From 2f1da0c3e3e4950006a918352e9908a65198456e Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 20 Aug 2002 16:06:40 +0000 Subject: Remove (broken) index don't use underscores in chaptor names (invalid sgml syntax) (This used to be commit 7864aeb9694a72090425f15e1512f56e32b20588) --- docs/docbook/projdoc/Printing.sgml | 2 +- docs/docbook/projdoc/samba-doc.sgml | 4 ---- docs/docbook/projdoc/security_level.sgml | 2 +- 3 files changed, 2 insertions(+), 6 deletions(-) (limited to 'docs/docbook/projdoc') diff --git a/docs/docbook/projdoc/Printing.sgml b/docs/docbook/projdoc/Printing.sgml index cb7e5cdfb7..ce9f40e88b 100644 --- a/docs/docbook/projdoc/Printing.sgml +++ b/docs/docbook/projdoc/Printing.sgml @@ -1,4 +1,4 @@ - + PatrickPowell diff --git a/docs/docbook/projdoc/samba-doc.sgml b/docs/docbook/projdoc/samba-doc.sgml index 0ec9efe014..e407b622de 100644 --- a/docs/docbook/projdoc/samba-doc.sgml +++ b/docs/docbook/projdoc/samba-doc.sgml @@ -19,7 +19,6 @@ - ]> @@ -83,7 +82,4 @@ Cheers, jerry &CVS-Access; &BUGS; - -&INDEX-FILE; - diff --git a/docs/docbook/projdoc/security_level.sgml b/docs/docbook/projdoc/security_level.sgml index 46a2ad7fe4..efe2b6eaf3 100644 --- a/docs/docbook/projdoc/security_level.sgml +++ b/docs/docbook/projdoc/security_level.sgml @@ -1,4 +1,4 @@ - + AndrewTridgell -- cgit From 86115eaba8f52fc91de3574e3ccc1f0e882fdc59 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Mon, 26 Aug 2002 11:24:30 +0000 Subject: Fix some small spelling etc problems in the SGML. Must also add a small tute on adding print queues dynamically with the addprinter command. (This used to be commit 5ea345f464800fa4ce70108c0285791c745243c9) --- docs/docbook/projdoc/printer_driver2.sgml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs/docbook/projdoc') diff --git a/docs/docbook/projdoc/printer_driver2.sgml b/docs/docbook/projdoc/printer_driver2.sgml index 84a24bcdef..8146ae5616 100644 --- a/docs/docbook/projdoc/printer_driver2.sgml +++ b/docs/docbook/projdoc/printer_driver2.sgml @@ -107,7 +107,7 @@ the client. These parameters, including printer driver -file parameter, are being depreciated and should not +file parameter, are being deprecated and should not be used in new installations. For more information on this change, you should refer to the Migration section of this document. @@ -260,7 +260,7 @@ driver now? Click "No" in the error dialog and you will be presented with -the printer properties window. The way assign a driver to a +the printer properties window. The way to assign a driver to a printer is to either -- cgit From e74e0b235c3dc544e04464e5dba8cfddbc8c5fd1 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Mon, 26 Aug 2002 13:04:26 +0000 Subject: A small type and addition of an example add printer command script. (This used to be commit 7c5f94e73746fcb97e440a29e5abc7bbb0a6c250) --- docs/docbook/projdoc/printer_driver2.sgml | 56 ++++++++++++++++++++++++++++++- 1 file changed, 55 insertions(+), 1 deletion(-) (limited to 'docs/docbook/projdoc') diff --git a/docs/docbook/projdoc/printer_driver2.sgml b/docs/docbook/projdoc/printer_driver2.sgml index 8146ae5616..85ae0713b3 100644 --- a/docs/docbook/projdoc/printer_driver2.sgml +++ b/docs/docbook/projdoc/printer_driver2.sgml @@ -382,11 +382,65 @@ of the connected user, not necessarily a root account. -There is a complementing delete +There is a complementary delete printer command for removing entries from the "Printers..." folder. + +The following is an example add printer command script. It adds the appropriate entries to /etc/printcap.local (change that to what you need) and returns a line of 'Done' which is needed for the whole process to work. + + + +#!/bin/sh + +# Script to insert a new printer entry into printcap.local +# +# $1, printer name, used as the descriptive name +# $2, share name, used as the printer name for Linux +# $3, port name +# $4, driver name +# $5, location, used for the device file of the printer +# $6, win9x location + +# +# Make sure we use the location that RedHat uses for local printer defs +PRINTCAP=/etc/printcap.local +DATE=`date +%Y%m%d-%H%M%S` +LP=lp +RESTART="service lpd restart" + +# Keep a copy +cp $PRINTCAP $PRINTCAP.$DATE +# Add the printer to $PRINTCAP +echo "" >> $PRINTCAP +echo "$2|$1:\\" >> $PRINTCAP +echo " :sd=/var/spool/lpd/$2:\\" >> $PRINTCAP +echo " :mx=0:ml=0:sh:\\" >> $PRINTCAP +echo " :lp=/usr/local/samba/var/print/$5.prn:" >> $PRINTCAP + +touch "/usr/local/samba/var/print/$5.prn" >> /tmp/printadd.$$ 2>&1 +chown $LP "/usr/local/samba/var/print/$5.prn" >> /tmp/printadd.$$ 2>&1 + +mkdir /var/spool/lpd/$2 +chmod 700 /var/spool/lpd/$2 +chown $LP /var/spool/lpd/$2 +#echo $1 >> "/usr/local/samba/var/print/$5.prn" +#echo $2 >> "/usr/local/samba/var/print/$5.prn" +#echo $3 >> "/usr/local/samba/var/print/$5.prn" +#echo $4 >> "/usr/local/samba/var/print/$5.prn" +#echo $5 >> "/usr/local/samba/var/print/$5.prn" +#echo $6 >> "/usr/local/samba/var/print/$5.prn" +$RESTART >> "/usr/local/samba/var/print/$5.prn" +# Not sure if this is needed +touch /usr/local/samba/lib/smb.conf +# +# You need to return a value, but I am not sure what it means. +# +echo "Done" +exit 0 + + -- cgit From 772e9b2ac8335b4a9604171856ad903bd7de120a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 28 Aug 2002 08:13:29 +0000 Subject: There's no MACHINE.SID anymore... Volker (This used to be commit e9cd8fb2e3104e1f9fd27277c90e1d09e55a0cf4) --- docs/docbook/projdoc/Samba-BDC-HOWTO.sgml | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'docs/docbook/projdoc') diff --git a/docs/docbook/projdoc/Samba-BDC-HOWTO.sgml b/docs/docbook/projdoc/Samba-BDC-HOWTO.sgml index 53a0959c39..7653e3d1c0 100644 --- a/docs/docbook/projdoc/Samba-BDC-HOWTO.sgml +++ b/docs/docbook/projdoc/Samba-BDC-HOWTO.sgml @@ -157,10 +157,17 @@ Several things have to be done: -The file private/MACHINE.SID identifies the domain. When a samba -server is first started, it is created on the fly and must never be -changed again. This file has to be the same on the PDC and the BDC, -so the MACHINE.SID has to be copied from the PDC to the BDC. +The domain SID has to be the same on the PDC and the BDC. This used to +be stored in the file private/MACHINE.SID. This file is not created +anymore since Samba 2.2.5 or even earlier. Nowadays the domain SID is +stored in the file private/secrets.tdb. Simply copying the secrets.tdb +from the PDC to the BDC does not work, as the BDC would +generate a new SID for itself and override the domain SID with this +new BDC SID. + + +To retrieve the domain SID from the PDC or an existing BDC and store it in the +secrets.tdb, execute 'net rpc getsid' on the BDC. -- cgit From 147e2a82531b68b8964defe0ebd26f62d7531027 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 28 Aug 2002 08:43:04 +0000 Subject: Adding new series of text-to-sgml converted files. Removed OS2-Client-HOWTO and put it into Other-Clients.sgml (This used to be commit 076f34af8e5af7fb2d07b724522ef77f33559c82) --- docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml | 78 ++++++ docs/docbook/projdoc/OS2-Client-HOWTO.sgml | 142 ----------- docs/docbook/projdoc/Other-Clients.sgml | 332 ++++++++++++++++++++++++++ docs/docbook/projdoc/Portability.sgml | 148 ++++++++++++ docs/docbook/projdoc/samba-doc.sgml | 8 +- 5 files changed, 564 insertions(+), 144 deletions(-) create mode 100644 docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml delete mode 100644 docs/docbook/projdoc/OS2-Client-HOWTO.sgml create mode 100644 docs/docbook/projdoc/Other-Clients.sgml create mode 100644 docs/docbook/projdoc/Portability.sgml (limited to 'docs/docbook/projdoc') diff --git a/docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml b/docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml new file mode 100644 index 0000000000..6d5a019fcb --- /dev/null +++ b/docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml @@ -0,0 +1,78 @@ + + + + Jean FrançoisMicouleau + + + +Group mapping HOWTO + + +Starting with Samba 3.0 alpha 2, a new group mapping function is available. The +current method (likely to change) to manage the groups is a new command called +smbgroupedit. + + + +The first immediate reason to use the group mapping on a PDC, is that +the domain admin group of smb.conf is +now gone. This parameter was used to give the listed users local admin rights +on their workstations. It was some magic stuff that simply worked but didn't +scale very well for complex setups. + + + +Let me explain how it works on NT/W2K, to have this magic fade away. +When installing NT/W2K on a computer, the installer program creates some users +and groups. Notably the 'Administrators' group, and gives to that group some +privileges like the ability to change the date and time or to kill any process +(or close too) running on the local machine. The 'Administrator' user is a +member of the 'Administrators' group, and thus 'inherit' the 'Administrators' +group privileges. If a 'joe' user is created and become a member of the +'Administrator' group, 'joe' has exactly the same rights as 'Administrator'. + + + +When a NT/W2K machine is joined to a domain, during that phase, the "Domain +Administrators' group of the PDC is added to the 'Administrators' group of the +workstation. Every members of the 'Domain Administrators' group 'inherit' the +rights of the 'Administrators' group when logging on the workstation. + + + +You are now wondering how to make some of your samba PDC users members of the +'Domain Administrators' ? That's really easy. + + + +create a unix group (usually in /etc/group), let's call it domadm +add to this group the users that must be Administrators. For example if you want joe,john and mary, your entry in /etc/group will look like: + + +domadm:x:502:joe,john,mary + + + + +Map this domadm group to the domain admins group by running the command: + +smbgroupedit -c "Domain Admins" -u domadm + + + +You're set, joe, john and mary are domain administrators ! + + +Like the Domain Admins group, you can map any arbitrary Unix group to any NT +group. You can also make any Unix group a domain group. For example, on a domain +member machine (an NT/W2K or a samba server running winbind), you would like to +give access to a certain directory to some users who are member of a group on +your samba PDC. Flag that group as a domain group by running: + + +smbgroupedit -a unixgroup -td + +You can list the various groups in the mapping database like this +smbgroupedit -v + + diff --git a/docs/docbook/projdoc/OS2-Client-HOWTO.sgml b/docs/docbook/projdoc/OS2-Client-HOWTO.sgml deleted file mode 100644 index ca7ad6a754..0000000000 --- a/docs/docbook/projdoc/OS2-Client-HOWTO.sgml +++ /dev/null @@ -1,142 +0,0 @@ - - - - - - JimMcDonough - - IBM -
- jerry@samba.org -
- - - - - 5 Mar 2001 - - -OS2 Client HOWTO - - - FAQs - - - How can I configure OS/2 Warp Connect or - OS/2 Warp 4 as a client for Samba? - - A more complete answer to this question can be - found on - http://carol.wins.uva.nl/~leeuw/samba/warp.html. - - Basically, you need three components: - - - The File and Print Client ('IBM Peer') - - TCP/IP ('Internet support') - - The "NetBIOS over TCP/IP" driver ('TCPBEUI') - - - - Installing the first two together with the base operating - system on a blank system is explained in the Warp manual. If Warp - has already been installed, but you now want to install the - networking support, use the "Selective Install for Networking" - object in the "System Setup" folder. - - Adding the "NetBIOS over TCP/IP" driver is not described - in the manual and just barely in the online documentation. Start - MPTS.EXE, click on OK, click on "Configure LAPS" and click - on "IBM OS/2 NETBIOS OVER TCP/IP" in 'Protocols'. This line - is then moved to 'Current Configuration'. Select that line, - click on "Change number" and increase it from 0 to 1. Save this - configuration. - - If the Samba server(s) is not on your local subnet, you - can optionally add IP names and addresses of these servers - to the "Names List", or specify a WINS server ('NetBIOS - Nameserver' in IBM and RFC terminology). For Warp Connect you - may need to download an update for 'IBM Peer' to bring it on - the same level as Warp 4. See the webpage mentioned above. - - - - How can I configure OS/2 Warp 3 (not Connect), - OS/2 1.2, 1.3 or 2.x for Samba? - - You can use the free Microsoft LAN Manager 2.2c Client - for OS/2 from - - ftp://ftp.microsoft.com/BusSys/Clients/LANMAN.OS2/. - See - http://carol.wins.uva.nl/~leeuw/lanman.html for - more information on how to install and use this client. In - a nutshell, edit the file \OS2VER in the root directory of - the OS/2 boot partition and add the lines: - - - 20=setup.exe - 20=netwksta.sys - 20=netvdd.sys - - - before you install the client. Also, don't use the - included NE2000 driver because it is buggy. Try the NE2000 - or NS2000 driver from - - ftp://ftp.cdrom.com/pub/os2/network/ndis/ instead. - - - - - Are there any other issues when OS/2 (any version) - is used as a client? - - When you do a NET VIEW or use the "File and Print - Client Resource Browser", no Samba servers show up. This can - be fixed by a patch from - http://carol.wins.uva.nl/~leeuw/samba/fix.html. - The patch will be included in a later version of Samba. It also - fixes a couple of other problems, such as preserving long - filenames when objects are dragged from the Workplace Shell - to the Samba server. - - - - How do I get printer driver download working - for OS/2 clients? - - First, create a share called [PRINTDRV] that is - world-readable. Copy your OS/2 driver files there. Note - that the .EA_ files must still be separate, so you will need - to use the original install files, and not copy an installed - driver from an OS/2 system. - - Install the NT driver first for that printer. Then, - add to your smb.conf a parameter, "os2 driver map = - filename". Then, in the file - specified by filename, map the - name of the NT driver name to the OS/2 driver name as - follows: - - <nt driver name> = <os2 driver - name>.<device name>, e.g.: - HP LaserJet 5L = LASERJET.HP LaserJet 5L - - You can have multiple drivers mapped in this file. - - If you only specify the OS/2 driver name, and not the - device name, the first attempt to download the driver will - actually download the files, but the OS/2 client will tell - you the driver is not available. On the second attempt, it - will work. This is fixed simply by adding the device name - to the mapping, after which it will work on the first attempt. - - - - - - diff --git a/docs/docbook/projdoc/Other-Clients.sgml b/docs/docbook/projdoc/Other-Clients.sgml new file mode 100644 index 0000000000..f790024c3a --- /dev/null +++ b/docs/docbook/projdoc/Other-Clients.sgml @@ -0,0 +1,332 @@ + + + + JimMcDonough + + IBM + + JelmerVernooij + + Samba Team +
jelmer@samba.org
+ + + + 5 Mar 2001 + + +Samba and other CIFS clients + +This chapter contains client-specific information. + + +Macintosh clients? + + +Yes. Thursby now have a CIFS Client / Server called DAVE - see + + + +They test it against Windows 95, Windows NT and samba for +compatibility issues. At the time of writing, DAVE was at version +1.0.1. The 1.0.0 to 1.0.1 update is available as a free download from +the Thursby web site (the speed of finder copies has been greatly +enhanced, and there are bug-fixes included). + + + +Alternatives - There are two free implementations of AppleTalk for +several kinds of UNIX machnes, and several more commercial ones. +These products allow you to run file services and print services +natively to Macintosh users, with no additional support required on +the Macintosh. The two free omplementations are +Netatalk, and +CAP. +What Samba offers MS +Windows users, these packages offer to Macs. For more info on these +packages, Samba, and Linux (and other UNIX-based systems) see +http://www.eats.com/linux_mac_win.html + + + + + +OS2 Client + + + How can I configure OS/2 Warp Connect or + OS/2 Warp 4 as a client for Samba? + + A more complete answer to this question can be + found on + http://carol.wins.uva.nl/~leeuw/samba/warp.html. + + Basically, you need three components: + + + The File and Print Client ('IBM Peer') + + TCP/IP ('Internet support') + + The "NetBIOS over TCP/IP" driver ('TCPBEUI') + + + + Installing the first two together with the base operating + system on a blank system is explained in the Warp manual. If Warp + has already been installed, but you now want to install the + networking support, use the "Selective Install for Networking" + object in the "System Setup" folder. + + Adding the "NetBIOS over TCP/IP" driver is not described + in the manual and just barely in the online documentation. Start + MPTS.EXE, click on OK, click on "Configure LAPS" and click + on "IBM OS/2 NETBIOS OVER TCP/IP" in 'Protocols'. This line + is then moved to 'Current Configuration'. Select that line, + click on "Change number" and increase it from 0 to 1. Save this + configuration. + + If the Samba server(s) is not on your local subnet, you + can optionally add IP names and addresses of these servers + to the "Names List", or specify a WINS server ('NetBIOS + Nameserver' in IBM and RFC terminology). For Warp Connect you + may need to download an update for 'IBM Peer' to bring it on + the same level as Warp 4. See the webpage mentioned above. + + + + How can I configure OS/2 Warp 3 (not Connect), + OS/2 1.2, 1.3 or 2.x for Samba? + + You can use the free Microsoft LAN Manager 2.2c Client + for OS/2 from + + ftp://ftp.microsoft.com/BusSys/Clients/LANMAN.OS2/. + See + http://carol.wins.uva.nl/~leeuw/lanman.html for + more information on how to install and use this client. In + a nutshell, edit the file \OS2VER in the root directory of + the OS/2 boot partition and add the lines: + + + 20=setup.exe + 20=netwksta.sys + 20=netvdd.sys + + + before you install the client. Also, don't use the + included NE2000 driver because it is buggy. Try the NE2000 + or NS2000 driver from + + ftp://ftp.cdrom.com/pub/os2/network/ndis/ instead. + + + + + Are there any other issues when OS/2 (any version) + is used as a client? + + When you do a NET VIEW or use the "File and Print + Client Resource Browser", no Samba servers show up. This can + be fixed by a patch from + http://carol.wins.uva.nl/~leeuw/samba/fix.html. + The patch will be included in a later version of Samba. It also + fixes a couple of other problems, such as preserving long + filenames when objects are dragged from the Workplace Shell + to the Samba server. + + + + How do I get printer driver download working + for OS/2 clients? + + First, create a share called [PRINTDRV] that is + world-readable. Copy your OS/2 driver files there. Note + that the .EA_ files must still be separate, so you will need + to use the original install files, and not copy an installed + driver from an OS/2 system. + + Install the NT driver first for that printer. Then, + add to your smb.conf a parameter, os2 driver map = + filename". Then, in the file + specified by filename, map the + name of the NT driver name to the OS/2 driver name as + follows: + + nt driver name = os2 "driver + name"."device name", e.g.: + HP LaserJet 5L = LASERJET.HP LaserJet 5L + + You can have multiple drivers mapped in this file. + + If you only specify the OS/2 driver name, and not the + device name, the first attempt to download the driver will + actually download the files, but the OS/2 client will tell + you the driver is not available. On the second attempt, it + will work. This is fixed simply by adding the device name + to the mapping, after which it will work on the first attempt. + + + + + +Windows for Workgroups + + +Use latest TCP/IP stack from Microsoft + +Use the latest TCP/IP stack from microsoft if you use Windows +for workgroups. + +The early TCP/IP stacks had lots of bugs. + + +Microsoft has released an incremental upgrade to their TCP/IP 32-Bit +VxD drivers. The latest release can be found on their ftp site at +ftp.microsoft.com, located in /peropsys/windows/public/tcpip/wfwt32.exe. +There is an update.txt file there that describes the problems that were +fixed. New files include WINSOCK.DLL, TELNET.EXE, WSOCK.386, VNBT.386, +WSTCP.386, TRACERT.EXE, NETSTAT.EXE, and NBTSTAT.EXE. + + + + + +Delete .pwl files after password change + + +WfWg does a lousy job with passwords. I find that if I change my +password on either the unix box or the PC the safest thing to do is to +delete the .pwl files in the windows directory. The PC will complain about not finding the files, but will soon get over it, allowing you to enter the new password. + + + +If you don't do this you may find that WfWg remembers and uses the old +password, even if you told it a new one. + + + +Often WfWg will totally ignore a password you give it in a dialog box. + + + + + +Configure WfW password handling + + +There is a program call admincfg.exe +on the last disk (disk 8) of the WFW 3.11 disk set. To install it +type EXPAND A:\ADMINCFG.EX_ C:\WINDOWS\ADMINCFG.EXE Then add an icon +for it via the "Progam Manager" "New" Menu. This program allows you +to control how WFW handles passwords. ie disable Password Caching etc +for use with security = user + + + + + +Case handling of passwords + +Windows for Workgroups uppercases the password before sending it to the server. Unix passwords can be case-sensitive though. Check the smb.conf(5) information on password level to specify what characters samba should try to uppercase when checking. + + + + + + +Windows '95/'98 + + +When using Windows 95 OEM SR2 the following updates are recommended where Samba +is being used. Please NOTE that the above change will affect you once these +updates have been installed. + + + +There are more updates than the ones mentioned here. You are referred to the +Microsoft Web site for all currently available updates to your specific version +of Windows 95. + + + +Kernel Update: KRNLUPD.EXE +Ping Fix: PINGUPD.EXE +RPC Update: RPCRTUPD.EXE +TCP/IP Update: VIPUPD.EXE +Redirector Update: VRDRUPD.EXE + + + +Also, if using MS OutLook it is desirable to install the OLEUPD.EXE fix. This +fix may stop your machine from hanging for an extended period when exiting +OutLook and you may also notice a significant speedup when accessing network +neighborhood services. + + + + + +Windows 2000 Service Pack 2 + + +There are several annoyances with Windows 2000 SP2. One of which +only appears when using a Samba server to host user profiles +to Windows 2000 SP2 clients in a Windows domain. This assumes +that Samba is a member of the domain, but the problem will +likely occur if it is not. + + + +In order to server profiles successfully to Windows 2000 SP2 +clients (when not operating as a PDC), Samba must have +nt acl support = no +added to the file share which houses the roaming profiles. +If this is not done, then the Windows 2000 SP2 client will +complain about not being able to access the profile (Access +Denied) and create multiple copies of it on disk (DOMAIN.user.001, +DOMAIN.user.002, etc...). See the +smb.conf(5) man page +for more details on this option. Also note that the +nt acl support parameter was formally a global parameter in +releases prior to Samba 2.2.2. + + + +The following is a minimal profile share: + + + + [profile] + path = /export/profile + create mask = 0600 + directory mask = 0700 + nt acl support = no + read only = no + + + +The reason for this bug is that the Win2k SP2 client copies +the security descriptor for the profile which contains +the Samba server's SID, and not the domain SID. The client +compares the SID for SAMBA\user and realizes it is +different that the one assigned to DOMAIN\user. Hence the reason +for the "access denied" message. + + + +By disabling the nt acl support parameter, Samba will send +the Win2k client a response to the QuerySecurityDescriptor +trans2 call which causes the client to set a default ACL +for the profile. This default ACL includes + + +DOMAIN\user "Full Control" + +NOTE : This bug does not occur when using winbind to +create accounts on the Samba host for Domain users. + + + + diff --git a/docs/docbook/projdoc/Portability.sgml b/docs/docbook/projdoc/Portability.sgml new file mode 100644 index 0000000000..f2fe66b9dd --- /dev/null +++ b/docs/docbook/projdoc/Portability.sgml @@ -0,0 +1,148 @@ + + + + JelmerVernooij + + + +Portability + +Samba works on a wide range of platforms but the interface all the +platforms provide is not always compatible. This chapter contains +platform-specific information about compiling and using samba. + + +HPUX + + +HP's implementation of supplementary groups is, er, non-standard (for +hysterical reasons). There are two group files, /etc/group and +/etc/logingroup; the system maps UIDs to numbers using the former, but +initgroups() reads the latter. Most system admins who know the ropes +symlink /etc/group to /etc/logingroup (hard link doesn't work for reasons +too stupid to go into here). initgroups() will complain if one of the +groups you're in in /etc/logingroup has what it considers to be an invalid +ID, which means outside the range [0..UID_MAX], where UID_MAX is (I think) +60000 currently on HP-UX. This precludes -2 and 65534, the usual 'nobody' +GIDs. + + + +If you encounter this problem, make sure that the programs that are failing +to initgroups() be run as users not in any groups with GIDs outside the +allowed range. + + +This is documented in the HP manual pages under setgroups(2) and passwd(4). + + + + + +SCO Unix + + +If you run an old version of SCO Unix then you may need to get important +TCP/IP patches for Samba to work correctly. Without the patch, you may +encounter corrupt data transfers using samba. + + + +The patch you need is UOD385 Connection Drivers SLS. It is available from +SCO (ftp.sco.com, directory SLS, files uod385a.Z and uod385a.ltr.Z). + + + + + +DNIX + + +DNIX has a problem with seteuid() and setegid(). These routines are +needed for Samba to work correctly, but they were left out of the DNIX +C library for some reason. + + + +For this reason Samba by default defines the macro NO_EID in the DNIX +section of includes.h. This works around the problem in a limited way, +but it is far from ideal, some things still won't work right. + + + +To fix the problem properly you need to assemble the following two +functions and then either add them to your C library or link them into +Samba. + + + +put this in the file setegid.s: + + + + .globl _setegid +_setegid: + moveq #47,d0 + movl #100,a0 + moveq #1,d1 + movl 4(sp),a1 + trap #9 + bccs 1$ + jmp cerror +1$: + clrl d0 + rts + + + +put this in the file seteuid.s: + + + + .globl _seteuid +_seteuid: + moveq #47,d0 + movl #100,a0 + moveq #0,d1 + movl 4(sp),a1 + trap #9 + bccs 1$ + jmp cerror +1$: + clrl d0 + rts + + + +after creating the above files you then assemble them using + + +as seteuid.s +as setegid.s + + +that should produce the files seteuid.o and +setegid.o + + + +then you need to add these to the LIBSM line in the DNIX section of +the Samba Makefile. Your LIBSM line will then look something like this: + + + +LIBSM = setegid.o seteuid.o -ln + + + +You should then remove the line: + + + +#define NO_EID + + +from the DNIX section of includes.h + + + diff --git a/docs/docbook/projdoc/samba-doc.sgml b/docs/docbook/projdoc/samba-doc.sgml index e407b622de..a50389b7f0 100644 --- a/docs/docbook/projdoc/samba-doc.sgml +++ b/docs/docbook/projdoc/samba-doc.sgml @@ -6,7 +6,6 @@ - @@ -19,6 +18,9 @@ + + + ]> @@ -78,8 +80,10 @@ Cheers, jerry &Samba-LDAP; &BROWSING; &SPEED; -&OS2-Client; +&Other-Clients; &CVS-Access; &BUGS; +&GROUP-MAPPING-HOWTO; +&Portability; -- cgit From 3f393056db8d2ee53b23ac5e5b04171da4ea6cf9 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 29 Aug 2002 20:14:34 +0000 Subject: Split up documents at chapter level, not at sect1 level (This used to be commit f1710a46d0b51fbefc2a1b5230b76aa9ecbbcdab) --- docs/docbook/projdoc/samba-doc.sgml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs/docbook/projdoc') diff --git a/docs/docbook/projdoc/samba-doc.sgml b/docs/docbook/projdoc/samba-doc.sgml index a50389b7f0..75c5c379d3 100644 --- a/docs/docbook/projdoc/samba-doc.sgml +++ b/docs/docbook/projdoc/samba-doc.sgml @@ -18,9 +18,9 @@ - - - + + + ]> -- cgit From cda2b27c5778ef43ebe4b905fc83bbf980a91a19 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sun, 15 Sep 2002 13:23:56 +0000 Subject: Add reference to CUPS documentation about how to use unix -> windows clients using samba (This used to be commit 898f30fffb4e613e4a7efa0463c54fbc3b1f3cca) --- docs/docbook/projdoc/UNIX_INSTALL.sgml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'docs/docbook/projdoc') diff --git a/docs/docbook/projdoc/UNIX_INSTALL.sgml b/docs/docbook/projdoc/UNIX_INSTALL.sgml index aab193c451..c307636d5f 100644 --- a/docs/docbook/projdoc/UNIX_INSTALL.sgml +++ b/docs/docbook/projdoc/UNIX_INSTALL.sgml @@ -359,13 +359,16 @@ Printing from UNIX to a Client PC To use a printer that is available via a smb-based - server from a unix host you will need to compile the + server from a unix host with LPR you will need to compile the smbclient program. You then need to install the script "smbprint". Read the instruction in smbprint for more details. There is also a SYSV style script that does much the same thing called smbprint.sysv. It contains instructions. + + See the CUPS manual for information about setting up + printing from a unix host with CUPS to a smb-based server. -- cgit From 15bc0437a9239f1461b0562b2964da607e16fe20 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 23 Sep 2002 02:49:01 +0000 Subject: Fix typo. (This used to be commit 575b8674863341d3dbd04d8618a3a5f2ff5651ee) --- docs/docbook/projdoc/PAM-Authentication-And-Samba.sgml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/docbook/projdoc') diff --git a/docs/docbook/projdoc/PAM-Authentication-And-Samba.sgml b/docs/docbook/projdoc/PAM-Authentication-And-Samba.sgml index 594516640d..adcd059bc2 100644 --- a/docs/docbook/projdoc/PAM-Authentication-And-Samba.sgml +++ b/docs/docbook/projdoc/PAM-Authentication-And-Samba.sgml @@ -154,7 +154,7 @@ password required /lib/security/pam_smbpass.so nodelay smbconf=/etc/samba. Note: PAM allows stacking of authentication mechanisms. It is -also possible to pass information obtained within on PAM module through +also possible to pass information obtained within one PAM module through to the next module in the PAM stack. Please refer to the documentation for your particular system implementation for details regarding the specific capabilities of PAM in this environment. Some Linux implmentations also -- cgit