From b968848a1697dfc7216e1802883b5f7e55025111 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Tue, 9 Sep 2003 03:11:56 +0000
Subject: removing files not in 3.0 (This used to be commit
 d5c32f8881f33667c9bfa067cb7f2113bd55c724)

---
 docs/htmldocs/domain-security.html | 427 -------------------------------------
 1 file changed, 427 deletions(-)
 delete mode 100644 docs/htmldocs/domain-security.html

(limited to 'docs/htmldocs/domain-security.html')

diff --git a/docs/htmldocs/domain-security.html b/docs/htmldocs/domain-security.html
deleted file mode 100644
index ddbc4624b8..0000000000
--- a/docs/htmldocs/domain-security.html
+++ /dev/null
@@ -1,427 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<HTML
-><HEAD
-><TITLE
->Samba as a NT4 or Win2k domain member</TITLE
-><META
-NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
-REL="HOME"
-TITLE="SAMBA Project Documentation"
-HREF="samba-howto-collection.html"><LINK
-REL="UP"
-TITLE="Type of installation"
-HREF="type.html"><LINK
-REL="PREVIOUS"
-TITLE="Samba as a ADS domain member"
-HREF="ads.html"><LINK
-REL="NEXT"
-TITLE="Advanced Configuration"
-HREF="optional.html"></HEAD
-><BODY
-CLASS="CHAPTER"
-BGCOLOR="#FFFFFF"
-TEXT="#000000"
-LINK="#0000FF"
-VLINK="#840084"
-ALINK="#0000FF"
-><DIV
-CLASS="NAVHEADER"
-><TABLE
-SUMMARY="Header navigation table"
-WIDTH="100%"
-BORDER="0"
-CELLPADDING="0"
-CELLSPACING="0"
-><TR
-><TH
-COLSPAN="3"
-ALIGN="center"
->SAMBA Project Documentation</TH
-></TR
-><TR
-><TD
-WIDTH="10%"
-ALIGN="left"
-VALIGN="bottom"
-><A
-HREF="ads.html"
-ACCESSKEY="P"
->Prev</A
-></TD
-><TD
-WIDTH="80%"
-ALIGN="center"
-VALIGN="bottom"
-></TD
-><TD
-WIDTH="10%"
-ALIGN="right"
-VALIGN="bottom"
-><A
-HREF="optional.html"
-ACCESSKEY="N"
->Next</A
-></TD
-></TR
-></TABLE
-><HR
-ALIGN="LEFT"
-WIDTH="100%"></DIV
-><DIV
-CLASS="CHAPTER"
-><H1
-><A
-NAME="DOMAIN-SECURITY"
-></A
->Chapter 9. Samba as a NT4 or Win2k domain member</H1
-><DIV
-CLASS="SECT1"
-><H1
-CLASS="SECT1"
-><A
-NAME="AEN1439"
->9.1. Joining an NT Domain with Samba 3.0</A
-></H1
-><P
->Assume you have a Samba 3.0 server with a NetBIOS name of 
-	<CODE
-CLASS="CONSTANT"
->SERV1</CODE
-> and are joining an or Win2k NT domain called
-	<CODE
-CLASS="CONSTANT"
->DOM</CODE
->, which has a PDC with a NetBIOS name
-	of <CODE
-CLASS="CONSTANT"
->DOMPDC</CODE
-> and two backup domain controllers 
-	with NetBIOS names <CODE
-CLASS="CONSTANT"
->DOMBDC1</CODE
-> and <CODE
-CLASS="CONSTANT"
->DOMBDC2
-	</CODE
->.</P
-><P
->Firstly, you must edit your <TT
-CLASS="FILENAME"
->smb.conf</TT
-> file to tell Samba it should
-	now use domain security.</P
-><P
->Change (or add) your <A
-HREF="smb.conf.5.html#SECURITY"
-TARGET="_top"
->	<VAR
-CLASS="PARAMETER"
->security =</VAR
-></A
-> line in the [global] section 
-	of your <TT
-CLASS="FILENAME"
->smb.conf</TT
-> to read:</P
-><P
-><B
-CLASS="COMMAND"
->security = domain</B
-></P
-><P
->Next change the <A
-HREF="smb.conf.5.html#WORKGROUP"
-TARGET="_top"
-><VAR
-CLASS="PARAMETER"
->	workgroup =</VAR
-></A
-> line in the [global] section to read: </P
-><P
-><B
-CLASS="COMMAND"
->workgroup = DOM</B
-></P
-><P
->as this is the name of the domain we are joining. </P
-><P
->You must also have the parameter <A
-HREF="smb.conf.5.html#ENCRYPTPASSWORDS"
-TARGET="_top"
->	<VAR
-CLASS="PARAMETER"
->encrypt passwords</VAR
-></A
-> set to <CODE
-CLASS="CONSTANT"
->yes
-	</CODE
-> in order for your users to authenticate to the NT PDC.</P
-><P
->Finally, add (or modify) a <A
-HREF="smb.conf.5.html#PASSWORDSERVER"
-TARGET="_top"
->	<VAR
-CLASS="PARAMETER"
->password server =</VAR
-></A
-> line in the [global]
-	section to read: </P
-><P
-><B
-CLASS="COMMAND"
->password server = DOMPDC DOMBDC1 DOMBDC2</B
-></P
-><P
->These are the primary and backup domain controllers Samba 
-	will attempt to contact in order to authenticate users. Samba will 
-	try to contact each of these servers in order, so you may want to 
-	rearrange this list in order to spread out the authentication load 
-	among domain controllers.</P
-><P
->Alternatively, if you want smbd to automatically determine 
-	the list of Domain controllers to use for authentication, you may 
-	set this line to be :</P
-><P
-><B
-CLASS="COMMAND"
->password server = *</B
-></P
-><P
->This method, allows Samba to use exactly the same
-        mechanism that NT does. This 
-	method either broadcasts or uses a WINS database in order to
-	find domain controllers to authenticate against.</P
-><P
->In order to actually join the domain, you must run this
-        command:</P
-><P
-><SAMP
-CLASS="PROMPT"
->root# </SAMP
-><KBD
-CLASS="USERINPUT"
->net rpc join -S DOMPDC
-	-U<VAR
-CLASS="REPLACEABLE"
->Administrator%password</VAR
-></KBD
-></P
-><P
->as we are joining the domain DOM and the PDC for that domain 
-	(the only machine that has write access to the domain SAM database) 
-	is DOMPDC. The <VAR
-CLASS="REPLACEABLE"
->Administrator%password</VAR
-> is 
-	the login name and password for an account which has the necessary 
-	privilege to add machines to the domain.  If this is successful 
-	you will see the message:</P
-><P
-><SAMP
-CLASS="COMPUTEROUTPUT"
->Joined domain DOM.</SAMP
->
-	or <SAMP
-CLASS="COMPUTEROUTPUT"
->Joined 'SERV1' to realm 'MYREALM'</SAMP
->
-	</P
-><P
->in your terminal window. See the <A
-HREF="net.8.html"
-TARGET="_top"
->	net(8)</A
-> man page for more details.</P
-><P
->This process joins the server to thedomain
-	without having to create the machine trust account on the PDC
-	beforehand.</P
-><P
->This command goes through the machine account password 
-	change protocol, then writes the new (random) machine account 
-	password for this Samba server into a file in the same directory 
-	in which an smbpasswd file would be stored - normally :</P
-><P
-><TT
-CLASS="FILENAME"
->/usr/local/samba/private/secrets.tdb</TT
-></P
-><P
->This file is created and owned by root and is not 
-	readable by any other user. It is the key to the domain-level 
-	security for your system, and should be treated as carefully 
-	as a shadow password file.</P
-><P
->Finally, restart your Samba daemons and get ready for 
-	clients to begin using domain security!</P
-></DIV
-><DIV
-CLASS="SECT1"
-><H1
-CLASS="SECT1"
-><A
-NAME="AEN1493"
->9.2. Why is this better than security = server?</A
-></H1
-><P
->Currently, domain security in Samba doesn't free you from 
-	having to create local Unix users to represent the users attaching 
-	to your server. This means that if domain user <CODE
-CLASS="CONSTANT"
->DOM\fred
-	</CODE
-> attaches to your domain security Samba server, there needs 
-	to be a local Unix user fred to represent that user in the Unix 
-	filesystem. This is very similar to the older Samba security mode 
-	<A
-HREF="smb.conf.5.html#SECURITYEQUALSSERVER"
-TARGET="_top"
->security = server</A
->, 
-	where Samba would pass through the authentication request to a Windows 
-	NT server in the same way as a Windows 95 or Windows 98 server would.
-	</P
-><P
->Please refer to the <A
-HREF="winbind.html"
-TARGET="_top"
->Winbind 
-	paper</A
-> for information on a system to automatically
-	assign UNIX uids and gids to Windows NT Domain users and groups.
-	This code is available in development branches only at the moment,
-	but will be moved to release branches soon.</P
-><P
->The advantage to domain-level security is that the 
-	authentication in domain-level security is passed down the authenticated 
-	RPC channel in exactly the same way that an NT server would do it. This 
-	means Samba servers now participate in domain trust relationships in 
-	exactly the same way NT servers do (i.e., you can add Samba servers into 
-	a resource domain and have the authentication passed on from a resource
-	domain PDC to an account domain PDC.</P
-><P
->In addition, with <B
-CLASS="COMMAND"
->security = server</B
-> every Samba 
-	daemon on a server has to keep a connection open to the 
-	authenticating server for as long as that daemon lasts. This can drain 
-	the connection resources on a Microsoft NT server and cause it to run 
-	out of available connections. With <B
-CLASS="COMMAND"
->security = domain</B
->, 
-	however, the Samba daemons connect to the PDC/BDC only for as long 
-	as is necessary to authenticate the user, and then drop the connection, 
-	thus conserving PDC connection resources.</P
-><P
->And finally, acting in the same manner as an NT server 
-	authenticating to a PDC means that as part of the authentication 
-	reply, the Samba server gets the user identification information such 
-	as the user SID, the list of NT groups the user belongs to, etc. </P
-><DIV
-CLASS="NOTE"
-><P
-></P
-><TABLE
-CLASS="NOTE"
-WIDTH="100%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="/usr/share/sgml/docbook/stylesheet/dsssl/modular/images/note.gif"
-HSPACE="5"
-ALT="Note"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
-> Much of the text of this document 
-	was first published in the Web magazine <A
-HREF="http://www.linuxworld.com"
-TARGET="_top"
-> 	
-	LinuxWorld</A
-> as the article <A
-HREF="http://www.linuxworld.com/linuxworld/lw-1998-10/lw-10-samba.html"
-TARGET="_top"
->Doing 
-	the NIS/NT Samba</A
->.</P
-></TD
-></TR
-></TABLE
-></DIV
-></DIV
-></DIV
-><DIV
-CLASS="NAVFOOTER"
-><HR
-ALIGN="LEFT"
-WIDTH="100%"><TABLE
-SUMMARY="Footer navigation table"
-WIDTH="100%"
-BORDER="0"
-CELLPADDING="0"
-CELLSPACING="0"
-><TR
-><TD
-WIDTH="33%"
-ALIGN="left"
-VALIGN="top"
-><A
-HREF="ads.html"
-ACCESSKEY="P"
->Prev</A
-></TD
-><TD
-WIDTH="34%"
-ALIGN="center"
-VALIGN="top"
-><A
-HREF="samba-howto-collection.html"
-ACCESSKEY="H"
->Home</A
-></TD
-><TD
-WIDTH="33%"
-ALIGN="right"
-VALIGN="top"
-><A
-HREF="optional.html"
-ACCESSKEY="N"
->Next</A
-></TD
-></TR
-><TR
-><TD
-WIDTH="33%"
-ALIGN="left"
-VALIGN="top"
->Samba as a ADS domain member</TD
-><TD
-WIDTH="34%"
-ALIGN="center"
-VALIGN="top"
-><A
-HREF="type.html"
-ACCESSKEY="U"
->Up</A
-></TD
-><TD
-WIDTH="33%"
-ALIGN="right"
-VALIGN="top"
->Advanced Configuration</TD
-></TR
-></TABLE
-></DIV
-></BODY
-></HTML
->
\ No newline at end of file
-- 
cgit