summaryrefslogtreecommitdiff
path: root/docs/docbook/projdoc
diff options
context:
space:
mode:
Diffstat (limited to 'docs/docbook/projdoc')
-rw-r--r--docs/docbook/projdoc/Compiling.sgml321
-rw-r--r--docs/docbook/projdoc/GroupProfiles.sgml289
2 files changed, 610 insertions, 0 deletions
diff --git a/docs/docbook/projdoc/Compiling.sgml b/docs/docbook/projdoc/Compiling.sgml
new file mode 100644
index 0000000000..49aafebec0
--- /dev/null
+++ b/docs/docbook/projdoc/Compiling.sgml
@@ -0,0 +1,321 @@
+<chapter id="compiling">
+<chapterinfo>
+ <author>
+ <affiliation>
+ <orgname>Samba Team</orgname>
+ </affiliation>
+ </author>
+
+ <pubdate> (22 May 2001) </pubdate>
+ <pubdate> 18 March 2003 </pubdate>
+</chapterinfo>
+
+<title>How to compile SAMBA</title>
+
+<para>You can obtain the samba source from the <ulink url="http://samba.org/">samba website</ulink>. To obtain a development version,
+you can download samba from CVS or using rsync. </para>
+
+<sect1>
+<title>Access Samba source code via CVS</title>
+
+<sect2>
+<title>Introduction</title>
+
+<para>
+Samba is developed in an open environment. Developers use CVS
+(Concurrent Versioning System) to "checkin" (also known as
+"commit") new source code. Samba's various CVS branches can
+be accessed via anonymous CVS using the instructions
+detailed in this chapter.
+</para>
+
+<para>
+This chapter is a modified version of the instructions found at
+<ulink url="http://samba.org/samba/cvs.html">http://samba.org/samba/cvs.html</ulink>
+</para>
+
+</sect2>
+
+<sect2>
+<title>CVS Access to samba.org</title>
+
+<para>
+The machine samba.org runs a publicly accessible CVS
+repository for access to the source code of several packages,
+including samba, rsync and jitterbug. There are two main ways of
+accessing the CVS server on this host.
+</para>
+
+<sect3>
+<title>Access via CVSweb</title>
+
+<para>
+You can access the source code via your
+favourite WWW browser. This allows you to access the contents of
+individual files in the repository and also to look at the revision
+history and commit logs of individual files. You can also ask for a diff
+listing between any two versions on the repository.
+</para>
+
+<para>
+Use the URL : <ulink
+url="http://samba.org/cgi-bin/cvsweb">http://samba.org/cgi-bin/cvsweb</ulink>
+</para>
+</sect3>
+
+<sect3>
+<title>Access via cvs</title>
+
+<para>
+You can also access the source code via a
+normal cvs client. This gives you much more control over you can
+do with the repository and allows you to checkout whole source trees
+and keep them up to date via normal cvs commands. This is the
+preferred method of access if you are a developer and not
+just a casual browser.
+</para>
+
+<para>
+To download the latest cvs source code, point your
+browser at the URL : <ulink url="http://www.cyclic.com/">http://www.cyclic.com/</ulink>.
+and click on the 'How to get cvs' link. CVS is free software under
+the GNU GPL (as is Samba). Note that there are several graphical CVS clients
+which provide a graphical interface to the sometimes mundane CVS commands.
+Links to theses clients are also available from http://www.cyclic.com.
+</para>
+
+<para>
+To gain access via anonymous cvs use the following steps.
+For this example it is assumed that you want a copy of the
+samba source code. For the other source code repositories
+on this system just substitute the correct package name
+</para>
+
+<orderedlist>
+<listitem>
+ <para>
+ Install a recent copy of cvs. All you really need is a
+ copy of the cvs client binary.
+ </para>
+</listitem>
+
+
+<listitem>
+ <para>
+ Run the command
+ </para>
+
+ <para>
+ <command>cvs -d :pserver:cvs@samba.org:/cvsroot login</command>
+ </para>
+
+ <para>
+ When it asks you for a password type <userinput>cvs</userinput>.
+ </para>
+</listitem>
+
+
+<listitem>
+ <para>
+ Run the command
+ </para>
+
+ <para>
+ <command>cvs -d :pserver:cvs@samba.org:/cvsroot co samba</command>
+ </para>
+
+ <para>
+ This will create a directory called samba containing the
+ latest samba source code (i.e. the HEAD tagged cvs branch). This
+ currently corresponds to the 3.0 development tree.
+ </para>
+
+ <para>
+ CVS branches other HEAD can be obtained by using the <parameter>-r</parameter>
+ and defining a tag name. A list of branch tag names can be found on the
+ "Development" page of the samba web site. A common request is to obtain the
+ latest 2.2 release code. This could be done by using the following command.
+ </para>
+
+ <para>
+ <command>cvs -d :pserver:cvs@samba.org:/cvsroot co -r SAMBA_2_2 samba</command>
+ </para>
+</listitem>
+
+<listitem>
+ <para>
+ Whenever you want to merge in the latest code changes use
+ the following command from within the samba directory:
+ </para>
+
+ <para>
+ <command>cvs update -d -P</command>
+ </para>
+</listitem>
+</orderedlist>
+
+</sect3>
+</sect2>
+
+</sect1>
+
+<sect1>
+ <title>Accessing the samba sources via rsync and ftp</title>
+
+ <para>
+ pserver.samba.org also exports unpacked copies of most parts of the CVS tree at <ulink url="ftp://pserver.samba.org/pub/unpacked">ftp://pserver.samba.org/pub/unpacked</ulink> and also via anonymous rsync at rsync://pserver.samba.org/ftp/unpacked/. I recommend using rsync rather than ftp.
+ See <ulink url="http://rsync.samba.org/">the rsync homepage</ulink> for more info on rsync.
+ </para>
+
+ <para>
+ The disadvantage of the unpacked trees
+ is that they do not support automatic
+ merging of local changes like CVS does.
+ rsync access is most convenient for an
+ initial install.
+ </para>
+</sect1>
+
+<sect1>
+ <title>Building the Binaries</title>
+
+ <para>To do this, first run the program <command>./configure
+ </command> in the source directory. This should automatically
+ configure Samba for your operating system. If you have unusual
+ needs then you may wish to run</para>
+
+ <para><prompt>root# </prompt><userinput>./configure --help
+ </userinput></para>
+
+ <para>first to see what special options you can enable.
+ Then executing</para>
+
+ <para><prompt>root# </prompt><userinput>make</userinput></para>
+
+ <para>will create the binaries. Once it's successfully
+ compiled you can use </para>
+
+ <para><prompt>root# </prompt><userinput>make install</userinput></para>
+
+ <para>to install the binaries and manual pages. You can
+ separately install the binaries and/or man pages using</para>
+
+ <para><prompt>root# </prompt><userinput>make installbin
+ </userinput></para>
+
+ <para>and</para>
+
+ <para><prompt>root# </prompt><userinput>make installman
+ </userinput></para>
+
+ <para>Note that if you are upgrading for a previous version
+ of Samba you might like to know that the old versions of
+ the binaries will be renamed with a ".old" extension. You
+ can go back to the previous version with</para>
+
+ <para><prompt>root# </prompt><userinput>make revert
+ </userinput></para>
+
+ <para>if you find this version a disaster!</para>
+</sect1>
+
+<sect1>
+ <title>Starting the smbd and nmbd</title>
+
+ <para>You must choose to start smbd and nmbd either
+ as daemons or from <command>inetd</command>. Don't try
+ to do both! Either you can put them in <filename>
+ inetd.conf</filename> and have them started on demand
+ by <command>inetd</command>, or you can start them as
+ daemons either from the command line or in <filename>
+ /etc/rc.local</filename>. See the man pages for details
+ on the command line options. Take particular care to read
+ the bit about what user you need to be in order to start
+ Samba. In many cases you must be root.</para>
+
+ <para>The main advantage of starting <command>smbd</command>
+ and <command>nmbd</command> using the recommended daemon method
+ is that they will respond slightly more quickly to an initial connection
+ request.</para>
+
+ <sect2>
+ <title>Starting from inetd.conf</title>
+
+ <para>NOTE; The following will be different if
+ you use NIS, NIS+ or LDAP to distribute services maps.</para>
+
+ <para>Look at your <filename>/etc/services</filename>.
+ What is defined at port 139/tcp. If nothing is defined
+ then add a line like this:</para>
+
+ <para><userinput>netbios-ssn 139/tcp</userinput></para>
+
+ <para>similarly for 137/udp you should have an entry like:</para>
+
+ <para><userinput>netbios-ns 137/udp</userinput></para>
+
+ <para>Next edit your <filename>/etc/inetd.conf</filename>
+ and add two lines something like this:</para>
+
+ <para><programlisting>
+ netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd smbd
+ netbios-ns dgram udp wait root /usr/local/samba/bin/nmbd nmbd
+ </programlisting></para>
+
+ <para>The exact syntax of <filename>/etc/inetd.conf</filename>
+ varies between unixes. Look at the other entries in inetd.conf
+ for a guide.</para>
+
+ <para>NOTE: Some unixes already have entries like netbios_ns
+ (note the underscore) in <filename>/etc/services</filename>.
+ You must either edit <filename>/etc/services</filename> or
+ <filename>/etc/inetd.conf</filename> to make them consistent.</para>
+
+ <para>NOTE: On many systems you may need to use the
+ "interfaces" option in smb.conf to specify the IP address
+ and netmask of your interfaces. Run <command>ifconfig</command>
+ as root if you don't know what the broadcast is for your
+ net. <command>nmbd</command> tries to determine it at run
+ time, but fails on some unixes. See the section on "testing nmbd"
+ for a method of finding if you need to do this.</para>
+
+ <para>!!!WARNING!!! Many unixes only accept around 5
+ parameters on the command line in <filename>inetd.conf</filename>.
+ This means you shouldn't use spaces between the options and
+ arguments, or you should use a script, and start the script
+ from <command>inetd</command>.</para>
+
+ <para>Restart <command>inetd</command>, perhaps just send
+ it a HUP. If you have installed an earlier version of <command>
+ nmbd</command> then you may need to kill nmbd as well.</para>
+ </sect2>
+
+ <sect2>
+ <title>Alternative: starting it as a daemon</title>
+
+ <para>To start the server as a daemon you should create
+ a script something like this one, perhaps calling
+ it <filename>startsmb</filename>.</para>
+
+ <para><programlisting>
+ #!/bin/sh
+ /usr/local/samba/bin/smbd -D
+ /usr/local/samba/bin/nmbd -D
+ </programlisting></para>
+
+ <para>then make it executable with <command>chmod
+ +x startsmb</command></para>
+
+ <para>You can then run <command>startsmb</command> by
+ hand or execute it from <filename>/etc/rc.local</filename>
+ </para>
+
+ <para>To kill it send a kill signal to the processes
+ <command>nmbd</command> and <command>smbd</command>.</para>
+
+ <para>NOTE: If you use the SVR4 style init system then
+ you may like to look at the <filename>examples/svr4-startup</filename>
+ script to make Samba fit into that system.</para>
+ </sect2>
+</sect1>
+</chapter>
diff --git a/docs/docbook/projdoc/GroupProfiles.sgml b/docs/docbook/projdoc/GroupProfiles.sgml
new file mode 100644
index 0000000000..8bdf98059a
--- /dev/null
+++ b/docs/docbook/projdoc/GroupProfiles.sgml
@@ -0,0 +1,289 @@
+<chapter id="GroupProfiles">
+<chapterinfo>
+ <author>
+ <firstname>John</firstname><surname>Terpstra</surname>
+ </author>
+ <author>
+ <firstname>Jelmer</firstname><surname>Vernooij</surname>
+ </author>
+ <author>
+ <firstname>John</firstname><surname>Russell</surname>
+ <affiliation>
+ <address><email>apca72@dsl.pipex.com</email></address>
+ </affiliation>
+ </author>
+</chapterinfo>
+
+<title>Creating Group Prolicy Files</title>
+
+<sect1>
+<title>Windows '9x</title>
+<para>
+You need the Win98 Group Policy Editor to
+set Group Profiles up under Windows '9x. It can be found on the Original
+full product Win98 installation CD under
+<filename>tools/reskit/netadmin/poledit</filename>. You install this
+using the Add/Remove Programs facility and then click on the 'Have Disk'
+tab.
+</para>
+
+<para>
+Use the Group Policy Editor to create a policy file that specifies the
+location of user profiles and/or the <filename>My Documents</filename> etc.
+stuff. You then save these settings in a file called
+<filename>Config.POL</filename> that needs to be placed in
+the root of the [NETLOGON] share. If your Win98 is configured to log onto
+the Samba Domain, it will automatically read this file and update the
+Win9x/Me registry of the machine that is logging on.
+</para>
+
+<para>
+All of this is covered in the Win98 Resource Kit documentation.
+</para>
+
+<para>
+If you do not do it this way, then every so often Win9x/Me will check the
+integrity of the registry and will restore it's settings from the back-up
+copy of the registry it stores on each Win9x/Me machine. Hence, you will
+occasionally notice things changing back to the original settings.
+</para>
+
+<para>
+The following all refers to Windows NT/200x profile migration - not to policies.
+We need a separate section on policies (NTConfig.Pol) for NT4/200x.
+</para>
+</sect1>
+
+<sect1>
+<title>Windows NT 4</title>
+
+<para>
+Unfortunately, the Resource Kit info is Win NT4 or 200x specific.
+</para>
+
+<para>
+Here is a quick guide:
+</para>
+
+<itemizedlist>
+
+<listitem><para>
+On your NT4 Domain Controller, right click on 'My Computer', then
+select the tab labelled 'User Profiles'.
+</para></listitem>
+
+<listitem><para>
+Select a user profile you want to migrate and click on it.
+</para>
+
+<note><para>I am using the term &quot;migrate&quot; lossely. You can copy a profile to
+create a group profile. You can give the user 'Everyone' rights to the
+profile you copy this to. That is what you need to do, since your samba
+domain is not a member of a trust relationship with your NT4 PDC.</para></note>
+</listitem>
+
+<listitem><para>Click the 'Copy To' button.</para></listitem>
+
+<listitem><para>In the box labelled 'Copy Profile to' add your new path, eg:
+<filename>c:\temp\foobar</filename></para></listitem>
+
+<listitem><para>Click on the button labelled 'Change' in the "Permitted to use" box.</para></listitem>
+
+<listitem><para>Click on the group 'Everyone' and then click OK. This closes the
+'chose user' box.</para></listitem>
+
+<listitem><para>Now click OK.</para></listitem>
+</itemizedlist>
+
+<para>
+Follow the above for every profile you need to migrate.
+</para>
+
+<sect2>
+<title>Side bar Notes</title>
+
+<para>
+You should obtain the SID of your NT4 domain. You can use smbpasswd to do
+this. Read the man page.</para>
+
+<para>
+With Samba-3.0.0 alpha code you can import all you NT4 domain accounts
+using the net samsync method. This way you can retain your profile
+settings as well as all your users.
+</para>
+
+</sect2>
+
+<sect2>
+<title>Mandatory profiles</title>
+
+<para>
+The above method can be used to create mandatory profiles also. To convert
+a group profile into a mandatory profile simply locate the NTUser.DAT file
+in the copied profile and rename it to NTUser.MAN.
+</para>
+
+</sect2>
+
+<sect2>
+<title>moveuser.exe</title>
+
+<para>
+The W2K professional resource kit has moveuser.exe. moveuser.exe changes
+the security of a profile from one user to another. This allows the account
+domain to change, and/or the user name to change.
+</para>
+
+</sect2>
+
+<sect2>
+<title>Get SID</title>
+
+<para>
+You can identify the SID by using GetSID.exe from the Windows NT Server 4.0
+Resource Kit.
+</para>
+
+<para>
+Windows NT 4.0 stores the local profile information in the registry under
+the following key:
+HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
+</para>
+
+<para>
+Under the ProfileList key, there will be subkeys named with the SIDs of the
+users who have logged on to this computer. (To find the profile information
+for the user whose locally cached profile you want to move, find the SID for
+the user with the GetSID.exe utility.) Inside of the appropriate user's
+subkey, you will see a string value named ProfileImagePath.
+</para>
+
+</sect2>
+
+</sect1>
+
+<sect1>
+<title>Windows 2000/XP</title>
+
+<para>
+You must first convert the profile from a local profile to a domain
+profile on the MS Windows workstation as follows:
+</para>
+
+<itemizedlist>
+<listitem><para>
+Log on as the LOCAL workstation administrator.
+</para></listitem>
+
+<listitem><para>
+Right click on the 'My Computer' Icon, select 'Properties'
+</para></listitem>
+
+<listitem><para>
+Click on the 'User Profiles' tab
+</para></listitem>
+
+<listitem><para>
+Select the profile you wish to convert (click on it once)
+</para></listitem>
+
+<listitem><para>
+Click on the button 'Copy To'
+</para></listitem>
+
+<listitem><para>
+In the "Permitted to use" box, click on the 'Change' button.
+</para></listitem>
+
+<listitem><para>
+Click on the 'Look in" area that lists the machine name, when you click
+here it will open up a selection box. Click on the domain to which the
+profile must be accessible.
+</para>
+
+<note><para>You will need to log on if a logon box opens up. Eg: In the connect
+as: MIDEARTH\root, password: mypassword.</para></note>
+</listitem>
+
+<listitem><para>
+To make the profile capable of being used by anyone select 'Everyone'
+</para></listitem>
+
+<listitem><para>
+Click OK. The Selection box will close.
+</para></listitem>
+
+<listitem><para>
+Now click on the 'Ok' button to create the profile in the path you
+nominated.
+</para></listitem>
+</itemizedlist>
+
+<para>
+Done. You now have a profile that can be editted using the samba-3.0.0
+profiles tool.
+</para>
+
+<note>
+<para>
+Under NT/2K the use of mandotory profiles forces the use of MS Exchange
+storage of mail data. That keeps desktop profiles usable.
+</para>
+</note>
+
+<note>
+<itemizedlist>
+<listitem><para>
+This is a security check new to Windows XP (or maybe only
+Windows XP service pack 1). It can be disabled via a group policy in
+Active Directory. The policy is:</para>
+
+<para>"Computer Configuration\Administrative Templates\System\User
+Profiles\Do not check for user ownership of Roaming Profile Folders"</para>
+
+<para>...and it should be set to "Enabled".
+Does the new version of samba have an Active Directory analogue? If so,
+then you may be able to set the policy through this.
+</para>
+
+<para>
+If you cannot set group policies in samba, then you may be able to set
+the policy locally on each machine. If you want to try this, then do
+the following (N.B. I don't know for sure that this will work in the
+same way as a domain group policy):
+</para>
+
+</listitem>
+
+<listitem><para>
+On the XP workstation log in with an Administrator account.
+</para></listitem>
+
+<listitem><para>Click: "Start", "Run"</para></listitem>
+<listitem><para>Type: "mmc"</para></listitem>
+<listitem><para>Click: "OK"</para></listitem>
+
+<listitem><para>A Microsoft Management Console should appear.</para></listitem>
+<listitem><para>Click: File, "Add/Remove Snap-in...", "Add"</para></listitem>
+<listitem><para>Double-Click: "Group Policy"</para></listitem>
+<listitem><para>Click: "Finish", "Close"</para></listitem>
+<listitem><para>Click: "OK"</para></listitem>
+
+<listitem><para>In the "Console Root" window:</para></listitem>
+<listitem><para>Expand: "Local Computer Policy", "Computer Configuration",</para></listitem>
+<listitem><para>"Administrative Templates", "System", "User Profiles"</para></listitem>
+<listitem><para>Double-Click: "Do not check for user ownership of Roaming Profile</para></listitem>
+<listitem><para>Folders"</para></listitem>
+<listitem><para>Select: "Enabled"</para></listitem>
+<listitem><para>Click: OK"</para></listitem>
+
+<listitem><para>Close the whole console. You do not need to save the settings (this
+refers to the console settings rather than the policies you have
+changed).</para></listitem>
+
+<listitem><para>Reboot</para></listitem>
+</itemizedlist>
+</note>
+
+</sect1>
+</chapter>