summaryrefslogtreecommitdiff
path: root/docs/Samba-Guide
diff options
context:
space:
mode:
Diffstat (limited to 'docs/Samba-Guide')
-rw-r--r--docs/Samba-Guide/SBE-MigrateNT4Samba3.xml195
-rw-r--r--docs/Samba-Guide/SBE-SecureOfficeServer.xml181
2 files changed, 187 insertions, 189 deletions
diff --git a/docs/Samba-Guide/SBE-MigrateNT4Samba3.xml b/docs/Samba-Guide/SBE-MigrateNT4Samba3.xml
index af575d4c48..db518bb550 100644
--- a/docs/Samba-Guide/SBE-MigrateNT4Samba3.xml
+++ b/docs/Samba-Guide/SBE-MigrateNT4Samba3.xml
@@ -399,108 +399,103 @@
no account information can be deleted.
</para></step>
-<example id="sbent4smb">
+<smbconfexample id="sbent4smb">
<title>NT4 Migration Samba-3 Server <filename>smb.conf</filename> &smbmdash; Part: A</title>
-<screen>
-# Global parameters
-[global]
- workgroup = DAMNATION
- netbios name = MERLIN
- passdb backend = ldapsam:ldap://localhost
- username map = /etc/samba/smbusers
- log level = 1
- syslog = 0
- log file = /var/log/samba/%m
- max log size = 0
- smb ports = 139 445
- name resolve order = wins bcast hosts
- show add printer wizard = Yes
- add user script = /opt/IDEALX/sbin/smbldap-useradd -m '%u'
-# delete user script = /opt/IDEALX/sbin/smbldap-userdel '%u'
- add group script = /opt/IDEALX/sbin/smbldap-groupadd -p '%g' -t domain
-# delete group script = /opt/IDEALX/sbin/smbldap-groupdel '%g'
- add user to group script = /opt/IDEALX/sbin/smbldap-groupmod -m '%u' '%g' -t domain
-# delete user from group script = /opt/IDEALX/sbin/smbldap-groupmod -x '%u' '%g' -t domain
- set primary group script = /opt/IDEALX/sbin/smbldap-usermod -g '%g' '%u'
- add machine script = /opt/IDEALX/sbin/smbldap-useradd -w '%u'
- logon script = scripts\logon.cmd
- logon path = \\%L\profiles\%U
- logon home = \\%L\%U
- logon drive = X:
- domain logons = Yes
- domain master = No
-# wins support = Yes
- wins server = 192.168.123.124
- ldap admin dn = cn=Manager,dc=terpstra-world,dc=org
- ldap group suffix = ou=Groups
- ldap idmap suffix = ou=Idmap
- ldap machine suffix = ou=People
- ldap passwd sync = Yes
- ldap suffix = dc=terpstra-world,dc=org
- ldap ssl = no
- ldap timeout = 20
- ldap user suffix = ou=People
- idmap backend = ldap:ldap://localhost
- idmap uid = 15000-20000
- idmap gid = 15000-20000
- winbind nested groups = Yes
- ea support = Yes
- map acl inherit = Yes
-</screen>
-</example>
-
-<example id="sbent4smb2">
+<smbconfcomment>Global parameters</smbconfcomment>
+<smbconfsection name="[global]"/>
+ <smbconfoption name="workgroup">DAMNATION</smbconfoption>
+ <smbconfoption name="netbios name">MERLIN</smbconfoption>
+ <smbconfoption name="passdb backend">ldapsam:ldap://localhost</smbconfoption>
+ <smbconfoption name="username map">/etc/samba/smbusers</smbconfoption>
+ <smbconfoption name="log level">1</smbconfoption>
+ <smbconfoption name="syslog">0</smbconfoption>
+ <smbconfoption name="log file">/var/log/samba/%m</smbconfoption>
+ <smbconfoption name="max log size">0</smbconfoption>
+ <smbconfoption name="smb ports">139 445</smbconfoption>
+ <smbconfoption name="name resolve order">wins bcast hosts</smbconfoption>
+ <smbconfoption name="show add printer wizard">Yes</smbconfoption>
+ <smbconfoption name="add user script">/opt/IDEALX/sbin/smbldap-useradd -m '%u'</smbconfoption>
+ <smbconfoption name="#delete user script">/opt/IDEALX/sbin/smbldap-userdel '%u'</smbconfoption>
+ <smbconfoption name="add group script">/opt/IDEALX/sbin/smbldap-groupadd '%g'</smbconfoption>
+ <smbconfoption name="#delete group script">/opt/IDEALX/sbin/smbldap-groupdel '%g'</smbconfoption>
+ <smbconfoption name="add user to group script">/opt/IDEALX/sbin/</smbconfoption>
+<member><parameter>smbldap-groupmod -m '%u' '%g'</parameter></member>
+ <smbconfoption name="#delete user from group script">/opt/IDEALX/</smbconfoption>
+<member><parameter>sbin/smbldap-groupmod -x '%u' '%g'</parameter></member>
+ <smbconfoption name="set primary group script">/opt/IDEALX/</smbconfoption>
+<member><parameter>sbin/smbldap-usermod -g '%g' '%u'</parameter></member>
+ <smbconfoption name="add machine script">/opt/IDEALX/sbin/</smbconfoption>
+<member><parameter>smbldap-useradd -w '%u'</parameter></member>
+ <smbconfoption name="logon script">scripts\logon.cmd</smbconfoption>
+ <smbconfoption name="logon path">\\%L\profiles\%U</smbconfoption>
+ <smbconfoption name="logon home">\\%L\%U</smbconfoption>
+ <smbconfoption name="logon drive">X:</smbconfoption>
+ <smbconfoption name="domain logons">Yes</smbconfoption>
+ <smbconfoption name="domain master">No</smbconfoption>
+ <smbconfoption name="#wins support">Yes</smbconfoption>
+ <smbconfoption name="wins server">192.168.123.124</smbconfoption>
+ <smbconfoption name="ldap admin dn">cn=Manager,dc=terpstra-world,dc=org</smbconfoption>
+ <smbconfoption name="ldap group suffix">ou=Groups</smbconfoption>
+ <smbconfoption name="ldap idmap suffix">ou=Idmap</smbconfoption>
+ <smbconfoption name="ldap machine suffix">ou=People</smbconfoption>
+ <smbconfoption name="ldap passwd sync">Yes</smbconfoption>
+ <smbconfoption name="ldap suffix">dc=terpstra-world,dc=org</smbconfoption>
+ <smbconfoption name="ldap ssl">no</smbconfoption>
+ <smbconfoption name="ldap timeout">20</smbconfoption>
+ <smbconfoption name="ldap user suffix">ou=People</smbconfoption>
+ <smbconfoption name="idmap backend">ldap:ldap://localhost</smbconfoption>
+ <smbconfoption name="idmap uid">15000-20000</smbconfoption>
+ <smbconfoption name="idmap gid">15000-20000</smbconfoption>
+ <smbconfoption name="winbind nested groups">Yes</smbconfoption>
+ <smbconfoption name="ea support">Yes</smbconfoption>
+ <smbconfoption name="map acl inherit">Yes</smbconfoption>
+</smbconfexample>
+
+<smbconfexample id="sbent4smb2">
<title>NT4 Migration Samba-3 Server <filename>smb.conf</filename> &smbmdash; Part: B</title>
-<screen>
-[apps]
- comment = Application Data
- path = /data/home/apps
- read only = No
-
-[media]
- comment = Media Files
- path = /data/home2
- read only = No
-
-[homes]
- comment = Home Directories
- path = /home/users/%U/Documents
- valid users = %S
- read only = No
- browseable = No
-
-[printers]
- comment = SMB Print Spool
- path = /var/spool/samba
- guest ok = Yes
- printable = Yes
- use client driver = No
- browseable = No
-
-[netlogon]
- comment = Network Logon Service
- path = /var/lib/samba/netlogon
- guest ok = Yes
- locking = No
-
-[profiles]
- comment = Profile Share
- path = /var/lib/samba/profiles
- read only = No
- profile acls = Yes
-
-[profdata]
- comment = Profile Data Share
- path = /var/lib/samba/profdata
- read only = No
- profile acls = Yes
-
-[print$]
- comment = Printer Drivers
- path = /var/lib/samba/drivers
- write list = root
-</screen>
-</example>
+<smbconfsection name="[apps]"/>
+ <smbconfoption name="comment">Application Data</smbconfoption>
+ <smbconfoption name="path">/data/home/apps</smbconfoption>
+ <smbconfoption name="read only">No</smbconfoption>
+
+<smbconfsection name="[homes]"/>
+ <smbconfoption name="comment">Home Directories</smbconfoption>
+ <smbconfoption name="path">/home/users/%U/Documents</smbconfoption>
+ <smbconfoption name="valid users">%S</smbconfoption>
+ <smbconfoption name="read only">No</smbconfoption>
+ <smbconfoption name="browseable">No</smbconfoption>
+
+<smbconfsection name="[printers]"/>
+ <smbconfoption name="comment">SMB Print Spool</smbconfoption>
+ <smbconfoption name="path">/var/spool/samba</smbconfoption>
+ <smbconfoption name="guest ok">Yes</smbconfoption>
+ <smbconfoption name="printable">Yes</smbconfoption>
+ <smbconfoption name="use client driver">No</smbconfoption>
+ <smbconfoption name="browseable">No</smbconfoption>
+
+<smbconfsection name="[netlogon]"/>
+ <smbconfoption name="comment">Network Logon Service</smbconfoption>
+ <smbconfoption name="path">/var/lib/samba/netlogon</smbconfoption>
+ <smbconfoption name="guest ok">Yes</smbconfoption>
+ <smbconfoption name="locking">No</smbconfoption>
+
+<smbconfsection name="[profiles]"/>
+ <smbconfoption name="comment">Profile Share</smbconfoption>
+ <smbconfoption name="path">/var/lib/samba/profiles</smbconfoption>
+ <smbconfoption name="read only">No</smbconfoption>
+ <smbconfoption name="profile acls">Yes</smbconfoption>
+
+<smbconfsection name="[profdata]"/>
+ <smbconfoption name="comment">Profile Data Share</smbconfoption>
+ <smbconfoption name="path">/var/lib/samba/profdata</smbconfoption>
+ <smbconfoption name="read only">No</smbconfoption>
+ <smbconfoption name="profile acls">Yes</smbconfoption>
+
+<smbconfsection name="[print$]"/>
+ <smbconfoption name="comment">Printer Drivers</smbconfoption>
+ <smbconfoption name="path">/var/lib/samba/drivers</smbconfoption>
+</smbconfexample>
+
<step><para>
<indexterm><primary>slapd.conf</primary></indexterm>
Configure OpenLDAP in preparation for the migration. An example
diff --git a/docs/Samba-Guide/SBE-SecureOfficeServer.xml b/docs/Samba-Guide/SBE-SecureOfficeServer.xml
index 3dcbba4cd3..fb8562f577 100644
--- a/docs/Samba-Guide/SBE-SecureOfficeServer.xml
+++ b/docs/Samba-Guide/SBE-SecureOfficeServer.xml
@@ -821,6 +821,7 @@ echo -e "\nNAT firewall done.\n"
<smbconfoption name="bind interfaces only">Yes</smbconfoption>
<smbconfoption name="passdb backend">tdbsam</smbconfoption>
<smbconfoption name="pam password change">Yes</smbconfoption>
+<smbconfoption name="passwd program">/usr/bin/passwd %u</smbconfoption>
<smbconfoption name="passwd chat"></smbconfoption>
<member><parameter>*New*Password* %n\n *Re-enter*new*password*%n\n *Password*changed*</parameter></member>
<smbconfoption name="username map">/etc/samba/smbusers</smbconfoption>
@@ -2207,14 +2208,15 @@ Nmap run completed -- 1 IP address (1 host up) scanned in 168 seconds
be done with notebook computers as long as they are identical or sufficiently similar.
</para>
- <procedure>
+ <procedure id="sbewinclntprep">
+ <title>Windows Client Configuration Procedure</title>
+
<step><para>
- Install MS Windows XP Professional. During installation, configure the client to use DHCP for
- TCP/IP protocol configuration.
<indexterm><primary>WINS</primary></indexterm>
<indexterm><primary>DHCP</primary></indexterm>
- DHCP configures all Windows clients to use the WINS Server address that has been defined
- for the local subnet.
+ Install MS Windows XP Professional. During installation, configure the client to use DHCP for
+ TCP/IP protocol configuration. DHCP configures all Windows clients to use the WINS Server
+ address that has been defined for the local subnet.
</para></step>
<step><para>
@@ -2229,8 +2231,8 @@ Nmap run completed -- 1 IP address (1 host up) scanned in 168 seconds
<step><para>
Verify <constant>DIAMOND</constant> is visible in <guimenu>My Network Places</guimenu>,
that it is possible to connect to it and see the shares <guimenuitem>accounts</guimenuitem>,
- <guimenuitem>apps</guimenuitem>, and <guimenuitem>finsvcs</guimenuitem>,
- and that it is possible to open each share to reveal its contents.
+ <guimenuitem>apps</guimenuitem>, and <guimenuitem>finsvcs</guimenuitem>, and that it is
+ possible to open each share to reveal its contents.
</para></step>
<step><para>
@@ -2253,94 +2255,95 @@ Nmap run completed -- 1 IP address (1 host up) scanned in 168 seconds
Now install all four printers onto the staging system. The printers you install
include the accounting department HP LaserJet 6 and Minolta QMS Magicolor printers. You will
also configure identical printers that are located in the financial services department.
- Install printers on each machine using the following steps:
- </para>
+ Install printers on each machine using the steps shown in <link linkend="sbewinclntptrprep"/>.
+ </para></step>
- <procedure>
- <step><para>
- Click <menuchoice>
- <guimenu>Start</guimenu>
- <guimenuitem>Settings</guimenuitem>
- <guimenuitem>Printers</guimenuitem>
- <guiicon>Add Printer</guiicon>
- <guibutton>Next</guibutton>
- </menuchoice>. Do not click <guimenuitem>Network printer</guimenuitem>.
- Ensure that <guimenuitem>Local printer</guimenuitem> is selected.
- </para></step>
-
- <step><para>
- Click <guibutton>Next</guibutton>. In the
- <guimenuitem>Manufacturer:</guimenuitem> panel, select <constant>HP</constant>.
- In the <guimenuitem>Printers:</guimenuitem> panel, select the printer called
- <constant>HP LaserJet 6</constant>. Click <guibutton>Next</guibutton>.
- </para></step>
-
- <step><para>
- In the <guimenuitem>Available ports:</guimenuitem> panel, select
- <constant>FILE:</constant>. Accept the default printer name by clicking
- <guibutton>Next</guibutton>. When asked, <quote>Would you like to print a
- test page?,</quote> click <guimenuitem>No</guimenuitem>. Click
- <guibutton>Finish</guibutton>.
- </para></step>
-
- <step><para>
- You may be prompted for the name of a file to print to. If so, close the
- dialog panel. Right-click <menuchoice>
- <guiicon>HP LaserJet 6</guiicon>
- <guimenuitem>Properties</guimenuitem>
- <guisubmenu>Details (Tab)</guisubmenu>
- <guimenuitem>Add Port</guimenuitem>
- </menuchoice>.
- </para></step>
-
- <step><para>
- In the <guimenuitem>Network</guimenuitem> panel, enter the name of
- the print queue on the Samba server as follows: <constant>\\DIAMOND\hplj6a</constant>.
- Click <menuchoice>
- <guibutton>OK</guibutton>
- <guibutton>OK</guibutton>
- </menuchoice> to complete the installation.
- </para></step>
-
- <step><para>
- Repeat the printer installation steps above for both HP LaserJet 6 printers
- as well as for both QMS Magicolor laser printers.
- </para></step>
- </procedure>
- </step>
+ <step><para>
+ <indexterm><primary>defragmentation</primary></indexterm>
+ When you are satisfied that the staging systems are complete, use the appropriate procedure to
+ remove the client from the domain. Reboot the system and then log on as the local administrator
+ and clean out all temporary files stored on the system. Before shutting down, use the disk
+ defragmentation tool so that the file system is in optimal condition before replication.
+ </para></step>
- <step><para>
- <indexterm><primary>defragmentation</primary></indexterm>
- When you are satisfied that the staging systems are complete, use the appropriate procedure to
- remove the client from the domain. Reboot the system and then log on as the local administrator
- and clean out all temporary files stored on the system. Before shutting down, use the disk
- defragmentation tool so that the file system is in optimal condition before replication.
- </para></step>
+ <step><para>
+ Boot the workstation using the Norton (Symantec) Ghosting diskette (or CD-ROM) and image the
+ machine to a network share on the server.
+ </para></step>
- <step><para>
- Boot the workstation using the Norton (Symantec) Ghosting diskette (or CD-ROM) and image the
- machine to a network share on the server.
- </para></step>
+ <step><para>
+ <indexterm><primary>Windows security identifier</primary><see>SID</see></indexterm>
+ <indexterm><primary>SID</primary></indexterm>
+ You may now replicate the image to the target machines using the appropriate Norton Ghost
+ procedure. Make sure to use the procedure that ensures each machine has a unique
+ Windows security identifier (SID). When the installation of the disk image has completed, boot the PC.
+ </para></step>
- <step><para>
- <indexterm><primary>Windows security identifier</primary><see>SID</see></indexterm>
- <indexterm><primary>SID</primary></indexterm>
- You may now replicate the image to the target machines using the appropriate Norton Ghost
- procedure. Make sure to use the procedure that ensures each machine has a unique
- Windows security identifier (SID). When the installation of the disk image has completed, boot the PC.
- </para></step>
+ <step><para>
+ Log onto the machine as the local Administrator (the only option), and join the machine to
+ the Domain, following the procedure set out in Appendix A, <link linkend="domjoin"/>. The system is now
+ ready for the user to log on, provided you have created a network logon account for that
+ user, of course.
+ </para></step>
- <step><para>
- Log onto the machine as the local Administrator (the only option), and join the machine to
- the Domain, following the procedure set out in Appendix A, <link linkend="domjoin"/>. The system is now
- ready for the user to log on, provided you have created a network logon account for that
- user, of course.
- </para></step>
+ <step><para>
+ Instruct all users to log onto the workstation using their assigned username and password.
+ </para></step>
+ </procedure>
- <step><para>
- Instruct all users to log onto the workstation using their assigned username and password.
- </para></step>
- </procedure>
+ <procedure id="sbewinclntptrprep">
+ <title>Windows Client Printer Preparation Procedure</title>
+
+ <step><para>
+ Click <menuchoice>
+ <guimenu>Start</guimenu>
+ <guimenuitem>Settings</guimenuitem>
+ <guimenuitem>Printers</guimenuitem>
+ <guiicon>Add Printer</guiicon>
+ <guibutton>Next</guibutton>
+ </menuchoice>. Do not click <guimenuitem>Network printer</guimenuitem>.
+ Ensure that <guimenuitem>Local printer</guimenuitem> is selected.
+ </para></step>
+
+ <step><para>
+ Click <guibutton>Next</guibutton>. In the
+ <guimenuitem>Manufacturer:</guimenuitem> panel, select <constant>HP</constant>.
+ In the <guimenuitem>Printers:</guimenuitem> panel, select the printer called
+ <constant>HP LaserJet 6</constant>. Click <guibutton>Next</guibutton>.
+ </para></step>
+
+ <step><para>
+ In the <guimenuitem>Available ports:</guimenuitem> panel, select
+ <constant>FILE:</constant>. Accept the default printer name by clicking
+ <guibutton>Next</guibutton>. When asked, <quote>Would you like to print a
+ test page?,</quote> click <guimenuitem>No</guimenuitem>. Click
+ <guibutton>Finish</guibutton>.
+ </para></step>
+
+ <step><para>
+ You may be prompted for the name of a file to print to. If so, close the
+ dialog panel. Right-click <menuchoice>
+ <guiicon>HP LaserJet 6</guiicon>
+ <guimenuitem>Properties</guimenuitem>
+ <guisubmenu>Details (Tab)</guisubmenu>
+ <guimenuitem>Add Port</guimenuitem>
+ </menuchoice>.
+ </para></step>
+
+ <step><para>
+ In the <guimenuitem>Network</guimenuitem> panel, enter the name of
+ the print queue on the Samba server as follows: <constant>\\DIAMOND\hplj6a</constant>.
+ Click <menuchoice>
+ <guibutton>OK</guibutton>
+ <guibutton>OK</guibutton>
+ </menuchoice> to complete the installation.
+ </para></step>
+
+ <step><para>
+ Repeat the printer installation steps above for both HP LaserJet 6 printers
+ as well as for both QMS Magicolor laser printers.
+ </para></step>
+ </procedure>
</sect2>
generated by cgit (git 2.34.1) at 2024-09-22 15:27:29 +0000