7 files changed, 1206 insertions, 0 deletions
diff --git a/docs/docbook/faq/clientapp.sgml b/docs/docbook/faq/clientapp.sgml
new file mode 100644
index 0000000000..6d687bf772
--- /dev/null
+++ b/docs/docbook/faq/clientapp.sgml
@@ -0,0 +1,101 @@
+<chapter id="ClientApp">
+<title>Specific client application problems</title>
+
+<sect1>
+<title>MS Office Setup reports "Cannot change properties of '\MSOFFICE\SETUP.INI'"</title>
+<para>
+When installing MS Office on a Samba drive for which you have admin
+user permissions, ie. admin users = username, you will find the
+setup program unable to complete the installation.
+</para>
+
+<para>
+To get around this problem, do the installation without admin user
+permissions The problem is that MS Office Setup checks that a file is
+rdonly by trying to open it for writing.
+</para>
+
+<para>
+Admin users can always open a file for writing, as they run as root.
+You just have to install as a non-admin user and then use "chown -R"
+to fix the owner.
+</para>
+
+</sect1>
+
+<sect1>
+<title>How to use a Samba share as an administrative share for MS Office, etc.</title>
+
+<para>
+Microsoft Office products can be installed as an administrative installation
+from which the application can either be run off the administratively installed
+product that resides on a shared resource, or from which that product can be
+installed onto workstation clients.
+</para>
+
+<para>
+The general mechanism for implementing an adminstrative installation involves
+running <command>X:\setup /A</command>, where X is the drive letter of either CDROM or floppy.
+</para>
+
+<para>
+This installation process will NOT install the product for use per se, but
+rather results in unpacking of the compressed distribution files into a target
+shared folder. For this process you need write privilidge to the share and it
+is desirable to enable file locking and share mode operation during this
+process.
+</para>
+
+<para>
+Subsequent installation of MS Office from this share will FAIL unless certain
+precautions are taken. This failure will be caused by share mode operation
+which will prevent the MS Office installation process from re-opening various
+dynamic link library files and will cause sporadic file not found problems.
+</para>
+
+<itemizedlist>
+<listitem><para>
+As soon as the administrative installation (unpacking) has completed
+set the following parameters on the share containing it:
+</para>
+
+<para><programlisting>
+	[MSOP95]
+		path = /where_you_put_it
+		comment = Your comment
+		volume = "The_CD_ROM_Label"
+		read only = yes
+		available = yes
+		share modes = no
+		locking = no
+		browseable = yes
+		public = yes
+</programlisting></para>
+
+</listitem>
+
+<listitem>
+<para>Now you are ready to run the setup program from the Microsoft Windows
+workstation as follows: <command>\\"Server_Name"\MSOP95\msoffice\setup</command>
+</para>
+</listitem>
+</itemizedlist>
+
+</sect1>
+
+<sect1>
+<title>Microsoft Access database opening errors</title>
+
+<para>
+Here are some notes on running MS-Access on a Samba drive from <ulink url="stefank@esi.com.au">Stefan Kjellberg</ulink>
+</para>
+
+<para><simplelist>
+<member>Opening a database in 'exclusive' mode does NOT work. Samba ignores r/w/share modes on file open.</member>
+<member>Make sure that you open the database as 'shared' and to 'lock modified records'</member>
+<member>Of course locking must be enabled for the particular share (smb.conf)</member>
+</simplelist>
+</para>
+
+</sect1>
+</chapter>
diff --git a/docs/docbook/faq/config.sgml b/docs/docbook/faq/config.sgml
new file mode 100644
index 0000000000..78f73252a2
--- /dev/null
+++ b/docs/docbook/faq/config.sgml
@@ -0,0 +1,11 @@
+<chapter id="Config">
+<title>Configuration problems</title>
+
+<sect1>
+<title>I have set 'force user' and samba still makes 'root' the owner of all the files I touch!</title>
+<para>
+When you have a user in 'admin users', samba will always do file operations for 
+this user as 'root', even if 'force user' has been set.
+</para>
+</sect1>
+</chapter>
diff --git a/docs/docbook/faq/errors.sgml b/docs/docbook/faq/errors.sgml
new file mode 100644
index 0000000000..6476ec064e
--- /dev/null
+++ b/docs/docbook/faq/errors.sgml
@@ -0,0 +1,178 @@
+<chapter id="errors">
+
+<title>Common errors</title>
+
+<sect1>
+<title>Not listening for calling name</title>
+
+<para>
+<programlisting>
+Session request failed (131,129) with myname=HOBBES destname=CALVIN
+Not listening for calling name
+</programlisting>
+</para>
+
+<para>
+If you get this when talking to a Samba box then it means that your
+global "hosts allow" or "hosts deny" settings are causing the Samba 
+server to refuse the connection. 
+</para>
+
+<para>
+Look carefully at your "hosts allow" and "hosts deny" lines in the
+global section of smb.conf. 
+</para>
+
+<para>
+It can also be a problem with reverse DNS lookups not functioning 
+correctly, leading to the remote host identity not being able to
+be confirmed, but that is less likely.
+</para>
+</sect1>
+
+<sect1>
+<title>System Error 1240</title>
+
+<para>
+System error 1240 means that the client is refusing to talk
+to a non-encrypting server. Microsoft changed WinNT in service
+pack 3 to refuse to connect to servers that do not support
+SMB password encryption.
+</para>
+
+<para>There are two main solutions:
+<simplelist>
+<member>enable SMB password encryption in Samba. See the encryption part of 
+the samba HOWTO Collection</member>
+
+<member>disable this new behaviour in NT. See the section about 
+Windows NT in the chapter "Portability" of the samba HOWTO collection
+</member>
+</simplelist>
+</para>
+
+</sect1>
+
+<sect1>
+<title>smbclient ignores -N !</title>
+
+<para>
+<quote>When getting the list of shares available on a host using the command
+<command>smbclient -N -L</command>
+the program always prompts for the password if the server is a Samba server.
+It also ignores the "-N" argument when querying some (but not all) of our
+NT servers.
+</quote>
+</para>
+
+<para>
+No, it does not ignore -N, it is just that your server rejected the 
+null password in the connection, so smbclient prompts for a password
+to try again.
+</para>
+
+<para>
+To get the behaviour that you probably want use <command>smbclient -L host -U%</command>
+</para>
+
+<para>
+This will set both the username and password to null, which is
+an anonymous login for SMB. Using -N would only set the password
+to null, and this is not accepted as an anonymous login for most
+SMB servers.
+</para>
+
+</sect1>
+
+<sect1>
+<title>The data on the CD-Drive I've shared seems to be corrupted!</title>
+
+<para>
+Some OSes (notably Linux) default to auto detection of file type on
+cdroms and do cr/lf translation. This is a very bad idea when use with
+Samba. It causes all sorts of stuff ups.
+</para>
+
+<para>
+To overcome this problem use conv=binary when mounting the cdrom
+before exporting it with Samba.
+</para>
+
+</sect1>
+
+<sect1>
+<title>Why can users access home directories of other users?</title>
+
+<para>
+<quote>
+We are unable to keep individual users from mapping to any other user's
+home directory once they have supplied a valid password! They only need
+to enter their own password. I have not found *any* method that I can
+use to configure samba to enforce that only a user may map their own
+home directory.
+</quote>
+</para>
+ 
+<para><quote>
+User xyzzy can map his home directory. Once mapped user xyzzy can also map
+*anyone* elses home directory!
+</quote></para>
+
+<para>
+This is not a security flaw, it is by design. Samba allows
+users to have *exactly* the same access to the UNIX filesystem
+as they would if they were logged onto the UNIX box, except
+that it only allows such views onto the file system as are
+allowed by the defined shares.
+</para>
+
+<para>
+This means that if your UNIX home directories are set up
+such that one user can happily cd into another users
+directory and do an ls, the UNIX security solution is to 
+change the UNIX file permissions on the users home directories
+such that the cd and ls would be denied.
+</para>
+
+<para>
+Samba tries very hard not to second guess the UNIX administrators
+security policies, and trusts the UNIX admin to set
+the policies and permissions he or she desires.
+</para>
+
+<para>
+Samba does allow the setup you require when you have set the
+"only user = yes" option on the share, is that you have not set the
+valid users list for the share.
+</para>
+
+<para>
+Note that only user works in conjunction with the users= list,
+so to get the behavior you require, add the line :
+<programlisting>
+users = %S
+</programlisting>
+this is equivalent to:
+<programlisting>
+valid users = %S
+</programlisting>
+to the definition of the [homes] share, as recommended in
+the smb.conf man page.
+</para>
+
+</sect1>
+
+<sect1>
+<title>Until a few minutes after samba has started, clients get the error "Domain Controller Unavailable"</title>
+<para>
+A domain controller has to announce on the network who it is. This usually takes a while.
+</para>
+</sect1>
+
+<sect1>
+<title>I'm getting "open_oplock_ipc: Failed to get local UDP socket for address 100007f. Error was Cannot assign requested" in the logs</title>
+<para>Your loopback device isn't working correctly. Make sure it's running.
+</para>
+</sect1>
+
+</chapter>
diff --git a/docs/docbook/faq/features.sgml b/docs/docbook/faq/features.sgml
new file mode 100644
index 0000000000..bc1081e5c0
--- /dev/null
+++ b/docs/docbook/faq/features.sgml
@@ -0,0 +1,376 @@
+<chapter id="features">
+
+<title>Features</title>
+
+<sect1>
+<title>How can I prevent my samba server from being used to distribute the Nimda worm?</title>
+
+<para>Author: HASEGAWA Yosuke (translated by <ulink url="monyo@samba.gr.jp">TAKAHASHI Motonobu</ulink>)</para>
+
+<para>
+Nimba Worm is infected through shared disks on a network, as well as through
+Microsoft IIS, Internet Explorer and mailer of Outlook series.
+</para>
+
+<para>
+At this time, the worm copies itself by the name *.nws and *.eml on
+the shared disk, moreover, by the name of Riched20.dll in the folder
+where *.doc file is included.
+</para>
+
+<para>
+To prevent infection through the shared disk offered by Samba, set
+up as follows:
+</para>
+
+<para>
+<programlisting>
+[global]
+  ...
+  # This can break Administration installations of Office2k.
+  # in that case, don't veto the riched20.dll
+  veto files = /*.eml/*.nws/riched20.dll/
+</programlisting>
+</para>
+
+<para>
+By setting the "veto files" parameter, matched files on the Samba
+server are completely hidden from the clients and making it impossible
+to access them at all.
+</para>
+
+<para>
+In addition to it, the following setting is also pointed out by the
+samba-jp:09448 thread: when the
+"readme.txt.{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}" file exists on
+a Samba server, it is visible only as "readme.txt" and dangerous
+code may be executed if this file is double-clicked.
+</para>
+
+<para>
+Setting the following,
+<programlisting>
+  veto files = /*.{*}/
+</programlisting>
+any files having CLSID in its file extension will be inaccessible from any
+clients.
+</para>
+
+<para>
+This technical article is created based on the discussion of
+samba-jp:09448 and samba-jp:10900 threads.
+</para>
+</sect1>
+
+<sect1>
+<title>How can I use samba as a fax server?</title>
+
+<para>Contributor: <ulink url="mailto:zuber@berlin.snafu.de">Gerhard Zuber</ulink></para>
+
+<para>Requirements:
+<simplelist>
+<member>UNIX box (Linux preferred) with SAMBA and a faxmodem</member>
+<member>ghostscript package</member>
+<member>mgetty+sendfax package</member>
+<member>pbm package (portable bitmap tools)</member>
+</simplelist>
+</para>
+
+<para>First, install and configure the required packages. Be sure to read the mgetty+sendfax 
+manual carefully.</para>
+
+<sect2>
+<title>Tools for printing faxes</title>
+
+<para>Your incomed faxes are in:
+<filename>/var/spool/fax/incoming</filename></para>
+
+<para>print it with:</para>
+
+<para><programlisting>
+for i in *
+do
+g3cat $i | g3tolj | lpr -P hp
+done
+</programlisting>
+</para>
+
+<para>
+g3cat is in the tools-section, g3tolj is in the contrib-section
+for printing to HP lasers.
+</para>
+
+<para>
+If you want to produce files for displaying and printing with Windows, use
+some tools from the pbm-package like the following command: <command>g3cat $i | g3topbm - |  ppmtopcx - >$i.pcx</command>
+and view it with your favourite Windows tool (maybe paintbrush)
+</para>
+
+</sect2>
+
+<sect2>
+<title>Making the fax-server</title>
+
+<para>fetch the file <filename>mgetty+sendfax/frontends/winword/faxfilter</filename> and place it in <filename>/usr/local/etc/mgetty+sendfax/</filename>(replace /usr/local/ with whatever place you installed mgetty+sendfax)</para>
+
+<para>prepare your faxspool file as mentioned in this file
+edit fax/faxspool.in and reinstall or change the final
+/usr/local/bin/faxspool too.
+</para>
+
+<para><programlisting>
+if [ "$user" = "root" -o "$user" = "fax" -o \
+     "$user" = "lp" -o "$user" = "daemon" -o "$user" = "bin" ]
+</programlisting></para>
+
+<para>find the first line and change it to the second.</para>
+
+<para>
+make sure you have pbmtext (from the pbm-package). This is
+needed for creating the small header line on each page.
+</para>
+
+<para>Prepare your faxheader <filename>/usr/local/etc/mgetty+sendfax/faxheader</filename></para>
+
+<para>
+Edit your /etc/printcap file:
+<programlisting>
+# FAX 
+lp3|fax:\
+        :lp=/dev/null:\
+        :sd=/usr/spool/lp3:\
+        :if=/usr/local/etc/mgetty+sendfax/faxfilter:sh:sf:mx#0:\
+        :lf=/usr/spool/lp3/fax-log:
+</programlisting></para>
+
+<para>Now, edit your <filename>smb.conf</filename> so you have a smb based printer named "fax"</para>
+
+</sect2>
+
+<sect2>
+<title>Installing the client drivers</title>
+
+<para>
+Now you have a printer called "fax" which can be used via
+TCP/IP-printing (lpd-system) or via SAMBA (windows printing).
+</para>
+
+<para>
+On every system you are able to produce postscript-files you
+are ready to fax.
+</para>
+
+<para>
+On Windows 3.1 95 and NT:
+</para>
+
+<para>
+Install a printer wich produces postscript output,
+   e.g.  apple laserwriter
+</para>
+
+<para>Connect the "fax" to your printer.</para>
+
+<para>
+Now write your first fax. Use your favourite wordprocessor,
+write, winword, notepad or whatever you want, and start
+with the headerpage.
+</para>
+
+<para>
+Usually each fax has a header page. It carries your name,
+your address, your phone/fax-number.
+</para>
+
+<para>
+It carries also the recipient, his address and his *** fax
+number ***. Now here is the trick:
+</para>
+
+<para>
+Use the text:
+<programlisting>
+Fax-Nr: 123456789
+</programlisting>
+as the recipients fax-number. Make sure this text does not
+occur in regular text ! Make sure this text is not broken
+by formatting information, e.g. format it as a single entity.
+(Windows Write and Win95 Wordpad are functional, maybe newer
+ versions of Winword are breaking formatting information).
+</para>
+
+<para>
+The trick is that postscript output is human readable and
+the faxfilter program scans the text for this pattern and
+uses the found number as the fax-destination-number.
+</para>
+
+<para>
+Now print your fax through the fax-printer and it will be
+queued for later transmission. Use faxrunq for sending the
+queue out.
+</para>
+
+</sect2>
+
+<sect2>
+<title>Example smb.conf</title>
+
+<para><programlisting>
+[global]
+ printcap name = /etc/printcap
+ print command = /usr/bin/lpr -r -P %p %s
+ lpq command = /usr/bin/lpq -P %p
+ lprm command = /usr/bin/lprm -P %p %j
+
+[fax]
+    comment = FAX (mgetty+sendfax)
+    path = /tmp
+    printable = yes
+    public = yes
+    writable = no
+    create mode = 0700
+    browseable = yes
+    guest ok = no
+</programlisting></para>
+
+</sect2>
+</sect1>
+
+<sect1>
+<title>Samba doesn't work well together with DHCP!</title>
+
+<para>
+We wish to help those folks who wish to use the ISC DHCP Server and provide
+sample configuration settings. Most operating systems today come ship with
+the ISC DHCP Server. ISC DHCP is available from:
+<ulink url="ftp://ftp.isc.org/isc/dhcp">ftp://ftp.isc.org/isc/dhcp</ulink>
+</para>
+
+<para>
+Incorrect configuration of MS Windows clients (Windows9X, Windows ME, Windows
+NT/2000) will lead to problems with browsing and with general network
+operation. Windows 9X/ME users often report problems where the TCP/IP and related
+network settings will inadvertantly become reset at machine start-up resulting
+in loss of configuration settings. This results in increased maintenance
+overheads as well as serious user frustration.
+</para>
+
+<para>
+In recent times users on one mailing list incorrectly attributed the cause of
+network operating problems to incorrect configuration of Samba.
+</para>
+
+<para>
+One user insisted that the only way to provent Windows95 from periodically
+performing a full system reset and hardware detection process on start-up was
+to install the NetBEUI protocol in addition to TCP/IP. This assertion is not
+correct.
+</para>
+
+<para>
+In the first place, there is NO need for NetBEUI. All Microsoft Windows clients
+natively run NetBIOS over TCP/IP, and that is the only protocol that is
+recognised by Samba. Installation of NetBEUI and/or NetBIOS over IPX will
+cause problems with browse list operation on most networks. Even Windows NT
+networks experience these problems when incorrectly configured Windows95
+systems share the same name space. It is important that only those protocols
+that are strictly needed for site specific reasons should EVER be installed.
+</para>
+
+<para>
+Secondly, and totally against common opinion, DHCP is NOT an evil design but is
+an extension of the BOOTP protocol that has been in use in Unix environments
+for many years without any of the melt-down problems that some sensationalists
+would have us believe can be experienced with DHCP. In fact, DHCP in covered by
+rfc1541 and is a very safe method of keeping an MS Windows desktop environment
+under control and for ensuring stable network operation.
+</para>
+
+<para>
+Please note that MS Windows systems as of MS Windows NT 3.1 and MS Windows 95
+store all network configuration settings a registry. There are a few reports
+from MS Windows network administrators that warrant mention here. It would appear
+that when one sets certain MS TCP/IP protocol settings (either directly or via
+DHCP) that these do get written to the registry. Even though a subsequent
+change of setting may occur the old value may persist in the registry. This
+has been known to create serious networking problems.
+</para>
+
+<para>
+An example of this occurs when a manual TCP/IP environment is configured to
+include a NetBIOS Scope. In this event, when the administrator then changes the
+configuration of the MS TCP/IP protocol stack, without first deleting the
+current settings, by simply checking the box to configure the MS TCP/IP stack
+via DHCP then the NetBIOS Scope that is still persistent in the registry WILL be
+applied to the resulting DHCP offered settings UNLESS the DHCP server also sets
+a NetBIOS Scope. It may therefore be prudent to forcibly apply a NULL NetBIOS
+Scope from your DHCP server. The can be done in the dhcpd.conf file with the
+parameter:
+<command>option netbios-scope "";</command>
+</para>
+
+<para>
+While it is true that the Microsoft DHCP server that comes with Windows NT
+Server provides only a sub-set of rfc1533 functionality this is hardly an issue
+in those sites that already have a large investment and commitment to Unix
+systems and technologies. The current state of the art of the DHCP Server
+specification in covered in rfc2132.
+</para>
+
+</sect1>
+
+<sect1>
+<title>How can I assign NetBIOS names to clients with DHCP?</title>
+
+<para>
+SMB network clients need to be configured so that all standard TCP/IP name to
+address resolution works correctly. Once this has been achieved the SMB
+environment provides additional tools and services that act as helper agents in
+the translation of SMB (NetBIOS) names to their appropriate IP Addresses. One
+such helper agent is the NetBIOS Name Server (NBNS) or as Microsoft called it
+in their Windows NT Server implementation WINS (Windows Internet Name Server).
+</para>
+
+<para>
+A client needs to be configured so that it has a unique Machine (Computer)
+Name.
+</para>
+
+<para>
+This can be done, but needs a few NT registry hacks and you need to be able to
+speak UNICODE, which is of course no problem for a True Wizzard(tm) :)
+Instructions on how to do this (including a small util for less capable
+Wizzards) can be found at
+</para>
+
+<para><ulink url="http://www.unixtools.org/~nneul/sw/nt/dhcp-netbios-hostname.html">http://www.unixtools.org/~nneul/sw/nt/dhcp-netbios-hostname.html</ulink></para>
+
+</sect1>
+
+<sect1>
+<title>How do I convert between unix and dos text formats?</title>
+
+<para>
+Jim barry has written an <ulink url="ftp://samba.org/pub/samba/contributed/fixcrlf.zip">
+excellent drag-and-drop cr/lf converter for
+windows</ulink>. Just drag your file onto the icon and it converts the file.
+</para>
+
+<para>
+The utilities unix2dos and dos2unix(in the mtools package) should do 
+the job under unix.
+</para>
+
+</sect1>
+
+<sect1>
+<title>Does samba have wins replication support?</title>
+
+<para>
+At the time of writing there is currently being worked on a wins replication implementation(wrepld).
+</para>
+
+</sect1>
+
+</chapter>
diff --git a/docs/docbook/faq/general.sgml b/docs/docbook/faq/general.sgml
new file mode 100644
index 0000000000..38bcdf49e3
--- /dev/null
+++ b/docs/docbook/faq/general.sgml
@@ -0,0 +1,170 @@
+<chapter id="general">
+<title>General Information</title>
+
+<sect1>
+<title>Where can I get it?</title>
+<para>
+The Samba suite is available at the <ulink url="http://samba.org/">samba website</ulink>.
+</para>
+</sect1>
+
+<sect1>
+<title>What do the version numbers mean?</title>
+<para>
+It is not recommended that you run a version of Samba with the word
+"alpha" in its name unless you know what you are doing and are willing
+to do some debugging. Many, many people just get the latest
+recommended stable release version and are happy. If you are brave, by
+all means take the plunge and help with the testing and development -
+but don't install it on your departmental server. Samba is typically
+very stable and safe, and this is mostly due to the policy of many
+public releases.
+</para>
+
+<para>
+How the scheme works:
+<simplelist>
+<member>When major changes are made the version number is increased. For
+example, the transition from 1.9.15 to 1.9.16. However, this version
+number will not appear immediately and people should continue to use
+1.9.15 for production systems (see next point.)</member>
+
+<member>Just after major changes are made the software is considered
+unstable, and a series of alpha releases are distributed, for example
+1.9.16alpha1. These are for testing by those who know what they are
+doing.  The "alpha" in the filename will hopefully scare off those who
+are just looking for the latest version to install.</member>
+
+<member>When Andrew thinks that the alphas have stabilised to the point
+where he would recommend new users install it, he renames it to the
+same version number without the alpha, for example 1.9.16.</member>
+
+<member>Inevitably bugs are found in the "stable" releases and minor patch
+levels are released which give us the pXX series, for example 1.9.16p2.</member>
+</simplelist>
+</para>
+
+<para>
+So the progression goes:
+
+<programlisting>
+1.9.15p7	(production)
+1.9.15p8	(production)
+1.9.16alpha1	(test sites only)
+:
+1.9.16alpha20	(test sites only)
+1.9.16		(production)
+1.9.16p1	(production)
+</programlisting>
+</para>
+
+<para>
+The above system means that whenever someone looks at the samba ftp
+site they will be able to grab the highest numbered release without an
+alpha in the name and be sure of getting the current recommended
+version.
+</para>
+
+</sect1>
+
+<sect1>
+<title>What platforms are supported?</title>
+<para>
+Many different platforms have run Samba successfully. The platforms
+most widely used and thus best tested are Linux and SunOS.</para>
+
+<para>
+At time of writing, there is support (or has been support for in earlier 
+versions):
+</para>
+
+<simplelist>
+<member>A/UX 3.0</member>
+<member>AIX</member>
+<member>Altos Series 386/1000</member>
+<member>Amiga</member>
+<member>Apollo Domain/OS sr10.3</member>
+<member>BSDI </member>
+<member>B.O.S. (Bull Operating System)</member>
+<member>Cray, Unicos 8.0</member>
+<member>Convex</member>
+<member>DGUX. </member>
+<member>DNIX.</member>
+<member>FreeBSD</member>
+<member>HP-UX</member>
+<member>Intergraph. </member>
+<member>Linux with/without shadow passwords and quota</member>
+<member>LYNX 2.3.0</member>
+<member>MachTen (a unix like system for Macintoshes)</member>
+<member>Motorola 88xxx/9xx range of machines</member>
+<member>NetBSD</member>
+<member>NEXTSTEP Release 2.X, 3.0 and greater (including OPENSTEP for Mach).</member>
+<member>OS/2 using EMX 0.9b</member>
+<member>OSF1</member>
+<member>QNX 4.22</member>
+<member>RiscIX. </member>
+<member>RISCOs 5.0B</member>
+<member>SEQUENT. </member>
+<member>SCO (including: 3.2v2, European dist., OpenServer 5)</member>
+<member>SGI.</member>
+<member>SMP_DC.OSx v1.1-94c079 on Pyramid S series</member>
+<member>SONY NEWS, NEWS-OS (4.2.x and 6.1.x)</member>
+<member>SUNOS 4</member>
+<member>SUNOS 5.2, 5.3, and 5.4 (Solaris 2.2, 2.3, and '2.4 and later')</member>
+<member>Sunsoft ISC SVR3V4</member>
+<member>SVR4</member>
+<member>System V with some berkely extensions (Motorola 88k R32V3.2).</member>
+<member>ULTRIX.</member>
+<member>UNIXWARE</member>
+<member>UXP/DS</member>
+</simplelist>
+
+</sect1>
+
+<sect1>
+<title>How do I subscribe to the Samba Mailing Lists?</title>
+<para>
+Look at <ulink url="http://samba.org/samba/archives.html">the samba mailing list page</ulink>
+</para>
+</sect1>
+
+<sect1>
+<title>Pizza supply details</title>
+<para>
+Those who have registered in the Samba survey as "Pizza Factory" will
+already know this, but the rest may need some help. Andrew doesn't ask
+for payment, but he does appreciate it when people give him
+pizza. This calls for a little organisation when the pizza donor is
+twenty thousand kilometres away, but it has been done.
+</para>
+
+<para>
+Method 1: Ring up your local branch of an international pizza chain
+and see if they honour their vouchers internationally. Pizza Hut do,
+which is how the entire Canberra Linux Users Group got to eat pizza
+one night, courtesy of someone in the US.
+</para>
+
+<para>
+Method 2: Ring up a local pizza shop in Canberra and quote a credit
+card number for a certain amount, and tell them that Andrew will be
+collecting it (don't forget to tell him.) One kind soul from Germany
+did this.
+</para>
+
+<para>
+Method 3: Purchase a pizza voucher from your local pizza shop that has
+no international affiliations and send it to Andrew. It is completely
+useless but he can hang it on the wall next to the one he already has
+from Germany :-)
+</para>
+
+<para>
+Method 4: Air freight him a pizza with your favourite regional
+flavours. It will probably get stuck in customs or torn apart by
+hungry sniffer dogs but it will have been a noble gesture.
+</para>
+
+</sect1>
+
+</chapter>
diff --git a/docs/docbook/faq/install.sgml b/docs/docbook/faq/install.sgml
new file mode 100644
index 0000000000..88520fc71d
--- /dev/null
+++ b/docs/docbook/faq/install.sgml
@@ -0,0 +1,333 @@
+<chapter id="Install">
+<title>Compiling and installing Samba on a Unix host</title>
+
+<sect1>
+<title>I can't see the Samba server in any browse lists!</title>
+<para>
+See Browsing.html in the docs directory of the samba source
+for more information on browsing.
+</para>
+
+<para>
+If your GUI client does not permit you to select non-browsable
+servers, you may need to do so on the command line. For example, under
+Lan Manager you might connect to the above service as disk drive M:
+thusly:
+<programlisting>
+   net use M: \\mary\fred
+</programlisting>
+The details of how to do this and the specific syntax varies from
+client to client - check your client's documentation.
+</para>
+</sect1>
+
+<sect1>
+<title>Some files that I KNOW are on the server doesn't show up when I view the files from my client!</title>
+<para>See the next question.</para>
+</sect1>
+
+<sect1>
+<title>Some files on the server show up with really wierd filenames when I view the files from my client!</title>
+<para>
+If you check what files are not showing up, you will note that they
+are files which contain upper case letters or which are otherwise not
+DOS-compatible (ie, they are not legal DOS filenames for some reason).
+</para>
+
+<para>
+The Samba server can be configured either to ignore such files
+completely, or to present them to the client in "mangled" form. If you
+are not seeing the files at all, the Samba server has most likely been
+configured to ignore them.  Consult the man page smb.conf(5) for
+details of how to change this - the parameter you need to set is
+"mangled names = yes".
+</para>
+</sect1>
+
+<sect1>
+<title>My client reports "cannot locate specified computer" or similar</title>
+<para>
+This indicates one of three things: You supplied an incorrect server
+name, the underlying TCP/IP layer is not working correctly, or the
+name you specified cannot be resolved.
+</para>
+
+<para>
+After carefully checking that the name you typed is the name you
+should have typed, try doing things like pinging a host or telnetting
+to somewhere on your network to see if TCP/IP is functioning OK. If it
+is, the problem is most likely name resolution.
+</para>
+
+<para>
+If your client has a facility to do so, hardcode a mapping between the
+hosts IP and the name you want to use. For example, with Lan Manager
+or Windows for Workgroups you would put a suitable entry in the file
+LMHOSTS. If this works, the problem is in the communication between
+your client and the netbios name server. If it does not work, then
+there is something fundamental wrong with your naming and the solution
+is beyond the scope of this document.
+</para>
+
+<para>
+If you do not have any server on your subnet supplying netbios name
+resolution, hardcoded mappings are your only option. If you DO have a
+netbios name server running (such as the Samba suite's nmbd program),
+the problem probably lies in the way it is set up. Refer to Section
+Two of this FAQ for more ideas.
+</para>
+
+<para>
+By the way, remember to REMOVE the hardcoded mapping before further
+tests :-)
+</para>
+
+</sect1>
+
+<sect1>
+<title>My client reports "cannot locate specified share name" or similar</title>
+<para>
+This message indicates that your client CAN locate the specified
+server, which is a good start, but that it cannot find a service of
+the name you gave.
+</para>
+
+<para>
+The first step is to check the exact name of the service you are
+trying to connect to (consult your system administrator). Assuming it
+exists and you specified it correctly (read your client's docs on how
+to specify a service name correctly), read on:
+</para>
+
+<simplelist>
+<member>Many clients cannot accept or use service names longer than eight characters.</member>
+<member>Many clients cannot accept or use service names containing spaces.</member>
+<member>Some servers (not Samba though) are case sensitive with service names.</member>
+<member>Some clients force service names into upper case.</member>
+</simplelist>
+</sect1>
+
+<sect1>
+<title>Printing doesn't work</title>
+<para>
+Make sure that the specified print command for the service you are
+connecting to is correct and that it has a fully-qualified path (eg.,
+use "/usr/bin/lpr" rather than just "lpr").
+</para>
+
+<para>
+Make sure that the spool directory specified for the service is
+writable by the user connected to the service. In particular the user
+"nobody" often has problems with printing, even if it worked with an
+earlier version of Samba. Try creating another guest user other than
+"nobody".
+</para>
+
+<para>
+Make sure that the user specified in the service is permitted to use
+the printer.
+</para>
+
+<para>
+Check the debug log produced by smbd. Search for the printer name and
+see if the log turns up any clues. Note that error messages to do with
+a service ipc$ are meaningless - they relate to the way the client
+attempts to retrieve status information when using the LANMAN1
+protocol.
+</para>
+
+<para>
+If using WfWg then you need to set the default protocol to TCP/IP, not
+Netbeui. This is a WfWg bug.
+</para>
+
+<para>
+If using the Lanman1 protocol (the default) then try switching to
+coreplus.  Also not that print status error messages don't mean
+printing won't work. The print status is received by a different
+mechanism.
+</para>
+</sect1>
+
+<sect1>
+<title>My client reports "This server is not configured to list shared resources"</title>
+<para>
+Your guest account is probably invalid for some reason. Samba uses the
+guest account for browsing in smbd.  Check that your guest account is
+valid.
+</para>
+
+<para>See also 'guest account' in smb.conf man page.</para>
+
+</sect1>
+
+<sect1>
+<title>Log message "you appear to have a trapdoor uid system" </title>
+<para>
+This can have several causes. It might be because you are using a uid
+or gid of 65535 or -1. This is a VERY bad idea, and is a big security
+hole. Check carefully in your /etc/passwd file and make sure that no
+user has uid 65535 or -1. Especially check the "nobody" user, as many
+broken systems are shipped with nobody setup with a uid of 65535.
+</para>
+
+<para>It might also mean that your OS has a trapdoor uid/gid system :-)</para>
+
+<para>
+This means that once a process changes effective uid from root to
+another user it can't go back to root. Unfortunately Samba relies on
+being able to change effective uid from root to non-root and back
+again to implement its security policy. If your OS has a trapdoor uid
+system this won't work, and several things in Samba may break. Less
+things will break if you use user or server level security instead of
+the default share level security, but you may still strike
+problems.
+</para>
+
+<para>
+The problems don't give rise to any security holes, so don't panic,
+but it does mean some of Samba's capabilities will be unavailable.
+In particular you will not be able to connect to the Samba server as
+two different uids at once. This may happen if you try to print as a
+"guest" while accessing a share as a normal user. It may also affect
+your ability to list the available shares as this is normally done as
+the guest user.
+</para>
+
+<para>
+Complain to your OS vendor and ask them to fix their system.
+</para>
+
+<para>
+Note: the reason why 65535 is a VERY bad choice of uid and gid is that
+it casts to -1 as a uid, and the setreuid() system call ignores (with
+no error) uid changes to -1. This means any daemon attempting to run
+as uid 65535 will actually run as root. This is not good!
+</para>
+
+</sect1>
+
+<sect1>
+<title>Why are my file's timestamps off by an hour, or by a few hours?</title>
+<para>
+This is from Paul Eggert eggert@twinsun.com.
+</para>
+
+<para>
+Most likely it's a problem with your time zone settings.
+</para>
+
+<para>
+Internally, Samba maintains time in traditional Unix format,
+namely, the number of seconds since 1970-01-01 00:00:00 Universal Time
+(or ``GMT''), not counting leap seconds.
+</para>
+
+<para>
+On the server side, Samba uses the Unix TZ variable to convert
+internal timestamps to and from local time.  So on the server side, there are
+two things to get right.
+<simplelist>
+<member>The Unix system clock must have the correct Universal time. Use the shell command "sh -c 'TZ=UTC0 date'" to check this.</member>
+<member>The TZ environment variable must be set on the server before Samba is invoked.  The details of this depend on the server OS, but typically you must edit a file whose name is /etc/TIMEZONE or /etc/default/init, or run the command `zic -l'.</member>
+</simplelist>
+</para>
+
+<para>TZ must have the correct value.</para>
+
+<para>
+If possible, use geographical time zone settings
+(e.g. TZ='America/Los_Angeles' or perhaps
+ TZ=':US/Pacific').  These are supported by most
+popular Unix OSes, are easier to get right, and are
+more accurate for historical timestamps.  If your
+operating system has out-of-date tables, you should be
+able to update them from the public domain time zone
+tables at <ulink url="ftp://elsie.nci.nih.gov/pub/">ftp://elsie.nci.nih.gov/pub/</ulink>.
+</para>
+
+<para>If your system does not support geographical timezone
+settings, you must use a Posix-style TZ strings, e.g.
+TZ='PST8PDT,M4.1.0/2,M10.5.0/2' for US Pacific time.
+Posix TZ strings can take the following form (with optional
+											  items in brackets):
+<programlisting>
+	StdOffset[Dst[Offset],Date/Time,Date/Time]
+</programlisting>
+                where:
+</para>
+
+<para><simplelist>
+<member>`Std' is the standard time designation (e.g. `PST').</member>
+<member>`Offset' is the number of hours behind UTC (e.g. `8').
+Prepend a `-' if you are ahead of UTC, and
+append `:30' if you are at a half-hour offset.
+Omit all the remaining items if you do not use
+daylight-saving time.</member>
+
+<member>`Dst' is the daylight-saving time designation
+(e.g. `PDT').</member>
+
+<member>The optional second `Offset' is the number of
+hours that daylight-saving time is behind UTC.
+The default is 1 hour ahead of standard time.
+</member>
+
+<member>`Date/Time,Date/Time' specify when daylight-saving
+time starts and ends.  The format for a date is
+`Mm.n.d', which specifies the dth day (0 is Sunday)
+of the nth week of the mth month, where week 5 means
+the last such day in the month.  The format for a
+time is [h]h[:mm[:ss]], using a 24-hour clock.
+</member>
+
+</simplelist>
+</para>
+
+<para>
+Other Posix string formats are allowed but you don't want
+to know about them.</para>
+
+<para>
+On the client side, you must make sure that your client's clock and
+time zone is also set appropriately.  [[I don't know how to do this.]]
+Samba traditionally has had many problems dealing with time zones, due
+to the bizarre ways that Microsoft network protocols handle time
+zones.  
+</para>
+</sect1>
+
+<sect1>
+<title>How do I set the printer driver name correctly?</title>
+<para>Question:
+<quote> On NT, I opened "Printer Manager" and "Connect to Printer".
+ Enter ["\\ptdi270\ps1"] in the box of printer. I got the
+ following error message
+ </quote></para>
+ <para>
+ <programlisting>
+     You do not have sufficient access to your machine
+     to connect to the selected printer, since a driver
+     needs to be installed locally.
+ </programlisting>
+ </para>
+
+ <para>Answer:</para>
+
+ <para>In the more recent versions of Samba you can now set the "printer
+driver" in smb.conf. This tells the client what driver to use. For
+example:</para>
+<para><programlisting>
+     printer driver = HP LaserJet 4L
+</programlisting></para>
+<para>With this, NT knows to use the right driver. You have to get this string
+exactly right.</para>
+
+<para>To find the exact string to use, you need to get to the dialog box in
+your client where you select which printer driver to install. The
+correct strings for all the different printers are shown in a listbox
+in that dialog box.</para>
+
+</sect1>
+
+</chapter>
diff --git a/docs/docbook/faq/sambafaq.sgml b/docs/docbook/faq/sambafaq.sgml
new file mode 100644
index 0000000000..e9e5ed7a3c
--- /dev/null
+++ b/docs/docbook/faq/sambafaq.sgml
@@ -0,0 +1,37 @@
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [
+<!ENTITY general SYSTEM "general.sgml">
+<!ENTITY install SYSTEM "install.sgml">
+<!ENTITY errors SYSTEM "errors.sgml">
+<!ENTITY clientapp SYSTEM "clientapp.sgml">
+<!ENTITY features SYSTEM "features.sgml">
+<!ENTITY config SYSTEM "config.sgml">
+]>
+
+<book id="Samba-FAQ">
+<title>Samba FAQ</title>
+
+<bookinfo>
+	<author><surname>Samba Team</surname></author>
+	<pubdate>October 2002</pubdate>
+</bookinfo>
+
+<dedication>
+<para>
+This is the Frequently Asked Questions (FAQ) document for
+Samba, the free and very popular SMB server product. An SMB server
+allows file and printer connections from clients such as Windows,
+OS/2, Linux and others. Current to version 3.0. Please send any
+corrections to the samba documentation mailinglist at
+<ulink url="mailto:samba-doc@samba.org">samba-doc@samba.org</ulink>. 
+This FAQ was based on the old Samba FAQ by Dan Shearer and Paul Blackman, 
+and the old samba text documents which were mostly written by John Terpstra.
+</para>
+</dedication>
+
+&general;
+&install;
+&config;
+&clientapp;
+&errors;
+&features;
+</book>