sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-04 17:47:26 +03:00
Code

Merge of documentation updates to HEAD. These got missed somewhere along

Browse Source 
the way.
(This used to be commit afad150bacfd02ec83c57ea9ba9152ff59fb7eee)
This commit is contained in:
David O'Neill 2001-01-05 17:50:50 +00:00
parent b6e811b90b
commit fbe0299e54
9 changed files with 1474 additions and 1913 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
docs/docbook/samba-pdc-faq.sgml
View File

@ -8,7 +8,7 @@
<firstname>David</firstname><surname>Bannon</surname>
<affiliation><orgname>La Trobe University</orgname></affiliation>
</author>
<address><email>D.Bannon@latrobe.edu.au</email></address>
<address><email>dbannon@samba.org</email></address>
<pubdate>November 2000</pubdate>
</bookinfo>
@ -45,11 +45,26 @@
<sect1><title id=stateofplay>State of Play</title>
<para><emphasis>It should be noted that 2.2.0 in its pre-release form still has a few problems,
I'll try and keep this section current while things are still dynamic.
At the time of this update (November 13, 2000) the current state of play is :</emphasis></para>
At the time of this update (December 15, 2000) the current state of play is :</emphasis></para>
<para>Comments here about W2K joining the domain apply only to Samba 2.2 from the CVS after November 27th. The
'snapshot' release Samba2.2alpha1 does not work !!! See below on how to get a CVS tree.</para>
<para><command>Known Bug !</>W2K machines will not successfully join a domain with a name that
is made up from an even number of characters. Yep, thats right ! BIOTEST is OK as is MYDOMAI
but MYDOMAIN will not work until this bug is fixed. Hmm.., we believe
that this bug is fixed, but see below.</para>
<para><command>Known Bug !</>After some bugs were fixed just before
Christmas, W2K SP1 machines cannot join the domain. Expected to be
fixed early in the new year. Whats that ? yeah, samba developers
have a Christmas break too !</para>
<para><command>Know Bug !</>NTs (and possibly W2K ?) are not told the logged on user is a domain
admin if the parameter "domain admin users = user" is used. The alternative, "domain admin group"
does work. See the HowTo.</>
<para>Client Side creation of Machine accounts does work but is not complete.
Firstly, the <filename>add user script</> runs as the user who's
name was entered, not as root. Secondly, the machine name passed to the script (%U)
@ -799,7 +814,7 @@
and documentation. The docs that come with the samba distribution contain very
good explanations of general SMB topics such as browsing.</para>
<sect2><title>URLs and similar</title>
<sect2><title id=urls>URLs and similar</title>
<itemizedlist>
@ -824,6 +839,10 @@
http://www.kneschke.de/projekte/samba_tng</ulink>, but again, a
lot of it does not apply to the main stream Samba.</para></listitem>
<listitem><para>See how Scott Merrill simulates a BDC behaviour at
<ulink url="http://www.skippy.net/linux/smb-howto.html">
http://www.skippy.net/linux/smb-howto.html</>. </para></listitem>
<listitem><para>Although 2.0.7 has almost had its day as a PDC, I (drb) will
keep the 2.0.7 PDC pages at <ulink url="http://bioserve.latrobe.edu.au/samba">
http://bioserve.latrobe.edu.au/samba</ulink> going for a while yet.</para></listitem>

26
docs/docbook/samba-pdc-howto.sgml
View File

@ -25,7 +25,7 @@
<dedication><title></title>
<para>Comments, corrections and additions to <email>D.Bannon@latrobe.edu.au</email></para>
<para>Comments, corrections and additions to <email>dbannon@samba.org</email></para>
<para>
This document explains how to setup Samba as a Primary Domain Controller and
@ -255,7 +255,7 @@ developmental versions of Samba, particularly
encrypt passwords = yes
domain logons =yes
logon script = scripts\%U.bat
domain admin users = root dbannon andrew
domain admin group = @adm
add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$
guest account = ftp
share modes=no
@ -294,8 +294,19 @@ developmental versions of Samba, particularly
</listitem>
</varlistentry>
<varlistentry><term>domain admin group = @adm</term>
<listitem><para>This parameter specifies a unix group whose members will be granted
admin privileges on a NT workstation when
logged onto that workstation. See the section called <link linkend=domainadmin>
Domain Admin</> Accounts.</para>
</listitem>
</varlistentry>
<varlistentry><term>domain admin users = user1 users2</term>
<listitem><para>This parameter specifies a unix user who will be granted admin privileges
<listitem><para>It appears that this parameter does not funtion correctly at present.
Use the 'domain admin group' instread. This parameter specifies a unix user who will
be granted admin privileges
on a NT workstation when
logged onto that workstation. See the section called <link linkend=domainadmin>
Domain Admin</> Accounts.</para>
@ -510,15 +521,16 @@ developmental versions of Samba, particularly
<para>Samba 2.2 recognizes particular users as being
domain admins and tells the NTws when it thinks that it has got one logged on.
In the smb.conf file we declare
that the <filename>Domain Admin users = user1 user2</filename>.
Any user mentioned here will be treated as a Domain Admin by a NTws when
that the <filename>Domain Admin group = @adm</filename>.
Any user who is a menber of the unix group 'adm' is treated as a Domain Admin by a NTws when
logged onto the Domain. They will have full Administrator rights
including the rights to change permissions on files and run the system
utilities such as Disk Administrator.</para>
utilities such as Disk Administrator. Add users to the group by editing <filename>
/etc/group/</>. You do not need to use the 'adm' group, choose any one you like.</para>
<para>Further, and this is very new, they will be allowed to create a
new machine account when first connecting a new NT or W2K machine to
the domain. <emphasis>At present, ie pre-release, only a Domain Admin who
the domain. <emphasis>However, at present, ie pre-release, only a Domain Admin who
also happens to be root can do so. </emphasis></para>
</sect1>
</chapter>

242
docs/htmldocs/samba-pdc-faq.html
View File

@ -104,57 +104,57 @@ HREF="#AEN27"
></DT
><DT
><A
HREF="#AEN44"
HREF="#AEN50"
>Introduction</A
></DT
></DL
></DD
><DT
>2. <A
HREF="#AEN49"
HREF="#AEN55"
>General Information</A
></DT
><DD
><DL
><DT
><A
HREF="#AEN51"
HREF="#AEN57"
>What can we do ?</A
></DT
><DD
><DL
><DT
><A
HREF="#AEN53"
HREF="#AEN59"
>What can Samba Primary Domain Controller (PDC) do ?</A
></DT
><DT
><A
HREF="#AEN86"
HREF="#AEN92"
>Can I have a Windows 2000 client logon to a Samba controlled domain?</A
></DT
><DT
><A
HREF="#AEN89"
HREF="#AEN95"
>What's the status of print spool (spoolss) support in the NTDOM code?</A
></DT
></DL
></DD
><DT
><A
HREF="#AEN92"
HREF="#AEN98"
>CVS</A
></DT
><DD
><DL
><DT
><A
HREF="#AEN95"
HREF="#AEN101"
>What are the different Samba branches available in CVS ?</A
></DT
><DT
><A
HREF="#AEN118"
HREF="#AEN124"
>What are the CVS commands ?</A
></DT
></DL
@ -163,58 +163,58 @@ HREF="#AEN118"
></DD
><DT
>3. <A
HREF="#AEN149"
HREF="#AEN155"
>Establishing Connections</A
></DT
><DD
><DL
><DT
><A
HREF="#AEN151"
HREF="#AEN157"
></A
></DT
><DD
><DL
><DT
><A
HREF="#AEN153"
HREF="#AEN159"
>How do I get my NT4 or W2000 Workstation to login to the Samba controlled Domain?</A
></DT
><DT
><A
HREF="#AEN158"
HREF="#AEN164"
>What is a 'machine account' ?</A
></DT
><DT
><A
HREF="#AEN165"
HREF="#AEN171"
>"The machine account for this computer either does not exist or is not accessable."</A
></DT
><DT
><A
HREF="#AEN171"
HREF="#AEN177"
>How do I create machine accounts manually ?</A
></DT
><DT
><A
HREF="#AEN184"
HREF="#AEN190"
>I cannot include a '$' in a machine name.</A
></DT
><DT
><A
HREF="#AEN190"
HREF="#AEN196"
>I get told "You already have a connection to the Domain...." when creating a
machine account.</A
></DT
><DT
><A
HREF="#AEN194"
HREF="#AEN200"
>I get told "Cannot join domain, the credentials supplied conflict
with an existing set.."</A
></DT
><DT
><A
HREF="#AEN198"
HREF="#AEN204"
>"The system can not log you on (C000019B)...."</A
></DT
></DL
@ -223,93 +223,93 @@ HREF="#AEN198"
></DD
><DT
>4. <A
HREF="#AEN202"
HREF="#AEN208"
>User Account Management</A
></DT
><DD
><DL
><DT
><A
HREF="#AEN204"
HREF="#AEN210"
>Domain Admins</A
></DT
><DD
><DL
><DT
><A
HREF="#AEN206"
HREF="#AEN212"
>How do I configure an account as a domain administrator?</A
></DT
></DL
></DD
><DT
><A
HREF="#AEN210"
HREF="#AEN216"
>Profiles</A
></DT
><DD
><DL
><DT
><A
HREF="#AEN212"
HREF="#AEN218"
>Why is it bad to set "logon path = \\%N\%U\profile" in smb.conf? ?</A
></DT
><DT
><A
HREF="#AEN226"
HREF="#AEN232"
>Why are all the users listed in the "domain admin users" using the same profile?</A
></DT
><DT
><A
HREF="#AEN229"
HREF="#AEN235"
>The roaming profiles do not seem to be updating on the server.</A
></DT
></DL
></DD
><DT
><A
HREF="#AEN237"
HREF="#AEN243"
>Policies</A
></DT
><DD
><DL
><DT
><A
HREF="#AEN239"
HREF="#AEN245"
>What are 'Policies' ?.</A
></DT
><DT
><A
HREF="#AEN246"
HREF="#AEN252"
>I can't get system policies to work.</A
></DT
><DT
><A
HREF="#AEN260"
HREF="#AEN266"
>What about Windows NT Policy Editor ?</A
></DT
><DT
><A
HREF="#AEN274"
HREF="#AEN280"
>Can Win95 do Policies ?</A
></DT
></DL
></DD
><DT
><A
HREF="#AEN280"
HREF="#AEN286"
>Passwords</A
></DT
><DD
><DL
><DT
><A
HREF="#AEN282"
HREF="#AEN288"
>What is password sync and should I use it ?</A
></DT
><DT
><A
HREF="#AEN295"
HREF="#AEN301"
>How do I get remote password (unix and SMB) changing working ?</A
></DT
></DL
@ -318,41 +318,41 @@ HREF="#AEN295"
></DD
><DT
>5. <A
HREF="#AEN301"
HREF="#AEN307"
>Miscellaneous</A
></DT
><DD
><DL
><DT
><A
HREF="#AEN303"
HREF="#AEN309"
></A
></DT
><DD
><DL
><DT
><A
HREF="#AEN305"
HREF="#AEN311"
>What editor can I use in DOS/Windows that won't mess with my unix EOF</A
></DT
><DT
><A
HREF="#AEN318"
HREF="#AEN324"
>How do I get 'User Manager' and 'Server Manager'</A
></DT
><DT
><A
HREF="#AEN333"
HREF="#AEN339"
>The time setting from a Samba server does not work.</A
></DT
><DT
><A
HREF="#AEN337"
HREF="#AEN343"
>"trust account xxx should be in DOMAIN_GROUP_RID_USERS"</A
></DT
><DT
><A
HREF="#AEN341"
HREF="#AEN347"
>How do I get my samba server to become a member ( not PDC ) of an NT domain?</A
></DT
></DL
@ -361,51 +361,51 @@ HREF="#AEN341"
></DD
><DT
>6. <A
HREF="#AEN376"
HREF="#AEN382"
>Troubleshooting and Bug Reporting</A
></DT
><DD
><DL
><DT
><A
HREF="#AEN378"
HREF="#AEN384"
>Diagnostic tools</A
></DT
><DD
><DL
><DT
><A
HREF="#AEN380"
HREF="#AEN386"
>What are some diagnostics tools I can use to debug the domain logon process and where can I
find them?</A
></DT
><DT
><A
HREF="#AEN394"
HREF="#AEN400"
>How do I install 'Network Monitor' on an NT Workstation or a Windows 9x box?</A
></DT
></DL
></DD
><DT
><A
HREF="#AEN423"
HREF="#AEN429"
>What other help can I get ?</A
></DT
><DD
><DL
><DT
><A
HREF="#AEN426"
HREF="#AEN432"
>URLs and similar</A
></DT
><DT
><A
HREF="#AEN472"
HREF="#AEN481"
>How do I get help from the mailing lists ?</A
></DT
><DT
><A
HREF="#AEN501"
HREF="#AEN510"
>How do I get off the mailing lists ?</A
></DT
></DL
@ -434,12 +434,35 @@ NAME="AEN27"
CLASS="EMPHASIS"
>It should be noted that 2.2.0 in its pre-release form still has a few problems,
I'll try and keep this section current while things are still dynamic.
At the time of this update (November 13, 2000) the current state of play is :</I
At the time of this update (December 15, 2000) the current state of play is :</I
></P
><P
>Comments here about W2K joining the domain apply only to Samba 2.2 from the CVS after November 27th. The
'snapshot' release Samba2.2alpha1 does not work !!! See below on how to get a CVS tree.</P
><P
><B
CLASS="COMMAND"
>Known Bug !</B
>W2K machines will not successfully join a domain with a name that
is made up from an even number of characters. Yep, thats right ! BIOTEST is OK as is MYDOMAI
but MYDOMAIN will not work until this bug is fixed. Hmm.., we believe
that this bug is fixed, but see below.</P
><P
><B
CLASS="COMMAND"
>Known Bug !</B
>After some bugs were fixed just before
Christmas, W2K SP1 machines cannot join the domain. Expected to be
fixed early in the new year. Whats that ? yeah, samba developers
have a Christmas break too !</P
><P
><B
CLASS="COMMAND"
>Know Bug !</B
>NTs (and possibly W2K ?) are not told the logged on user is a domain
admin if the parameter "domain admin users = user" is used. The alternative, "domain admin group"
does work. See the HowTo.</P
><P
>Client Side creation of Machine accounts does work but is not complete.
Firstly, the <TT
CLASS="FILENAME"
@ -495,7 +518,7 @@ CLASS="SECT1"
><HR><H1
CLASS="SECT1"
><A
NAME="AEN44"
NAME="AEN50"
>Introduction</A
></H1
><P
@ -516,7 +539,7 @@ NAME="AEN44"
CLASS="CHAPTER"
><HR><H1
><A
NAME="AEN49"
NAME="AEN55"
>Chapter 2. General Information</A
></H1
><DIV
@ -524,7 +547,7 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN51"
NAME="AEN57"
>What can we do ?</A
></H1
><DIV
@ -532,7 +555,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN53"
NAME="AEN59"
>What can Samba Primary Domain Controller (PDC) do ?</A
></H2
><P
@ -617,7 +640,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN86"
NAME="AEN92"
>Can I have a Windows 2000 client logon to a Samba controlled domain?</A
></H2
><P
@ -630,7 +653,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN89"
NAME="AEN95"
>What's the status of print spool (spoolss) support in the NTDOM code?</A
></H2
><P
@ -644,7 +667,7 @@ CLASS="SECT1"
><HR><H1
CLASS="SECT1"
><A
NAME="AEN92"
NAME="AEN98"
>CVS</A
></H1
><P
@ -656,7 +679,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN95"
NAME="AEN101"
>What are the different Samba branches available in CVS ?</A
></H2
><P
@ -729,7 +752,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN118"
NAME="AEN124"
>What are the CVS commands ?</A
></H2
><P
@ -816,7 +839,7 @@ CLASS="COMMAND"
CLASS="CHAPTER"
><HR><H1
><A
NAME="AEN149"
NAME="AEN155"
>Chapter 3. Establishing Connections</A
></H1
><DIV
@ -824,7 +847,7 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN151"
NAME="AEN157"
></A
></H1
><DIV
@ -832,7 +855,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN153"
NAME="AEN159"
>How do I get my NT4 or W2000 Workstation to login to the Samba controlled Domain?</A
></H2
><P
@ -853,7 +876,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN158"
NAME="AEN164"
>What is a 'machine account' ?</A
></H2
><P
@ -867,7 +890,7 @@ CLASS="FILENAME"
>/usr/local/samba/private/smbpasswd</TT
>. Under
some circumstances these entries are made <A
HREF="#AEN171"
HREF="#AEN177"
>manually</A
>, the
<A
@ -881,7 +904,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN165"
NAME="AEN171"
>"The machine account for this computer either does not exist or is not accessable."</A
></H2
><P
@ -910,7 +933,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN171"
NAME="AEN177"
>How do I create machine accounts manually ?</A
></H2
><P
@ -955,7 +978,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN184"
NAME="AEN190"
>I cannot include a '$' in a machine name.</A
></H2
><P
@ -979,7 +1002,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN190"
NAME="AEN196"
>I get told "You already have a connection to the Domain...." when creating a
machine account.</A
></H2
@ -999,13 +1022,13 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN194"
NAME="AEN200"
>I get told "Cannot join domain, the credentials supplied conflict
with an existing set.."</A
></H2
><P
>This is the same basic problem as mentioned above, <A
HREF="#AEN190"
HREF="#AEN196"
> "You already have a connection..."</A
></P
></DIV
@ -1014,7 +1037,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN198"
NAME="AEN204"
>"The system can not log you on (C000019B)...."</A
></H2
><P
@ -1034,7 +1057,7 @@ NAME="AEN198"
CLASS="CHAPTER"
><HR><H1
><A
NAME="AEN202"
NAME="AEN208"
>Chapter 4. User Account Management</A
></H1
><DIV
@ -1042,7 +1065,7 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN204"
NAME="AEN210"
>Domain Admins</A
></H1
><DIV
@ -1050,7 +1073,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN206"
NAME="AEN212"
>How do I configure an account as a domain administrator?</A
></H2
><P
@ -1066,7 +1089,7 @@ CLASS="SECT1"
><HR><H1
CLASS="SECT1"
><A
NAME="AEN210"
NAME="AEN216"
>Profiles</A
></H1
><DIV
@ -1074,7 +1097,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN212"
NAME="AEN218"
>Why is it bad to set "logon path = \\%N\%U\profile" in smb.conf? ?</A
></H2
><P
@ -1121,7 +1144,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN226"
NAME="AEN232"
>Why are all the users listed in the "domain admin users" using the same profile?</A
></H2
><P
@ -1132,7 +1155,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN229"
NAME="AEN235"
>The roaming profiles do not seem to be updating on the server.</A
></H2
><P
@ -1144,7 +1167,7 @@ CLASS="COMMAND"
>net time \\server /set /yes</B
> replacing server with the
name of your PDC (or another synchronized SMB server). See <A
HREF="#AEN333"
HREF="#AEN339"
> about Setting Time</A
></P
><P
@ -1162,7 +1185,7 @@ CLASS="SECT1"
><HR><H1
CLASS="SECT1"
><A
NAME="AEN237"
NAME="AEN243"
>Policies</A
></H1
><DIV
@ -1170,7 +1193,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN239"
NAME="AEN245"
>What are 'Policies' ?.</A
></H2
><P
@ -1188,7 +1211,7 @@ CLASS="COMMAND"
>[netlogon]</B
>share. The file is created with a policy editor
and must be readable by anyone and writeable by only root. See <A
HREF="#AEN260"
HREF="#AEN266"
> below</A
> for how to get a suitable editor.</P
></DIV
@ -1197,7 +1220,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN246"
NAME="AEN252"
>I can't get system policies to work.</A
></H2
><P
@ -1219,7 +1242,7 @@ CLASS="COMMAND"
> share and must be
readable by everyone and writeable by only root. The file must be created
by an NTServer <A
HREF="#AEN260"
HREF="#AEN266"
>Policy Editor</A
>.</P
><P
@ -1256,7 +1279,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN260"
NAME="AEN266"
>What about Windows NT Policy Editor ?</A
></H2
><P
@ -1318,7 +1341,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN274"
NAME="AEN280"
>Can Win95 do Policies ?</A
></H2
><P
@ -1343,7 +1366,7 @@ CLASS="SECT1"
><HR><H1
CLASS="SECT1"
><A
NAME="AEN280"
NAME="AEN286"
>Passwords</A
></H1
><DIV
@ -1351,7 +1374,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN282"
NAME="AEN288"
>What is password sync and should I use it ?</A
></H2
><P
@ -1400,7 +1423,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN295"
NAME="AEN301"
>How do I get remote password (unix and SMB) changing working ?</A
></H2
><P
@ -1430,7 +1453,7 @@ CLASS="PROGRAMLISTING"
CLASS="CHAPTER"
><HR><H1
><A
NAME="AEN301"
NAME="AEN307"
>Chapter 5. Miscellaneous</A
></H1
><DIV
@ -1438,7 +1461,7 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN303"
NAME="AEN309"
></A
></H1
><DIV
@ -1446,7 +1469,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN305"
NAME="AEN311"
>What editor can I use in DOS/Windows that won't mess with my unix EOF</A
></H2
><P
@ -1486,7 +1509,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN318"
NAME="AEN324"
>How do I get 'User Manager' and 'Server Manager'</A
></H2
><P
@ -1534,7 +1557,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN333"
NAME="AEN339"
>The time setting from a Samba server does not work.</A
></H2
><P
@ -1551,7 +1574,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN337"
NAME="AEN343"
>"trust account xxx should be in DOMAIN_GROUP_RID_USERS"</A
></H2
><P
@ -1566,7 +1589,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN341"
NAME="AEN347"
>How do I get my samba server to become a member ( not PDC ) of an NT domain?</A
></H2
><P
@ -1607,7 +1630,7 @@ CLASS="EMPHASIS"
>sleepy$</I
>. It would have to be
created <A
HREF="#AEN171"
HREF="#AEN177"
>manually</A
>. </P
><P
@ -1707,7 +1730,7 @@ CLASS="PROGRAMLISTING"
CLASS="CHAPTER"
><HR><H1
><A
NAME="AEN376"
NAME="AEN382"
>Chapter 6. Troubleshooting and Bug Reporting</A
></H1
><DIV
@ -1715,7 +1738,7 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN378"
NAME="AEN384"
>Diagnostic tools</A
></H1
><DIV
@ -1723,7 +1746,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN380"
NAME="AEN386"
>What are some diagnostics tools I can use to debug the domain logon process and where can I
find them?</A
></H2
@ -1788,7 +1811,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN394"
NAME="AEN400"
>How do I install 'Network Monitor' on an NT Workstation or a Windows 9x box?</A
></H2
><P
@ -1873,7 +1896,7 @@ CLASS="SECT1"
><HR><H1
CLASS="SECT1"
><A
NAME="AEN423"
NAME="AEN429"
>What other help can I get ?</A
></H1
><P
@ -1885,7 +1908,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN426"
NAME="AEN432"
>URLs and similar</A
></H2
><P
@ -1936,6 +1959,15 @@ TARGET="_top"
></LI
><LI
><P
>See how Scott Merrill simulates a BDC behaviour at
<A
HREF="http://www.skippy.net/linux/smb-howto.html"
TARGET="_top"
> http://www.skippy.net/linux/smb-howto.html</A
>. </P
></LI
><LI
><P
>Although 2.0.7 has almost had its day as a PDC, I (drb) will
keep the 2.0.7 PDC pages at <A
HREF="http://bioserve.latrobe.edu.au/samba"
@ -2019,7 +2051,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN472"
NAME="AEN481"
>How do I get help from the mailing lists ?</A
></H2
><P
@ -2122,7 +2154,7 @@ CLASS="SECT2"
><HR><H2
CLASS="SECT2"
><A
NAME="AEN501"
NAME="AEN510"
>How do I get off the mailing lists ?</A
></H2
><P

2948
docs/htmldocs/samba-pdc-howto.html
View File

File diff suppressed because it is too large Load Diff

77
docs/htmldocs/smbcontrol.1.html
View File

@ -3,7 +3,6 @@
<html><head><title>smbcontrol (1)</title>
<link rev="made" href="mailto:samba@samba.org">
@ -16,87 +15,91 @@
<h2>Samba</h2>
<h2>29 Sep 2000</h2>
<p><a name="NAME"></a>
<p><br><a name="NAME"></a>
<h2>NAME</h2>
smbcontrol - send messages to smbd or nmbd processes
<p><a name="SYNOPSIS"></a>
<p><br><a name="SYNOPSIS"></a>
<h2>SYNOPSIS</h2>
<p><strong>smbcontrol</strong> <a href="smbcontrol.1.html#minusi">-i</a>
<p><strong>smbcontrol</strong> <a href="smbcontrol.1.html#destination">destination</a> <a href="smbcontrol.1.html#messagetype">message-type</a> <a href="smbcontrol.1.html#parameters">parameters</a>
<p><a name="DESCRIPTION"></a>
<p><br><strong>smbcontrol</strong> <a href="smbcontrol.1.html#minusi">-i</a>
<p><br><strong>smbcontrol</strong> <a href="smbcontrol.1.html#destination">destination</a> <a href="smbcontrol.1.html#messagetype">message-type</a> <a href="smbcontrol.1.html#parameters">parameters</a>
<p><br><a name="DESCRIPTION"></a>
<h2>DESCRIPTION</h2>
<p>This program is part of the <strong>Samba</strong> suite.
<p><strong>smbcontrol</strong> is a very small program, which sends messages to an
<p><br>This program is part of the <strong>Samba</strong> suite.
<p><br><strong>smbcontrol</strong> is a very small program, which sends messages to an
<a href="smbd.8.html"><strong>smbd</strong></a> or an <a href="nmbd.8.html"><strong>nmbd</strong></a> daemon
running on the system.
<p><a name="OPTIONS"></a>
<p><br><a name="OPTIONS"></a>
<h2>OPTIONS</h2>
<p><dl>
<p><a name="minusi"></a>
<p></p><dt><strong><strong>-i</strong></strong><dd> Run interactively. Individual commands of the form
<p><br><ul>
<p><br><a name="minusi"></a>
<li><strong><strong>-i</strong></strong> Run interactively. Individual commands of the form
<a href="smbcontrol.1.html#destination">destination</a> <a href="smbcontrol.1.html#messagetype">message-type</a> <a href="smbcontrol.1.html#parameters">parameters</a>
can be entered on STDIN. An empty command line or a "q" will quit the program.
<p><a name="destination"></a>
<p></p><dt><strong><strong>destination</strong></strong><dd> is one of "nmbd", "smbd" or a process ID.
<p>The <strong>smbd</strong> destination causes the message to be "broadcast" to all
<p><br><a name="destination"></a>
<li><strong><strong>destination</strong></strong> is one of "nmbd", "smbd" or a process ID.
<p><br>The <strong>smbd</strong> destination causes the message to be "broadcast" to all
smbd daemons.
<p>The <strong>nmbd</strong> destination causes the message to be sent to the nmbd
<p><br>The <strong>nmbd</strong> destination causes the message to be sent to the nmbd
daemon specified in the <strong>nmbd.pid</strong> file.
<p>If a single process ID is given, the message is sent to only that
<p><br>If a single process ID is given, the message is sent to only that
process.
<p><a name="messagetype"></a>
<p></p><dt><strong><strong>message-type</strong></strong><dd> is one of: debug, force-election, ping, profile,
debuglevel, or printer-notify.
<p>The <strong>debug</strong> message-type allows the debug level to be set to the value
<p><br><a name="messagetype"></a>
<li><strong><strong>message-type</strong></strong> is one of: debug, force-election, ping, profile,
debuglevel, profilelevel, or printer-notify.
<p><br>The <strong>debug</strong> message-type allows the debug level to be set to the value
specified by the parameter. This can be sent to any of the destinations.
<p>The <strong>force-election</strong> message-type can only be sent to the <strong>nmbd</strong>
<p><br>The <strong>force-election</strong> message-type can only be sent to the <strong>nmbd</strong>
destination. This message causes the <strong>nmbd</strong> daemon to force a
new browse master election.
<p>The <strong>ping</strong> message-type sends the number of "ping" messages specified
<p><br>The <strong>ping</strong> message-type sends the number of "ping" messages specified
by the parameter and waits for the same number of
reply "pong" messages. This can be sent to any of the destinations.
<p>The <strong>profile</strong> message-type sends a message to an smbd to change the profile
<p><br>The <strong>profile</strong> message-type sends a message to an smbd to change the profile
settings based on the parameter. The parameter can be "on" to turn on
profile stats collection, "off" to turn off profile stats collection, "count"
to enable only collection of count stats (time stats are disabled), and
"flush" to zero the current profile stats.
This can be sent to any of the destinations.
<p>The <strong>debuglevel</strong> message-type sends a "request debug level" message.
<p><br>The <strong>debuglevel</strong> message-type sends a "request debug level" message.
The current debug level setting is returned by a
"debuglevel" message. This can be sent to any of the destinations.
<p>The <strong>printer-notify</strong> message-type sends a message to smbd which in turn
<p><br>The <strong>profilelevel</strong> message-type sends a "request profile level" message.
The current profile level setting is returned by a
"profilelevel" message. This can be sent to any of the destinations.
<p><br>The <strong>printer-notify</strong> message-type sends a message to smbd which in turn
sends a printer notify message to any Windows NT clients connected to
a printer. This message-type takes an argument of the printer name to
send notify messages to. This message can only be sent to smbd.
<p><a name="parameters"></a>
<p></p><dt><strong><strong>parameters</strong></strong><dd> is any parameters required for the message-type
<p></dl>
<p><a name="VERSION"></a>
<p><br><a name="parameters"></a>
<li><strong><strong>parameters</strong></strong> is any parameters required for the message-type
<p><br></ul>
<p><br><a name="VERSION"></a>
<h2>VERSION</h2>
<p>This man page is correct for version 2.2.0 of the Samba suite.
<p><a name="SEEALSO"></a>
<p><br>This man page is correct for version 2.2.0 of the Samba suite.
<p><br><a name="SEEALSO"></a>
<h2>SEE ALSO</h2>
<p><a href="smbd.8.html"><strong>smbd (8)</strong></a>, <a href="nmbd.8.html"><strong>nmbd (8)</strong></a>
<p><a name="AUTHOR"></a>
<p><br><a href="smbd.8.html"><strong>smbd (8)</strong></a>, <a href="nmbd.8.html"><strong>nmbd (8)</strong></a>
<p><br><a name="AUTHOR"></a>
<h2>AUTHOR</h2>
<p>The original Samba software and related utilities were created by
<p><br>The original Samba software and related utilities were created by
Andrew Tridgell <a href="mailto:samba@samba.org"><em>samba@samba.org</em></a>. Samba is now developed
by the Samba Team as an Open Source project similar to the way the
Linux kernel is developed.
<p>This man page source was written in YODL format (another excellent piece of Open
<p><br>This man page source was written in YODL format (another excellent piece of Open
Source software, available at
<a href="ftp://ftp.icce.rug.nl/pub/unix/"><strong>ftp://ftp.icce.rug.nl/pub/unix/</strong></a>)
for the Samba 2.2.0 release by Herb Lewis.
<a href="mailto:samba@samba.org"><em>samba@samba.org</em></a>.
<p>See <a href="samba.7.html"><strong>samba (7)</strong></a> to find out how to get a full
<p><br>See <a href="samba.7.html"><strong>samba (7)</strong></a> to find out how to get a full
list of contributors and details on how to submit bug reports,
comments etc.
</body>

12
docs/manpages/smbcontrol.1
View File

@ -1,4 +1,4 @@
.TH "smbcontrol " "1" "29 Sep 2000" "Samba" "SAMBA"
.TH SMBCONTROL 1 "23 Nov 2000" "smbcontrol 2.2.0-alpha1"
.PP
.SH "NAME"
smbcontrol \- send messages to smbd or nmbd processes
@ -39,7 +39,7 @@ process\&.
.IP
.IP "\fBmessage-type\fP"
is one of: debug, force-election, ping, profile,
debuglevel, or printer-notify\&.
debuglevel, profilelevel, or printer-notify\&.
.IP
The \fBdebug\fP message-type allows the debug level to be set to the value
specified by the parameter\&. This can be sent to any of the destinations\&.
@ -63,6 +63,10 @@ The \fBdebuglevel\fP message-type sends a "request debug level" message\&.
The current debug level setting is returned by a
"debuglevel" message\&. This can be sent to any of the destinations\&.
.IP
The \fBprofilelevel\fP message-type sends a "request profile level" message\&.
The current profile level setting is returned by a
"profilelevel" message\&. This can be sent to any of the destinations\&.
.IP
The \fBprinter-notify\fP message-type sends a message to smbd which in turn
sends a printer notify message to any Windows NT clients connected to
a printer\&. This message-type takes an argument of the printer name to
@ -83,7 +87,7 @@ This man page is correct for version 2\&.2\&.0 of the Samba suite\&.
.SH "AUTHOR"
.PP
The original Samba software and related utilities were created by
Andrew Tridgell samba@samba\&.org\&. Samba is now developed
Andrew Tridgell \fIsamba@samba\&.org\fP\&. Samba is now developed
by the Samba Team as an Open Source project similar to the way the
Linux kernel is developed\&.
.PP
@ -91,7 +95,7 @@ This man page source was written in YODL format (another excellent piece of Open
Source software, available at
\fBftp://ftp\&.icce\&.rug\&.nl/pub/unix/\fP)
for the Samba 2\&.2\&.0 release by Herb Lewis\&.
samba@samba\&.org\&.
\fIsamba@samba\&.org\fP\&.
.PP
See \fBsamba (7)\fP to find out how to get a full
list of contributors and details on how to submit bug reports,

18
docs/textdocs/samba-pdc-faq.txt
View File

@ -133,13 +133,27 @@ State of Play
It should be noted that 2.2.0 in its pre-release form still has a few
problems, I'll try and keep this section current while things are
still dynamic. At the time of this update (November 13, 2000) the
still dynamic. At the time of this update (December 15, 2000) the
current state of play is :
Comments here about W2K joining the domain apply only to Samba 2.2
from the CVS after November 27th. The 'snapshot' release
Samba2.2alpha1 does not work !!! See below on how to get a CVS tree.
Known Bug !W2K machines will not successfully join a domain with a
name that is made up from an even number of characters. Yep, thats
right ! BIOTEST is OK as is MYDOMAI but MYDOMAIN will not work until
this bug is fixed. Hmm.., we believe that this bug is fixed, but see
below.
Known Bug !After some bugs were fixed just before Christmas, W2K SP1
machines cannot join the domain. Expected to be fixed early in the new
year. Whats that ? yeah, samba developers have a Christmas break too !
Know Bug !NTs (and possibly W2K ?) are not told the logged on user is
a domain admin if the parameter "domain admin users = user" is used.
The alternative, "domain admin group" does work. See the HowTo.
Client Side creation of Machine accounts does work but is not
complete. Firstly, the add user script runs as the user who's name was
entered, not as root. Secondly, the machine name passed to the script
@ -839,6 +853,8 @@ URLs and similar
* Lars Kneschke's site covers Samba-TNG at
http://www.kneschke.de/projekte/samba_tng, but again, a lot of it
does not apply to the main stream Samba.
* See how Scott Merrill simulates a BDC behaviour at
http://www.skippy.net/linux/smb-howto.html.
* Although 2.0.7 has almost had its day as a PDC, I (drb) will keep
the 2.0.7 PDC pages at http://bioserve.latrobe.edu.au/samba going
for a while yet.

33
docs/textdocs/samba-pdc-howto.txt
View File

@ -7,7 +7,7 @@ David Bannon
_________________________________________________________________
_________________________________________________________________
Comments, corrections and additions to <D.Bannon@latrobe.edu.au>
Comments, corrections and additions to <dbannon@samba.org>
This document explains how to setup Samba as a Primary Domain
Controller and applies to version 2.2.0. Before using these functions
@ -251,7 +251,7 @@ A sample conf file
encrypt passwords = yes
domain logons =yes
logon script = scripts\%U.bat
domain admin users = root dbannon andrew
domain admin group = @adm
add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/n
ull -s /bin/false %m$
guest account = ftp
@ -287,10 +287,17 @@ PDC Config Parameters
and the other parameters are chosen as suitable for a machine
account. Works for RH Linux, your system may require changes.
domain admin group = @adm
This parameter specifies a unix group whose members will be
granted admin privileges on a NT workstation when logged onto
that workstation. See the section called Domain Admin Accounts.
domain admin users = user1 users2
This parameter specifies a unix user who will be granted admin
privileges on a NT workstation when logged onto that
workstation. See the section called Domain Admin Accounts.
It appears that this parameter does not funtion correctly at
present. Use the 'domain admin group' instread. This parameter
specifies a unix user who will be granted admin privileges on a
NT workstation when logged onto that workstation. See the
section called Domain Admin Accounts.
encrypt passwords = yes
This parameter must be 'yes' to allow any of the recent service
@ -462,16 +469,18 @@ Domain Admin Accounts
Samba 2.2 recognizes particular users as being domain admins and tells
the NTws when it thinks that it has got one logged on. In the smb.conf
file we declare that the Domain Admin users = user1 user2. Any user
mentioned here will be treated as a Domain Admin by a NTws when logged
onto the Domain. They will have full Administrator rights including
the rights to change permissions on files and run the system utilities
such as Disk Administrator.
file we declare that the Domain Admin group = @adm. Any user who is a
menber of the unix group 'adm' is treated as a Domain Admin by a NTws
when logged onto the Domain. They will have full Administrator rights
including the rights to change permissions on files and run the system
utilities such as Disk Administrator. Add users to the group by
editing /etc/group/. You do not need to use the 'adm' group, choose
any one you like.
Further, and this is very new, they will be allowed to create a new
machine account when first connecting a new NT or W2K machine to the
domain. At present, ie pre-release, only a Domain Admin who also
happens to be root can do so.
domain. However, at present, ie pre-release, only a Domain Admin who
also happens to be root can do so.
_________________________________________________________________
Chapter 4. Profiles, Policies and Logon Scripts

6
docs/yodldocs/smbcontrol.1.yo
View File

@ -45,7 +45,7 @@ process.
label(messagetype)
dit(bf(message-type)) is one of: debug, force-election, ping, profile,
debuglevel, or printer-notify.
debuglevel, profilelevel, or printer-notify.
The bf(debug) message-type allows the debug level to be set to the value
specified by the parameter. This can be sent to any of the destinations.
@ -69,6 +69,10 @@ The bf(debuglevel) message-type sends a "request debug level" message.
The current debug level setting is returned by a
"debuglevel" message. This can be sent to any of the destinations.
The bf(profilelevel) message-type sends a "request profile level" message.
The current profile level setting is returned by a
"profilelevel" message. This can be sent to any of the destinations.
The bf(printer-notify) message-type sends a message to smbd which in turn
sends a printer notify message to any Windows NT clients connected to
a printer. This message-type takes an argument of the printer name to