diff options
| -rw-r--r-- | docs/docbook/Makefile.in | 11 | ||||
| -rw-r--r-- | docs/docbook/devdoc/NetBIOS.sgml | 154 | ||||
| -rw-r--r-- | docs/docbook/devdoc/dev-doc.sgml | 44 | ||||
| -rw-r--r-- | docs/docbook/manpages/smbtar.1.sgml | 2 | ||||
| -rw-r--r-- | docs/docbook/manpages/vfstest.1.sgml | 3 | ||||
| -rw-r--r-- | docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml | 78 | ||||
| -rw-r--r-- | docs/docbook/projdoc/OS2-Client-HOWTO.sgml | 142 | ||||
| -rw-r--r-- | docs/docbook/projdoc/Other-Clients.sgml | 332 | ||||
| -rw-r--r-- | docs/docbook/projdoc/Portability.sgml | 148 | ||||
| -rw-r--r-- | docs/docbook/projdoc/samba-doc.sgml | 8 |
10 files changed, 773 insertions, 149 deletions
diff --git a/docs/docbook/Makefile.in b/docs/docbook/Makefile.in index 612c495135..f1fb97d1e2 100644 --- a/docs/docbook/Makefile.in +++ b/docs/docbook/Makefile.in @@ -50,7 +50,8 @@ all: @echo "manpages - Build manpages" @echo "ps - Build PostScript version of HOWTO Collection" @echo "pdf - Build PDF version of HOWTO Collection" - @echo "html-single - Build single HTML version of HOWTO Collection" + @echo -n "html-single - Build single file HTML version of HOWTO Collection" + @echo "and developers guide" @echo "html - Build HTML version of HOWTO Collection and manpages" @echo "txt - Build plain text version of HOWTO Collection" @@ -58,8 +59,8 @@ manpages: $(MANPAGES) pdf: ../Samba-HOWTO-Collection.pdf ps: ../Samba-HOWTO-Collection.ps txt: ../Samba-HOWTO-Collection.txt -html: $(HTMLDIR)/samba-doc.html -html-single: ../Samba-HOWTO-Collection.html $(MANPAGES_HTML) +html: $(HTMLDIR)/samba-doc.html $(MANPAGES_HTML) +html-single: ../Samba-HOWTO-Collection.html ../Samba-Developers-Guide.html ../Samba-HOWTO-Collection.txt: $(SGMLDIR)/samba-doc.sgml $(DOCBOOK2TXT) -o .. $< @@ -76,6 +77,10 @@ html-single: ../Samba-HOWTO-Collection.html $(MANPAGES_HTML) $(DOCBOOK2HTML) -u -o .. $< mv ../samba-doc.html $@ +../Samba-Developers-Guide.html: devdoc/dev-doc.sgml + $(DOCBOOK2HTML) -u -o .. $< + mv ../dev-doc.html $@ + $(HTMLDIR)/samba-doc.html: $(SGMLDIR)/samba-doc.sgml $(DOCBOOK2HTML) -o $(HTMLDIR) $< diff --git a/docs/docbook/devdoc/NetBIOS.sgml b/docs/docbook/devdoc/NetBIOS.sgml new file mode 100644 index 0000000000..ec9d3af563 --- /dev/null +++ b/docs/docbook/devdoc/NetBIOS.sgml @@ -0,0 +1,154 @@ +<chapter id="netbios"> +<chapterinfo> + <author> + <firstname>Luke</firstname><surname>Leighton</surname> + </author> + <pubdate>12 June 1997</pubdate> +</chapterinfo> + +<title>Definition of NetBIOS Protocol and Name Resolution Modes</title> + +<sect1> +<title>NETBIOS</title> + +<para> +NetBIOS runs over the following tranports: TCP/IP; NetBEUI and IPX/SPX. +Samba only uses NetBIOS over TCP/IP. For details on the TCP/IP NetBIOS +Session Service NetBIOS Datagram Service, and NetBIOS Names, see +rfc1001.txt and rfc1002.txt. +</para> + +<para> +NetBEUI is a raw NetBIOS frame protocol implementation that allows NetBIOS +datagrams to be sent out over the 'wire' embedded within LLC frames. +NetBEUI is not required when using NetBIOS over TCP/IP protocols and it +is preferable NOT to install NetBEUI if it can be avoided. +</para> + +<para> +IPX/SPX is also not required when using NetBIOS over TCP/IP, and it is +preferable NOT to install the IPX/SPX transport unless you are using Novell +servers. At the very least, it is recommended that you do not install +'NetBIOS over IPX/SPX'. +</para> + +<para> +[When installing Windows 95, you will find that NetBEUI and IPX/SPX are +installed as the default protocols. This is because they are the simplest +to manage: no Windows 95 user-configuration is required]. +</para> + +<para> +NetBIOS applications (such as samba) offer their services (for example, +SMB file and print sharing) on a NetBIOS name. They must claim this name +on the network before doing so. The NetBIOS session service will then +accept connections on the application's behalf (on the NetBIOS name +claimed by the application). A NetBIOS session between the application +and the client can then commence. +</para> + +<para> +NetBIOS names consist of 15 characters plus a 'type' character. This is +similar, in concept, to an IP address and a TCP port number, respectively. +A NetBIOS-aware application on a host will offer different services under +different NetBIOS name types, just as a host will offer different TCP/IP +services on different port numbers. +</para> + +<para> +NetBIOS names must be claimed on a network, and must be defended. The use +of NetBIOS names is most suitable on a single subnet; a Local Area Network +or a Wide Area Network. +</para> + +<para> +NetBIOS names are either UNIQUE or GROUP. Only one application can claim a +UNIQUE NetBIOS name on a network. +</para> + +<para> +There are two kinds of NetBIOS Name resolution: Broadcast and Point-to-Point. +</para> + +</sect1> + +<sect1> +<title>BROADCAST NetBIOS</title> + +<para> +Clients can claim names, and therefore offer services on successfully claimed +names, on their broadcast-isolated subnet. One way to get NetBIOS services +(such as browsing: see ftp.microsoft.com/drg/developr/CIFS/browdiff.txt; and +SMB file/print sharing: see cifs4.txt) working on a LAN or WAN is to make +your routers forward all broadcast packets from TCP/IP ports 137, 138 and 139. +</para> + +<para> +This, however, is not recommended. If you have a large LAN or WAN, you will +find that some of your hosts spend 95 percent of their time dealing with +broadcast traffic. [If you have IPX/SPX on your LAN or WAN, you will find +that this is already happening: a packet analyzer will show, roughly +every twelve minutes, great swathes of broadcast traffic!]. +</para> + +</sect1> + +<sect1> +<title>NBNS NetBIOS</title> + +<para> +rfc1001.txt describes, amongst other things, the implementation and use +of, a 'NetBIOS Name Service'. NT/AS offers 'Windows Internet Name Service' +which is fully rfc1001/2 compliant, but has had to take specific action +with certain NetBIOS names in order to make it useful. (for example, it +deals with the registration of <1c> <1d> <1e> names all in different ways. +I recommend the reading of the Microsoft WINS Server Help files for full +details). +</para> + +<para> +The use of a WINS server cuts down on broadcast network traffic for +NetBIOS name resolution. It has the effect of pulling all the broadcast +isolated subnets together into a single NetBIOS scope, across your LAN +or WAN, while avoiding the use of TCP/IP broadcast packets. +</para> + +<para> +When you have a WINS server on your LAN, WINS clients will be able to +contact the WINS server to resolve NetBIOS names. Note that only those +WINS clients that have registered with the same WINS server will be +visible. The WINS server _can_ have static NetBIOS entries added to its +database (usually for security reasons you might want to consider putting +your domain controllers or other important servers as static entries, +but you should not rely on this as your sole means of security), but for +the most part, NetBIOS names are registered dynamically. +</para> + +<para> +This provides some confusion for lots of people, and is worth mentioning +here: a Browse Server is NOT a WINS Server, even if these services are +implemented in the same application. A Browse Server _needs_ a WINS server +because a Browse Server is a WINS client, which is _not_ the same thing]. +</para> + +<para> +Clients can claim names, and therefore offer services on successfully claimed +names, on their broadcast-isolated subnet. One way to get NetBIOS services +(such as browsing: see ftp.microsoft.com/drg/developr/CIFS/browdiff.txt; and +SMB file/print sharing: see cifs6.txt) working on a LAN or WAN is to make +your routers forward all broadcast packets from TCP/IP ports 137, 138 and 139. +You will find, however, if you do this on a large LAN or a WAN, that your +network is completely swamped by NetBIOS and browsing packets, which is why +WINS was developed to minimise the necessity of broadcast traffic. +</para> + +<para> +WINS Clients therefore claim names from the WINS server. If the WINS +server allows them to register a name, the client's NetBIOS session service +can then offer services on this name. Other WINS clients will then +contact the WINS server to resolve a NetBIOS name. +</para> + +</sect1> + +</chapter> diff --git a/docs/docbook/devdoc/dev-doc.sgml b/docs/docbook/devdoc/dev-doc.sgml new file mode 100644 index 0000000000..f84c129f00 --- /dev/null +++ b/docs/docbook/devdoc/dev-doc.sgml @@ -0,0 +1,44 @@ +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [ +<!ENTITY NetBIOS SYSTEM "NetBIOS.sgml"> +]> + +<book id="Samba-Developer-Documentation"> + +<title>SAMBA Deverlopers Guide</title> + +<bookinfo> + <author> + <surname>SAMBA Team</surname> + </author> + <address><email>samba@samba.org</email></address> +</bookinfo> + +<dedication> +<title>Abstract</title> + +<para> +<emphasis>Last Update</emphasis> : Mon aug 26 12:41:19 CEST 2002 +</para> + +<para> +This book is a collection of documents that might be useful for +people developing samba or those interested in doing so. +than one person can maintain. The most recent version of this document +can be found at <ulink url="http://www.samba.org/">http://www.samba.org/</ulink> +on the "Documentation" page. Please send updates to <ulink +url="mailto:jerry@samba.org">jerry@samba.org</ulink>. +</para> + +<para> +This documentation is distributed under the GNU General Public License (GPL) +version 2. A copy of the license is included with the Samba source +distribution. A copy can be found on-line at <ulink +url="http://www.fsf.org/licenses/gpl.txt">http://www.fsf.org/licenses/gpl.txt</ulink> +</para> + +</dedication> + +<!-- Chapters --> +&NetBIOS; + +</book> diff --git a/docs/docbook/manpages/smbtar.1.sgml b/docs/docbook/manpages/smbtar.1.sgml index 4e2ee5fff0..d1585d7ca3 100644 --- a/docs/docbook/manpages/smbtar.1.sgml +++ b/docs/docbook/manpages/smbtar.1.sgml @@ -190,7 +190,7 @@ <refsect1> <title>VERSION</title> - <para>This man page is correct for version 2.2 of + <para>This man page is correct for version 3.0 of the Samba suite.</para> </refsect1> diff --git a/docs/docbook/manpages/vfstest.1.sgml b/docs/docbook/manpages/vfstest.1.sgml index fe1d7560d0..11878c1c89 100644 --- a/docs/docbook/manpages/vfstest.1.sgml +++ b/docs/docbook/manpages/vfstest.1.sgml @@ -52,7 +52,8 @@ <term>-d|--debug=debuglevel</term> <listitem><para>set the debuglevel. Debug level 0 is the lowest and 100 being the highest. This should be set to 100 if you are - planning on submitting a bug report to the Samba team (see <filename>BUGS.txt</filename>). + planning on submitting a bug report to the Samba team (see + <filename>BUGS.txt</filename>). </para></listitem> </varlistentry> diff --git a/docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml b/docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml new file mode 100644 index 0000000000..6d5a019fcb --- /dev/null +++ b/docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml @@ -0,0 +1,78 @@ +<chapter id="groupmapping"> +<chapterinfo> + <author> + <firstname>Jean François</firstname><surname>Micouleau</surname> + </author> +</chapterinfo> + +<title>Group mapping HOWTO</title> + +<para> +Starting with Samba 3.0 alpha 2, a new group mapping function is available. The +current method (likely to change) to manage the groups is a new command called +<command>smbgroupedit</command>. +</para> + +<para> +The first immediate reason to use the group mapping on a PDC, is that +the <command>domain admin group</command> of <filename>smb.conf</filename> is +now gone. This parameter was used to give the listed users local admin rights +on their workstations. It was some magic stuff that simply worked but didn't +scale very well for complex setups. +</para> + +<para> +Let me explain how it works on NT/W2K, to have this magic fade away. +When installing NT/W2K on a computer, the installer program creates some users +and groups. Notably the 'Administrators' group, and gives to that group some +privileges like the ability to change the date and time or to kill any process +(or close too) running on the local machine. The 'Administrator' user is a +member of the 'Administrators' group, and thus 'inherit' the 'Administrators' +group privileges. If a 'joe' user is created and become a member of the +'Administrator' group, 'joe' has exactly the same rights as 'Administrator'. +</para> + +<para> +When a NT/W2K machine is joined to a domain, during that phase, the "Domain +Administrators' group of the PDC is added to the 'Administrators' group of the +workstation. Every members of the 'Domain Administrators' group 'inherit' the +rights of the 'Administrators' group when logging on the workstation. +</para> + +<para> +You are now wondering how to make some of your samba PDC users members of the +'Domain Administrators' ? That's really easy. +</para> + +<orderedlist> +<listitem><para>create a unix group (usually in <filename>/etc/group</filename>), let's call it domadm</para></listitem> +<listitem><para>add to this group the users that must be Administrators. For example if you want joe,john and mary, your entry in <filename>/etc/group</filename> will look like:</para> + +<para><programlisting> +domadm:x:502:joe,john,mary +</programlisting></para> + +</listitem> + +<listitem><para>Map this domadm group to the <command>domain admins</command> group by running the command:</para> + +<para><command>smbgroupedit -c "Domain Admins" -u domadm</command></para></listitem> + +</orderedlist> + +<para>You're set, joe, john and mary are domain administrators !</para> + +<para> +Like the Domain Admins group, you can map any arbitrary Unix group to any NT +group. You can also make any Unix group a domain group. For example, on a domain +member machine (an NT/W2K or a samba server running winbind), you would like to +give access to a certain directory to some users who are member of a group on +your samba PDC. Flag that group as a domain group by running: +</para> + +<para><command>smbgroupedit -a unixgroup -td</command></para> + +<para>You can list the various groups in the mapping database like this</para> +<para><command>smbgroupedit -v</command></para> + +</chapter> diff --git a/docs/docbook/projdoc/OS2-Client-HOWTO.sgml b/docs/docbook/projdoc/OS2-Client-HOWTO.sgml deleted file mode 100644 index ca7ad6a754..0000000000 --- a/docs/docbook/projdoc/OS2-Client-HOWTO.sgml +++ /dev/null @@ -1,142 +0,0 @@ -<chapter id="os2"> - - -<chapterinfo> - <author> - <firstname>Jim</firstname><surname>McDonough</surname> - <affiliation> - <orgname>IBM</orgname> - <address> - <email>jerry@samba.org</email> - </address> - </affiliation> - </author> - - - <pubdate>5 Mar 2001</pubdate> -</chapterinfo> - -<title>OS2 Client HOWTO</title> - -<sect1> - <title>FAQs</title> - - <sect2> - <title>How can I configure OS/2 Warp Connect or - OS/2 Warp 4 as a client for Samba?</title> - - <para>A more complete answer to this question can be - found on <ulink url="http://carol.wins.uva.nl/~leeuw/samba/warp.html"> - http://carol.wins.uva.nl/~leeuw/samba/warp.html</ulink>.</para> - - <para>Basically, you need three components:</para> - - <itemizedlist> - <listitem><para>The File and Print Client ('IBM Peer') - </para></listitem> - <listitem><para>TCP/IP ('Internet support') - </para></listitem> - <listitem><para>The "NetBIOS over TCP/IP" driver ('TCPBEUI') - </para></listitem> - </itemizedlist> - - <para>Installing the first two together with the base operating - system on a blank system is explained in the Warp manual. If Warp - has already been installed, but you now want to install the - networking support, use the "Selective Install for Networking" - object in the "System Setup" folder.</para> - - <para>Adding the "NetBIOS over TCP/IP" driver is not described - in the manual and just barely in the online documentation. Start - MPTS.EXE, click on OK, click on "Configure LAPS" and click - on "IBM OS/2 NETBIOS OVER TCP/IP" in 'Protocols'. This line - is then moved to 'Current Configuration'. Select that line, - click on "Change number" and increase it from 0 to 1. Save this - configuration.</para> - - <para>If the Samba server(s) is not on your local subnet, you - can optionally add IP names and addresses of these servers - to the "Names List", or specify a WINS server ('NetBIOS - Nameserver' in IBM and RFC terminology). For Warp Connect you - may need to download an update for 'IBM Peer' to bring it on - the same level as Warp 4. See the webpage mentioned above.</para> - </sect2> - - <sect2> - <title>How can I configure OS/2 Warp 3 (not Connect), - OS/2 1.2, 1.3 or 2.x for Samba?</title> - - <para>You can use the free Microsoft LAN Manager 2.2c Client - for OS/2 from - <ulink url="ftp://ftp.microsoft.com/BusSys/Clients/LANMAN.OS2/"> - ftp://ftp.microsoft.com/BusSys/Clients/LANMAN.OS2/</ulink>. - See <ulink url="http://carol.wins.uva.nl/~leeuw/lanman.html"> - http://carol.wins.uva.nl/~leeuw/lanman.html</ulink> for - more information on how to install and use this client. In - a nutshell, edit the file \OS2VER in the root directory of - the OS/2 boot partition and add the lines:</para> - - <para><programlisting> - 20=setup.exe - 20=netwksta.sys - 20=netvdd.sys - </programlisting></para> - - <para>before you install the client. Also, don't use the - included NE2000 driver because it is buggy. Try the NE2000 - or NS2000 driver from - <ulink url="ftp://ftp.cdrom.com/pub/os2/network/ndis/"> - ftp://ftp.cdrom.com/pub/os2/network/ndis/</ulink> instead. - </para> - </sect2> - - <sect2> - <title>Are there any other issues when OS/2 (any version) - is used as a client?</title> - - <para>When you do a NET VIEW or use the "File and Print - Client Resource Browser", no Samba servers show up. This can - be fixed by a patch from <ulink - url="http://carol.wins.uva.nl/~leeuw/samba/fix.html"> - http://carol.wins.uva.nl/~leeuw/samba/fix.html</ulink>. - The patch will be included in a later version of Samba. It also - fixes a couple of other problems, such as preserving long - filenames when objects are dragged from the Workplace Shell - to the Samba server. </para> - </sect2> - - <sect2> - <title>How do I get printer driver download working - for OS/2 clients?</title> - - <para>First, create a share called [PRINTDRV] that is - world-readable. Copy your OS/2 driver files there. Note - that the .EA_ files must still be separate, so you will need - to use the original install files, and not copy an installed - driver from an OS/2 system.</para> - - <para>Install the NT driver first for that printer. Then, - add to your smb.conf a parameter, "os2 driver map = - <replaceable>filename</replaceable>". Then, in the file - specified by <replaceable>filename</replaceable>, map the - name of the NT driver name to the OS/2 driver name as - follows:</para> - - <para><nt driver name> = <os2 driver - name>.<device name>, e.g.: - HP LaserJet 5L = LASERJET.HP LaserJet 5L</para> - - <para>You can have multiple drivers mapped in this file.</para> - - <para>If you only specify the OS/2 driver name, and not the - device name, the first attempt to download the driver will - actually download the files, but the OS/2 client will tell - you the driver is not available. On the second attempt, it - will work. This is fixed simply by adding the device name - to the mapping, after which it will work on the first attempt. - </para> - </sect2> -</sect1> - -</chapter> - diff --git a/docs/docbook/projdoc/Other-Clients.sgml b/docs/docbook/projdoc/Other-Clients.sgml new file mode 100644 index 0000000000..f790024c3a --- /dev/null +++ b/docs/docbook/projdoc/Other-Clients.sgml @@ -0,0 +1,332 @@ +<chapter id="Other-Clients"> +<chapterinfo> + <author> + <firstname>Jim</firstname><surname>McDonough</surname> + <affiliation> + <orgname>IBM</orgname> + </affiliation> + <firstname>Jelmer</firstname><surname>Vernooij</surname> + <affiliation> + <orgname>Samba Team</orgname> + <address>jelmer@samba.org</address> + </affiliation> + </author> + + <pubdate>5 Mar 2001</pubdate> +</chapterinfo> + +<title>Samba and other CIFS clients</title> + +<para>This chapter contains client-specific information.</para> + +<sect1> +<title>Macintosh clients?</title> + +<para> +Yes. <ulink url="http://www.thursby.com/">Thursby</ulink> now have a CIFS Client / Server called DAVE - see +</para> + +<para> +They test it against Windows 95, Windows NT and samba for +compatibility issues. At the time of writing, DAVE was at version +1.0.1. The 1.0.0 to 1.0.1 update is available as a free download from +the Thursby web site (the speed of finder copies has been greatly +enhanced, and there are bug-fixes included). +</para> + +<para> +Alternatives - There are two free implementations of AppleTalk for +several kinds of UNIX machnes, and several more commercial ones. +These products allow you to run file services and print services +natively to Macintosh users, with no additional support required on +the Macintosh. The two free omplementations are +<ulink url="http://www.umich.edu/~rsug/netatalk/">Netatalk</ulink>, and +<ulink url="http://www.cs.mu.oz.au/appletalk/atalk.html">CAP</ulink>. +What Samba offers MS +Windows users, these packages offer to Macs. For more info on these +packages, Samba, and Linux (and other UNIX-based systems) see +<ulink url="http://www.eats.com/linux_mac_win.html">http://www.eats.com/linux_mac_win.html</ulink> +</para> + +</sect1> + +<sect1> +<title>OS2 Client</title> + + <sect2> + <title>How can I configure OS/2 Warp Connect or + OS/2 Warp 4 as a client for Samba?</title> + + <para>A more complete answer to this question can be + found on <ulink url="http://carol.wins.uva.nl/~leeuw/samba/warp.html"> + http://carol.wins.uva.nl/~leeuw/samba/warp.html</ulink>.</para> + + <para>Basically, you need three components:</para> + + <itemizedlist> + <listitem><para>The File and Print Client ('IBM Peer') + </para></listitem> + <listitem><para>TCP/IP ('Internet support') + </para></listitem> + <listitem><para>The "NetBIOS over TCP/IP" driver ('TCPBEUI') + </para></listitem> + </itemizedlist> + + <para>Installing the first two together with the base operating + system on a blank system is explained in the Warp manual. If Warp + has already been installed, but you now want to install the + networking support, use the "Selective Install for Networking" + object in the "System Setup" folder.</para> + + <para>Adding the "NetBIOS over TCP/IP" driver is not described + in the manual and just barely in the online documentation. Start + MPTS.EXE, click on OK, click on "Configure LAPS" and click + on "IBM OS/2 NETBIOS OVER TCP/IP" in 'Protocols'. This line + is then moved to 'Current Configuration'. Select that line, + click on "Change number" and increase it from 0 to 1. Save this + configuration.</para> + + <para>If the Samba server(s) is not on your local subnet, you + can optionally add IP names and addresses of these servers + to the "Names List", or specify a WINS server ('NetBIOS + Nameserver' in IBM and RFC terminology). For Warp Connect you + may need to download an update for 'IBM Peer' to bring it on + the same level as Warp 4. See the webpage mentioned above.</para> + </sect2> + + <sect2> + <title>How can I configure OS/2 Warp 3 (not Connect), + OS/2 1.2, 1.3 or 2.x for Samba?</title> + + <para>You can use the free Microsoft LAN Manager 2.2c Client + for OS/2 from + <ulink url="ftp://ftp.microsoft.com/BusSys/Clients/LANMAN.OS2/"> + ftp://ftp.microsoft.com/BusSys/Clients/LANMAN.OS2/</ulink>. + See <ulink url="http://carol.wins.uva.nl/~leeuw/lanman.html"> + http://carol.wins.uva.nl/~leeuw/lanman.html</ulink> for + more information on how to install and use this client. In + a nutshell, edit the file \OS2VER in the root directory of + the OS/2 boot partition and add the lines:</para> + + <para><programlisting> + 20=setup.exe + 20=netwksta.sys + 20=netvdd.sys + </programlisting></para> + + <para>before you install the client. Also, don't use the + included NE2000 driver because it is buggy. Try the NE2000 + or NS2000 driver from + <ulink url="ftp://ftp.cdrom.com/pub/os2/network/ndis/"> + ftp://ftp.cdrom.com/pub/os2/network/ndis/</ulink> instead. + </para> + </sect2> + + <sect2> + <title>Are there any other issues when OS/2 (any version) + is used as a client?</title> + + <para>When you do a NET VIEW or use the "File and Print + Client Resource Browser", no Samba servers show up. This can + be fixed by a patch from <ulink + url="http://carol.wins.uva.nl/~leeuw/samba/fix.html"> + http://carol.wins.uva.nl/~leeuw/samba/fix.html</ulink>. + The patch will be included in a later version of Samba. It also + fixes a couple of other problems, such as preserving long + filenames when objects are dragged from the Workplace Shell + to the Samba server. </para> + </sect2> + + <sect2> + <title>How do I get printer driver download working + for OS/2 clients?</title> + + <para>First, create a share called [PRINTDRV] that is + world-readable. Copy your OS/2 driver files there. Note + that the .EA_ files must still be separate, so you will need + to use the original install files, and not copy an installed + driver from an OS/2 system.</para> + + <para>Install the NT driver first for that printer. Then, + add to your smb.conf a parameter, os2 driver map = + <replaceable>filename</replaceable>". Then, in the file + specified by <replaceable>filename</replaceable>, map the + name of the NT driver name to the OS/2 driver name as + follows:</para> + + <para><command>nt driver name = os2 "driver + name"."device name"</command>, e.g.: + HP LaserJet 5L = LASERJET.HP LaserJet 5L</para> + + <para>You can have multiple drivers mapped in this file.</para> + + <para>If you only specify the OS/2 driver name, and not the + device name, the first attempt to download the driver will + actually download the files, but the OS/2 client will tell + you the driver is not available. On the second attempt, it + will work. This is fixed simply by adding the device name + to the mapping, after which it will work on the first attempt. + </para> + </sect2> +</sect1> + +<sect1> +<title>Windows for Workgroups</title> + +<sect2> +<title>Use latest TCP/IP stack from Microsoft</title> + +<para>Use the latest TCP/IP stack from microsoft if you use Windows +for workgroups.</para> + +<para>The early TCP/IP stacks had lots of bugs.</para> + +<para> +Microsoft has released an incremental upgrade to their TCP/IP 32-Bit +VxD drivers. The latest release can be found on their ftp site at +ftp.microsoft.com, located in /peropsys/windows/public/tcpip/wfwt32.exe. +There is an update.txt file there that describes the problems that were +fixed. New files include WINSOCK.DLL, TELNET.EXE, WSOCK.386, VNBT.386, +WSTCP.386, TRACERT.EXE, NETSTAT.EXE, and NBTSTAT.EXE. +</para> + +</sect2> + +<sect2> +<title>Delete .pwl files after password change</title> + +<para> +WfWg does a lousy job with passwords. I find that if I change my +password on either the unix box or the PC the safest thing to do is to +delete the .pwl files in the windows directory. The PC will complain about not finding the files, but will soon get over it, allowing you to enter the new password. +</para> + +<para> +If you don't do this you may find that WfWg remembers and uses the old +password, even if you told it a new one. +</para> + +<para> +Often WfWg will totally ignore a password you give it in a dialog box. +</para> + +</sect2> + +<sect2> +<title>Configure WfW password handling</title> + +<para> +There is a program call admincfg.exe +on the last disk (disk 8) of the WFW 3.11 disk set. To install it +type EXPAND A:\ADMINCFG.EX_ C:\WINDOWS\ADMINCFG.EXE Then add an icon +for it via the "Progam Manager" "New" Menu. This program allows you +to control how WFW handles passwords. ie disable Password Caching etc +for use with <command>security = user</command> +</para> + +</sect2> + +<sect2> +<title>Case handling of passwords</title> + +<para>Windows for Workgroups uppercases the password before sending it to the server. Unix passwords can be case-sensitive though. Check the <ulink url="smb.conf.5.html">smb.conf(5)</ulink> information on <command>password level</command> to specify what characters samba should try to uppercase when checking.</para> + +</sect2> + +</sect1> + +<sect1> +<title>Windows '95/'98</title> + +<para> +When using Windows 95 OEM SR2 the following updates are recommended where Samba +is being used. Please NOTE that the above change will affect you once these +updates have been installed. +</para> + +<para> +There are more updates than the ones mentioned here. You are referred to the +Microsoft Web site for all currently available updates to your specific version +of Windows 95. +</para> + +<orderedlist> +<listitem><para>Kernel Update: KRNLUPD.EXE</para></listitem> +<listitem><para>Ping Fix: PINGUPD.EXE</para></listitem> +<listitem><para>RPC Update: RPCRTUPD.EXE</para></listitem> +<listitem><para>TCP/IP Update: VIPUPD.EXE</para></listitem> +<listitem><para>Redirector Update: VRDRUPD.EXE</para></listitem> +</orderedlist> + +<para> +Also, if using MS OutLook it is desirable to install the OLEUPD.EXE fix. This +fix may stop your machine from hanging for an extended period when exiting +OutLook and you may also notice a significant speedup when accessing network +neighborhood services. +</para> + +</sect1> + +<sect1> +<title>Windows 2000 Service Pack 2</title> + +<para> +There are several annoyances with Windows 2000 SP2. One of which +only appears when using a Samba server to host user profiles +to Windows 2000 SP2 clients in a Windows domain. This assumes +that Samba is a member of the domain, but the problem will +likely occur if it is not. +</para> + +<para> +In order to server profiles successfully to Windows 2000 SP2 +clients (when not operating as a PDC), Samba must have +<command>nt acl support = no</command> +added to the file share which houses the roaming profiles. +If this is not done, then the Windows 2000 SP2 client will +complain about not being able to access the profile (Access +Denied) and create multiple copies of it on disk (DOMAIN.user.001, +DOMAIN.user.002, etc...). See the +<ulink url="smb.conf.5.html">smb.conf(5)</ulink> man page +for more details on this option. Also note that the +<command>nt acl support</command> parameter was formally a global parameter in +releases prior to Samba 2.2.2. +</para> + +<para> +The following is a minimal profile share: +</para> + +<para><programlisting> + [profile] + path = /export/profile + create mask = 0600 + directory mask = 0700 + nt acl support = no + read only = no +</programlisting></para> + +<para> +The reason for this bug is that the Win2k SP2 client copies +the security descriptor for the profile which contains +the Samba server's SID, and not the domain SID. The client +compares the SID for SAMBA\user and realizes it is +different that the one assigned to DOMAIN\user. Hence the reason +for the "access denied" message. +</para> + +<para> +By disabling the <command>nt acl support</command> parameter, Samba will send +the Win2k client a response to the QuerySecurityDescriptor +trans2 call which causes the client to set a default ACL +for the profile. This default ACL includes +</para> + +<para><command>DOMAIN\user "Full Control"</command></para> + +<para><emphasis>NOTE : This bug does not occur when using winbind to +create accounts on the Samba host for Domain users.</emphasis></para> + +</sect1> + +</chapter> diff --git a/docs/docbook/projdoc/Portability.sgml b/docs/docbook/projdoc/Portability.sgml new file mode 100644 index 0000000000..f2fe66b9dd --- /dev/null +++ b/docs/docbook/projdoc/Portability.sgml @@ -0,0 +1,148 @@ +<chapter id="Portability"> +<chapterinfo> + <author> + <firstname>Jelmer</firstname><surname>Vernooij</surname> + </author> +</chapterinfo> + +<title>Portability</title> + +<para>Samba works on a wide range of platforms but the interface all the +platforms provide is not always compatible. This chapter contains +platform-specific information about compiling and using samba.</para> + +<sect1> +<title>HPUX</title> + +<para> +HP's implementation of supplementary groups is, er, non-standard (for +hysterical reasons). There are two group files, /etc/group and +/etc/logingroup; the system maps UIDs to numbers using the former, but +initgroups() reads the latter. Most system admins who know the ropes +symlink /etc/group to /etc/logingroup (hard link doesn't work for reasons +too stupid to go into here). initgroups() will complain if one of the +groups you're in in /etc/logingroup has what it considers to be an invalid +ID, which means outside the range [0..UID_MAX], where UID_MAX is (I think) +60000 currently on HP-UX. This precludes -2 and 65534, the usual 'nobody' +GIDs. +</para> + +<para> +If you encounter this problem, make sure that the programs that are failing +to initgroups() be run as users not in any groups with GIDs outside the +allowed range. +</para> + +<para>This is documented in the HP manual pages under setgroups(2) and passwd(4). +</para> + +</sect1> + +<sect1> +<title>SCO Unix</title> + +<para> +If you run an old version of SCO Unix then you may need to get important +TCP/IP patches for Samba to work correctly. Without the patch, you may +encounter corrupt data transfers using samba. +</para> + +<para> +The patch you need is UOD385 Connection Drivers SLS. It is available from +SCO (ftp.sco.com, directory SLS, files uod385a.Z and uod385a.ltr.Z). +</para> + +</sect1> + +<sect1> +<title>DNIX</title> + +<para> +DNIX has a problem with seteuid() and setegid(). These routines are +needed for Samba to work correctly, but they were left out of the DNIX +C library for some reason. +</para> + +<para> +For this reason Samba by default defines the macro NO_EID in the DNIX +section of includes.h. This works around the problem in a limited way, +but it is far from ideal, some things still won't work right. +</para> + +<para> +To fix the problem properly you need to assemble the following two +functions and then either add them to your C library or link them into +Samba. +</para> + +<para> +put this in the file <filename>setegid.s</filename>: +</para> + +<para><programlisting> + .globl _setegid +_setegid: + moveq #47,d0 + movl #100,a0 + moveq #1,d1 + movl 4(sp),a1 + trap #9 + bccs 1$ + jmp cerror +1$: + clrl d0 + rts +</programlisting></para> + +<para> +put this in the file <filename>seteuid.s</filename>: +</para> + +<para><programlisting> + .globl _seteuid +_seteuid: + moveq #47,d0 + movl #100,a0 + moveq #0,d1 + movl 4(sp),a1 + trap #9 + bccs 1$ + jmp cerror +1$: + clrl d0 + rts +</programlisting></para> + +<para> +after creating the above files you then assemble them using +</para> + +<para><command>as seteuid.s</command></para> +<para><command>as setegid.s</command></para> + +<para> +that should produce the files <filename>seteuid.o</filename> and +<filename>setegid.o</filename> +</para> + +<para> +then you need to add these to the LIBSM line in the DNIX section of +the Samba Makefile. Your LIBSM line will then look something like this: +</para> + +<para><programlisting> +LIBSM = setegid.o seteuid.o -ln +</programlisting></para> + +<para> +You should then remove the line: +</para> + +<para><programlisting> +#define NO_EID +</programlisting></para> + +<para>from the DNIX section of <filename>includes.h</filename></para> + +</sect1> +</chapter> diff --git a/docs/docbook/projdoc/samba-doc.sgml b/docs/docbook/projdoc/samba-doc.sgml index e407b622de..a50389b7f0 100644 --- a/docs/docbook/projdoc/samba-doc.sgml +++ b/docs/docbook/projdoc/samba-doc.sgml @@ -6,7 +6,6 @@ <!ENTITY DOMAIN-MEMBER SYSTEM "DOMAIN_MEMBER.sgml"> <!ENTITY WINBIND SYSTEM "winbind.sgml"> <!ENTITY NT-Security SYSTEM "NT_Security.sgml"> -<!ENTITY OS2-Client SYSTEM "OS2-Client-HOWTO.sgml"> <!ENTITY Samba-PDC-HOWTO SYSTEM "Samba-PDC-HOWTO.sgml"> <!ENTITY Samba-BDC-HOWTO SYSTEM "Samba-BDC-HOWTO.sgml"> <!ENTITY CVS-Access SYSTEM "CVS-Access.sgml"> @@ -19,6 +18,9 @@ <!ENTITY SECURITY-LEVEL SYSTEM "security_level.sgml"> <!ENTITY SPEED SYSTEM "Speed.sgml"> <!ENTITY BROWSING SYSTEM "Browsing.sgml"> +<!ENTITY GROUP-MAPPING-HOWTO "GROUP-MAPPING-HOWTO.sgml"> +<!ENTITY Portability "Portability.sgml"> +<!ENTITY Other-Clients "Other-Clients.sgml"> ]> <book id="Samba-Project-Documentation"> @@ -78,8 +80,10 @@ Cheers, jerry &Samba-LDAP; &BROWSING; &SPEED; -&OS2-Client; +&Other-Clients; &CVS-Access; &BUGS; +&GROUP-MAPPING-HOWTO; +&Portability; </book> |