<command>chmod 500 /usr/local/samba/private</command>).
</para>
<para>Likewise, the smbpasswd file inside the private directory should
be owned by root and the permissions on is should be set to 0600
(<command>chmod 600 smbpasswd</command>).</para>
<para>The format of the smbpasswd file is (The line has been
wrapped here. It should appear as one entry per line in
your smbpasswd file.)</para>
<para><programlisting>
username:uid:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:
[Account type]:LCT-&lt;last-change-time&gt;:Long name
</programlisting></para>
<para>Although only the <replaceable>username</replaceable>,
<replaceable>uid</replaceable>, <replaceable>
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX</replaceable>,
[<replaceable>Account type</replaceable>] and <replaceable>
last-change-time</replaceable> sections are significant
and are looked at in the Samba code.</para>
<para>It is <emphasis>VITALLY</emphasis> important that there by 32
'X' characters between the two ':' characters in the XXX sections -
the smbpasswd and Samba code will fail to validate any entries that
do not have 32 characters between ':' characters. The first XXX
section is for the Lanman password hash, the second is for the
Windows NT version.</para>
<para>When the password file is created all users have password entries
consisting of 32 'X' characters. By default this disallows any access
as this user. When a user has a password set, the 'X' characters change
to 32 ascii hexadecimal digits (0-9, A-F). These are an ascii
representation of the 16 byte hashed value of a user's password.</para>
<para>To set a user to have no password (not recommended), edit the file
using vi, and replace the first 11 characters with the ascii text
<constant>"NO PASSWORD"</constant> (minus the quotes).</para>
<para>For example, to clear the password for user bob, his smbpasswd file
entry would look like :</para>
<para><programlisting>
bob:100:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U ]:LCT-00000000:Bob's full name:/bobhome:/bobshell
</programlisting></para>
<para>If you are allowing users to use the smbpasswd command to set
their own passwords, you may want to give users NO PASSWORD initially
so they do not have to enter a previous password when changing to their
new password (not recommended). In order for you to allow this the
<command>smbpasswd</command> program must be able to connect to the
<command>smbd</command> daemon as that user with no password. Enable this
by adding the line :</para>
<para><command>null passwords = yes</command></para>
<para>to the [global] section of the smb.conf file (this is why
the above scenario is not recommended). Preferably, allocate your
users a default password to begin with, so you do not have
to enable this on your server.</para>
<para><emphasis>Note : </emphasis>This file should be protected very
carefully. Anyone with access to this file can (with enough knowledge of
the protocols) gain access to your SMB server. The file is thus more
sensitive than a normal unix <filename>/etc/passwd</filename> file.</para>
</sect1>
</chapter>

View File

@ -0,0 +1,42 @@
<chapter id="pdb-xml">
<chapterinfo>
<author>
<firstname>Jelmer</firstname><surname>Vernooij</surname>
<affiliation>
<orgname>The Samba Team</orgname>
<address><email>jelmer@samba.org</email></address>
</affiliation>
</author>
<pubdate>November 2002</pubdate>
</chapterinfo>
<title>Passdb XML plugin</title>
<sect1>
<title>Building</title>
<para>This module requires libxml2 to be installed.</para>
<para>To build pdb_xml, run: <command>make bin/pdb_xml.so</command> in
the directory <filename>source/</filename>. </para>
</sect1>
<sect1>
<title>Usage</title>
<para>The usage of pdb_xml is pretty straightforward. To export data, use:
<command>pdbedit -e plugin:/usr/lib/samba/pdb_xml.so:filename</command>
(where filename is the name of the file to put the data in)
</para>
<para>
To import data, use:
<command>pdbedit -i plugin:/usr/lib/samba/pdb_xml.so:filename -e current-pdb</command>
Where filename is the name to read the data from and current-pdb to put it in.
</para>
</sect1>
</chapter>

View File

@ -0,0 +1,19 @@
<chapter id="upgrading-to-3.0">
<chapterinfo>
<author>
<firstname>Jelmer</firstname><surname>Vernooij</surname>
<affiliation>Samba Team</affiliation>
</author>
<pubdate>25 October 2002</pubdate>
</chapterinfo>
<title>Issues when upgrading from 2.2 to 3.0</title>
<sect1>
<title>Charsets</title>
FIXME
</sect1>
</chapter>

917
docs/htmldocs/p1346.html Normal file
View File

@ -0,0 +1,917 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Optional configuration</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="PREVIOUS"
TITLE="Samba as a NT4 domain member"
HREF="domain-security.html"><LINK
REL="NEXT"
TITLE="Integrating MS Windows networks with Samba"
HREF="integrate-ms-networks.html"></HEAD
><BODY
CLASS="PART"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="domain-security.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="integrate-ms-networks.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="PART"
><A
NAME="AEN1346"
></A
><DIV
CLASS="TITLEPAGE"
><H1
CLASS="TITLE"
>III. Optional configuration</H1
><DIV
CLASS="PARTINTRO"
><A
NAME="AEN1348"
></A
><H1
>Introduction</H1
><P
>Samba has several features that you might want or might not want to use. The chapters in this
part each cover one specific feature.</P
></DIV
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>10. <A
HREF="integrate-ms-networks.html"
>Integrating MS Windows networks with Samba</A
></DT
><DD
><DL
><DT
>10.1. <A
HREF="integrate-ms-networks.html#AEN1362"
>Agenda</A
></DT
><DT
>10.2. <A
HREF="integrate-ms-networks.html#AEN1384"
>Name Resolution in a pure Unix/Linux world</A
></DT
><DD
><DL
><DT
>10.2.1. <A
HREF="integrate-ms-networks.html#AEN1400"
><TT
CLASS="FILENAME"
>/etc/hosts</TT
></A
></DT
><DT
>10.2.2. <A
HREF="integrate-ms-networks.html#AEN1416"
><TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
></A
></DT
><DT
>10.2.3. <A
HREF="integrate-ms-networks.html#AEN1427"
><TT
CLASS="FILENAME"
>/etc/host.conf</TT
></A
></DT
><DT
>10.2.4. <A
HREF="integrate-ms-networks.html#AEN1435"
><TT
CLASS="FILENAME"
>/etc/nsswitch.conf</TT
></A
></DT
></DL
></DD
><DT
>10.3. <A
HREF="integrate-ms-networks.html#AEN1447"
>Name resolution as used within MS Windows networking</A
></DT
><DD
><DL
><DT
>10.3.1. <A
HREF="integrate-ms-networks.html#AEN1459"
>The NetBIOS Name Cache</A
></DT
><DT
>10.3.2. <A
HREF="integrate-ms-networks.html#AEN1464"
>The LMHOSTS file</A
></DT
><DT
>10.3.3. <A
HREF="integrate-ms-networks.html#AEN1472"
>HOSTS file</A
></DT
><DT
>10.3.4. <A
HREF="integrate-ms-networks.html#AEN1477"
>DNS Lookup</A
></DT
><DT
>10.3.5. <A
HREF="integrate-ms-networks.html#AEN1480"
>WINS Lookup</A
></DT
></DL
></DD
><DT
>10.4. <A
HREF="integrate-ms-networks.html#AEN1492"
>How browsing functions and how to deploy stable and
dependable browsing using Samba</A
></DT
><DT
>10.5. <A
HREF="integrate-ms-networks.html#AEN1502"
>MS Windows security options and how to configure
Samba for seemless integration</A
></DT
><DD
><DL
><DT
>10.5.1. <A
HREF="integrate-ms-networks.html#AEN1530"
>Use MS Windows NT as an authentication server</A
></DT
><DT
>10.5.2. <A
HREF="integrate-ms-networks.html#AEN1538"
>Make Samba a member of an MS Windows NT security domain</A
></DT
><DT
>10.5.3. <A
HREF="integrate-ms-networks.html#AEN1555"
>Configure Samba as an authentication server</A
></DT
></DL
></DD
><DT
>10.6. <A
HREF="integrate-ms-networks.html#AEN1572"
>Conclusions</A
></DT
></DL
></DD
><DT
>11. <A
HREF="unix-permissions.html"
>UNIX Permission Bits and Windows NT Access Control Lists</A
></DT
><DD
><DL
><DT
>11.1. <A
HREF="unix-permissions.html#AEN1593"
>Viewing and changing UNIX permissions using the NT
security dialogs</A
></DT
><DT
>11.2. <A
HREF="unix-permissions.html#AEN1602"
>How to view file security on a Samba share</A
></DT
><DT
>11.3. <A
HREF="unix-permissions.html#AEN1613"
>Viewing file ownership</A
></DT
><DT
>11.4. <A
HREF="unix-permissions.html#AEN1633"
>Viewing file or directory permissions</A
></DT
><DD
><DL
><DT
>11.4.1. <A
HREF="unix-permissions.html#AEN1648"
>File Permissions</A
></DT
><DT
>11.4.2. <A
HREF="unix-permissions.html#AEN1662"
>Directory Permissions</A
></DT
></DL
></DD
><DT
>11.5. <A
HREF="unix-permissions.html#AEN1669"
>Modifying file or directory permissions</A
></DT
><DT
>11.6. <A
HREF="unix-permissions.html#AEN1691"
>Interaction with the standard Samba create mask
parameters</A
></DT
><DT
>11.7. <A
HREF="unix-permissions.html#AEN1755"
>Interaction with the standard Samba file attribute
mapping</A
></DT
></DL
></DD
><DT
>12. <A
HREF="pam.html"
>Configuring PAM for distributed but centrally
managed authentication</A
></DT
><DD
><DL
><DT
>12.1. <A
HREF="pam.html#AEN1776"
>Samba and PAM</A
></DT
><DT
>12.2. <A
HREF="pam.html#AEN1820"
>Distributed Authentication</A
></DT
><DT
>12.3. <A
HREF="pam.html#AEN1827"
>PAM Configuration in smb.conf</A
></DT
></DL
></DD
><DT
>13. <A
HREF="msdfs.html"
>Hosting a Microsoft Distributed File System tree on Samba</A
></DT
><DD
><DL
><DT
>13.1. <A
HREF="msdfs.html#AEN1847"
>Instructions</A
></DT
><DD
><DL
><DT
>13.1.1. <A
HREF="msdfs.html#AEN1882"
>Notes</A
></DT
></DL
></DD
></DL
></DD
><DT
>14. <A
HREF="printing.html"
>Printing Support</A
></DT
><DD
><DL
><DT
>14.1. <A
HREF="printing.html#AEN1908"
>Introduction</A
></DT
><DT
>14.2. <A
HREF="printing.html#AEN1930"
>Configuration</A
></DT
><DD
><DL
><DT
>14.2.1. <A
HREF="printing.html#AEN1938"
>Creating [print$]</A
></DT
><DT
>14.2.2. <A
HREF="printing.html#AEN1973"
>Setting Drivers for Existing Printers</A
></DT
><DT
>14.2.3. <A
HREF="printing.html#AEN1989"
>Support a large number of printers</A
></DT
><DT
>14.2.4. <A
HREF="printing.html#AEN2000"
>Adding New Printers via the Windows NT APW</A
></DT
><DT
>14.2.5. <A
HREF="printing.html#AEN2030"
>Samba and Printer Ports</A
></DT
></DL
></DD
><DT
>14.3. <A
HREF="printing.html#AEN2038"
>The Imprints Toolset</A
></DT
><DD
><DL
><DT
>14.3.1. <A
HREF="printing.html#AEN2042"
>What is Imprints?</A
></DT
><DT
>14.3.2. <A
HREF="printing.html#AEN2052"
>Creating Printer Driver Packages</A
></DT
><DT
>14.3.3. <A
HREF="printing.html#AEN2055"
>The Imprints server</A
></DT
><DT
>14.3.4. <A
HREF="printing.html#AEN2059"
>The Installation Client</A
></DT
></DL
></DD
><DT
>14.4. <A
HREF="printing.html#AEN2081"
>Diagnosis</A
></DT
><DD
><DL
><DT
>14.4.1. <A
HREF="printing.html#AEN2083"
>Introduction</A
></DT
><DT
>14.4.2. <A
HREF="printing.html#AEN2099"
>Debugging printer problems</A
></DT
><DT
>14.4.3. <A
HREF="printing.html#AEN2108"
>What printers do I have?</A
></DT
><DT
>14.4.4. <A
HREF="printing.html#AEN2116"
>Setting up printcap and print servers</A
></DT
><DT
>14.4.5. <A
HREF="printing.html#AEN2144"
>Job sent, no output</A
></DT
><DT
>14.4.6. <A
HREF="printing.html#AEN2155"
>Job sent, strange output</A
></DT
><DT
>14.4.7. <A
HREF="printing.html#AEN2167"
>Raw PostScript printed</A
></DT
><DT
>14.4.8. <A
HREF="printing.html#AEN2170"
>Advanced Printing</A
></DT
><DT
>14.4.9. <A
HREF="printing.html#AEN2173"
>Real debugging</A
></DT
></DL
></DD
></DL
></DD
><DT
>15. <A
HREF="securitylevels.html"
>Security levels</A
></DT
><DD
><DL
><DT
>15.1. <A
HREF="securitylevels.html#AEN2186"
>Introduction</A
></DT
><DT
>15.2. <A
HREF="securitylevels.html#AEN2197"
>More complete description of security levels</A
></DT
></DL
></DD
><DT
>16. <A
HREF="winbind.html"
>Unified Logons between Windows NT and UNIX using Winbind</A
></DT
><DD
><DL
><DT
>16.1. <A
HREF="winbind.html#AEN2249"
>Abstract</A
></DT
><DT
>16.2. <A
HREF="winbind.html#AEN2253"
>Introduction</A
></DT
><DT
>16.3. <A
HREF="winbind.html#AEN2266"
>What Winbind Provides</A
></DT
><DD
><DL
><DT
>16.3.1. <A
HREF="winbind.html#AEN2273"
>Target Uses</A
></DT
></DL
></DD
><DT
>16.4. <A
HREF="winbind.html#AEN2277"
>How Winbind Works</A
></DT
><DD
><DL
><DT
>16.4.1. <A
HREF="winbind.html#AEN2282"
>Microsoft Remote Procedure Calls</A
></DT
><DT
>16.4.2. <A
HREF="winbind.html#AEN2286"
>Name Service Switch</A
></DT
><DT
>16.4.3. <A
HREF="winbind.html#AEN2302"
>Pluggable Authentication Modules</A
></DT
><DT
>16.4.4. <A
HREF="winbind.html#AEN2310"
>User and Group ID Allocation</A
></DT
><DT
>16.4.5. <A
HREF="winbind.html#AEN2314"
>Result Caching</A
></DT
></DL
></DD
><DT
>16.5. <A
HREF="winbind.html#AEN2317"
>Installation and Configuration</A
></DT
><DD
><DL
><DT
>16.5.1. <A
HREF="winbind.html#AEN2324"
>Introduction</A
></DT
><DT
>16.5.2. <A
HREF="winbind.html#AEN2337"
>Requirements</A
></DT
><DT
>16.5.3. <A
HREF="winbind.html#AEN2351"
>Testing Things Out</A
></DT
></DL
></DD
><DT
>16.6. <A
HREF="winbind.html#AEN2566"
>Limitations</A
></DT
><DT
>16.7. <A
HREF="winbind.html#AEN2576"
>Conclusion</A
></DT
></DL
></DD
><DT
>17. <A
HREF="pdb-mysql.html"
>Passdb MySQL plugin</A
></DT
><DD
><DL
><DT
>17.1. <A
HREF="pdb-mysql.html#AEN2590"
>Building</A
></DT
><DT
>17.2. <A
HREF="pdb-mysql.html#AEN2596"
>Configuring</A
></DT
><DT
>17.3. <A
HREF="pdb-mysql.html#AEN2611"
>Using plaintext passwords or encrypted password</A
></DT
><DT
>17.4. <A
HREF="pdb-mysql.html#AEN2616"
>Getting non-column data from the table</A
></DT
></DL
></DD
><DT
>18. <A
HREF="pdb-xml.html"
>Passdb XML plugin</A
></DT
><DD
><DL
><DT
>18.1. <A
HREF="pdb-xml.html#AEN2635"
>Building</A
></DT
><DT
>18.2. <A
HREF="pdb-xml.html#AEN2641"
>Usage</A
></DT
></DL
></DD
><DT
>19. <A
HREF="samba-ldap-howto.html"
>Storing Samba's User/Machine Account information in an LDAP Directory</A
></DT
><DD
><DL
><DT
>19.1. <A
HREF="samba-ldap-howto.html#AEN2664"
>Purpose</A
></DT
><DT
>19.2. <A
HREF="samba-ldap-howto.html#AEN2684"
>Introduction</A
></DT
><DT
>19.3. <A
HREF="samba-ldap-howto.html#AEN2713"
>Supported LDAP Servers</A
></DT
><DT
>19.4. <A
HREF="samba-ldap-howto.html#AEN2718"
>Schema and Relationship to the RFC 2307 posixAccount</A
></DT
><DT
>19.5. <A
HREF="samba-ldap-howto.html#AEN2730"
>Configuring Samba with LDAP</A
></DT
><DD
><DL
><DT
>19.5.1. <A
HREF="samba-ldap-howto.html#AEN2732"
>OpenLDAP configuration</A
></DT
><DT
>19.5.2. <A
HREF="samba-ldap-howto.html#AEN2749"
>Configuring Samba</A
></DT
></DL
></DD
><DT
>19.6. <A
HREF="samba-ldap-howto.html#AEN2777"
>Accounts and Groups management</A
></DT
><DT
>19.7. <A
HREF="samba-ldap-howto.html#AEN2782"
>Security and sambaAccount</A
></DT
><DT
>19.8. <A
HREF="samba-ldap-howto.html#AEN2802"
>LDAP specials attributes for sambaAccounts</A
></DT
><DT
>19.9. <A
HREF="samba-ldap-howto.html#AEN2872"
>Example LDIF Entries for a sambaAccount</A
></DT
><DT
>19.10. <A
HREF="samba-ldap-howto.html#AEN2880"
>Comments</A
></DT
></DL
></DD
><DT
>20. <A
HREF="cvs-access.html"
>HOWTO Access Samba source code via CVS</A
></DT
><DD
><DL
><DT
>20.1. <A
HREF="cvs-access.html#AEN2891"
>Introduction</A
></DT
><DT
>20.2. <A
HREF="cvs-access.html#AEN2896"
>CVS Access to samba.org</A
></DT
><DD
><DL
><DT
>20.2.1. <A
HREF="cvs-access.html#AEN2899"
>Access via CVSweb</A
></DT
><DT
>20.2.2. <A
HREF="cvs-access.html#AEN2904"
>Access via cvs</A
></DT
></DL
></DD
></DL
></DD
><DT
>21. <A
HREF="groupmapping.html"
>Group mapping HOWTO</A
></DT
><DT
>22. <A
HREF="speed.html"
>Samba performance issues</A
></DT
><DD
><DL
><DT
>22.1. <A
HREF="speed.html#AEN2982"
>Comparisons</A
></DT
><DT
>22.2. <A
HREF="speed.html#AEN2988"
>Oplocks</A
></DT
><DD
><DL
><DT
>22.2.1. <A
HREF="speed.html#AEN2990"
>Overview</A
></DT
><DT
>22.2.2. <A
HREF="speed.html#AEN2998"
>Level2 Oplocks</A
></DT
><DT
>22.2.3. <A
HREF="speed.html#AEN3004"
>Old 'fake oplocks' option - deprecated</A
></DT
></DL
></DD
><DT
>22.3. <A
HREF="speed.html#AEN3008"
>Socket options</A
></DT
><DT
>22.4. <A
HREF="speed.html#AEN3015"
>Read size</A
></DT
><DT
>22.5. <A
HREF="speed.html#AEN3020"
>Max xmit</A
></DT
><DT
>22.6. <A
HREF="speed.html#AEN3025"
>Locking</A
></DT
><DT
>22.7. <A
HREF="speed.html#AEN3029"
>Share modes</A
></DT
><DT
>22.8. <A
HREF="speed.html#AEN3034"
>Log level</A
></DT
><DT
>22.9. <A
HREF="speed.html#AEN3037"
>Wide lines</A
></DT
><DT
>22.10. <A
HREF="speed.html#AEN3040"
>Read raw</A
></DT
><DT
>22.11. <A
HREF="speed.html#AEN3045"
>Write raw</A
></DT
><DT
>22.12. <A
HREF="speed.html#AEN3049"
>Read prediction</A
></DT
><DT
>22.13. <A
HREF="speed.html#AEN3056"
>Memory mapping</A
></DT
><DT
>22.14. <A
HREF="speed.html#AEN3061"
>Slow Clients</A
></DT
><DT
>22.15. <A
HREF="speed.html#AEN3065"
>Slow Logins</A
></DT
><DT
>22.16. <A
HREF="speed.html#AEN3068"
>Client tuning</A
></DT
><DT
>22.17. <A
HREF="speed.html#AEN3100"
>My Results</A
></DT
></DL
></DD
></DL
></DIV
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="domain-security.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="integrate-ms-networks.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Samba as a NT4 domain member</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Integrating MS Windows networks with Samba</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

438
docs/htmldocs/p18.html Normal file
View File

@ -0,0 +1,438 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>General installation</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="PREVIOUS"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="NEXT"
TITLE="How to Install and Test SAMBA"
HREF="install.html"></HEAD
><BODY
CLASS="PART"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="install.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="PART"
><A
NAME="AEN18"
></A
><DIV
CLASS="TITLEPAGE"
><H1
CLASS="TITLE"
>I. General installation</H1
><DIV
CLASS="PARTINTRO"
><A
NAME="AEN20"
></A
><H1
>Introduction</H1
><P
>This part contains general info on how to install samba
and how to configure the parts of samba you will most likely need.
PLEASE read this.</P
></DIV
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>1. <A
HREF="install.html"
>How to Install and Test SAMBA</A
></DT
><DD
><DL
><DT
>1.1. <A
HREF="install.html#AEN25"
>Read the man pages</A
></DT
><DT
>1.2. <A
HREF="install.html#AEN35"
>Building the Binaries</A
></DT
><DT
>1.3. <A
HREF="install.html#AEN63"
>The all important step</A
></DT
><DT
>1.4. <A
HREF="install.html#AEN67"
>Create the smb configuration file.</A
></DT
><DT
>1.5. <A
HREF="install.html#AEN81"
>Test your config file with
<B
CLASS="COMMAND"
>testparm</B
></A
></DT
><DT
>1.6. <A
HREF="install.html#AEN89"
>Starting the smbd and nmbd</A
></DT
><DD
><DL
><DT
>1.6.1. <A
HREF="install.html#AEN99"
>Starting from inetd.conf</A
></DT
><DT
>1.6.2. <A
HREF="install.html#AEN128"
>Alternative: starting it as a daemon</A
></DT
></DL
></DD
><DT
>1.7. <A
HREF="install.html#AEN144"
>Try listing the shares available on your
server</A
></DT
><DT
>1.8. <A
HREF="install.html#AEN153"
>Try connecting with the unix client</A
></DT
><DT
>1.9. <A
HREF="install.html#AEN169"
>Try connecting from a DOS, WfWg, Win9x, WinNT,
Win2k, OS/2, etc... client</A
></DT
><DT
>1.10. <A
HREF="install.html#AEN183"
>What If Things Don't Work?</A
></DT
><DD
><DL
><DT
>1.10.1. <A
HREF="install.html#AEN188"
>Diagnosing Problems</A
></DT
><DT
>1.10.2. <A
HREF="install.html#AEN192"
>Scope IDs</A
></DT
><DT
>1.10.3. <A
HREF="install.html#AEN195"
>Choosing the Protocol Level</A
></DT
><DT
>1.10.4. <A
HREF="install.html#AEN204"
>Printing from UNIX to a Client PC</A
></DT
><DT
>1.10.5. <A
HREF="install.html#AEN209"
>Locking</A
></DT
><DT
>1.10.6. <A
HREF="install.html#AEN218"
>Mapping Usernames</A
></DT
></DL
></DD
></DL
></DD
><DT
>2. <A
HREF="improved-browsing.html"
>Improved browsing in samba</A
></DT
><DD
><DL
><DT
>2.1. <A
HREF="improved-browsing.html#AEN228"
>Overview of browsing</A
></DT
><DT
>2.2. <A
HREF="improved-browsing.html#AEN232"
>Browsing support in samba</A
></DT
><DT
>2.3. <A
HREF="improved-browsing.html#AEN241"
>Problem resolution</A
></DT
><DT
>2.4. <A
HREF="improved-browsing.html#AEN248"
>Browsing across subnets</A
></DT
><DD
><DL
><DT
>2.4.1. <A
HREF="improved-browsing.html#AEN253"
>How does cross subnet browsing work ?</A
></DT
></DL
></DD
><DT
>2.5. <A
HREF="improved-browsing.html#AEN288"
>Setting up a WINS server</A
></DT
><DT
>2.6. <A
HREF="improved-browsing.html#AEN307"
>Setting up Browsing in a WORKGROUP</A
></DT
><DT
>2.7. <A
HREF="improved-browsing.html#AEN325"
>Setting up Browsing in a DOMAIN</A
></DT
><DT
>2.8. <A
HREF="improved-browsing.html#AEN335"
>Forcing samba to be the master</A
></DT
><DT
>2.9. <A
HREF="improved-browsing.html#AEN344"
>Making samba the domain master</A
></DT
><DT
>2.10. <A
HREF="improved-browsing.html#AEN362"
>Note about broadcast addresses</A
></DT
><DT
>2.11. <A
HREF="improved-browsing.html#AEN365"
>Multiple interfaces</A
></DT
></DL
></DD
><DT
>3. <A
HREF="oplocks.html"
>Oplocks</A
></DT
><DD
><DL
><DT
>3.1. <A
HREF="oplocks.html#AEN377"
>What are oplocks?</A
></DT
></DL
></DD
><DT
>4. <A
HREF="browsing-quick.html"
>Quick Cross Subnet Browsing / Cross Workgroup Browsing guide</A
></DT
><DD
><DL
><DT
>4.1. <A
HREF="browsing-quick.html#AEN392"
>Discussion</A
></DT
><DT
>4.2. <A
HREF="browsing-quick.html#AEN400"
>Use of the "Remote Announce" parameter</A
></DT
><DT
>4.3. <A
HREF="browsing-quick.html#AEN414"
>Use of the "Remote Browse Sync" parameter</A
></DT
><DT
>4.4. <A
HREF="browsing-quick.html#AEN419"
>Use of WINS</A
></DT
><DT
>4.5. <A
HREF="browsing-quick.html#AEN430"
>Do NOT use more than one (1) protocol on MS Windows machines</A
></DT
><DT
>4.6. <A
HREF="browsing-quick.html#AEN436"
>Name Resolution Order</A
></DT
></DL
></DD
><DT
>5. <A
HREF="pwencrypt.html"
>LanMan and NT Password Encryption in Samba</A
></DT
><DD
><DL
><DT
>5.1. <A
HREF="pwencrypt.html#AEN472"
>Introduction</A
></DT
><DT
>5.2. <A
HREF="pwencrypt.html#AEN477"
>Important Notes About Security</A
></DT
><DD
><DL
><DT
>5.2.1. <A
HREF="pwencrypt.html#AEN496"
>Advantages of SMB Encryption</A
></DT
><DT
>5.2.2. <A
HREF="pwencrypt.html#AEN503"
>Advantages of non-encrypted passwords</A
></DT
></DL
></DD
><DT
>5.3. <A
HREF="pwencrypt.html#AEN512"
>The smbpasswd Command</A
></DT
></DL
></DD
></DL
></DIV
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="install.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>SAMBA Project Documentation</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>How to Install and Test SAMBA</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

391
docs/htmldocs/p3106.html Normal file
View File

@ -0,0 +1,391 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Appendixes</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="PREVIOUS"
TITLE="Samba performance issues"
HREF="speed.html"><LINK
REL="NEXT"
TITLE="Portability"
HREF="portability.html"></HEAD
><BODY
CLASS="PART"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="speed.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="portability.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="PART"
><A
NAME="AEN3106"
></A
><DIV
CLASS="TITLEPAGE"
><H1
CLASS="TITLE"
>IV. Appendixes</H1
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>23. <A
HREF="portability.html"
>Portability</A
></DT
><DD
><DL
><DT
>23.1. <A
HREF="portability.html#AEN3115"
>HPUX</A
></DT
><DT
>23.2. <A
HREF="portability.html#AEN3121"
>SCO Unix</A
></DT
><DT
>23.3. <A
HREF="portability.html#AEN3125"
>DNIX</A
></DT
><DT
>23.4. <A
HREF="portability.html#AEN3154"
>RedHat Linux Rembrandt-II</A
></DT
></DL
></DD
><DT
>24. <A
HREF="other-clients.html"
>Samba and other CIFS clients</A
></DT
><DD
><DL
><DT
>24.1. <A
HREF="other-clients.html#AEN3175"
>Macintosh clients?</A
></DT
><DT
>24.2. <A
HREF="other-clients.html#AEN3184"
>OS2 Client</A
></DT
><DD
><DL
><DT
>24.2.1. <A
HREF="other-clients.html#AEN3186"
>How can I configure OS/2 Warp Connect or
OS/2 Warp 4 as a client for Samba?</A
></DT
><DT
>24.2.2. <A
HREF="other-clients.html#AEN3201"
>How can I configure OS/2 Warp 3 (not Connect),
OS/2 1.2, 1.3 or 2.x for Samba?</A
></DT
><DT
>24.2.3. <A
HREF="other-clients.html#AEN3210"
>Are there any other issues when OS/2 (any version)
is used as a client?</A
></DT
><DT
>24.2.4. <A
HREF="other-clients.html#AEN3214"
>How do I get printer driver download working
for OS/2 clients?</A
></DT
></DL
></DD
><DT
>24.3. <A
HREF="other-clients.html#AEN3224"
>Windows for Workgroups</A
></DT
><DD
><DL
><DT
>24.3.1. <A
HREF="other-clients.html#AEN3226"
>Use latest TCP/IP stack from Microsoft</A
></DT
><DT
>24.3.2. <A
HREF="other-clients.html#AEN3231"
>Delete .pwl files after password change</A
></DT
><DT
>24.3.3. <A
HREF="other-clients.html#AEN3236"
>Configure WfW password handling</A
></DT
><DT
>24.3.4. <A
HREF="other-clients.html#AEN3240"
>Case handling of passwords</A
></DT
></DL
></DD
><DT
>24.4. <A
HREF="other-clients.html#AEN3245"
>Windows '95/'98</A
></DT
><DT
>24.5. <A
HREF="other-clients.html#AEN3261"
>Windows 2000 Service Pack 2</A
></DT
></DL
></DD
><DT
>25. <A
HREF="bugreport.html"
>Reporting Bugs</A
></DT
><DD
><DL
><DT
>25.1. <A
HREF="bugreport.html#AEN3285"
>Introduction</A
></DT
><DT
>25.2. <A
HREF="bugreport.html#AEN3295"
>General info</A
></DT
><DT
>25.3. <A
HREF="bugreport.html#AEN3301"
>Debug levels</A
></DT
><DT
>25.4. <A
HREF="bugreport.html#AEN3318"
>Internal errors</A
></DT
><DT
>25.5. <A
HREF="bugreport.html#AEN3328"
>Attaching to a running process</A
></DT
><DT
>25.6. <A
HREF="bugreport.html#AEN3331"
>Patches</A
></DT
></DL
></DD
><DT
>26. <A
HREF="diagnosis.html"
>Diagnosing your samba server</A
></DT
><DD
><DL
><DT
>26.1. <A
HREF="diagnosis.html#AEN3354"
>Introduction</A
></DT
><DT
>26.2. <A
HREF="diagnosis.html#AEN3359"
>Assumptions</A
></DT
><DT
>26.3. <A
HREF="diagnosis.html#AEN3369"
>Tests</A
></DT
><DD
><DL
><DT
>26.3.1. <A
HREF="diagnosis.html#AEN3371"
>Test 1</A
></DT
><DT
>26.3.2. <A
HREF="diagnosis.html#AEN3377"
>Test 2</A
></DT
><DT
>26.3.3. <A
HREF="diagnosis.html#AEN3383"
>Test 3</A
></DT
><DT
>26.3.4. <A
HREF="diagnosis.html#AEN3398"
>Test 4</A
></DT
><DT
>26.3.5. <A
HREF="diagnosis.html#AEN3403"
>Test 5</A
></DT
><DT
>26.3.6. <A
HREF="diagnosis.html#AEN3409"
>Test 6</A
></DT
><DT
>26.3.7. <A
HREF="diagnosis.html#AEN3417"
>Test 7</A
></DT
><DT
>26.3.8. <A
HREF="diagnosis.html#AEN3443"
>Test 8</A
></DT
><DT
>26.3.9. <A
HREF="diagnosis.html#AEN3460"
>Test 9</A
></DT
><DT
>26.3.10. <A
HREF="diagnosis.html#AEN3468"
>Test 10</A
></DT
><DT
>26.3.11. <A
HREF="diagnosis.html#AEN3474"
>Test 11</A
></DT
></DL
></DD
><DT
>26.4. <A
HREF="diagnosis.html#AEN3479"
>Still having troubles?</A
></DT
></DL
></DD
></DL
></DIV
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="speed.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="portability.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Samba performance issues</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Portability</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

388
docs/htmldocs/p544.html Normal file
View File

@ -0,0 +1,388 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Type of installation</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="PREVIOUS"
TITLE="LanMan and NT Password Encryption in Samba"
HREF="pwencrypt.html"><LINK
REL="NEXT"
TITLE="How to Configure Samba as a NT4 Primary Domain Controller"
HREF="samba-pdc.html"></HEAD
><BODY
CLASS="PART"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="pwencrypt.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="samba-pdc.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="PART"
><A
NAME="AEN544"
></A
><DIV
CLASS="TITLEPAGE"
><H1
CLASS="TITLE"
>II. Type of installation</H1
><DIV
CLASS="PARTINTRO"
><A
NAME="AEN546"
></A
><H1
>Introduction</H1
><P
>This part contains information on using samba in a (NT 4 or ADS) domain.
If you wish to run samba as a domain member or DC, read the appropriate chapter in
this part.</P
></DIV
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>6. <A
HREF="samba-pdc.html"
>How to Configure Samba as a NT4 Primary Domain Controller</A
></DT
><DD
><DL
><DT
>6.1. <A
HREF="samba-pdc.html#AEN566"
>Prerequisite Reading</A
></DT
><DT
>6.2. <A
HREF="samba-pdc.html#AEN572"
>Background</A
></DT
><DT
>6.3. <A
HREF="samba-pdc.html#AEN611"
>Configuring the Samba Domain Controller</A
></DT
><DT
>6.4. <A
HREF="samba-pdc.html#AEN654"
>Creating Machine Trust Accounts and Joining Clients to the
Domain</A
></DT
><DD
><DL
><DT
>6.4.1. <A
HREF="samba-pdc.html#AEN673"
>Manual Creation of Machine Trust Accounts</A
></DT
><DT
>6.4.2. <A
HREF="samba-pdc.html#AEN714"
>"On-the-Fly" Creation of Machine Trust Accounts</A
></DT
><DT
>6.4.3. <A
HREF="samba-pdc.html#AEN723"
>Joining the Client to the Domain</A
></DT
></DL
></DD
><DT
>6.5. <A
HREF="samba-pdc.html#AEN738"
>Common Problems and Errors</A
></DT
><DT
>6.6. <A
HREF="samba-pdc.html#AEN786"
>System Policies and Profiles</A
></DT
><DT
>6.7. <A
HREF="samba-pdc.html#AEN830"
>What other help can I get?</A
></DT
><DT
>6.8. <A
HREF="samba-pdc.html#AEN944"
>Domain Control for Windows 9x/ME</A
></DT
><DD
><DL
><DT
>6.8.1. <A
HREF="samba-pdc.html#AEN970"
>Configuration Instructions: Network Logons</A
></DT
><DT
>6.8.2. <A
HREF="samba-pdc.html#AEN989"
>Configuration Instructions: Setting up Roaming User Profiles</A
></DT
></DL
></DD
><DT
>6.9. <A
HREF="samba-pdc.html#AEN1082"
>DOMAIN_CONTROL.txt : Windows NT Domain Control &#38; Samba</A
></DT
></DL
></DD
><DT
>7. <A
HREF="samba-bdc.html"
>How to Act as a Backup Domain Controller in a Purely Samba Controlled Domain</A
></DT
><DD
><DL
><DT
>7.1. <A
HREF="samba-bdc.html#AEN1118"
>Prerequisite Reading</A
></DT
><DT
>7.2. <A
HREF="samba-bdc.html#AEN1122"
>Background</A
></DT
><DT
>7.3. <A
HREF="samba-bdc.html#AEN1130"
>What qualifies a Domain Controller on the network?</A
></DT
><DD
><DL
><DT
>7.3.1. <A
HREF="samba-bdc.html#AEN1133"
>How does a Workstation find its domain controller?</A
></DT
><DT
>7.3.2. <A
HREF="samba-bdc.html#AEN1136"
>When is the PDC needed?</A
></DT
></DL
></DD
><DT
>7.4. <A
HREF="samba-bdc.html#AEN1139"
>Can Samba be a Backup Domain Controller?</A
></DT
><DT
>7.5. <A
HREF="samba-bdc.html#AEN1143"
>How do I set up a Samba BDC?</A
></DT
><DD
><DL
><DT
>7.5.1. <A
HREF="samba-bdc.html#AEN1160"
>How do I replicate the smbpasswd file?</A
></DT
></DL
></DD
></DL
></DD
><DT
>8. <A
HREF="ads.html"
>Samba as a ADS domain member</A
></DT
><DD
><DL
><DT
>8.1. <A
HREF="ads.html#AEN1178"
>Installing the required packages for Debian</A
></DT
><DT
>8.2. <A
HREF="ads.html#AEN1184"
>Installing the required packages for RedHat</A
></DT
><DT
>8.3. <A
HREF="ads.html#AEN1193"
>Compile Samba</A
></DT
><DT
>8.4. <A
HREF="ads.html#AEN1205"
>Setup your /etc/krb5.conf</A
></DT
><DT
>8.5. <A
HREF="ads.html#AEN1215"
>Create the computer account</A
></DT
><DD
><DL
><DT
>8.5.1. <A
HREF="ads.html#AEN1219"
>Possible errors</A
></DT
></DL
></DD
><DT
>8.6. <A
HREF="ads.html#AEN1231"
>Test your server setup</A
></DT
><DT
>8.7. <A
HREF="ads.html#AEN1236"
>Testing with smbclient</A
></DT
><DT
>8.8. <A
HREF="ads.html#AEN1239"
>Notes</A
></DT
></DL
></DD
><DT
>9. <A
HREF="domain-security.html"
>Samba as a NT4 domain member</A
></DT
><DD
><DL
><DT
>9.1. <A
HREF="domain-security.html#AEN1261"
>Joining an NT Domain with Samba 2.2</A
></DT
><DT
>9.2. <A
HREF="domain-security.html#AEN1325"
>Samba and Windows 2000 Domains</A
></DT
><DT
>9.3. <A
HREF="domain-security.html#AEN1330"
>Why is this better than security = server?</A
></DT
></DL
></DD
></DL
></DIV
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="pwencrypt.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="samba-pdc.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>LanMan and NT Password Encryption in Samba</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>How to Configure Samba as a NT4 Primary Domain Controller</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

View File

@ -0,0 +1,67 @@
#ifndef _LIBSMB_INTERNAL_H_
#define _LIBSMB_INTERNAL_H_
#define SMBC_MAX_NAME 1023
#define SMBC_FILE_MODE (S_IFREG | 0444)
#define SMBC_DIR_MODE (S_IFDIR | 0555)
#include "../include/libsmbclient.h"
struct _SMBCSRV {
struct cli_state cli;
dev_t dev;
BOOL no_pathinfo2;
int server_fd;
SMBCSRV *next, *prev;
};
/*
* Keep directory entries in a list
*/
struct smbc_dir_list {
struct smbc_dir_list *next;
struct smbc_dirent *dirent;
};
/*
* Structure for open file management
*/
struct _SMBCFILE {
int cli_fd;
char *fname;
off_t offset;
struct _SMBCSRV *srv;
BOOL file;
struct smbc_dir_list *dir_list, *dir_end, *dir_next;
int dir_type, dir_error;
SMBCFILE *next, *prev;
};
struct smbc_internal_data {
/** INTERNAL: is this handle initialized ?
*/
int _initialized;
/** INTERNAL: dirent pointer location
*/
char _dirent[512];
/** INTERNAL: server connection list
*/
SMBCSRV * _servers;
/** INTERNAL: open file/dir list
*/
SMBCFILE * _files;
};
#endif

1032
source3/passdb/pdb_mysql.c Normal file

File diff suppressed because it is too large Load Diff

567
source3/passdb/pdb_xml.c Normal file
View File

@ -0,0 +1,567 @@
/*
* XML password backend for samba
* Copyright (C) Jelmer Vernooij 2002
* Some parts based on the libxml gjobread example by Daniel Veillard
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation, Inc., 675
* Mass Ave, Cambridge, MA 02139, USA.
*/
/* FIXME:
* - Support stdin input by using '-'
* - Be faster. Don't rewrite the whole file when adding a user, but store it in the memory and save it when exiting. Requires changes to samba source.
* - Gives the ability to read/write to standard input/output
* - Do locking!
* - Better names!
*/
#define XML_URL "http://www.samba.org/ns"
#include "includes.h"
#include <libxml/xmlmemory.h>
#include <libxml/parser.h>
static int xmlsam_debug_level = DBGC_ALL;
#undef DBGC_CLASS
#define DBGC_CLASS xmlsam_debug_level
PDB_MODULE_VERSIONING_MAGIC
static char * iota(int a) {
static char tmp[10];
snprintf(tmp, 9, "%d", a);
return tmp;
}
BOOL parsePass(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * u)
{
pstring temp;
cur = cur->xmlChildrenNode;
while (cur != NULL) {
if (strcmp(cur->name, "crypt"))
DEBUG(0, ("Unknown element %s\n", cur->name));
else {
if (!strcmp(xmlGetProp(cur, "type"), "nt")
&&
pdb_gethexpwd(xmlNodeListGetString
(doc, cur->xmlChildrenNode, 1), temp))
pdb_set_nt_passwd(u, temp, PDB_SET);
else if (!strcmp(xmlGetProp(cur, "type"), "lanman")
&&
pdb_gethexpwd(xmlNodeListGetString
(doc, cur->xmlChildrenNode, 1), temp))
pdb_set_lanman_passwd(u, temp, PDB_SET);
else
DEBUG(0,
("Unknown crypt type: %s\n",
xmlGetProp(cur, "type")));
}
cur = cur->next;
}
return True;
}
BOOL parseUser(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * u)
{
char *tmp;
DOM_SID sid;
tmp = xmlGetProp(cur, "sid");
if (tmp){
string_to_sid(&sid, tmp);
pdb_set_user_sid(u, &sid, PDB_SET);
}
tmp = xmlGetProp(cur, "uid");
if (tmp)
pdb_set_uid(u, atol(tmp), PDB_SET);
pdb_set_username(u, xmlGetProp(cur, "name"), PDB_SET);
/* We don't care what the top level element name is */
cur = cur->xmlChildrenNode;
while (cur != NULL) {
if ((!strcmp(cur->name, "group")) && (cur->ns == ns)) {
tmp = xmlGetProp(cur, "gid");
if (tmp)
pdb_set_gid(u, atol(tmp), PDB_SET);
tmp = xmlGetProp(cur, "sid");
if (tmp){
string_to_sid(&sid, tmp);
pdb_set_group_sid(u, &sid, PDB_SET);
}
}
else if ((!strcmp(cur->name, "domain")) && (cur->ns == ns))
pdb_set_domain(u,
xmlNodeListGetString(doc, cur->xmlChildrenNode,
1), PDB_SET);
else if (!strcmp(cur->name, "fullname") && cur->ns == ns)
pdb_set_fullname(u,
xmlNodeListGetString(doc,
cur->xmlChildrenNode,
1), PDB_SET);
else if (!strcmp(cur->name, "nt_username") && cur->ns == ns)
pdb_set_nt_username(u,
xmlNodeListGetString(doc,
cur->xmlChildrenNode,
1), PDB_SET);
else if (!strcmp(cur->name, "logon_script") && cur->ns == ns)
pdb_set_logon_script(u,
xmlNodeListGetString(doc,
cur->xmlChildrenNode,
1), PDB_SET);
else if (!strcmp(cur->name, "profile_path") && cur->ns == ns)
pdb_set_profile_path(u,
xmlNodeListGetString(doc,
cur->xmlChildrenNode,
1), PDB_SET);
else if (!strcmp(cur->name, "logon_time") && cur->ns == ns)
pdb_set_logon_time(u,
atol(xmlNodeListGetString
(doc, cur->xmlChildrenNode, 1)), PDB_SET);
else if (!strcmp(cur->name, "logoff_time") && cur->ns == ns)
pdb_set_logoff_time(u,
atol(xmlNodeListGetString
(doc, cur->xmlChildrenNode, 1)),
PDB_SET);
else if (!strcmp(cur->name, "kickoff_time") && cur->ns == ns)
pdb_set_kickoff_time(u,
atol(xmlNodeListGetString
(doc, cur->xmlChildrenNode, 1)),
PDB_SET);
else if (!strcmp(cur->name, "logon_divs") && cur->ns == ns)
pdb_set_logon_divs(u,
atol(xmlNodeListGetString
(doc, cur->xmlChildrenNode, 1)), PDB_SET);
else if (!strcmp(cur->name, "hours_len") && cur->ns == ns)
pdb_set_hours_len(u,
atol(xmlNodeListGetString
(doc, cur->xmlChildrenNode, 1)), PDB_SET);
else if (!strcmp(cur->name, "unknown_3") && cur->ns == ns)
pdb_set_unknown_3(u,
atol(xmlNodeListGetString
(doc, cur->xmlChildrenNode, 1)), PDB_SET);
else if (!strcmp(cur->name, "unknown_5") && cur->ns == ns)
pdb_set_unknown_5(u,
atol(xmlNodeListGetString
(doc, cur->xmlChildrenNode, 1)), PDB_SET);
else if (!strcmp(cur->name, "unknown_6") && cur->ns == ns)
pdb_set_unknown_6(u,
atol(xmlNodeListGetString
(doc, cur->xmlChildrenNode, 1)), PDB_SET);
else if (!strcmp(cur->name, "homedir") && cur->ns == ns)
pdb_set_homedir(u,
xmlNodeListGetString(doc, cur->xmlChildrenNode,
1), PDB_SET);
else if (!strcmp(cur->name, "unknown_str") && cur->ns == ns)
pdb_set_unknown_str(u,
xmlNodeListGetString(doc,
cur->xmlChildrenNode,
1), PDB_SET);
else if (!strcmp(cur->name, "dir_drive") && cur->ns == ns)
pdb_set_dir_drive(u,
xmlNodeListGetString(doc,
cur->xmlChildrenNode,
1), PDB_SET);
else if (!strcmp(cur->name, "munged_dial") && cur->ns == ns)
pdb_set_munged_dial(u,
xmlNodeListGetString(doc,
cur->xmlChildrenNode,
1), PDB_SET);
else if (!strcmp(cur->name, "acct_desc") && cur->ns == ns)
pdb_set_acct_desc(u,
xmlNodeListGetString(doc,
cur->xmlChildrenNode,
1), PDB_SET);
else if (!strcmp(cur->name, "acct_ctrl") && cur->ns == ns)
pdb_set_acct_ctrl(u,
atol(xmlNodeListGetString
(doc, cur->xmlChildrenNode, 1)), PDB_SET);
else if (!strcmp(cur->name, "workstations") && cur->ns == ns)
pdb_set_workstations(u,
xmlNodeListGetString(doc,
cur->xmlChildrenNode,
1), PDB_SET);
else if ((!strcmp(cur->name, "password")) && (cur->ns == ns)) {
tmp = xmlGetProp(cur, "last_set");
if (tmp)
pdb_set_pass_last_set_time(u, atol(tmp), PDB_SET);
tmp = xmlGetProp(cur, "must_change");
if (tmp)
pdb_set_pass_must_change_time(u, atol(tmp), PDB_SET);
tmp = xmlGetProp(cur, "can_change");
if (tmp)
pdb_set_pass_can_change_time(u, atol(tmp), PDB_SET);
parsePass(doc, ns, cur, u);
}
else
DEBUG(0, ("Unknown element %s\n", cur->name));
cur = cur->next;
}
return True;
}
typedef struct pdb_xml {
char *location;
char written;
xmlDocPtr doc;
xmlNodePtr users;
xmlNodePtr pwent;
xmlNsPtr ns;
} pdb_xml;
xmlNodePtr parseSambaXMLFile(struct pdb_xml *data)
{
xmlNodePtr cur;
data->doc = xmlParseFile(data->location);
if (data->doc == NULL)
return NULL;
cur = xmlDocGetRootElement(data->doc);
if (!cur) {
DEBUG(0, ("empty document\n"));
xmlFreeDoc(data->doc);
return NULL;
}
data->ns = xmlSearchNsByHref(data->doc, cur, XML_URL);
if (!data->ns) {
DEBUG(0,
("document of the wrong type, samba user namespace not found\n"));
xmlFreeDoc(data->doc);
return NULL;
}
if (strcmp(cur->name, "samba")) {
DEBUG(0, ("document of the wrong type, root node != samba"));
xmlFreeDoc(data->doc);
return NULL;
}
cur = cur->xmlChildrenNode;
while (cur && xmlIsBlankNode(cur)) {
cur = cur->next;
}
if (!cur)
return NULL;
if ((strcmp(cur->name, "users")) || (cur->ns != data->ns)) {
DEBUG(0, ("document of the wrong type, was '%s', users expected",
cur->name));
DEBUG(0, ("xmlDocDump follows\n"));
xmlDocDump(stderr, data->doc);
DEBUG(0, ("xmlDocDump finished\n"));
xmlFreeDoc(data->doc);
return NULL;
}
data->users = cur;
cur = cur->xmlChildrenNode;
return cur;
}
static NTSTATUS xmlsam_setsampwent(struct pdb_methods *methods, BOOL update)
{
pdb_xml *data;
if (!methods) {
DEBUG(0, ("Invalid methods\n"));
return NT_STATUS_INVALID_PARAMETER;
}
data = (pdb_xml *) methods->private_data;
if (!data) {
DEBUG(0, ("Invalid pdb_xml_data\n"));
return NT_STATUS_INVALID_PARAMETER;
}
data->pwent = parseSambaXMLFile(data);
if (!data->pwent)
return NT_STATUS_UNSUCCESSFUL;
return NT_STATUS_OK;
}
/***************************************************************
End enumeration of the passwd list.
****************************************************************/
static void xmlsam_endsampwent(struct pdb_methods *methods)
{
pdb_xml *data;
if (!methods) {
DEBUG(0, ("Invalid methods\n"));
return;
}
data = (pdb_xml *) methods->private_data;
if (!data) {
DEBUG(0, ("Invalid pdb_xml_data\n"));
return;
}
xmlFreeDoc(data->doc);
data->doc = NULL;
data->pwent = NULL;
}
/*****************************************************************
Get one SAM_ACCOUNT from the list (next in line)
*****************************************************************/
static NTSTATUS xmlsam_getsampwent(struct pdb_methods *methods, SAM_ACCOUNT * user)
{
pdb_xml *data;
if (!methods) {
DEBUG(0, ("Invalid methods\n"));
return NT_STATUS_INVALID_PARAMETER;
}
data = (pdb_xml *) methods->private_data;
if (!data) {
DEBUG(0, ("Invalid pdb_xml_data\n"));
return NT_STATUS_INVALID_PARAMETER;
}
while (data->pwent) {
if ((!strcmp(data->pwent->name, "user")) &&
(data->pwent->ns == data->ns)) {
parseUser(data->doc, data->ns, data->pwent, user);
data->pwent = data->pwent->next;
return NT_STATUS_OK;
}
data->pwent = data->pwent->next;
}
return NT_STATUS_UNSUCCESSFUL;
}
/***************************************************************************
Adds an existing SAM_ACCOUNT
****************************************************************************/
static NTSTATUS xmlsam_add_sam_account(struct pdb_methods *methods, SAM_ACCOUNT * u)
{
pstring temp;
fstring sid_str;
xmlNodePtr cur, user, pass, root;
pdb_xml *data;
DEBUG(10, ("xmlsam_add_sam_account called!\n"));
if (!methods) {
DEBUG(0, ("Invalid methods\n"));
return NT_STATUS_INVALID_PARAMETER;
}
data = (pdb_xml *) methods->private_data;
if (!data) {
DEBUG(0, ("Invalid pdb_xml_data\n"));
return NT_STATUS_INVALID_PARAMETER;
}
/* Create a new document if we can't open the current one */
if (!parseSambaXMLFile(data)) {
DEBUG(0, ("Can't load current XML file, creating a new one\n"));
data->doc = xmlNewDoc(XML_DEFAULT_VERSION);
root = xmlNewDocNode(data->doc, NULL, "samba", NULL);
cur = xmlDocSetRootElement(data->doc, root);
data->ns = xmlNewNs(root, XML_URL, "samba");
data->users = xmlNewChild(root, data->ns, "users", NULL);
}
user = xmlNewChild(data->users, data->ns, "user", NULL);
xmlNewProp(user, "sid",
sid_to_string(sid_str, pdb_get_user_sid(u)));
if (pdb_get_init_flags(u, PDB_UID) != PDB_DEFAULT)
xmlNewProp(user, "uid", iota(pdb_get_uid(u)));
if (pdb_get_username(u) && strcmp(pdb_get_username(u), ""))
xmlNewProp(user, "name", pdb_get_username(u));
cur = xmlNewChild(user, data->ns, "group", NULL);
xmlNewProp(cur, "sid",
sid_to_string(sid_str, pdb_get_group_sid(u)));
if (pdb_get_init_flags(u, PDB_GID) != PDB_DEFAULT)
xmlNewProp(cur, "gid", iota(pdb_get_gid(u)));
if (pdb_get_init_flags(u, PDB_LOGONTIME) != PDB_DEFAULT)
xmlNewChild(user, data->ns, "login_time",
iota(pdb_get_logon_time(u)));
if (pdb_get_init_flags(u, PDB_LOGOFFTIME) != PDB_DEFAULT)
xmlNewChild(user, data->ns, "logoff_time",
iota(pdb_get_logoff_time(u)));
if (pdb_get_init_flags(u, PDB_KICKOFFTIME) != PDB_DEFAULT)
xmlNewChild(user, data->ns, "kickoff_time",
iota(pdb_get_kickoff_time(u)));
if (pdb_get_domain(u) && strcmp(pdb_get_domain(u), ""))
xmlNewChild(user, data->ns, "domain", pdb_get_domain(u));
if (pdb_get_nt_username(u) && strcmp(pdb_get_nt_username(u), ""))
xmlNewChild(user, data->ns, "nt_username", pdb_get_nt_username(u));
if (pdb_get_fullname(u) && strcmp(pdb_get_fullname(u), ""))
xmlNewChild(user, data->ns, "fullname", pdb_get_fullname(u));
if (pdb_get_homedir(u) && strcmp(pdb_get_homedir(u), ""))
xmlNewChild(user, data->ns, "homedir", pdb_get_homedir(u));
if (pdb_get_dir_drive(u) && strcmp(pdb_get_dir_drive(u), ""))
xmlNewChild(user, data->ns, "dir_drive", pdb_get_dir_drive(u));
if (pdb_get_logon_script(u) && strcmp(pdb_get_logon_script(u), ""))
xmlNewChild(user, data->ns, "logon_script",
pdb_get_logon_script(u));
if (pdb_get_profile_path(u) && strcmp(pdb_get_profile_path(u), ""))
xmlNewChild(user, data->ns, "profile_path",
pdb_get_profile_path(u));
if (pdb_get_acct_desc(u) && strcmp(pdb_get_acct_desc(u), ""))
xmlNewChild(user, data->ns, "acct_desc", pdb_get_acct_desc(u));
if (pdb_get_workstations(u) && strcmp(pdb_get_workstations(u), ""))
xmlNewChild(user, data->ns, "workstations",
pdb_get_workstations(u));
if (pdb_get_unknown_str(u) && strcmp(pdb_get_unknown_str(u), ""))
xmlNewChild(user, data->ns, "unknown_str", pdb_get_unknown_str(u));
if (pdb_get_munged_dial(u) && strcmp(pdb_get_munged_dial(u), ""))
xmlNewChild(user, data->ns, "munged_dial", pdb_get_munged_dial(u));
/* Password stuff */
pass = xmlNewChild(user, data->ns, "password", NULL);
if (pdb_get_pass_last_set_time(u))
xmlNewProp(pass, "last_set", iota(pdb_get_pass_last_set_time(u)));
if (pdb_get_init_flags(u, PDB_CANCHANGETIME) != PDB_DEFAULT)
xmlNewProp(pass, "can_change",
iota(pdb_get_pass_can_change_time(u)));
if (pdb_get_init_flags(u, PDB_MUSTCHANGETIME) != PDB_DEFAULT)
xmlNewProp(pass, "must_change",
iota(pdb_get_pass_must_change_time(u)));
if (pdb_get_lanman_passwd(u)) {
pdb_sethexpwd(temp, pdb_get_lanman_passwd(u),
pdb_get_acct_ctrl(u));
cur = xmlNewChild(pass, data->ns, "crypt", temp);
xmlNewProp(cur, "type", "lanman");
}
if (pdb_get_nt_passwd(u)) {
pdb_sethexpwd(temp, pdb_get_nt_passwd(u), pdb_get_acct_ctrl(u));
cur = xmlNewChild(pass, data->ns, "crypt", temp);
xmlNewProp(cur, "type", "nt");
}
xmlNewChild(user, data->ns, "acct_ctrl", iota(pdb_get_acct_ctrl(u)));
xmlNewChild(user, data->ns, "unknown_3", iota(pdb_get_unknown_3(u)));
if (pdb_get_logon_divs(u))
xmlNewChild(user, data->ns, "logon_divs",
iota(pdb_get_logon_divs(u)));
if (pdb_get_hours_len(u))
xmlNewChild(user, data->ns, "hours_len",
iota(pdb_get_hours_len(u)));
xmlNewChild(user, data->ns, "unknown_5", iota(pdb_get_unknown_5(u)));
xmlNewChild(user, data->ns, "unknown_6", iota(pdb_get_unknown_6(u)));
xmlSaveFile(data->location, data->doc);
return NT_STATUS_OK;
}
NTSTATUS pdb_init(PDB_CONTEXT * pdb_context, PDB_METHODS ** pdb_method,
const char *location)
{
NTSTATUS nt_status;
pdb_xml *data;
xmlsam_debug_level = debug_add_class("xmlsam");
if (xmlsam_debug_level == -1) {
xmlsam_debug_level = DBGC_ALL;
DEBUG(0, ("xmlsam: Couldn't register custom debugging class!\n"));
}
if (!pdb_context) {
DEBUG(0, ("invalid pdb_methods specified\n"));
return NT_STATUS_UNSUCCESSFUL;
}
if (!NT_STATUS_IS_OK
(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) {
return nt_status;
}
(*pdb_method)->name = "xmlsam";
(*pdb_method)->setsampwent = xmlsam_setsampwent;
(*pdb_method)->endsampwent = xmlsam_endsampwent;
(*pdb_method)->getsampwent = xmlsam_getsampwent;
(*pdb_method)->add_sam_account = xmlsam_add_sam_account;
(*pdb_method)->getsampwnam = NULL;
(*pdb_method)->getsampwsid = NULL;
(*pdb_method)->update_sam_account = NULL;
(*pdb_method)->delete_sam_account = NULL;
(*pdb_method)->getgrsid = NULL;
(*pdb_method)->getgrgid = NULL;
(*pdb_method)->getgrnam = NULL;
(*pdb_method)->add_group_mapping_entry = NULL;
(*pdb_method)->update_group_mapping_entry = NULL;
(*pdb_method)->delete_group_mapping_entry = NULL;
(*pdb_method)->enum_group_mapping = NULL;
data = talloc(pdb_context->mem_ctx, sizeof(pdb_xml));
data->location =
(location ? talloc_strdup(pdb_context->mem_ctx, location) : "-");
data->pwent = NULL;
data->written = 0;
(*pdb_method)->private_data = data;
LIBXML_TEST_VERSION xmlKeepBlanksDefault(0);
return NT_STATUS_OK;
}