mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
Adding more docs.
This commit is contained in:
parent
c37467651b
commit
8b75c925b9
@ -83,6 +83,15 @@
|
||||
</affiliation>
|
||||
</author>'>
|
||||
|
||||
<!ENTITY author.dlechnyr '
|
||||
<author>
|
||||
<firstname>David</firstname><surname>Lechnyr</surname>
|
||||
<affiliation>
|
||||
<orgname>Unofficial HOWTO</orgname>
|
||||
<address><email>david@lechnyr.com</email></address>
|
||||
</affiliation>
|
||||
</author>'>
|
||||
|
||||
<!-- URL's -->
|
||||
<!ENTITY url.samba.cvsinfo 'http://pserver.samba.org/samba/cvs.html'>
|
||||
<!ENTITY url.pdc-howto.local 'samba-pdc-howto.html'>
|
||||
@ -440,42 +449,43 @@ an Active Directory environment.
|
||||
<!ENTITY MAN-WINBINDD SYSTEM "manpages/winbindd.8.sgml">
|
||||
|
||||
|
||||
<!ENTITY UNIX-INSTALL SYSTEM "projdoc/UNIX_INSTALL.sgml">
|
||||
<!ENTITY ENCRYPTION SYSTEM "projdoc/ENCRYPTION.sgml">
|
||||
<!ENTITY MS-Dfs-Setup SYSTEM "projdoc/msdfs_setup.sgml">
|
||||
<!ENTITY PRINTER-DRIVER2 SYSTEM "projdoc/printer_driver2.sgml">
|
||||
<!ENTITY DOMAIN-MEMBER SYSTEM "projdoc/DOMAIN_MEMBER.sgml">
|
||||
<!ENTITY WINBIND SYSTEM "projdoc/winbind.sgml">
|
||||
<!ENTITY NT-Security SYSTEM "projdoc/NT_Security.sgml">
|
||||
<!ENTITY Samba-PDC-HOWTO SYSTEM "projdoc/Samba-PDC-HOWTO.sgml">
|
||||
<!ENTITY Samba-BDC-HOWTO SYSTEM "projdoc/Samba-BDC-HOWTO.sgml">
|
||||
<!ENTITY CVS-Access SYSTEM "projdoc/CVS-Access.sgml">
|
||||
<!ENTITY IntegratingWithWindows SYSTEM "projdoc/Integrating-with-Windows.sgml">
|
||||
<!ENTITY Samba-PAM SYSTEM "projdoc/PAM-Authentication-And-Samba.sgml">
|
||||
<!ENTITY Samba-LDAP SYSTEM "projdoc/Samba-LDAP-HOWTO.sgml">
|
||||
<!ENTITY Diagnosis SYSTEM "projdoc/Diagnosis.sgml">
|
||||
<!ENTITY BUGS SYSTEM "projdoc/Bugs.sgml">
|
||||
<!ENTITY SECURITY-LEVEL SYSTEM "projdoc/security_level.sgml">
|
||||
<!ENTITY SPEED SYSTEM "projdoc/Speed.sgml">
|
||||
<!ENTITY ADS-HOWTO SYSTEM "projdoc/ADS-HOWTO.sgml">
|
||||
<!ENTITY AdvancedNetworkAdmin SYSTEM "projdoc/AdvancedNetworkAdmin.sgml">
|
||||
<!ENTITY BROWSING SYSTEM "projdoc/Browsing.sgml">
|
||||
<!ENTITY BROWSING-Quick SYSTEM "projdoc/Browsing-Quickguide.sgml">
|
||||
<!ENTITY BUGS SYSTEM "projdoc/Bugs.sgml">
|
||||
<!ENTITY CUPS SYSTEM "projdoc/CUPS-printing.sgml">
|
||||
<!ENTITY CVS-Access SYSTEM "projdoc/CVS-Access.sgml">
|
||||
<!ENTITY Compiling SYSTEM "projdoc/Compiling.sgml">
|
||||
<!ENTITY DOMAIN-MEMBER SYSTEM "projdoc/DOMAIN_MEMBER.sgml">
|
||||
<!ENTITY Diagnosis SYSTEM "projdoc/Diagnosis.sgml">
|
||||
<!ENTITY ENCRYPTION SYSTEM "projdoc/ENCRYPTION.sgml">
|
||||
<!ENTITY GROUP-MAPPING-HOWTO SYSTEM "projdoc/GROUP-MAPPING-HOWTO.sgml">
|
||||
<!ENTITY Portability SYSTEM "projdoc/Portability.sgml">
|
||||
<!ENTITY IntegratingWithWindows SYSTEM "projdoc/Integrating-with-Windows.sgml">
|
||||
<!ENTITY IntroSMB SYSTEM "projdoc/IntroSMB.sgml">
|
||||
<!ENTITY MS-Dfs-Setup SYSTEM "projdoc/msdfs_setup.sgml">
|
||||
<!ENTITY NT-Security SYSTEM "projdoc/NT_Security.sgml">
|
||||
<!ENTITY NT4Migration SYSTEM "projdoc/NT4Migration.sgml">
|
||||
<!ENTITY Other-Clients SYSTEM "projdoc/Other-Clients.sgml">
|
||||
<!ENTITY ADS-HOWTO SYSTEM "projdoc/ADS-HOWTO.sgml">
|
||||
<!ENTITY PRINTER-DRIVER2 SYSTEM "projdoc/printer_driver2.sgml">
|
||||
<!ENTITY Passdb SYSTEM "projdoc/passdb.sgml">
|
||||
<!ENTITY PolicyMgmt SYSTEM "projdoc/PolicyMgmt.sgml">
|
||||
<!ENTITY Portability SYSTEM "projdoc/Portability.sgml">
|
||||
<!ENTITY ProfileMgmt SYSTEM "projdoc/ProfileMgmt.sgml">
|
||||
<!ENTITY SECURITY-LEVEL SYSTEM "projdoc/security_level.sgml">
|
||||
<!ENTITY SPEED SYSTEM "projdoc/Speed.sgml">
|
||||
<!ENTITY SWAT SYSTEM "projdoc/SWAT.sgml">
|
||||
<!ENTITY Samba-BDC-HOWTO SYSTEM "projdoc/Samba-BDC-HOWTO.sgml">
|
||||
<!ENTITY Samba-LDAP SYSTEM "projdoc/Samba-LDAP-HOWTO.sgml">
|
||||
<!ENTITY Samba-PAM SYSTEM "projdoc/PAM-Authentication-And-Samba.sgml">
|
||||
<!ENTITY Samba-PDC-HOWTO SYSTEM "projdoc/Samba-PDC-HOWTO.sgml">
|
||||
<!ENTITY SecuringSamba SYSTEM "projdoc/securing-samba.sgml">
|
||||
<!ENTITY ServerType SYSTEM "projdoc/ServerType.sgml">
|
||||
<!ENTITY Trusts SYSTEM "projdoc/InterdomainTrusts.sgml">
|
||||
<!ENTITY UNIX-INSTALL SYSTEM "projdoc/UNIX_INSTALL.sgml">
|
||||
<!ENTITY VFS SYSTEM "projdoc/VFS.sgml">
|
||||
<!ENTITY WINBIND SYSTEM "projdoc/winbind.sgml">
|
||||
<!ENTITY pdb-mysql SYSTEM "projdoc/pdb_mysql.sgml">
|
||||
<!ENTITY pdb.sgml SYSTEM "projdoc/pdb.sgml.sgml">
|
||||
<!ENTITY VFS SYSTEM "projdoc/VFS.sgml">
|
||||
<!ENTITY Passdb SYSTEM "projdoc/passdb.sgml">
|
||||
<!ENTITY ServerType SYSTEM "projdoc/ServerType.sgml">
|
||||
<!ENTITY SecuringSamba SYSTEM "projdoc/securing-samba.sgml">
|
||||
<!ENTITY Compiling SYSTEM "projdoc/Compiling.sgml">
|
||||
<!ENTITY unicode SYSTEM "projdoc/unicode.sgml">
|
||||
<!ENTITY CUPS SYSTEM "projdoc/CUPS-printing.sgml">
|
||||
<!ENTITY AdvancedNetworkAdmin SYSTEM "projdoc/AdvancedNetworkAdmin.sgml">
|
||||
<!ENTITY PolicyMgmt SYSTEM "projdoc/PolicyMgmt.sgml">
|
||||
<!ENTITY ProfileMgmt SYSTEM "projdoc/ProfileMgmt.sgml">
|
||||
<!ENTITY NT4Migration SYSTEM "projdoc/NT4Migration.sgml">
|
||||
<!ENTITY SWAT SYSTEM "projdoc/SWAT.sgml">
|
||||
<!ENTITY Trusts SYSTEM "projdoc/InterdomainTrusts.sgml">
|
||||
<!ENTITY problems SYSTEM "projdoc/Problems.sgml">
|
||||
<!ENTITY unicode SYSTEM "projdoc/unicode.sgml">
|
||||
|
@ -13,8 +13,10 @@
|
||||
|
||||
<title>How to compile SAMBA</title>
|
||||
|
||||
<para>You can obtain the samba source from the <ulink url="http://samba.org/">samba website</ulink>. To obtain a development version,
|
||||
you can download samba from CVS or using rsync. </para>
|
||||
<para>
|
||||
You can obtain the samba source from the <ulink url="http://samba.org/">samba website</ulink>. To obtain a development version,
|
||||
you can download samba from CVS or using rsync.
|
||||
</para>
|
||||
|
||||
<sect1>
|
||||
<title>Access Samba source code via CVS</title>
|
||||
@ -177,6 +179,57 @@ on this system just substitute the correct package name
|
||||
</para>
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>Verifying Samba's PGP signature</title>
|
||||
|
||||
<para>
|
||||
In these days of insecurity, it's strongly recommended that you verify the PGP signature for any
|
||||
source file before installing it. According to Jerry Carter of the Samba Team, only about 22% of
|
||||
all Samba downloads have had a corresponding PGP signature download (a very low percentage, which
|
||||
should be considered a bad thing). Even if you're not downloading from a mirror site, verifying PGP
|
||||
signatures should be a standard reflex.
|
||||
</para>
|
||||
|
||||
|
||||
<para>
|
||||
With that said, go ahead and download the following files:
|
||||
</para>
|
||||
|
||||
<para><programlisting>
|
||||
$ wget http://us1.samba.org/samba/ftp/samba-2.2.8a.tar.asc
|
||||
$ wget http://us1.samba.org/samba/ftp/samba-pubkey.asc
|
||||
</programlisting></para>
|
||||
|
||||
<para>
|
||||
The first file is the PGP signature for the Samba source file; the other is the Samba public
|
||||
PGP key itself. Import the public PGP key with:
|
||||
</para>
|
||||
|
||||
<programlisting>
|
||||
$ gpg --import samba-pubkey.asc
|
||||
</programlisting>
|
||||
|
||||
<para>
|
||||
And verify the Samba source code integrity with:
|
||||
</para>
|
||||
|
||||
<programlisting>
|
||||
$ gzip -d samba-2.2.8a.tar.gz
|
||||
$ gpg --verify samba-2.2.8a.tar.asc
|
||||
</programlisting>
|
||||
|
||||
<para>
|
||||
If you receive a message like, "Good signature from Samba Distribution Verification Key..."
|
||||
then all is well. The warnings about trust relationships can be ignored. An example of what
|
||||
you would not want to see would be:
|
||||
</para>
|
||||
|
||||
<programlisting>
|
||||
gpg: BAD signature from "Samba Distribution Verification Key"
|
||||
</programlisting>
|
||||
|
||||
</sect1>
|
||||
|
||||
<sect1>
|
||||
<title>Building the Binaries</title>
|
||||
|
||||
|
175
docs/docbook/projdoc/IntroSMB.sgml
Normal file
175
docs/docbook/projdoc/IntroSMB.sgml
Normal file
@ -0,0 +1,175 @@
|
||||
<chapter id="IntroSMB">
|
||||
<chapterinfo>
|
||||
&author.dlechnyr;
|
||||
<pubdate>April 13, 2003</pubdate>
|
||||
</chapterinfo>
|
||||
|
||||
<title>Introduction to Samba</title>
|
||||
|
||||
<para>
|
||||
Samba provides MS Windows file and print services over TCP/IP and provides compatible support for
|
||||
all SMB/CIFS enabled clients. Samba can be used to provide seemless interoperability between unix
|
||||
/ Linux systems and MS Windows clients and servers. A global team of about 30 active programmers
|
||||
is responsible for the development of Samba, a marvelous tool that was originally developed by
|
||||
Andrew Tridgell. That team of developers is known as the Samba-Team.
|
||||
</para>
|
||||
|
||||
<sect1>
|
||||
<title>Background</title>
|
||||
|
||||
<para>
|
||||
Once long ago, there was a buzzword referred to as DCE/RPC. This stood for Distributed Computing
|
||||
Environment/Remote Procedure Calls and conceptually was a good idea. It was originally developed
|
||||
by Apollo/HP as NCA 1.0 (Network Computing Architecture) and only ran over UDP. When there was
|
||||
a need to run it over TCP so that it would be compatible with DECnet 3.0, it was redesigned,
|
||||
submitted to The Open Group, and officially became known as DCE/RPC. Microsoft came along and
|
||||
decided, rather than pay $20 per seat to license this technology, to reimplement DCE/RPC
|
||||
themselves as MSRPC. From this, the concept continued in the form of SMB (Server Message Block,
|
||||
or the "what") using the NetBIOS (Network Basic Input/Output System, or the "how") compatibility
|
||||
layer. You can run SMB (i.e., transport) over several different protocols; many different
|
||||
implementations arose as a result, including NBIPX (NetBIOS over IPX, NwLnkNb, or NWNBLink) and
|
||||
NBT (NetBIOS over TCP/IP, or NetBT). As the years passed, NBT became the most common form of
|
||||
implementation until the advance of "Direct-Hosted TCP" -- the Microsoft marketing term for
|
||||
eliminating NetBIOS entirely and running SMB by itself across TCP port 445 only. As of yet,
|
||||
direct-hosted TCP has yet to catch on. And so the story goes.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Perhaps the best summary of the origins of SMB are voiced in the 1997 article titled, CIFS:
|
||||
Common Insecurities Fail Scrutiny:
|
||||
</para>
|
||||
|
||||
<para><emphasis>
|
||||
Several megabytes of NT-security archives, random whitepapers, RFCs, the CIFS spec, the Samba
|
||||
stuff, a few MS knowledge-base articles, strings extracted from binaries, and packet dumps have
|
||||
been dutifully waded through during the information-gathering stages of this project, and there
|
||||
are *still* many missing pieces... While often tedious, at least the way has been generously
|
||||
littered with occurrences of clapping hand to forehead and muttering 'crikey, what are they
|
||||
thinking?
|
||||
</emphasis></para>
|
||||
|
||||
<sect2>
|
||||
<title>Terminology</title>
|
||||
|
||||
<itemizedlist>
|
||||
|
||||
<listitem><para>
|
||||
SMB: Acronym for "Server Message Block". This is a Microsoft's file and printer
|
||||
sharing protocol.
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>
|
||||
CIFS: Acronym for the "Common Internet File System". Around 1996, Microsoft apparently
|
||||
decided that SMB needed the word "Internet" in it, so they changed it to CIFS.
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>
|
||||
Direct-Hosted: A method of providing file/printer sharing services over port 445/tcp
|
||||
only, using DNS for name resolution instead of WINS.
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>
|
||||
IPC: Acronym for "Inter-process Communication". A method to communicate specific
|
||||
information between programs.
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>
|
||||
Marshalling: - A method of serializing (i.e., sequential ordering of) variable data
|
||||
suitable for transmission via a network connection or storing in a file. The source
|
||||
data can be re-created using a similar process called unmarshalling.
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>
|
||||
NetBIOS: Acronym for "Network Basic Input/Output System". This is not a protocol;
|
||||
it is a method of communication across an existing protocol. This is a standard which
|
||||
was originally developed for IBM by Sytek in 1983. To exaggerate the analogy a bit,
|
||||
it can help to think of this in comparison your computer's BIOS -- it controlls the
|
||||
essential functions of your input/output hardware -- whereas NetBIOS controlls the
|
||||
essential functions of your input/output traffic via the network. Again, this is a bit
|
||||
of an exaggeration but it should help that paradigm shift. What is important to realize
|
||||
is that NetBIOS is a transport standard, not a protocol. Unfortunately, even technically
|
||||
brilliant people tend to interchange NetBIOS with terms like NetBEUI without a second
|
||||
thought; this will cause no end (and no doubt) of confusion.
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>
|
||||
NetBEUI: Acronym for the "NetBIOS Extended User Interface". Unlike NetBIOS, NetBEUI
|
||||
is a protocol, not a standard. It is also not routable, so traffic on one side of a
|
||||
router will be unable to communicate with the other side. Understanding NetBEUI is
|
||||
not essential to deciphering SMB; however it helps to point out that it is not the
|
||||
same as NetBIOS and to improve your score in trivia at parties. NetBEUI was originally
|
||||
referred to by Microsoft as "NBF", or "The Windows NT NetBEUI Frame protocol driver".
|
||||
It is not often heard from these days.
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>
|
||||
NBT: Acronym for "NetBIOS over TCP"; also known as "NetBT". Allows the continued use
|
||||
of NetBIOS traffic proxied over TCP/IP. As a result, NetBIOS names are made equivilant
|
||||
to IP addresses and NetBIOS name types are conceptually equivilant to TCP/IP ports.
|
||||
This is how file and printer sharing are accomplished in Windows 95/98/ME. They
|
||||
traditionally rely on three ports: NetBIOS Name Service (nbname) via UDP port 137,
|
||||
NetBIOS Datagram Service (nbdatagram) via UDP port 138, and NetBIOS Session Service
|
||||
(nbsession) via TCP port 139. All name resolution is done via WINS, NetBIOS broadcasts,
|
||||
and DNS. NetBIOS over TCP is documented in RFC 1001 (Concepts and methods) and RFC 1002
|
||||
(Detailed specifications).
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>
|
||||
W2K: Acronym for Windows 2000 Professional or Server
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>
|
||||
W3K: Acronym for Windows 2003 Server
|
||||
</para></listitem>
|
||||
|
||||
</itemizedlist>
|
||||
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>Related Projects>
|
||||
|
||||
<para>
|
||||
Currently, there are two projects that are directly related to Samba: SMBFS and CIFS network
|
||||
client file systems for Linux, both available in the Linux kernel itself.
|
||||
</para>
|
||||
|
||||
<itemizedlist>
|
||||
|
||||
<listitem><para>
|
||||
SMBFS (Server Message Block File System) allows you to mount SMB shares (the protocol
|
||||
Windows 95/98/ME, Windows NT/2000/XP and OS/2 Lan Manager use to share files and printers
|
||||
over local networks) and access them just like any other Unix directory. This is useful
|
||||
if you just want to mount such filesystems without being a SMBFS server.
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>
|
||||
CIFS (Common Internet File System) is the successor to SMB, and is actively being worked
|
||||
on in the upcoming version of the Linux kernel (2.5/2.6). The intent of this module is to
|
||||
provide advanced network file system functionality including support for dfs (heirarchical
|
||||
name space), secure per-user session establishment, safe distributed caching (oplock),
|
||||
optional packet signing, Unicode and other internationalization improvements, and optional
|
||||
Winbind (nsswitch) integration. If you enable CONFIG_CIFS in the Linux kernel, be aware
|
||||
that it is currently in an early development stage and may not be as stable as the existing
|
||||
CONFIG_SMB_FS option.
|
||||
</para></listitem>
|
||||
|
||||
</itemizedlist>
|
||||
|
||||
<para>
|
||||
Again, it's important to note that these are implementations for client filesystems, and have
|
||||
nothing to do with acting as a file and print server for SMB/CIFS clients.
|
||||
</para>
|
||||
|
||||
</sect2>
|
||||
|
||||
<sect2>
|
||||
<title>Miscellaneous</title>
|
||||
|
||||
<para>
|
||||
This chapter is Copyright © 2003 David Lechnyr. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation. A copy of the license is available at http://www.gnu.org/licenses/fdl.txt.
|
||||
</para>
|
||||
|
||||
</sect2>
|
||||
</sect1>
|
||||
</chapter>
|
Loading…
Reference in New Issue
Block a user