sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-28 07:21:54 +03:00
Code

More edits.

Browse Source 
(This used to be commit f774111756)
This commit is contained in:
John Terpstra 2005-05-25 23:41:19 +00:00 committed by Gerald W. Carter
parent 118a2b639a
commit 709054576a
2 changed files with 174 additions and 176 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

179
docs/Samba-Guide/SBE-MigrateNT4Samba3.xml
View File

@ -399,108 +399,103 @@
no account information can be deleted.
</para></step>
<example id="sbent4smb">
<smbconfexample id="sbent4smb">
<title>NT4 Migration Samba-3 Server <filename>smb.conf</filename> &smbmdash; Part: A</title>
<screen>
# Global parameters
[global]
workgroup = DAMNATION
netbios name = MERLIN
passdb backend = ldapsam:ldap://localhost
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 0
smb ports = 139 445
name resolve order = wins bcast hosts
show add printer wizard = Yes
add user script = /opt/IDEALX/sbin/smbldap-useradd -m '%u'
# delete user script = /opt/IDEALX/sbin/smbldap-userdel '%u'
add group script = /opt/IDEALX/sbin/smbldap-groupadd -p '%g' -t domain
# delete group script = /opt/IDEALX/sbin/smbldap-groupdel '%g'
add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m '%u' '%g' -t domain
# delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x '%u' '%g' -t domain
set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g '%g' '%u'
add machine script = /opt/IDEALX/sbin/smbldap-useradd -w '%u'
logon script = scripts\logon.cmd
logon path = \\%L\profiles\%U
logon home = \\%L\%U
logon drive = X:
domain logons = Yes
domain master = No
# wins support = Yes
wins server = 192.168.123.124
ldap admin dn = cn=Manager,dc=terpstra-world,dc=org
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=People
ldap passwd sync = Yes
ldap suffix = dc=terpstra-world,dc=org
ldap ssl = no
ldap timeout = 20
ldap user suffix = ou=People
idmap backend = ldap:ldap://localhost
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind nested groups = Yes
ea support = Yes
map acl inherit = Yes
</screen>
</example>
<smbconfcomment>Global parameters</smbconfcomment>
<smbconfsection name="[global]"/>
<smbconfoption name="workgroup">DAMNATION</smbconfoption>
<smbconfoption name="netbios name">MERLIN</smbconfoption>
<smbconfoption name="passdb backend">ldapsam:ldap://localhost</smbconfoption>
<smbconfoption name="username map">/etc/samba/smbusers</smbconfoption>
<smbconfoption name="log level">1</smbconfoption>
<smbconfoption name="syslog">0</smbconfoption>
<smbconfoption name="log file">/var/log/samba/%m</smbconfoption>
<smbconfoption name="max log size">0</smbconfoption>
<smbconfoption name="smb ports">139 445</smbconfoption>
<smbconfoption name="name resolve order">wins bcast hosts</smbconfoption>
<smbconfoption name="show add printer wizard">Yes</smbconfoption>
<smbconfoption name="add user script">/opt/IDEALX/sbin/smbldap-useradd -m '%u'</smbconfoption>
<smbconfoption name="#delete user script">/opt/IDEALX/sbin/smbldap-userdel '%u'</smbconfoption>
<smbconfoption name="add group script">/opt/IDEALX/sbin/smbldap-groupadd '%g'</smbconfoption>
<smbconfoption name="#delete group script">/opt/IDEALX/sbin/smbldap-groupdel '%g'</smbconfoption>
<smbconfoption name="add user to group script">/opt/IDEALX/sbin/</smbconfoption>
<member><parameter>smbldap-groupmod -m '%u' '%g'</parameter></member>
<smbconfoption name="#delete user from group script">/opt/IDEALX/</smbconfoption>
<member><parameter>sbin/smbldap-groupmod -x '%u' '%g'</parameter></member>
<smbconfoption name="set primary group script">/opt/IDEALX/</smbconfoption>
<member><parameter>sbin/smbldap-usermod -g '%g' '%u'</parameter></member>
<smbconfoption name="add machine script">/opt/IDEALX/sbin/</smbconfoption>
<member><parameter>smbldap-useradd -w '%u'</parameter></member>
<smbconfoption name="logon script">scripts\logon.cmd</smbconfoption>
<smbconfoption name="logon path">\\%L\profiles\%U</smbconfoption>
<smbconfoption name="logon home">\\%L\%U</smbconfoption>
<smbconfoption name="logon drive">X:</smbconfoption>
<smbconfoption name="domain logons">Yes</smbconfoption>
<smbconfoption name="domain master">No</smbconfoption>
<smbconfoption name="#wins support">Yes</smbconfoption>
<smbconfoption name="wins server">192.168.123.124</smbconfoption>
<smbconfoption name="ldap admin dn">cn=Manager,dc=terpstra-world,dc=org</smbconfoption>
<smbconfoption name="ldap group suffix">ou=Groups</smbconfoption>
<smbconfoption name="ldap idmap suffix">ou=Idmap</smbconfoption>
<smbconfoption name="ldap machine suffix">ou=People</smbconfoption>
<smbconfoption name="ldap passwd sync">Yes</smbconfoption>
<smbconfoption name="ldap suffix">dc=terpstra-world,dc=org</smbconfoption>
<smbconfoption name="ldap ssl">no</smbconfoption>
<smbconfoption name="ldap timeout">20</smbconfoption>
<smbconfoption name="ldap user suffix">ou=People</smbconfoption>
<smbconfoption name="idmap backend">ldap:ldap://localhost</smbconfoption>
<smbconfoption name="idmap uid">15000-20000</smbconfoption>
<smbconfoption name="idmap gid">15000-20000</smbconfoption>
<smbconfoption name="winbind nested groups">Yes</smbconfoption>
<smbconfoption name="ea support">Yes</smbconfoption>
<smbconfoption name="map acl inherit">Yes</smbconfoption>
</smbconfexample>
<example id="sbent4smb2">
<smbconfexample id="sbent4smb2">
<title>NT4 Migration Samba-3 Server <filename>smb.conf</filename> &smbmdash; Part: B</title>
<screen>
[apps]
comment = Application Data
path = /data/home/apps
read only = No
<smbconfsection name="[apps]"/>
<smbconfoption name="comment">Application Data</smbconfoption>
<smbconfoption name="path">/data/home/apps</smbconfoption>
<smbconfoption name="read only">No</smbconfoption>
[media]
comment = Media Files
path = /data/home2
read only = No
<smbconfsection name="[homes]"/>
<smbconfoption name="comment">Home Directories</smbconfoption>
<smbconfoption name="path">/home/users/%U/Documents</smbconfoption>
<smbconfoption name="valid users">%S</smbconfoption>
<smbconfoption name="read only">No</smbconfoption>
<smbconfoption name="browseable">No</smbconfoption>
[homes]
comment = Home Directories
path = /home/users/%U/Documents
valid users = %S
read only = No
browseable = No
<smbconfsection name="[printers]"/>
<smbconfoption name="comment">SMB Print Spool</smbconfoption>
<smbconfoption name="path">/var/spool/samba</smbconfoption>
<smbconfoption name="guest ok">Yes</smbconfoption>
<smbconfoption name="printable">Yes</smbconfoption>
<smbconfoption name="use client driver">No</smbconfoption>
<smbconfoption name="browseable">No</smbconfoption>
[printers]
comment = SMB Print Spool
path = /var/spool/samba
guest ok = Yes
printable = Yes
use client driver = No
browseable = No
<smbconfsection name="[netlogon]"/>
<smbconfoption name="comment">Network Logon Service</smbconfoption>
<smbconfoption name="path">/var/lib/samba/netlogon</smbconfoption>
<smbconfoption name="guest ok">Yes</smbconfoption>
<smbconfoption name="locking">No</smbconfoption>
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = Yes
locking = No
<smbconfsection name="[profiles]"/>
<smbconfoption name="comment">Profile Share</smbconfoption>
<smbconfoption name="path">/var/lib/samba/profiles</smbconfoption>
<smbconfoption name="read only">No</smbconfoption>
<smbconfoption name="profile acls">Yes</smbconfoption>
[profiles]
comment = Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes
<smbconfsection name="[profdata]"/>
<smbconfoption name="comment">Profile Data Share</smbconfoption>
<smbconfoption name="path">/var/lib/samba/profdata</smbconfoption>
<smbconfoption name="read only">No</smbconfoption>
<smbconfoption name="profile acls">Yes</smbconfoption>
[profdata]
comment = Profile Data Share
path = /var/lib/samba/profdata
read only = No
profile acls = Yes
<smbconfsection name="[print$]"/>
<smbconfoption name="comment">Printer Drivers</smbconfoption>
<smbconfoption name="path">/var/lib/samba/drivers</smbconfoption>
</smbconfexample>
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = root
</screen>
</example>
<step><para>
<indexterm><primary>slapd.conf</primary></indexterm>
Configure OpenLDAP in preparation for the migration. An example

171
docs/Samba-Guide/SBE-SecureOfficeServer.xml
View File

@ -821,6 +821,7 @@ echo -e "\nNAT firewall done.\n"
<smbconfoption name="bind interfaces only">Yes</smbconfoption>
<smbconfoption name="passdb backend">tdbsam</smbconfoption>
<smbconfoption name="pam password change">Yes</smbconfoption>
<smbconfoption name="passwd program">/usr/bin/passwd %u</smbconfoption>
<smbconfoption name="passwd chat"></smbconfoption>
<member><parameter>*New*Password* %n\n *Re-enter*new*password*%n\n *Password*changed*</parameter></member>
<smbconfoption name="username map">/etc/samba/smbusers</smbconfoption>
@ -2207,14 +2208,15 @@ Nmap run completed -- 1 IP address (1 host up) scanned in 168 seconds
be done with notebook computers as long as they are identical or sufficiently similar.
</para>
<procedure>
<procedure id="sbewinclntprep">
<title>Windows Client Configuration Procedure</title>
<step><para>
Install MS Windows XP Professional. During installation, configure the client to use DHCP for
TCP/IP protocol configuration.
<indexterm><primary>WINS</primary></indexterm>
<indexterm><primary>DHCP</primary></indexterm>
DHCP configures all Windows clients to use the WINS Server address that has been defined
for the local subnet.
Install MS Windows XP Professional. During installation, configure the client to use DHCP for
TCP/IP protocol configuration. DHCP configures all Windows clients to use the WINS Server
address that has been defined for the local subnet.
</para></step>
<step><para>
@ -2229,8 +2231,8 @@ Nmap run completed -- 1 IP address (1 host up) scanned in 168 seconds
<step><para>
Verify <constant>DIAMOND</constant> is visible in <guimenu>My Network Places</guimenu>,
that it is possible to connect to it and see the shares <guimenuitem>accounts</guimenuitem>,
<guimenuitem>apps</guimenuitem>, and <guimenuitem>finsvcs</guimenuitem>,
and that it is possible to open each share to reveal its contents.
<guimenuitem>apps</guimenuitem>, and <guimenuitem>finsvcs</guimenuitem>, and that it is
possible to open each share to reveal its contents.
</para></step>
<step><para>
@ -2253,94 +2255,95 @@ Nmap run completed -- 1 IP address (1 host up) scanned in 168 seconds
Now install all four printers onto the staging system. The printers you install
include the accounting department HP LaserJet 6 and Minolta QMS Magicolor printers. You will
also configure identical printers that are located in the financial services department.
Install printers on each machine using the following steps:
</para>
Install printers on each machine using the steps shown in <link linkend="sbewinclntptrprep"/>.
</para></step>
<procedure>
<step><para>
Click <menuchoice>
<guimenu>Start</guimenu>
<guimenuitem>Settings</guimenuitem>
<guimenuitem>Printers</guimenuitem>
<guiicon>Add Printer</guiicon>
<guibutton>Next</guibutton>
</menuchoice>. Do not click <guimenuitem>Network printer</guimenuitem>.
Ensure that <guimenuitem>Local printer</guimenuitem> is selected.
</para></step>
<step><para>
<indexterm><primary>defragmentation</primary></indexterm>
When you are satisfied that the staging systems are complete, use the appropriate procedure to
remove the client from the domain. Reboot the system and then log on as the local administrator
and clean out all temporary files stored on the system. Before shutting down, use the disk
defragmentation tool so that the file system is in optimal condition before replication.
</para></step>
<step><para>
Click <guibutton>Next</guibutton>. In the
<guimenuitem>Manufacturer:</guimenuitem> panel, select <constant>HP</constant>.
In the <guimenuitem>Printers:</guimenuitem> panel, select the printer called
<constant>HP LaserJet 6</constant>. Click <guibutton>Next</guibutton>.
</para></step>
<step><para>
Boot the workstation using the Norton (Symantec) Ghosting diskette (or CD-ROM) and image the
machine to a network share on the server.
</para></step>
<step><para>
In the <guimenuitem>Available ports:</guimenuitem> panel, select
<constant>FILE:</constant>. Accept the default printer name by clicking
<guibutton>Next</guibutton>. When asked, <quote>Would you like to print a
test page?,</quote> click <guimenuitem>No</guimenuitem>. Click
<guibutton>Finish</guibutton>.
</para></step>
<step><para>
<indexterm><primary>Windows security identifier</primary><see>SID</see></indexterm>
<indexterm><primary>SID</primary></indexterm>
You may now replicate the image to the target machines using the appropriate Norton Ghost
procedure. Make sure to use the procedure that ensures each machine has a unique
Windows security identifier (SID). When the installation of the disk image has completed, boot the PC.
</para></step>
<step><para>
You may be prompted for the name of a file to print to. If so, close the
dialog panel. Right-click <menuchoice>
<guiicon>HP LaserJet 6</guiicon>
<guimenuitem>Properties</guimenuitem>
<guisubmenu>Details (Tab)</guisubmenu>
<guimenuitem>Add Port</guimenuitem>
</menuchoice>.
</para></step>
<step><para>
Log onto the machine as the local Administrator (the only option), and join the machine to
the Domain, following the procedure set out in Appendix A, <link linkend="domjoin"/>. The system is now
ready for the user to log on, provided you have created a network logon account for that
user, of course.
</para></step>
<step><para>
In the <guimenuitem>Network</guimenuitem> panel, enter the name of
the print queue on the Samba server as follows: <constant>\\DIAMOND\hplj6a</constant>.
Click <menuchoice>
<guibutton>OK</guibutton>
<guibutton>OK</guibutton>
</menuchoice> to complete the installation.
</para></step>
<step><para>
Instruct all users to log onto the workstation using their assigned username and password.
</para></step>
</procedure>
<step><para>
Repeat the printer installation steps above for both HP LaserJet 6 printers
as well as for both QMS Magicolor laser printers.
</para></step>
</procedure>
</step>
<procedure id="sbewinclntptrprep">
<title>Windows Client Printer Preparation Procedure</title>
<step><para>
<indexterm><primary>defragmentation</primary></indexterm>
When you are satisfied that the staging systems are complete, use the appropriate procedure to
remove the client from the domain. Reboot the system and then log on as the local administrator
and clean out all temporary files stored on the system. Before shutting down, use the disk
defragmentation tool so that the file system is in optimal condition before replication.
</para></step>
<step><para>
Click <menuchoice>
<guimenu>Start</guimenu>
<guimenuitem>Settings</guimenuitem>
<guimenuitem>Printers</guimenuitem>
<guiicon>Add Printer</guiicon>
<guibutton>Next</guibutton>
</menuchoice>. Do not click <guimenuitem>Network printer</guimenuitem>.
Ensure that <guimenuitem>Local printer</guimenuitem> is selected.
</para></step>
<step><para>
Boot the workstation using the Norton (Symantec) Ghosting diskette (or CD-ROM) and image the
machine to a network share on the server.
</para></step>
<step><para>
Click <guibutton>Next</guibutton>. In the
<guimenuitem>Manufacturer:</guimenuitem> panel, select <constant>HP</constant>.
In the <guimenuitem>Printers:</guimenuitem> panel, select the printer called
<constant>HP LaserJet 6</constant>. Click <guibutton>Next</guibutton>.
</para></step>
<step><para>
<indexterm><primary>Windows security identifier</primary><see>SID</see></indexterm>
<indexterm><primary>SID</primary></indexterm>
You may now replicate the image to the target machines using the appropriate Norton Ghost
procedure. Make sure to use the procedure that ensures each machine has a unique
Windows security identifier (SID). When the installation of the disk image has completed, boot the PC.
</para></step>
<step><para>
In the <guimenuitem>Available ports:</guimenuitem> panel, select
<constant>FILE:</constant>. Accept the default printer name by clicking
<guibutton>Next</guibutton>. When asked, <quote>Would you like to print a
test page?,</quote> click <guimenuitem>No</guimenuitem>. Click
<guibutton>Finish</guibutton>.
</para></step>
<step><para>
Log onto the machine as the local Administrator (the only option), and join the machine to
the Domain, following the procedure set out in Appendix A, <link linkend="domjoin"/>. The system is now
ready for the user to log on, provided you have created a network logon account for that
user, of course.
</para></step>
<step><para>
You may be prompted for the name of a file to print to. If so, close the
dialog panel. Right-click <menuchoice>
<guiicon>HP LaserJet 6</guiicon>
<guimenuitem>Properties</guimenuitem>
<guisubmenu>Details (Tab)</guisubmenu>
<guimenuitem>Add Port</guimenuitem>
</menuchoice>.
</para></step>
<step><para>
Instruct all users to log onto the workstation using their assigned username and password.
</para></step>
</procedure>
<step><para>
In the <guimenuitem>Network</guimenuitem> panel, enter the name of
the print queue on the Samba server as follows: <constant>\\DIAMOND\hplj6a</constant>.
Click <menuchoice>
<guibutton>OK</guibutton>
<guibutton>OK</guibutton>
</menuchoice> to complete the installation.
</para></step>
<step><para>
Repeat the printer installation steps above for both HP LaserJet 6 printers
as well as for both QMS Magicolor laser printers.
</para></step>
</procedure>
</sect2>