From ff4c419b02f1ea3bc786dc54380ba9d70594bbc4 Mon Sep 17 00:00:00 2001 From: John Terpstra Date: Thu, 10 Mar 2005 09:16:22 +0000 Subject: More fixups. Sheesh, where is that feedback? (This used to be commit 595ea2eb6330ffae687a32e06b413d81c50c90f9) --- docs/Samba-Guide/Chap06-MakingHappyUsers.xml | 125 ++++++++++++++++----------- docs/Samba-Guide/Chap08-MigrateNT4Samba3.xml | 12 +-- docs/Samba-Guide/preface.xml | 5 ++ 3 files changed, 84 insertions(+), 58 deletions(-) diff --git a/docs/Samba-Guide/Chap06-MakingHappyUsers.xml b/docs/Samba-Guide/Chap06-MakingHappyUsers.xml index 8ceefa2c63..8b2c38175c 100644 --- a/docs/Samba-Guide/Chap06-MakingHappyUsers.xml +++ b/docs/Samba-Guide/Chap06-MakingHappyUsers.xml @@ -23,6 +23,20 @@ may occur: + +Notice: A significant number of network administrators have responded to the guidance given +below. It should be noted that there are sites that have a single PDC for many hundreds of +concurrent network clients. Network bandwidth, network bandwidth utilization, and server load +are among the factors that will determine the maximum number of Windows clients that +can be served by a single domain controller (PDC or BDC) on a network segment. It is possible +to operate with only a single PDC over a routed network. What is possible is not necessarily +best practice. When Windows client network logons begin to fail with +the message that the domain controller can not be found, or that the user account can not +be found (when you know it exists), that may be an indication that the DC is overloaded or +network bandwidth is overloaded. The guidance given in respect of PDC/BDC ratio to Windows +clients is conservative and if followed will minimize problems - but it is not absolute. + + Users experiencing difficulty logging onto the network @@ -258,8 +272,6 @@ - - Assignment Tasks @@ -1068,7 +1080,7 @@ verify that the versions you are about to use are matching. SUSE Linux 8.x SUSE Linux 9.x - Red Hat Linux 9 + Red Hat Linux @@ -1092,26 +1104,6 @@ verify that the versions you are about to use are matching. openldap2-client - - - openldap2-back-perl - - - - - openldap2-back-monitor - - - - - openldap2-back-ldap - - - - - openldap2-back-meta - - @@ -1551,7 +1543,8 @@ Setting stored password for "cn=Manager,dc=abmas,dc=biz" in secrets.tdb been written to the secrets.tdb or to the LDAP backend: [2005/03/03 23:19:34, 0] lib/smbldap.c:smbldap_connect_system(852) - failed to bind to server ldap://massive.abmas.biz with dn="cn=Manager,dc=abmas,dc=biz" Error: Can't contact LDAP server + failed to bind to server ldap://massive.abmas.biz +with dn="cn=Manager,dc=abmas,dc=biz" Error: Can't contact LDAP server (unknown) [2005/03/03 23:19:48, 0] lib/smbldap.c:smbldap_search_suffix(1169) smbldap_search_suffix: Problem during the LDAP search: (unknown) (Timed out) @@ -1873,8 +1866,10 @@ Before starting, check Looking for configuration files... Samba Config File Location [/etc/samba/smb.conf] > -smbldap Config file Location (global parameters) [/etc/smbldap-tools/smbldap.conf] > -smbldap Config file Location (bind parameters) [/etc/smbldap-tools/smbldap_bind.conf] > +smbldap Config file Location (global parameters) + [/etc/smbldap-tools/smbldap.conf] > +smbldap Config file Location (bind parameters) + [/etc/smbldap-tools/smbldap_bind.conf] > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Let's start configuring the smbldap-tools scripts ... @@ -1882,15 +1877,21 @@ Let's start configuring the smbldap-tools scripts ... workgroup name [MEGANET2] > . netbios name: netbios name of the samba controler netbios name [MASSIVE] > -. logon drive: local path to which the home directory will be connected (for NT Workstations). Ex: 'H:' +. logon drive: local path to which the home directory + will be connected (for NT Workstations). Ex: 'H:' logon drive [X:] > . logon home: home directory location (for Win95/98 or NT Workstation). (use %U as username) Ex:'\\MASSIVE\home\%U' - logon home (leave blank if you don't want homeDirectory) [\\MASSIVE\home\%U] > \\MASSIVE\%U -. logon path: directory where roaming profiles are stored. Ex:'\\MASSIVE\profiles\%U' - logon path (leave blank if you don't want roaming profile) [\\MASSIVE\profiles\%U] > -. home directory prefix (use %U as username) [/home/%U] > /home/users/%U -. default user netlogon script (use %U as username) [%U.cmd] > scripts\login.cmd + logon home (leave blank if you don't want homeDirectory) + [\\MASSIVE\home\%U] > \\MASSIVE\%U +. logon path: directory where roaming profiles are stored. + Ex:'\\MASSIVE\profiles\%U' + logon path (leave blank if you don't want roaming profile) + [\\MASSIVE\profiles\%U] > +. home directory prefix (use %U as username) + [/home/%U] > /home/users/%U +. default user netlogon script (use %U as username) + [%U.cmd] > scripts\login.cmd default password validation time (time in days) [45] > 0 . ldap suffix [dc=abmas,dc=biz] > . ldap group suffix [ou=Groups] > @@ -1900,37 +1901,52 @@ Let's start configuring the smbldap-tools scripts ... . sambaUnixIdPooldn: object where you want to store the next uidNumber and gidNumber available for new users and groups sambaUnixIdPooldn object (relative to ${suffix}) [cn=NextFreeUnixId] > -. ldap master server: IP adress or DNS name of the master (writable) ldap server -Use of uninitialized value in scalar chomp at ./configure.pl line 138, <STDIN> line 17. -Use of uninitialized value in hash element at ./configure.pl line 140, <STDIN> line 17. -Use of uninitialized value in concatenation (.) or string at ./configure.pl line 144, <STDIN> line 17. -Use of uninitialized value in string at ./configure.pl line 145, <STDIN> line 17. +. ldap master server: IP adress or DNS name + of the master (writable) ldap server +Use of uninitialized value in scalar chomp at ./configure.pl + line 138, <STDIN> line 17. +Use of uninitialized value in hash element at ./configure.pl + line 140, <STDIN> line 17. +Use of uninitialized value in concatenation (.) or string at + ./configure.pl line 144, <STDIN> line 17. +Use of uninitialized value in string at ./configure.pl + line 145, <STDIN> line 17. ldap master server [] > 127.0.0.1 . ldap master port [389] > . ldap master bind dn [cn=Manager,dc=abmas,dc=biz] > . ldap master bind password [] > -. ldap slave server: IP adress or DNS name of the slave ldap server: can also be the master one -Use of uninitialized value in scalar chomp at ./configure.pl line 138, <STDIN> line 21. -Use of uninitialized value in hash element at ./configure.pl line 140, <STDIN> line 21. -Use of uninitialized value in concatenation (.) or string at ./configure.pl line 144, <STDIN> line 21. -Use of uninitialized value in string at ./configure.pl line 145, <STDIN> line 21. +. ldap slave server: IP adress or DNS name of the slave + ldap server: can also be the master one +Use of uninitialized value in scalar chomp at ./configure.pl + line 138, <STDIN> line 21. +Use of uninitialized value in hash element at ./configure.pl + line 140, <STDIN> line 21. +Use of uninitialized value in concatenation (.) or string at + ./configure.pl line 144, <STDIN> line 21. +Use of uninitialized value in string at ./configure.pl line 145, + <STDIN> line 21. ldap slave server [] > 127.0.0.1 . ldap slave port [389] > . ldap slave bind dn [cn=Manager,dc=abmas,dc=biz] > . ldap slave bind password [] > . ldap tls support (1/0) [0] > -. SID for domain MEGANET2: SID of the domain (can be obtained with 'net getlocalsid MASSIVE') - SID for domain MEGANET2 [S-1-5-21-3504140859-1010554828-2431957765] > +. SID for domain MEGANET2: SID of the domain + (can be obtained with 'net getlocalsid MASSIVE') + SID for domain MEGANET2 + [S-1-5-21-3504140859-1010554828-2431957765] > . unix password encryption: encryption used for unix passwords - unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA) [SSHA] > MD5 + unix password encryption + (CRYPT, MD5, SMD5, SSHA, SHA) [SSHA] > MD5 . default user gidNumber [513] > . default computer gidNumber [515] > . default login shell [/bin/bash] > . default domain name to append to mail adress [] > abmas.biz -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= backup old configuration files: - /etc/smbldap-tools/smbldap.conf->etc/smbldap-tools/smbldap.conf.old - /etc/smbldap-tools/smbldap_bind.conf->etc/smbldap-tools/smbldap_bind.conf.old + /etc/smbldap-tools/smbldap.conf-> + etc/smbldap-tools/smbldap.conf.old + /etc/smbldap-tools/smbldap_bind.conf-> + etc/smbldap-tools/smbldap_bind.conf.old writing new configuration file: /etc/smbldap-tools/smbldap.conf done. /etc/smbldap-tools/smbldap_bind.conf done. @@ -2507,13 +2523,18 @@ PIOps (S-1-5-21-3504140859-1010554828-2431957765-3005) -> PIOps The next step might seem a little odd at this point, but take note that you are about to start winbindd which must be able to authenticate to the PDC via the - localhost interface. This requires a Domain account for the PDC. This account can be + localhost interface with the smbd process. This account can be easily created by joining the PDC to the Domain by executing the following command: &rootprompt; net rpc join -U root%not24get + + Note: Before executing this command on the PDC both nmbd and + smbd must be started so that the net command + can communicate with smbd. The expected output is: + Joined domain MEGANET2. - This indicates that the Domain security account for the BDC has been correctly created. + This indicates that the Domain security account for the PDC has been correctly created. @@ -2622,7 +2643,8 @@ smb: \> q Only on the server to which the printer is attached, configure the CUPS Print Queues as follows: -&rootprompt; lpadmin -p printque -v socket://printer-name.abmas.biz:9100 -E +&rootprompt; lpadmin -p printque + -v socket://printer-name.abmas.biz:9100 -E print filter This step creates the necessary print queue to use no assigned print filter. This @@ -2870,8 +2892,7 @@ PIOps (S-1-5-21-3504140859-1010554828-2431957765-3005) -> PIOps Your new BLDG1, BLDG2 servers do not have home directories for users. - To rectify this using the SUSE yast2 utility or by manually - editing the /etc/fstab + To rectify this using the SUSE yast2 utility or by manually editing the /etc/fstab file, add a mount entry to mount the home directory that has been exported from the MASSIVE server. Mount this resource before proceeding. An alternate approach could be to create local home directories for users who are to use these machines. diff --git a/docs/Samba-Guide/Chap08-MigrateNT4Samba3.xml b/docs/Samba-Guide/Chap08-MigrateNT4Samba3.xml index 17796da032..dc7609ef59 100644 --- a/docs/Samba-Guide/Chap08-MigrateNT4Samba3.xml +++ b/docs/Samba-Guide/Chap08-MigrateNT4Samba3.xml @@ -365,32 +365,32 @@ Add User Accounts - smbldap-useradd.pl + smbldap-useradd useradd Delete User Accounts - smbldap-userdel.pl + smbldap-userdel userdel Add Group Accounts - smbldap-groupadd.pl + smbldap-groupadd groupadd Delete Group Accounts - smbldap-groupdel.pl + smbldap-groupdel groupdel Add User to Group - smbldap-groupmod.pl + smbldap-groupmod usermod (See Note) Add Machine Accounts - smbldap-useradd.pl + smbldap-useradd useradd diff --git a/docs/Samba-Guide/preface.xml b/docs/Samba-Guide/preface.xml index 00111ec131..130a7d011f 100644 --- a/docs/Samba-Guide/preface.xml +++ b/docs/Samba-Guide/preface.xml @@ -469,6 +469,11 @@ Misty Stanley-Jones has contributed information that summarizes her experience at migration from a NetWare server to Samba-3. + + TechInfo &smbmdash; The documentation provided demonstrates + how one site miigrated from NetWare to Samba. Some alternatives tools are mentioned. These + could be used to provide another pathway to a successful migration. + -- cgit