summaryrefslogtreecommitdiff
path: root/docs/htmldocs/integrate-ms-networks.html
diff options
context:
space:
mode:
Diffstat (limited to 'docs/htmldocs/integrate-ms-networks.html')
-rw-r--r--docs/htmldocs/integrate-ms-networks.html147
1 files changed, 59 insertions, 88 deletions
diff --git a/docs/htmldocs/integrate-ms-networks.html b/docs/htmldocs/integrate-ms-networks.html
index 984f849f71..ad6aa9e225 100644
--- a/docs/htmldocs/integrate-ms-networks.html
+++ b/docs/htmldocs/integrate-ms-networks.html
@@ -5,7 +5,8 @@
>Integrating MS Windows networks with Samba</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
+CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
+"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
@@ -72,17 +73,13 @@ WIDTH="100%"></DIV
CLASS="CHAPTER"
><H1
><A
-NAME="INTEGRATE-MS-NETWORKS"
-></A
->Chapter 10. Integrating MS Windows networks with Samba</H1
+NAME="INTEGRATE-MS-NETWORKS">Chapter 10. Integrating MS Windows networks with Samba</H1
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
-NAME="AEN1517"
->10.1. Agenda</A
-></H1
+NAME="AEN1374">10.1. Agenda</H1
><P
>To identify the key functional mechanisms of MS Windows networking
to enable the deployment of Samba as a means of extending and/or
@@ -147,9 +144,7 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
-NAME="AEN1539"
->10.2. Name Resolution in a pure Unix/Linux world</A
-></H1
+NAME="AEN1396">10.2. Name Resolution in a pure Unix/Linux world</H1
><P
>The key configuration files covered in this section are:</P
><P
@@ -189,11 +184,9 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1555"
->10.2.1. <TT
+NAME="AEN1412">10.2.1. <TT
CLASS="FILENAME"
>/etc/hosts</TT
-></A
></H2
><P
>Contains a static list of IP Addresses and names.
@@ -270,11 +263,9 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1571"
->10.2.2. <TT
+NAME="AEN1428">10.2.2. <TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
-></A
></H2
><P
>This file tells the name resolution libraries:</P
@@ -308,11 +299,9 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1582"
->10.2.3. <TT
+NAME="AEN1439">10.2.3. <TT
CLASS="FILENAME"
>/etc/host.conf</TT
-></A
></H2
><P
><TT
@@ -337,11 +326,9 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1590"
->10.2.4. <TT
+NAME="AEN1447">10.2.4. <TT
CLASS="FILENAME"
>/etc/nsswitch.conf</TT
-></A
></H2
><P
>This file controls the actual name resolution targets. The
@@ -406,9 +393,7 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
-NAME="AEN1602"
->10.3. Name resolution as used within MS Windows networking</A
-></H1
+NAME="AEN1459">10.3. Name resolution as used within MS Windows networking</H1
><P
>MS Windows networking is predicated about the name each machine
is given. This name is known variously (and inconsistently) as
@@ -491,9 +476,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1614"
->10.3.1. The NetBIOS Name Cache</A
-></H2
+NAME="AEN1471">10.3.1. The NetBIOS Name Cache</H2
><P
>All MS Windows machines employ an in memory buffer in which is
stored the NetBIOS names and IP addresses for all external
@@ -518,9 +501,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1619"
->10.3.2. The LMHOSTS file</A
-></H2
+NAME="AEN1476">10.3.2. The LMHOSTS file</H2
><P
>This file is usually located in MS Windows NT 4.0 or
2000 in <TT
@@ -555,8 +536,8 @@ CLASS="PROGRAMLISTING"
# files and offers the following extensions:
#
# #PRE
- # #DOM:&#60;domain&#62;
- # #INCLUDE &#60;filename&#62;
+ # #DOM:&lt;domain&gt;
+ # #INCLUDE &lt;filename&gt;
# #BEGIN_ALTERNATE
# #END_ALTERNATE
# \0xnn (non-printing character support)
@@ -565,16 +546,16 @@ CLASS="PROGRAMLISTING"
# the entry to be preloaded into the name cache. By default, entries are
# not preloaded, but are parsed only after dynamic name resolution fails.
#
- # Following an entry with the "#DOM:&#60;domain&#62;" tag will associate the
- # entry with the domain specified by &#60;domain&#62;. This affects how the
+ # Following an entry with the "#DOM:&lt;domain&gt;" tag will associate the
+ # entry with the domain specified by &lt;domain&gt;. This affects how the
# browser and logon services behave in TCP/IP environments. To preload
# the host name associated with #DOM entry, it is necessary to also add a
- # #PRE to the line. The &#60;domain&#62; is always preloaded although it will not
+ # #PRE to the line. The &lt;domain&gt; is always preloaded although it will not
# be shown when the name cache is viewed.
#
- # Specifying "#INCLUDE &#60;filename&#62;" will force the RFC NetBIOS (NBT)
- # software to seek the specified &#60;filename&#62; and parse it as if it were
- # local. &#60;filename&#62; is generally a UNC-based name, allowing a
+ # Specifying "#INCLUDE &lt;filename&gt;" will force the RFC NetBIOS (NBT)
+ # software to seek the specified &lt;filename&gt; and parse it as if it were
+ # local. &lt;filename&gt; is generally a UNC-based name, allowing a
# centralized lmhosts file to be maintained on a server.
# It is ALWAYS necessary to provide a mapping for the IP address of the
# server prior to the #INCLUDE. This mapping must use the #PRE directive.
@@ -621,9 +602,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1627"
->10.3.3. HOSTS file</A
-></H2
+NAME="AEN1484">10.3.3. HOSTS file</H2
><P
>This file is usually located in MS Windows NT 4.0 or 2000 in
<TT
@@ -643,9 +622,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1632"
->10.3.4. DNS Lookup</A
-></H2
+NAME="AEN1489">10.3.4. DNS Lookup</H2
><P
>This capability is configured in the TCP/IP setup area in the network
configuration facility. If enabled an elaborate name resolution sequence
@@ -663,9 +640,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1635"
->10.3.5. WINS Lookup</A
-></H2
+NAME="AEN1492">10.3.5. WINS Lookup</H2
><P
>A WINS (Windows Internet Name Server) service is the equivaent of the
rfc1001/1002 specified NBNS (NetBIOS Name Server). A WINS server stores
@@ -692,9 +667,11 @@ CLASS="PROGRAMLISTING"
wins server = xxx.xxx.xxx.xxx</PRE
></P
><P
->where <VAR
+>where <TT
CLASS="REPLACEABLE"
->xxx.xxx.xxx.xxx</VAR
+><I
+>xxx.xxx.xxx.xxx</I
+></TT
> is the IP address
of the WINS server.</P
></DIV
@@ -704,10 +681,8 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
-NAME="AEN1647"
->10.4. How browsing functions and how to deploy stable and
-dependable browsing using Samba</A
-></H1
+NAME="AEN1504">10.4. How browsing functions and how to deploy stable and
+dependable browsing using Samba</H1
><P
>As stated above, MS Windows machines register their NetBIOS names
(i.e.: the machine name for each service type in operation) on start
@@ -771,10 +746,8 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
-NAME="AEN1657"
->10.5. MS Windows security options and how to configure
-Samba for seemless integration</A
-></H1
+NAME="AEN1514">10.5. MS Windows security options and how to configure
+Samba for seemless integration</H1
><P
>MS Windows clients may use encrypted passwords as part of a
challenege/response authentication model (a.k.a. NTLMv1) or
@@ -843,35 +816,43 @@ CLASS="PROGRAMLISTING"
HREF="smb.conf.5.html#PASSWORDLEVEL"
TARGET="_top"
>passsword level</A
-> = <VAR
+> = <TT
CLASS="REPLACEABLE"
->integer</VAR
+><I
+>integer</I
+></TT
>
<A
HREF="smb.conf.5.html#USERNAMELEVEL"
TARGET="_top"
>username level</A
-> = <VAR
+> = <TT
CLASS="REPLACEABLE"
->integer</VAR
+><I
+>integer</I
+></TT
></PRE
></P
><P
>By default Samba will lower case the username before attempting
to lookup the user in the database of local system accounts.
Because UNIX usernames conventionally only contain lower case
-character, the <VAR
+character, the <TT
CLASS="PARAMETER"
->username level</VAR
+><I
+>username level</I
+></TT
> parameter
is rarely even needed.</P
><P
>However, password on UNIX systems often make use of mixed case
characters. This means that in order for a user on a Windows 9x
client to connect to a Samba server using clear text authentication,
-the <VAR
+the <TT
CLASS="PARAMETER"
->password level</VAR
+><I
+>password level</I
+></TT
> must be set to the maximum
number of upper case letter which <SPAN
CLASS="emphasis"
@@ -881,9 +862,11 @@ CLASS="EMPHASIS"
></SPAN
> appear
is a password. Note that is the server OS uses the traditional
-DES version of crypt(), then a <VAR
+DES version of crypt(), then a <TT
CLASS="PARAMETER"
->password level</VAR
+><I
+>password level</I
+></TT
>
of 8 will result in case insensitive passwords as seen from Windows
users. This will also result in longer login times as Samba
@@ -898,9 +881,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1685"
->10.5.1. Use MS Windows NT as an authentication server</A
-></H2
+NAME="AEN1542">10.5.1. Use MS Windows NT as an authentication server</H2
><P
>This method involves the additions of the following parameters
in the smb.conf file:</P
@@ -934,9 +915,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1693"
->10.5.2. Make Samba a member of an MS Windows NT security domain</A
-></H2
+NAME="AEN1550">10.5.2. Make Samba a member of an MS Windows NT security domain</H2
><P
>This method involves additon of the following paramters in the smb.conf file:</P
><P
@@ -997,9 +976,7 @@ CLASS="SECT2"
><H2
CLASS="SECT2"
><A
-NAME="AEN1710"
->10.5.3. Configure Samba as an authentication server</A
-></H2
+NAME="AEN1567">10.5.3. Configure Samba as an authentication server</H2
><P
>This mode of authentication demands that there be on the
Unix/Linux system both a Unix style account as well as an
@@ -1034,9 +1011,7 @@ CLASS="SECT3"
><H3
CLASS="SECT3"
><A
-NAME="AEN1717"
->10.5.3.1. Users</A
-></H3
+NAME="AEN1574">10.5.3.1. Users</H3
><P
>A user account that may provide a home directory should be
created. The following Linux system commands are typical of
@@ -1046,10 +1021,10 @@ the procedure for creating an account.</P
CLASS="PROGRAMLISTING"
> # useradd -s /bin/bash -d /home/"userid" -m "userid"
# passwd "userid"
- Enter Password: &#60;pw&#62;
+ Enter Password: &lt;pw&gt;
# smbpasswd -a "userid"
- Enter Password: &#60;pw&#62;</PRE
+ Enter Password: &lt;pw&gt;</PRE
></P
></DIV
><DIV
@@ -1057,9 +1032,7 @@ CLASS="SECT3"
><H3
CLASS="SECT3"
><A
-NAME="AEN1722"
->10.5.3.2. MS Windows NT Machine Accounts</A
-></H3
+NAME="AEN1579">10.5.3.2. MS Windows NT Machine Accounts</H3
><P
>These are required only when Samba is used as a domain
controller. Refer to the Samba-PDC-HOWTO for more details.</P
@@ -1078,9 +1051,7 @@ CLASS="SECT1"
><H1
CLASS="SECT1"
><A
-NAME="AEN1727"
->10.6. Conclusions</A
-></H1
+NAME="AEN1584">10.6. Conclusions</H1
><P
>Samba provides a flexible means to operate as...</P
><P