diff options
Diffstat (limited to 'docs/docbook/projdoc/AdvancedNetworkAdmin.xml')
-rw-r--r-- | docs/docbook/projdoc/AdvancedNetworkAdmin.xml | 215 |
1 files changed, 101 insertions, 114 deletions
diff --git a/docs/docbook/projdoc/AdvancedNetworkAdmin.xml b/docs/docbook/projdoc/AdvancedNetworkAdmin.xml index ee1f351e41..65d50b496e 100644 --- a/docs/docbook/projdoc/AdvancedNetworkAdmin.xml +++ b/docs/docbook/projdoc/AdvancedNetworkAdmin.xml @@ -9,7 +9,7 @@ <para> This section documents peripheral issues that are of great importance to network administrators who want to improve network resource access control, to automate the user -environment, and to make their lives a little easier. +environment and to make their lives a little easier. </para> <sect1> @@ -17,15 +17,16 @@ environment, and to make their lives a little easier. <para> Often the difference between a working network environment and a well appreciated one can -best be measured by the <emphasis>little things</emphasis> that makes everything work more -harmoniously. A key part of every network environment solution is the ability to remotely -manage MS Windows workstations, to remotely access the Samba server, to provide customised -logon scripts, as well as other house keeping activities that help to sustain more reliable +best be measured by the <emphasis>little things</emphasis> that make everything work more +harmoniously. A key part of every network environment solution is the +ability to remotely +manage MS Windows workstations, remotely access the Samba server, provide customized +logon scripts, as well as other housekeeping activities that help to sustain more reliable network operations. </para> <para> -This chapter presents information on each of these area. They are placed here, and not in +This chapter presents information on each of these areas. They are placed here, and not in other chapters, for ease of reference. </para> @@ -34,35 +35,37 @@ other chapters, for ease of reference. <sect1> <title>Remote Server Administration</title> -<para> -<emphasis>How do I get 'User Manager' and 'Server Manager'?</emphasis> -</para> + +<para><quote>How do I get `User Manager' and `Server Manager'?</quote></para> <para> - Since I don't need to buy an <application>NT4 Server</application>, how do I get the 'User Manager for Domains', -the 'Server Manager'? +<indexterm><primary>User Manager</primary></indexterm> +<indexterm><primary>Server Manager</primary></indexterm> +<indexterm><primary>Event Viewer</primary></indexterm> +Since I do not need to buy an <application>NT4 Server</application>, how do I get the `User Manager for Domains' +and the `Server Manager'? </para> <para> -Microsoft distributes a version of these tools called nexus for installation -on <application>Windows 9x / Me</application> systems. The tools set includes: +<indexterm><primary>Nexus.exe</primary></indexterm> +Microsoft distributes a version of these tools called <filename>Nexus.exe</filename> for installation +on <application>Windows 9x/Me</application> systems. The tools set includes: </para> -<simplelist> - <member>Server Manager</member> - <member>User Manager for Domains</member> - <member>Event Viewer</member> -</simplelist> +<itemizedlist> + <listitem>Server Manager</listitem> + <listitem>User Manager for Domains</listitem> + <listitem>Event Viewer</listitem> +</itemizedlist> <para> -Click here to download the archived file <ulink -url="ftp://ftp.microsoft.com/Softlib/MSLFILES/NEXUS.EXE">ftp://ftp.microsoft.com/Softlib/MSLFILES/NEXUS.EXE</ulink> +Download the archived file at <ulink noescape="1" url="ftp://ftp.microsoft.com/Softlib/MSLFILES/NEXUS.EXE">ftp://ftp.microsoft.com/Softlib/MSLFILES/NEXUS.EXE.</ulink> </para> <para> -The <application>Windows NT 4.0</application> version of the 'User Manager for -Domains' and 'Server Manager' are available from Microsoft via ftp -from <ulink url="ftp://ftp.microsoft.com/Softlib/MSLFILES/SRVTOOLS.EXE">ftp://ftp.microsoft.com/Softlib/MSLFILES/SRVTOOLS.EXE</ulink> +<indexterm><primary>SRVTOOLS.EXE</primary></indexterm> +The <application>Windows NT 4.0</application> version of the `User Manager for +Domains' and `Server Manager' are available from Microsoft <ulink url="ftp://ftp.microsoft.com/Softlib/MSLFILES/SRVTOOLS.EXE">via ftp</ulink>. </para> </sect1> @@ -72,87 +75,83 @@ from <ulink url="ftp://ftp.microsoft.com/Softlib/MSLFILES/SRVTOOLS.EXE">ftp://ft <para> There are a number of possible remote desktop management solutions that range from free -through costly. Do not let that put you off. Sometimes the most costly solutions is the +through costly. Do not let that put you off. Sometimes the most costly solution is the most cost effective. In any case, you will need to draw your own conclusions as to which is the best tool in your network environment. </para> <sect2> - <title>Remote Management from NoMachines.Com</title> + <title>Remote Management from NoMachine.Com</title> <para> + <indexterm><primary>NoMachine.Com</primary></indexterm> The following information was posted to the Samba mailing list at Apr 3 23:33:50 GMT 2003. It is presented in slightly edited form (with author details omitted for privacy reasons). The entire answer is reproduced below with some comments removed. </para> -<para> -<screen> -> I have a wonderful linux/samba server running as PDC for a network. -> Now I would like to add remote desktop capabilities so that -> users outside could login to the system and get their desktop up from -> home or another country.. -> -> Is there a way to accomplish this? Do I need a windows terminal server? -> Do I need to configure it so that it is a member of the domain or a -> BDC,PDC? Are there any hacks for MS Windows XP to enable remote login -> even if the computer is in a domain? -> -> Any ideas/experience would be appreciated :) -</screen> -</para> + <para><quote> + I have a wonderful Linux/Samba server running as pdc for a network. Now I would like to add remote + desktop capabilities so users outside could login to the system and get their desktop up from home or + another country. + </quote></para> - <para> - Answer provided: Check out the new offer from NoMachine, "NX" software: - <ulink url="http://www.nomachine.com/">http://www.nomachine.com/</ulink>. - </para> + <para><quote> + Is there a way to accomplish this? Do I need a Windows Terminal Server? Do I need to configure it so + it is a member of the domain or a BDC,PDC? Are there any hacks for MS Windows XP to enable remote login + even if the computer is in a domain? + </quote></para> + + <para> + Answer provided: Check out the new offer from NoMachine, <quote>NX</quote> software: + <ulink noescape="1" url="http://www.nomachine.com/">http://www.nomachine.com/</ulink>. + </para> <para> - It implements a very easy-to-use interface to the remote X protocol as + It implements an easy-to-use interface to the Remote X protocol as well as incorporating VNC/RFB and rdesktop/RDP into it, but at a speed - performance much better than anything you may have ever seen... + performance much better than anything you may have ever seen. </para> <para> - Remote X is not new at all -- but what they did achieve successfully is - a new way of compression and caching technologies which makes the thing + Remote X is not new at all, but what they did achieve successfully is + a new way of compression and caching technologies that makes the thing fast enough to run even over slow modem/ISDN connections. </para> <para> - I could test drive their (public) RedHat machine in Italy, over a loaded - internet connection, with enabled thumbnail previews in KDE konqueror - which popped up immediately on "mouse-over". From inside that (remote X) + I could test drive their (public) Red Hat machine in Italy, over a loaded + Internet connection, with enabled thumbnail previews in KDE konqueror + which popped up immediately on <quote>mouse-over</quote>. From inside that (remote X) session I started a rdesktop session on another, a Windows XP machine. - To test the performance, I played Pinball. I am proud to announce here - that my score was 631750 points at first try... + To test the performance, I played Pinball. I am proud to announce + that my score was 631750 points at first try. </para> <para> - NX performs better on my local LAN than any of the other "pure" + NX performs better on my local LAN than any of the other <quote>pure</quote> connection methods I am using from time to time: TightVNC, rdesktop or - remote X. It is even faster than a direct crosslink connection between + Remote X. It is even faster than a direct crosslink connection between two nodes. </para> <para> - I even got sound playing from the remote X app to my local boxes, and - had a working "copy'n'paste" from an NX window (running a KDE session - in Italy) to my Mozilla mailing agent... These guys are certainly doing + I even got sound playing from the Remote X app to my local boxes, and + had a working <quote>copy'n'paste</quote> from an NX window (running a KDE session + in Italy) to my Mozilla mailing agent. These guys are certainly doing something right! </para> <para> - I recommend to test drive NX to anybody with a only a remote interest - in remote computing - <ulink url="http://www.nomachine.com/testdrive.php">http://www.nomachine.com/testdrive.php</ulink>. + I recommend to test drive NX to anybody with a only a passing interest in remote computing + <ulink noescape="1" url="http://www.nomachine.com/testdrive.php">http://www.nomachine.com/testdrive.php</ulink>. </para> <para> - Just download the free of charge client software (available for RedHat, - SuSE, Debian and Windows) and be up and running within 5 minutes (they + Just download the free of charge client software (available for Red Hat, + SuSE, Debian and Windows) and be up and running within five minutes (they need to send you your account data, though, because you are assigned - a real Unix account on their testdrive.nomachine.com box... + a real UNIX account on their testdrive.nomachine.com box. </para> <para> @@ -160,17 +159,17 @@ is the best tool in your network environment. running as a cluster of nodes, and users simply start an NX session locally, and can select applications to run transparently (apps may even run on another NX node, but pretend to be on the same as used for initial login, - because it displays in the same window.... well, you also can run it + because it displays in the same window. You also can run it fullscreen, and after a short time you forget that it is a remote session at all). </para> <para> - Now the best thing at the end: all the core compression and caching + Now the best thing for last: All the core compression and caching technologies are released under the GPL and available as source code to anybody who wants to build on it! These technologies are working, albeit started from the command line only (and very inconvenient to - use in order to get a fully running remote X session up and running....) + use in order to get a fully running remote X session up and running.) </para> <para> @@ -179,32 +178,32 @@ is the best tool in your network environment. <itemizedlist> <listitem><para> - You don't need to install a terminal server; XP has RDP support built in. + You do not need to install a terminal server; XP has RDP support built in. </para></listitem> <listitem><para> - NX is much cheaper than Citrix -- and comparable in performance, probably faster + NX is much cheaper than Citrix &smbmdash; and comparable in performance, probably faster. </para></listitem> <listitem><para> - You don't need to hack XP -- it just works + You do not need to hack XP &smbmdash; it just works. </para></listitem> <listitem><para> You log into the XP box from remote transparently (and I think there is no - need to change anything to get a connection, even if authentication is against a domain) + need to change anything to get a connection, even if authentication is against a domain). </para></listitem> <listitem><para> - The NX core technologies are all Open Source and released under the GPL -- - you can today use a (very inconvenient) commandline to use it at no cost, - but you can buy a comfortable (proprietary) NX GUI frontend for money + The NX core technologies are all Open Source and released under the GPL &smbmdash; + you can now use a (very inconvenient) commandline at no cost, + but you can buy a comfortable (proprietary) NX GUI frontend for money. </para></listitem> <listitem><para> NoMachine are encouraging and offering help to OSS/Free Software implementations for such a frontend too, even if it means competition to them (they have written - to this effect even to the LTSP, KDE and GNOME developer mailing lists) + to this effect even to the LTSP, KDE and GNOME developer mailing lists). </para></listitem> </itemizedlist> @@ -216,22 +215,17 @@ is the best tool in your network environment. <title>Network Logon Script Magic</title> <para> -This section needs work. Volunteer contributions most welcome. Please send your patches or updates -to <ulink url="mailto:jht@samba.org">John Terpstra</ulink>. -</para> - -<para> There are several opportunities for creating a custom network startup configuration environment. </para> -<simplelist> - <member>No Logon Script</member> - <member>Simple universal Logon Script that applies to all users</member> - <member>Use of a conditional Logon Script that applies per user or per group attributes</member> - <member>Use of Samba's Preexec and Postexec functions on access to the NETLOGON share to create - a custom Logon Script and then execute it.</member> - <member>User of a tool such as KixStart</member> -</simplelist> +<itemizedlist> + <listitem>No Logon Script.</listitem> + <listitem>Simple universal Logon Script that applies to all users.</listitem> + <listitem>Use of a conditional Logon Script that applies per user or per group attributes.</listitem> + <listitem>Use of Samba's preexec and postexec functions on access to the NETLOGON share to create + a custom logon script and then execute it.</listitem> + <listitem>User of a tool such as KixStart.</listitem> +</itemizedlist> <para> The Samba source code tree includes two logon script generation/execution tools. @@ -243,7 +237,9 @@ See <filename>examples</filename> directory <filename>genlogon</filename> and The following listings are from the genlogon directory. </para> + <para> +<indexterm><primary>genlogon.pl</primary></indexterm> This is the <filename>genlogon.pl</filename> file: <programlisting> @@ -252,8 +248,8 @@ This is the <filename>genlogon.pl</filename> file: # genlogon.pl # # Perl script to generate user logon scripts on the fly, when users - # connect from a Windows client. This script should be called from smb.conf - # with the %U, %G and %L parameters. I.e: + # connect from a Windows client. This script should be called from + # smb.conf with the %U, %G and %L parameters. I.e: # # root preexec = genlogon.pl %U %G %L # @@ -274,7 +270,8 @@ This is the <filename>genlogon.pl</filename> file: #($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time); ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time); open LOG, ">>/var/log/samba/netlogon.log"; - print LOG "$mon/$mday/$year $hour:$min:$sec - User $ARGV[0] logged into $ARGV[1]\n"; + print LOG "$mon/$mday/$year $hour:$min:$sec"; + print LOG " - User $ARGV[0] logged into $ARGV[1]\n"; close LOG; # Start generating logon script @@ -300,7 +297,7 @@ This is the <filename>genlogon.pl</filename> file: print LOGON "NET USE K: \\\\$ARGV[2]\\MKTING\r\n"; } - # Now connect Printers. We handle just two or three users a little + # Now connect Printers. We handle just two or three users a little # differently, because they are the exceptions that have desktop # printers on LPT1: - all other user's go to the LaserJet on the # server. @@ -322,40 +319,30 @@ This is the <filename>genlogon.pl</filename> file: </para> <para> -Those wishing to use more elaborate or capable logon processing system should check out the following sites: +Those wishing to use more elaborate or capable logon processing system should check out these sites: </para> -<simplelist> - <member><ulink url="http://www.craigelachie.org/rhacer/ntlogon">http://www.craigelachie.org/rhacer/ntlogon</ulink></member> - <member><ulink url="http://www.kixtart.org">http://www.kixtart.org</ulink></member> - <member><ulink url="http://support.microsoft.com/default.asp?scid=kb;en-us;189105">http://support.microsoft.com/default.asp?scid=kb;en-us;189105</ulink></member> -</simplelist> +<itemizedlist> + <listitem><ulink noescape="1" url="http://www.craigelachi.e.org/rhacer/ntlogon">http://www.craigelachi.e.org/rhacer/ntlogon</ulink></listitem> + <listitem><ulink noescape="1" url="http://www.kixtart.org">http://www.kixtart.org</ulink></listitem> +</itemizedlist> <sect2> -<title>Adding printers without user intervention</title> +<title>Adding Printers without User Intervention</title> + <para> +<indexterm><primary>rundll32</primary></indexterm> Printers may be added automatically during logon script processing through the use of: -<programlisting> - rundll32 printui.dll,PrintUIEntry /? -</programlisting> +<screen> +&dosprompt;<userinput>rundll32 printui.dll,PrintUIEntry /?</userinput> +</screen> -See the documentation in the <ulink url="http://support.microsoft.com/default.asp?scid=kb;en-us;189105">Microsoft knowledgebase article no: 189105</ulink>. +See the documentation in the <ulink url="http://support.microsoft.com/default.asp?scid=kb;en-us;189105">Microsoft knowledgebase article 189105.</ulink> </para> </sect2> </sect1> -<sect1> -<title>Common Errors</title> - -<para> -The information provided in this chapter has been reproduced from postings on the samba@samba.org -mailing list. No implied endorsement or recommendation is offered. Administrators should conduct -their own evaluation of alternatives and are encouraged to draw their own conclusions. -</para> - -</sect1> - </chapter> |