Another update.

(This used to be commit 3269ad5414c2eba17169a644f74174472a29b867)

14 files changed, 120 insertions, 111 deletions

diff --git a/docs/Samba-Guide/SBE-500UserNetwork.xml b/docs/Samba-Guide/SBE-500UserNetwork.xml
index 8aef19b140..11bd09ac04 100644
--- a/docs/Samba-Guide/SBE-500UserNetwork.xml
+++ b/docs/Samba-Guide/SBE-500UserNetwork.xml
@@ -642,10 +642,10 @@ root = Administrator
 			<indexterm><primary>/etc/mime.convs</primary></indexterm>
 			<indexterm><primary>application/octet-stream</primary></indexterm>
 			This step, as well as the next one, may be omitted where CUPS version 1.1.18
-			or later is in use.  Although it does no harm to follow it anyhow, and may
-			help to avoid later time spent trying to figure out why print jobs may be
-			disappearing without trace. Look at these two steps as <emphasis>insurance</emphasis>
-			against lost time. Edit  file <filename>/etc/cups/mime.convs</filename> to 
+			or later is in use.  Although it does no harm to follow it anyway, and may
+			help to avoid time spent later trying to figure out why print jobs may be
+			disappearing without a trace. Look at these two steps as <emphasis>insurance</emphasis>
+			against lost time. Edit file <filename>/etc/cups/mime.convs</filename> to 
 			uncomment the line:
 <screen>
 application/octet-stream     application/vnd.cups-raw      0     -
@@ -694,7 +694,7 @@ application/octet-stream
 	<para>
 	There are some steps that apply to particular server functionality only. Each step is critical
 	to correct server operation. The following step-by-step installation guidance will assist you 
-	to work through the process of configuring the PDC and then both BDC's.
+	in working through the process of configuring the PDC and then both BDC's.
 	</para>
 
 		<sect3>
@@ -893,7 +893,7 @@ Added user <parameter>username</parameter>.
 		<title>Configuration Specific to Domain Member Servers: <constant>BLDG1, BLDG2</constant></title>
 
 		<para>
-		The following steps will guide you trough the nuances of imlplementing BDC's for the broadcast
+		The following steps will guide you through the nuances of implementing BDCs for the broadcast
 		isolated network segments. Remember that if the target installation platform is not Linux, it may
 		be necessary to adapt some commands to the equivalent on the target platform.
 		</para>
diff --git a/docs/Samba-Guide/SBE-AddingUNIXClients.xml b/docs/Samba-Guide/SBE-AddingUNIXClients.xml
index 0135be8a26..28311f0a9a 100644
--- a/docs/Samba-Guide/SBE-AddingUNIXClients.xml
+++ b/docs/Samba-Guide/SBE-AddingUNIXClients.xml
@@ -113,7 +113,7 @@
 			<indexterm><primary>accounts</primary><secondary>authoritative</secondary></indexterm>
 			<indexterm><primary>PDC</primary></indexterm>
 			<indexterm><primary>BDC</primary></indexterm>
-			A domain controller (PDC or BDC) is always authoritative for all accounts in its Domain.
+			A domain controller (PDC or BDC) is always authoritative for all accounts in its domain.
 			This means that a BDC must (of necessity) be able to resolve all account UIDs and GIDs
 			to the same values that the PDC resolved them to.
 			</para></listitem>
@@ -339,7 +339,7 @@
 	</indexterm><indexterm>
 	  <primary>Domain Controller</primary>
 	</indexterm>
-	The domain Member server and the domain member client are at the center of focus in this chapter.
+	The domain member server and the domain member client are at the center of focus in this chapter.
 	Configuration of Samba-3 domain controller is covered in earlier chapters, so if your 
 	interest is in domain controller configuration, you will not find that here. You will find good
 	oil that helps you to add domain member servers and clients.
@@ -632,9 +632,9 @@ Joined domain MEGANET2.
 		<indexterm><primary>failed join</primary></indexterm>
 		<indexterm><primary>rejected</primary></indexterm>
 		<indexterm><primary>restrict anonymous</primary></indexterm>
-		Note: Use "root" for UNIX/Linux and Samba, use "Administrator"for Windows NT4/200X. If the cause of
+		Note: Use "root" for UNIX/Linux and Samba, use "Administrator" for Windows NT4/200X. If the cause of
 		the failure appears to be related to a rejected or failed NT_SESSION_SETUP*  or an error message that
-		says NT_STATUS_ACCESS_DENIED  immediately check the Windows registry setting that controls the
+		says NT_STATUS_ACCESS_DENIED immediately check the Windows registry setting that controls the
 		<constant>restrict anonymous</constant> setting. Set this to the value 0 so that an anonymous connection
 		can be sustained, then try again.
 		</para>
@@ -2011,7 +2011,7 @@ ssl     no
                 </para></step>
 
                 <step><para>
-                Configure an LDAP server and initialize the directory with the top level entries needed by IDMAP
+                Configure an LDAP server and initialize the directory with the top-level entries needed by IDMAP
                 as shown in the following LDIF file:
 <screen>
 dn: dc=snowshow,dc=com
@@ -2223,8 +2223,8 @@ hosts:  files wins
         </itemizedlist>
 
 	<para>
-	The following guidelines are pertinent the deployment of winbind-based authentication
-	and identity resolution with the express purpose of allowing users to log onto UNIX/Linux desktops
+	The following guidelines are pertinent to the deployment of winbind-based authentication
+	and identity resolution with the express purpose of allowing users to log on to UNIX/Linux desktops
 	using Windows network domain user credentials (username and password).
 	</para>
 
@@ -2247,7 +2247,7 @@ hosts:  files wins
 	<indexterm><primary>PAM</primary></indexterm>
 	<indexterm><primary>Identity resolution</primary></indexterm>
 	<indexterm><primary>NSS</primary></indexterm>
-	To permit users to log onto a Linux system using Windows network credentials, you need to
+	To permit users to log on to a Linux system using Windows network credentials, you need to
 	configure identity resolution (NSS) and PAM. This means that the basic steps include those
 	outlined above with the addition of PAM configuration. Given that most workstations (desktop/client)
 	usually do not need to provide file and print services to a group of users, the configuration
@@ -2429,7 +2429,7 @@ session     sufficient    /lib/security/$ISA/pam_winbind.so use_first_pass
 		The addition of UNIX/Linux Samba servers and clients is a common requirement. In this chapter, you
 		learned how to integrate such servers so that the UID/GID mappings they use can be consistent
 		across all domain member servers. You also discovered how to implement the ability to use Samba
-		or Windows domain account credentials to log onto a UNIX/Linux client.
+		or Windows domain account credentials to log on to a UNIX/Linux client.
 		</para>
 
 		<para>
@@ -2610,7 +2610,7 @@ session     sufficient    /lib/security/$ISA/pam_winbind.so use_first_pass
 	<question>
 
 		<para>
-		Are you suggesting that users should not log onto a domain member server? If so, why?
+		Are you suggesting that users should not log on to a domain member server? If so, why?
 		</para>
 
 	</question>
diff --git a/docs/Samba-Guide/SBE-Appendix1.xml b/docs/Samba-Guide/SBE-Appendix1.xml
index 2b98d92abd..9d0e816e42 100644
--- a/docs/Samba-Guide/SBE-Appendix1.xml
+++ b/docs/Samba-Guide/SBE-Appendix1.xml
@@ -1224,10 +1224,10 @@ to LAM using only SSL.
 	</para>
 	
 	<para>
-	The next major release, LAM 0.5, will have less restrictions and support the latest Samba features
-	(e.g. logon hours). The new plugin based architecture also allows to manage much more different
-	account types like plain Unix accounts. The upload can now handle groups and hosts, too. Another
-	important point is the tree view which allows to browse and edit LDAP objects directly.
+	The next major release, LAM 0.5, will have fewer restrictions and support the latest Samba features
+	(e.g., logon hours). The new plugin-based architecture also allows management of much more different
+	account types like plain UNIX accounts. The upload can now handle groups and hosts, too. Another
+	important point is the tree view which allows browsing and editing LDAP objects directly.
 	</para>
 
 <example id="lamcfg">
@@ -1419,7 +1419,7 @@ drw-rw-r--    2 bobj     Domain Users  12346 Dec 18 18:11 maryvfile.txt
 	<title>Microsoft Access</title>
 
 	<para>
-	The best advice that can be given is to carefully read the Microsoft knowledge base articles that
+	The best advice that can be given is to carefully read the Microsoft knowledgebase articles that
 	cover this area. Examples of relevant documents include:
 	</para>
 
diff --git a/docs/Samba-Guide/SBE-DomainAppsSupport.xml b/docs/Samba-Guide/SBE-DomainAppsSupport.xml
index 49dafda9fa..eefc9c9fb2 100644
--- a/docs/Samba-Guide/SBE-DomainAppsSupport.xml
+++ b/docs/Samba-Guide/SBE-DomainAppsSupport.xml
@@ -36,7 +36,7 @@
 	With this acquisition comes new challenges for you and your team. Abmas Snack 
 	Foods is a well-developed business with a huge and heterogeneous network. It 
 	already has Windows, NetWare, and Proprietary UNIX, but as yet no Samba or Linux. 
-	The network is mature and well established, and there is no question of its chosen 
+	The network is mature and well-established, and there is no question of its chosen 
 	user authentication scheme being changed for now. You need to take a wise new 
 	approach.
 	</para>
@@ -790,7 +790,7 @@ group: files winbind
 	</para></blockquote>
 
 	<para>
-	You would be well advised to recognize that all cache-intensive proxying solutions demand a lot of memory.
+	You would be well-advised to recognize that all cache-intensive proxying solutions demand a lot of memory.
 	Make certain that your Squid proxy server is equipped with sufficient memory to permit all proxy operations to run 
 	out of memory without invoking the overheads involved in the use of memory that has to be swapped to disk.
 	</para>
diff --git a/docs/Samba-Guide/SBE-HighAvailability.xml b/docs/Samba-Guide/SBE-HighAvailability.xml
index a309f3aea8..db94af4d2f 100644
--- a/docs/Samba-Guide/SBE-HighAvailability.xml
+++ b/docs/Samba-Guide/SBE-HighAvailability.xml
@@ -253,10 +253,10 @@
 		<indexterm><primary>DNS</primary><secondary>name lookup</secondary></indexterm>
 		<indexterm><primary>resolve</primary></indexterm>
 		A Samba server called <constant>FRED</constant> in a NetBIOS domain called <constant>COLLISION</constant>
-		in a network environment that is part of the fully qualified Internet domain namespace known
-		as <constant>parrots.com</constant> results in DNS name lookups for <constant>fred.parrots.com</constant>
+		in a network environment that is part of the fully-qualified Internet domain namespace known
+		as <constant>parrots.com</constant>, results in DNS name lookups for <constant>fred.parrots.com</constant>
 		and <constant>collision.parrots.com</constant>. It is therefore a mistake to name the domain
-		(workgroup) <constant>collision.parrots.com,</constant> since this results in DNS lookup
+		(workgroup) <constant>collision.parrots.com</constant>, since this results in DNS lookup
 		attempts to resolve <constant>fred.parrots.com.parrots.com</constant>, which most likely
 		fails given that you probably do not have this in your DNS namespace.
 		</para>
@@ -375,7 +375,7 @@
 	</para>
 
 	<para>
-	As the size of the &smb.conf; file grows, the risk of introduction of parsing errors increases also.
+	As the size of the &smb.conf; file grows, the risk of introducing parsing errors also increases.
 	It is recommended to keep a fully documented &smb.conf; file on hand, and then to operate Samba only
 	with an optimized file.
 	</para>
@@ -479,7 +479,7 @@ cannot be set in the smb.conf file. nmbd will abort with this setting.
 	<indexterm><primary>Domain Controller</primary></indexterm>
 	As a general guide, instead of adding domain member servers to a network, you would be better advised
 	to add BDCs until there are fewer than 30 Windows clients per BDC. Beyond that ratio, you should add
-	domain member servers. This practice ensures that there is always sufficient domain controllers
+	domain member servers. This practice ensures that there are always sufficient domain controllers
 	to handle logon requests and authentication traffic.
 	</para>
 
@@ -617,33 +617,33 @@ cannot be set in the smb.conf file. nmbd will abort with this setting.
 
 	<para>
 	There exist applications that create or manage directories containing many thousands of files. Such
-	applications typically generate many small files (less than 100 KB). At the best of times under UNIX
-	listing of the files in a directory that contains many files is slow. By default Windows NT, 200x, 
+	applications typically generate many small files (less than 100 KB). At the best of times, under UNIX,
+	listing of the files in a directory that contains many files is slow. By default, Windows NT, 200x, 
 	and XP Pro cause network file system directory lookups on a Samba server to be performed for both 
 	the case preserving file name as well as for the mangled (8.3) file name. This incurs a huge overhead
 	on the Samba server that may slow down the system dramatically.
 	</para>
 
 	<para>
-	In an extreme case the performance impact was dramatic. File transfer from the Samba server to a Windows
+	In an extreme case, the performance impact was dramatic. File transfer from the Samba server to a Windows
 	XP Professional workstation over 1 Gigabit Ethernet for 250-500 KB files was measured at approximately
-	30 MB/sec. But when tranfering a directory containng 120,000 files, all from 50KB to 60KB in size, the
+	30 MB/sec. But when tranferring a directory containing 120,000 files, all from 50KB to 60KB in size, the
 	transfer rate to the same workstation was measured at approximately 1.5 KB/sec. The net transfer was
-	of the order of a factor of 20-fold slower.
+	on the order of a factor of 20-fold slower.
 	</para>
 
 	<para>
 	The symptoms that will be observed on the Samba server when a large directory is accessed will be that
-	aggregate I/O (typically blocks read) will be relatively low, yet the wait I/O times will be incredably
+	aggregate I/O (typically blocks read) will be relatively low, yet the wait I/O times will be incredibly
 	long while at the same time the read queue is large. Close observation will show that the hard drive
 	that the file system is on will be thrashing wildly.
 	</para>
 
 	<para>
-	Samba-3.0.12, and later, includes new code that radically improves Samba perfomance. The secret to this is
+	Samba-3.0.12 and later, includes new code that radically improves Samba perfomance. The secret to this is
 	really in the <smbconfoption name="case sensitive">True</smbconfoption> line. This tells smbd never to scan
 	for case-insensitive versions of names. So if an application asks for a file called <filename>FOO</filename>,
-	and it can not be found by a simple stat call, then smbd will return file not found immediately without
+	and it can not be found by a simple stat call, then smbd will return "file not found" immediately without
 	scanning the containing directory for a version of a different case.
 	</para>
 
diff --git a/docs/Samba-Guide/SBE-KerberosFastStart.xml b/docs/Samba-Guide/SBE-KerberosFastStart.xml
index 42546c1256..58ac2b6931 100644
--- a/docs/Samba-Guide/SBE-KerberosFastStart.xml
+++ b/docs/Samba-Guide/SBE-KerberosFastStart.xml
@@ -292,7 +292,7 @@
 		<para>
 		You agreed with Stan's recommendations and hired a consultant to help defuse the powder
 		keg. The consultant's task is to provide a tractable answer to each of the issues raised. The consultant must be able
-		to support his or her claims, keep emotions to a side, and answer technically.
+		to support his or her claims, keep emotions to the side, and answer technically.
 		</para>
 
 	</sect2>
@@ -464,7 +464,7 @@
 		</indexterm>
 				Windows network administrators may be dismayed to find that <command>winbind</command> 
 				exposes all domain users so that they may use their domain account credentials to 
-				log onto a UNIX/Linux system. The fact that all users in the domain can see the 
+				log on to a UNIX/Linux system. The fact that all users in the domain can see the 
 				UNIX/Linux server in their Network Neighborhood and can browse the shares on the 
 				server seems to excite them further.
 				</para>
@@ -676,9 +676,9 @@
 		</indexterm>
 				The release of Samba-4 is expected around late 2004 to early 2005 and involves a near 
 				complete rewrite to permit extensive modularization and to prepare Samba for new 
-				functionality planned for addition  during the next-generation series. The Samba Team 
+				functionality planned for addition during the next-generation series. The Samba Team 
 				is responsible and can be depended upon; the history to date suggests a high 
-				degree of dependability as well on charter development consistent with published 
+				degree of dependability and on charter development consistent with published 
 				roadmap projections.
 				</para>
 
@@ -877,7 +877,7 @@
 	    </indexterm>
 	Kerberos is a network authentication protocol that provides secure authentication for 
 	client-server applications by using secret-key cryptography. Firewalls are an insufficient 
-	barrier mechanism in todays networking world; at best they only restrict incoming network 
+	barrier mechanism in today's networking world; at best they only restrict incoming network 
 	traffic but cannot prevent network traffic that comes from authorized locations from 
 	performing unauthorized activities.
 	</para>
@@ -924,7 +924,7 @@
 	    </indexterm>
 	Kerberos was, until recently, a technology that was restricted from being exported from the United States.
 	For many years that hindered global adoption of more secure networking technologies both within the United States
-	and abroad. A free an unencumbered implementation of MIT Kerberos has been produced in Europe
+	and abroad. A free and unencumbered implementation of MIT Kerberos has been produced in Europe
 	and is available from the University of Paderborn, Sweden. It is known as the Heimdal Kerberos project.
 	In recent times the U.S. government has removed sanctions affecting the global distribution of MIT Kerberos.
 	It is likely that there will be a significant surge forward in the development of Kerberos-enabled applications
@@ -966,7 +966,7 @@
 	    </indexterm>
 	It so happens that Microsoft Windows clients depend on and expect the contents of the <emphasis>unspecified
 	fields</emphasis> in the Kerberos 5 communications data stream for their Windows interoperability,
-	particularly when Samba is being expected to emulate a Windows Server 200x domain controller. But the interoperability
+	particularly when Samba is expected to emulate a Windows Server 200x domain controller. But the interoperability
 	issue goes far deeper than this. In the domain control protocols that are used by MS Windows XP Professional,
 	there is a tight interdependency between the Kerberos protocols and the Microsoft distributed computing environment
 	(DCE) RPCs that themselves are an integral part of the SMB/CIFS protocols as used by
@@ -1027,7 +1027,7 @@
 	      </indexterm><indexterm>
 		<primary>account</primary>
 	      </indexterm>
-		From a Windows 200x/XP Professional workstation, log onto the domain using the Domain Administrator 
+		From a Windows 200x/XP Professional workstation, log on to the domain using the Domain Administrator 
 		account (on Samba domains, this is usually the account called <constant>root</constant>).
 		</para></step>
 
@@ -1142,7 +1142,7 @@
 	  </indexterm><indexterm>
 	    <primary>hierarchy of control</primary>
 	  </indexterm>
-	It must be emphasized that the controls here discussed can act as a filter or give rights of passage
+	It must be emphasized that the controls discussed here can act as a filter or give rights of passage
 	that act as a superstructure over normal directory and file access controls. However, share-level
 	ACLs act at a higher level than do share definition controls because the user must filter through the
 	share-level controls to get to the share-definition controls. The proper hierarchy of controls implemented
@@ -1525,7 +1525,7 @@
 
 	<procedure>
 		<step><para>
-		From a Windows 200x/XP Professional workstation, log onto the domain using the Domain Administrator 
+		From a Windows 200x/XP Professional workstation, log on to the domain using the Domain Administrator 
 		account (on Samba domains, this is usually the account called <constant>root</constant>).
 		</para></step>
 
@@ -1728,7 +1728,7 @@ other::r-x
 		</indexterm><indexterm>
 		  <primary>inheritance</primary>
 		</indexterm>
-		It is highly recommend that you read the online manual page for the <command>setfacl</command>
+		It is highly recommended that you read the online manual page for the <command>setfacl</command>
 		and <command>getfacl</command> commands. This provides information regarding how to set/read the default
 		ACLs and how that may be propagated through the directory tree. In Windows ACLs terms, this is the equivalent
 		of setting <constant>inheritance</constant> properties.
diff --git a/docs/Samba-Guide/SBE-MakingHappyUsers.xml b/docs/Samba-Guide/SBE-MakingHappyUsers.xml
index ceeffbb027..f5cf133a60 100644
--- a/docs/Samba-Guide/SBE-MakingHappyUsers.xml
+++ b/docs/Samba-Guide/SBE-MakingHappyUsers.xml
@@ -2131,7 +2131,7 @@ Let's start configuring the smbldap-tools scripts ...
 
 . workgroup name: name of the domain Samba act as a PDC
   workgroup name [MEGANET2] > 
-. netbios name: netbios name of the samba controler
+. netbios name: netbios name of the samba controller
   netbios name [MASSIVE] > 
 . logon drive: local path to which the home directory will 
                                 be connected (for NT Workstations). Ex: 'H:'
@@ -3730,8 +3730,8 @@ HKEY_LOCAL_MACHINE\Default\Software\Microsoft\Windows\
 	</procedure>
 
 	<para>
-	Before puching out new desktop images for the client workstations, it is perhaps a good idea that
-	desktop behavior should be returned to the original Microsoft settings. The followin steps achieve
+	Before punching out new desktop images for the client workstations, it is perhaps a good idea that
+	desktop behavior should be returned to the original Microsoft settings. The following steps achieve
 	that ojective:
 	</para>
 
diff --git a/docs/Samba-Guide/SBE-MigrateNT4Samba3.xml b/docs/Samba-Guide/SBE-MigrateNT4Samba3.xml
index 665e41ad8d..ffeba2254e 100644
--- a/docs/Samba-Guide/SBE-MigrateNT4Samba3.xml
+++ b/docs/Samba-Guide/SBE-MigrateNT4Samba3.xml
@@ -120,7 +120,7 @@
 	Do not forget to validate the security descriptors in the profiles share as well as network logon
 	scripts. Feedback from sites that are migrating to Samba-3 suggests that many are using this
 	as a good time to update desktop systems also. In all, the extra effort should constitute no
-	real disruption to users, but rather, with due diligence and care should make their network experience
+	real disruption to users, but rather, with due diligence and care, should make their network experience
 	a much happier one.
 	</para>
 
@@ -683,7 +683,7 @@ Storing SID S-1-5-21-1385457007-882775198-1210191635 \
 		Install the Idealx <command>smbldap-tools</command> software package, following
 		the instructions given in <link linkend="sbeidealx"/>. The resulting perl scripts
 		should be located in the <filename>/opt/IDEALX/sbin</filename> directory.
-		Change into that location, or whereever the scripts have been installed. Execute the
+		Change into that location, or wherever the scripts have been installed. Execute the
 		<filename>configure.pl</filename> script to configure the Idealx package for use.
 		Note: Use the domain SID obtained from the step above. The following is
 		an example configuration session:
@@ -1525,7 +1525,7 @@ Users                 Ordinary users
 		<para>
 		When migrating a <filename>smbpasswd</filename> file to an LDAP backend, the
 		UID of each account is taken together with the account information in the 
-		<filename>/etc/passwd,</filename> and both sets of data are used to create the account
+		<filename>/etc/passwd</filename>, and both sets of data are used to create the account
 		entry in the LDAP database. 
 		</para>
 
diff --git a/docs/Samba-Guide/SBE-MigrateNW4Samba3.xml b/docs/Samba-Guide/SBE-MigrateNW4Samba3.xml
index 43dee10a32..fcdf69abbd 100644
--- a/docs/Samba-Guide/SBE-MigrateNW4Samba3.xml
+++ b/docs/Samba-Guide/SBE-MigrateNW4Samba3.xml
@@ -29,7 +29,7 @@
 	<indexterm><primary>migration</primary></indexterm>
 	Contributions to this chapter were made by Misty Stanley-Jones, a UNIX administrator of many
 	years who surfaced on the Samba mailing list with a barrage of questions and who
-	regularly now helps other administrators to solve thorny Samba migration questions.
+	regularly helps other administrators to solve thorny Samba migration questions.
 	</para>
 
 	<para>
@@ -52,7 +52,7 @@
 
 	<para>
 	The priority that Misty faced was one of migration of the data files off the NetWare 4.11
-	server and onto a Samba-ased Windows file and print server. This chapter does not pretend
+	server and onto a Samba-based Windows file and print server. This chapter does not pretend
 	to document all the different methods that could be used to migrate user and group accounts
 	off a NetWare server. Its focus is on migration of data files.
 	</para>
@@ -232,7 +232,7 @@
 	entering everything from the printed company directory. This used only the inetOrgPerson
 	object class from the OpenLDAP schemas. The next step was to write a shell script that
 	would look at the <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>
-	files on our mail server and create a LDIF file from which the information could be
+	files on our mail server and create an LDIF file from which the information could be
 	imported into LDAP. This would allow use of LDAP for Linux authentication, IMAP, POP3,
 	and SMTP.
 	</para>
@@ -965,7 +965,7 @@ The Idealx smbldap-tools package can be configured using a script called
 <command>configure.pl</command> that is provided as part of the tool. See <link linkend="happy"/>
 for an example of its use. Many administrators, like Misty, choose to do this manually
 so as to maintain greater awareness of how the tool-chain works and possibly to avoid
-undesirable actions from occurring un-noticed.
+undesirable actions from occurring unnoticed.
 </para></note>
 
 	<para>
@@ -1197,7 +1197,7 @@ masterPw="verysecret"
 	The next step was to run the <command>smbldap-populate</command> command, which populates
 	the LDAP tree with the appropriate default users, groups, and UID and GID pools.
 	It creates a user called Administrator with UID=0 and GID=0 matching the
-	Domain Admins group. This is fine because you can still log on a root to a Windows system,
+	Domain Admins group. This is fine because you can still log on as root to a Windows system,
 	but it will break cached credentials if you need to log on as the administrator
 	to a system that is not on the network.
 	</para>
@@ -1378,7 +1378,7 @@ sambaAcctFlags: [W          ]
 
 	<para>
 	<indexterm><primary>netlogon</primary></indexterm>
-	So now I could log on with a test user from the machine w2kengrspare. It was all fine and
+	So now I could log on with a test user from the machine w2kengrspare. It was all well and
 	good, but that user was in no groups yet and so had pretty boring access.  I fixed that
 	by writing the login script! To write the login script, I used
 	<ulink url="http://www.kixtart.org">Kixtart</ulink> because it will work
@@ -1613,7 +1613,7 @@ ENDIF
 	One option is to check the OS as part of the Kixtart script, and if it
 	is Win9x and is the first login, copy a premade
 	<filename>autoexec.bat</filename> to the <filename>C:</filename> drive. I
-	have onlythree such machines, and one is going away in the very near future,
+	have only three such machines, and one is going away in the very near future,
 	so it was easier to do it by hand.
 	</para>
 
diff --git a/docs/Samba-Guide/SBE-SecureOfficeServer.xml b/docs/Samba-Guide/SBE-SecureOfficeServer.xml
index 1dfe63ff0c..cc67cd4c39 100644
--- a/docs/Samba-Guide/SBE-SecureOfficeServer.xml
+++ b/docs/Samba-Guide/SBE-SecureOfficeServer.xml
@@ -1511,9 +1511,9 @@ hosts:      files dns wins
 	<title>Printer Configuration</title>
 
 	<para>
-	Network administrators who are new to CUPS based printing typically experience some difficulty mastering
+	Network administrators who are new to CUPS based-printing typically experience some difficulty mastering
 	its powerful features. The steps outlined in this section are designed to navigate around the distractions
-	of learning CUPS. Instead of implementing smart features and capabilties our approach is to use it as a
+	of learning CUPS. Instead of implementing smart features and capabilities, our approach is to use it as a
 	transparent print queue that performs no filtering, and only minimal handling of each print job that is
 	submitted to it. In other words, our configuration turns CUPS into a raw-mode print queue. This means that
 	the correct printer driver must be installed on all clients.
@@ -1604,7 +1604,7 @@ application/octet-stream
 
 	<para>
 	Note: If the parameter <parameter>cups options = Raw</parameter> is specified in the &smb.conf; file,
-	the last two steps can be omitted where CUPS version 1.1.18, or later.
+	the last two steps can be omitted with CUPS version 1.1.18, or later.
 	</para>
 
 	<para>
@@ -1821,7 +1821,7 @@ hosts:       files dns wins
 <screen>
 &rootprompt; testparm -s
 Load smb config files from smb.conf
-rocessing section "[homes]"
+Processing section "[homes]"
 Processing section "[printers]"
 Processing section "[netlogon]"
 Processing section "[profiles]"
@@ -2293,14 +2293,14 @@ Nmap run completed -- 1 IP address (1 host up) scanned in 168 seconds
 		</para></step>
 
 		<step><para>
-		Log onto the machine as the local Administrator (the only option), and join the machine to
+		Log on to the machine as the local Administrator (the only option), and join the machine to
 		the Domain, following the procedure set out in Appendix A, <link linkend="domjoin"/>. The system is now 
 		ready for the user to log on, provided you have created a network logon account for that 
 		user, of course.
 		</para></step>
 
 		<step><para>
-		Instruct all users to log onto the workstation using their assigned username and password.
+		Instruct all users to log on to the workstation using their assigned username and password.
 		</para></step>
 	</procedure>
 
diff --git a/docs/Samba-Guide/SBE-SimpleOfficeServer.xml b/docs/Samba-Guide/SBE-SimpleOfficeServer.xml
index 8ca05ae14c..036953b584 100644
--- a/docs/Samba-Guide/SBE-SimpleOfficeServer.xml
+++ b/docs/Samba-Guide/SBE-SimpleOfficeServer.xml
@@ -10,7 +10,7 @@
 	is the end of the road because their needs will have been adequately met. For others, this chapter is
 	the beginning of a journey that will take them well past the contents of this book. This book provides
 	example configurations of, for the greater part, complete networking solutions. The intent of this book
-	is to help you to get your Samba installation working with least amount of pain and aggravation.
+	is to help you to get your Samba installation working with the least amount of pain and aggravation.
 	</para>
 
 <sect1>
@@ -568,12 +568,12 @@ Password changed
 				<step><para>
 				Install the &smb.conf; file shown in <link linkend="charity-smbconfnew"/> in the
 				<filename>/etc/samba</filename> directory. This newer &smb.conf; file uses user-mode security
-				and is more suited to the mode of operation of Samba-3 that the older share-mode security
+				and is more suited to the mode of operation of Samba-3 than the older share-mode security
 				configuration that was shown in the first edition of this book.
 				</para>
 
 				<para>
-				Note: If you want to use the older style configuration that uses share-mode security, you
+				Note: If you want to use the older-style configuration that uses share-mode security, you
 				can install the file shown in <link linkend="charity-smbconf"/> in the
 				<filename>/etc/samba</filename> directory.
 				</para></step>
diff --git a/docs/Samba-Guide/SBE-UpgradingSamba.xml b/docs/Samba-Guide/SBE-UpgradingSamba.xml
index ded03bcba5..1bc1f1f7ed 100644
--- a/docs/Samba-Guide/SBE-UpgradingSamba.xml
+++ b/docs/Samba-Guide/SBE-UpgradingSamba.xml
@@ -83,7 +83,7 @@ to perform a major upgrade. Many administrators have experienced the consequence
 of failure to take adequate precautions. So what is adequate? That is simple!
 If data is lost during an upgrade or update and it can not be restored,
 the precautions taken were inadequate. If a backup was not needed, but was available,
-precaution was on the side of the victor.
+caution was on the side of the victor.
 </para>
 
 	<sect2>
@@ -127,7 +127,7 @@ precaution was on the side of the victor.
 	There is an old axiom that says, <quote>The greater the volume of the documentation,
 	the greater the risk that noone will read it, but where there is no documentation,
 	noone can read it!</quote> While true, some documentation is an evil necessity.
-	It is to be hoped that this update to the documentation will avoid both extremes.
+	It is hoped that this update to the documentation will avoid both extremes.
 	</para>
 
 	<sect3>
@@ -965,7 +965,7 @@ that are compatible with the original OS vendor's practices.
 <para>
 <indexterm><primary>binary package</primary></indexterm>
 <indexterm><primary>binary files</primary></indexterm>
-If you are not sure whether or a binary package complies with the OS
+If you are not sure whether a binary package complies with the OS
 vendor's practices, it is better to ask the package maintainer via
 email than to waste much time dealing with the nuances.
 Alternately, just diagnose the paths specified by the binary files following
@@ -1116,8 +1116,8 @@ back to searching the 'ldap suffix' in some cases.
 	is stored in the <constant>smbpasswd</constant> or in the
 	<constant>tdbsam</constant> format, the user and group account information
 	for UNIX accounts that match the Samba accounts will reside in the system
-	<filename>/etc/passwd, /etc/shadow</filename>, and
-	<filename>/etc/group</filename> files. In this case be sure to copy these
+	<filename>/etc/passwd</filename>, <filename>/etc/shadow</filename>, and
+	<filename>/etc/group</filename> files. In this case, be sure to copy these
 	account entries to the new target server.
 	</para>
 
@@ -1152,7 +1152,7 @@ back to searching the 'ldap suffix' in some cases.
 	<itemizedlist>
 		<listitem><para>
 		Where UNIX (POSIX) user and group accounts are stored in the system
-		<filename>/etc/passwd, /etc/shadow</filename>, and 
+		<filename>/etc/passwd</filename>, <filename>/etc/shadow</filename>, and 
 		<filename>/etc/group</filename> files, be sure to add the same accounts
 		with identical UID and GID values for each user.
 		</para>
diff --git a/docs/Samba-Guide/SBE-foreword.xml b/docs/Samba-Guide/SBE-foreword.xml
index e8fa80ce31..d90aead066 100644
--- a/docs/Samba-Guide/SBE-foreword.xml
+++ b/docs/Samba-Guide/SBE-foreword.xml
@@ -19,14 +19,14 @@ of open-source software solutions globally, and in particular within the United
 <para>
 The OSSI has global affiliations with like-minded organizations. Our affiliate in the United Kingdom is the
 Open Source Consortium. Both the OSSI and the OSC share a common objective to expand the use of open-source
-software in federal, state and municipal government agencies and in academic institutions. We represent
+software in federal, state, and municipal government agencies; and in academic institutions. We represent
 businesses that provide professional support services that answer the needs of our target organizational
-information technology consumers in an effective and cost efficient manner.
+information technology consumers in an effective and cost-efficient manner.
 </para>
 
 <para>
 Open source software has matured greatly over the past 5 years with the result that an increasing number of
-people who hold key influential decision-making positions want to know how the business model works. They
+people who hold key decision-making positions want to know how the business model works. They
 want to understand how problems get resolved, how questions get answered, and how the development model
 is sustained. Information and Communications Technology directors in defense organizations, and in other
 government agencies that deal with sensitive information, want to become familiar with development road-maps
@@ -36,38 +36,38 @@ and, in particular, seek to evaluate the track record of the main-stream open-so
 <para>
 Wherever the OSSI gains entrance to new opportunities we find that Microsoft Windows technologies are the 
 benchmark against which open-source software solutions are measured. Two open-source software projects
-are key to our ability to present a structured, and convincing, proposition that there are alternatives
-to the incumbent proprietary means of meeting information technology needs. They are the Apache Web server
+are key to our ability to present a structured and convincing proposition that there are alternatives
+to the incumbent proprietary means of meeting information technology needs. They are the Apache Web Server
 and Samba.
 </para>
 
 <para>
-Just as the Apache web server is the standard in web serving technology, Samba is the definitive standard
-for providing inter-operability with UNIX systems and other non-Microsoft operating system platforms. Both
+Just as the Apache Web Server is the standard in web serving technology, Samba is the definitive standard
+for providing interoperability with UNIX systems and other non-Microsoft operating system platforms. Both
 open-source applications have a truly remarkable track record that extends well over a decade. Both have
-demonstrated unique capacity to innovate and to maintain a level of development that has not only kept
-pace with demands, but in many areas each project has also proven to be an industry leader.
+demonstrated the unique capacity to innovate and maintain a level of development that has not only kept
+pace with demands, but, in many areas, each project has also proven to be an industry leader.
 </para>
 
 <para>
 One of the areas in which the Samba project has demonstrated key leadership is in documentation. The OSSI
-was delighted when we saw the Samba Team, and John H. Terpstra in particular, release two amazingly well
-written books to help Samba software users to deploy, maintain and trouble-shoot Windows networking
+was delighted when we saw the Samba Team, and John H. Terpstra in particular, release two amazingly
+well-written books to help Samba software users deploy, maintain, and troubleshoot Windows networking
 installations. We were concerned that, given the large volume of documentation, the challenge to maintain
 it and keep it current might prove difficult.
 </para>
 
 <para>
-This second edition of the book, <quote>Samba-3 by Example</quote> barely one year following the release
-of the first edition has removed all concerns and is proof that open-source solutions are a compelling choice.
+This second edition of the book, <quote>Samba-3 by Example</quote>, barely one year following the release
+of the first edition, has removed all concerns and is proof that open-source solutions are a compelling choice.
 The first edition was released shortly following the release of Samba version 3.0 itself, and has become
 the authoritative instrument for training and for guiding deployment.
 </para>
 
 <para>
-I am personally aware how much effort has gone into this second edition. John Terpstra has worked with
+I am personally aware of how much effort has gone into this second edition. John Terpstra has worked with
 government bodies and with large organizations that have deployed Samba-3 since it was released. He also
-worked to ensure that this book gained community following. He asked those who have worked at the coal-face
+worked to ensure that this book gained community following. He asked those who have worked at the coalface
 of large and small organizations alike, to contribute their experiences. He has captured that in this book
 and has succeeded yet again. His recipe is persistence, intuition, and a high level of respect for the people
 who use Samba.
@@ -77,7 +77,7 @@ who use Samba.
 This book is the first source you should turn to before you deploy Samba and as you are mastering its
 deployment. I am proud and excited to be associated in a small way with such a useful tool. This book has
 reached maturity that is demonstrated by reiteration that every step in deployment must be validated.
-This book makes it easy to succeed, and difficulty to fail to gain a stable network environment.
+This book makes it easy to succeed, and difficult to fail, to gain a stable network environment.
 </para>
 
 <para>
diff --git a/docs/Samba-Guide/SBE-inside-cover.xml b/docs/Samba-Guide/SBE-inside-cover.xml
index b55a333f9e..492a581cf5 100644
--- a/docs/Samba-Guide/SBE-inside-cover.xml
+++ b/docs/Samba-Guide/SBE-inside-cover.xml
@@ -4,32 +4,41 @@
 <title>About the Cover Artwork</title>
 
 	<para>
-	The cover artwork of this book continues a theme chosen for the book, 
-	<emphasis>The Official Samba-3 HOWTO and Reference Guide,</emphasis>
-	the cover of which features a Confederate scene. Samba has had a major 
-	impact on the network deployment of Microsoft Windows desktop systems. 
-	The cover artwork of the two official Samba books tells of events that 
-	likewise had a major impact on the future.
+	The cover artwork of this book continues the freedom theme of the first
+	edition of <quote>Samba-3 by Example</quote>. The history of civilization
+	demonstrates the fragile nature of freedom. It can be lost in a moment,
+	and once lost, the cost of recovering liberty can be incredible. The last
+	edition cover featured Alfred the Great who liberated England from the
+	constant assault of Vikings and Norsemen. Events in England that
+	that finally liberated the common people came about in small steps, but
+	the result should not be under-estimated. Today, as always, freedom and
+	liberty are seldom appreciated until they are lost. If we can not quantify
+	what is the value of freedom, we shall be little motivated to protect it.
 	</para>
 
 	<para>
-	<emphasis>Samba-3 by Example Cover Artwork:</emphasis> King Alfred the Great 
-	(born 849, ruled 871-899) was one of the most amazing kings ever to 
-	rule England. He defended Anglo-Saxon England from Viking raids, formulated 
-	a code of laws, and fostered a rebirth of religious and scholarly activity. 
-	His reign exhibits military skill and innovation, sound governance and the 
-	ability to inspire men to plan for the future. Alfred liberated England
-	at a time when all resistence seemed futile.
+	<emphasis>Samba-3 by Example Cover Artwork:</emphasis> The British houses
+	of parliament are a symbol of the Westminster system of government. This form
+	of government permits the people to govern themselves at the lowest level, yet
+	it provides for courts of appeal that are designed to protect freedom and to
+	hold back all forces of tyranny. The clock is a pertinent symbol of the
+	importance of time and place.
 	</para>
 
 	<para>
-	Samba is a network interoperability solution that provides real choice for network
-	administrators. It is an adjunct to Microsoft Windows networks that provides 
-	interoperability of UNIX systems with Microsoft Windows desktop and server systems.
-	You may use Samba to realize the freedom it provides for your network environment 
-	thanks to a dedicated team who work behind the scenes to give you a better choice. 
-	The efforts of these few dedicated developers continues to shape the future of 
-	the Windows interoperability landscape. Enjoy!
+	The information technology industry is being challenged by the imposition of
+	new laws, hostile litigation, and the imposition of significant constraint 
+	of practice that threatens to remove the freedom to develop and deploy open 
+	source software solutions. Samba is a software solution that epitomizes freedom
+	of choice in network interoperability for Microsoft Windows clients.
+	</para>
+
+	<para>
+	I hope you will take the time needed to deploy it well, and that you may realize
+	the greatest benefits may be obtained. You are free to use it in ways never
+	considered, but in doing so there may be some obstacles. Every obstacle that is
+	overcome adds to the freedom you can enjoy. Use Samba well, and it will serve
+	you well.
 	</para>
 
 </preface>