From f7e07eafc88128a556efbc94a9b062fd48ad91f4 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Fri, 6 Jun 2003 20:07:16 +0000 Subject: - Regenerate docs - Fix db2latex (it depended on the $Id$ tags) - Fix CUPS-Printing syntax - Update instructions in docbook.txt (This used to be commit 8d7c96a4e267c5546518d097edbe03e27b1ad073) --- docs/htmldocs/optional.html | 924 ++------------------------------------------ 1 file changed, 26 insertions(+), 898 deletions(-) (limited to 'docs/htmldocs/optional.html') diff --git a/docs/htmldocs/optional.html b/docs/htmldocs/optional.html index b15515ddab..22761de9c9 100644 --- a/docs/htmldocs/optional.html +++ b/docs/htmldocs/optional.html @@ -1,898 +1,26 @@ - -Optional configuration
SAMBA Project Documentation
PrevNext

III. Optional configuration

Introduction

Samba has several features that you might want or might not want to use. The chapters in this -part each cover one specific feature.

Table of Contents
10. Integrating MS Windows networks with Samba
10.1. Agenda
10.2. Name Resolution in a pure Unix/Linux world
10.2.1. /etc/hosts
10.2.2. /etc/resolv.conf
10.2.3. /etc/host.conf
10.2.4. /etc/nsswitch.conf
10.3. Name resolution as used within MS Windows networking
10.3.1. The NetBIOS Name Cache
10.3.2. The LMHOSTS file
10.3.3. HOSTS file
10.3.4. DNS Lookup
10.3.5. WINS Lookup
10.4. How browsing functions and how to deploy stable and -dependable browsing using Samba
10.5. MS Windows security options and how to configure -Samba for seemless integration
10.5.1. Use MS Windows NT as an authentication server
10.5.2. Make Samba a member of an MS Windows NT security domain
10.5.3. Configure Samba as an authentication server
10.6. Conclusions
11. UNIX Permission Bits and Windows NT Access Control Lists
11.1. Viewing and changing UNIX permissions using the NT - security dialogs
11.2. How to view file security on a Samba share
11.3. Viewing file ownership
11.4. Viewing file or directory permissions
11.4.1. File Permissions
11.4.2. Directory Permissions
11.5. Modifying file or directory permissions
11.6. Interaction with the standard Samba create mask - parameters
11.7. Interaction with the standard Samba file attribute - mapping
12. Configuring PAM for distributed but centrally -managed authentication
12.1. Samba and PAM
12.2. Distributed Authentication
12.3. PAM Configuration in smb.conf
13. Hosting a Microsoft Distributed File System tree on Samba
13.1. Instructions
13.1.1. Notes
14. Printing Support
14.1. Introduction
14.2. Configuration
14.2.1. Creating [print$]
14.2.2. Setting Drivers for Existing Printers
14.2.3. Support a large number of printers
14.2.4. Adding New Printers via the Windows NT APW
14.2.5. Samba and Printer Ports
14.3. The Imprints Toolset
14.3.1. What is Imprints?
14.3.2. Creating Printer Driver Packages
14.3.3. The Imprints server
14.3.4. The Installation Client
14.4. Diagnosis
14.4.1. Introduction
14.4.2. Debugging printer problems
14.4.3. What printers do I have?
14.4.4. Setting up printcap and print servers
14.4.5. Job sent, no output
14.4.6. Job sent, strange output
14.4.7. Raw PostScript printed
14.4.8. Advanced Printing
14.4.9. Real debugging
15. Unified Logons between Windows NT and UNIX using Winbind
15.1. Abstract
15.2. Introduction
15.3. What Winbind Provides
15.3.1. Target Uses
15.4. How Winbind Works
15.4.1. Microsoft Remote Procedure Calls
15.4.2. Name Service Switch
15.4.3. Pluggable Authentication Modules
15.4.4. User and Group ID Allocation
15.4.5. Result Caching
15.5. Installation and Configuration
15.5.1. Introduction
15.5.2. Requirements
15.5.3. Testing Things Out
15.6. Limitations
15.7. Conclusion
16. Passdb MySQL plugin
16.1. Building
16.2. Configuring
16.3. Using plaintext passwords or encrypted password
16.4. Getting non-column data from the table
17. Passdb XML plugin
17.1. Building
17.2. Usage
18. Stackable VFS modules
18.1. Introduction and configuration
18.2. Included modules
18.2.1. audit
18.2.2. recycle
18.2.3. netatalk
18.3. VFS modules available elsewhere
18.3.1. DatabaseFS
18.3.2. vscan
19. Storing Samba's User/Machine Account information in an LDAP Directory
19.1. Purpose
19.2. Introduction
19.3. Supported LDAP Servers
19.4. Schema and Relationship to the RFC 2307 posixAccount
19.5. Configuring Samba with LDAP
19.5.1. OpenLDAP configuration
19.5.2. Configuring Samba
19.6. Accounts and Groups management
19.7. Security and sambaAccount
19.8. LDAP specials attributes for sambaAccounts
19.9. Example LDIF Entries for a sambaAccount
19.10. Comments
20. HOWTO Access Samba source code via CVS
20.1. Introduction
20.2. CVS Access to samba.org
20.2.1. Access via CVSweb
20.2.2. Access via cvs
21. Group mapping HOWTO
22. Samba performance issues
22.1. Comparisons
22.2. Socket options
22.3. Read size
22.4. Max xmit
22.5. Log level
22.6. Read raw
22.7. Write raw
22.8. Slow Clients
22.9. Slow Logins
22.10. Client tuning
PrevHomeNext
Samba as a NT4 domain member Integrating MS Windows networks with Samba
\ No newline at end of file +Part III. Advanced Configuration
Part III. Advanced Configuration
Prev   Next

Advanced Configuration

Valuable Nuts and Bolts Information

+Samba has several features that you might want or might not want to use. The chapters in this part each cover specific Samba features. +

Table of Contents

10. Samba / MS Windows Network Browsing Guide
Features and Benefits
What is Browsing?
Discussion
NetBIOS over TCP/IP
TCP/IP - without NetBIOS
DNS and Active Directory
How Browsing Functions
Setting up WORKGROUP Browsing
Setting up DOMAIN Browsing
Forcing samba to be the master
Making samba the domain master
Note about broadcast addresses
Multiple interfaces
Use of the Remote Announce parameter
Use of the Remote Browse Sync parameter
WINS - The Windows Internetworking Name Server
Setting up a WINS server
WINS Replication
Static WINS Entries
Helpful Hints
Windows Networking Protocols
Name Resolution Order
Technical Overview of browsing
Browsing support in samba
Problem resolution
Browsing across subnets
Common Errors
How can one flush the Samba NetBIOS name cache without restarting samba?
My client reports "This server is not configured to list shared resources"
11. Account Information Databases
Features and Benefits
Technical Information
Important Notes About Security
Mapping User Identifiers between MS Windows and Unix
Account Management Tools
The smbpasswd Command
The pdbedit Command
Password Backends
Plain Text
smbpasswd - Encrypted Password Database
tdbsam
ldapsam
MySQL
XML
Common Errors
Users can not logon - Users not in Samba SAM
Users are being added to the wrong backend database
auth methods does not work
12. Mapping MS Windows and Unix Groups
Features and Benefits
Discussion
Example Configuration
Configuration Scripts
Sample smb.conf add group script
Script to configure Group Mapping
Common Errors
Adding Groups Fails
Adding MS Windows Groups to MS Windows Groups Fails
13. File, Directory and Share Access Controls
Features and Benefits
File System Access Controls
MS Windows NTFS Comparison with Unix File Systems
Managing Directories
File and Directory Access Control
Share Definition Access Controls
User and Group Based Controls
File and Directory Permissions Based Controls
Miscellaneous Controls
Access Controls on Shares
Share Permissions Management
MS Windows Access Control Lists and Unix Interoperability
Managing UNIX permissions Using NT Security Dialogs
Viewing File Security on a Samba Share
Viewing file ownership
Viewing File or Directory Permissions
Modifying file or directory permissions
Interaction with the standard Samba create mask + parameters
Interaction with the standard Samba file attribute + mapping
Common Errors
Users can not write to a public share
I have set force user and samba still makes root the owner of all the files + I touch!
14. File and Record Locking
Features and Benefits
Discussion
Opportunistic Locking Overview
Samba Opportunistic Locking Control
Example Configuration
MS Windows Opportunistic Locking and Caching Controls
Workstation Service Entries
Server Service Entries
Persistent Data Corruption
Common Errors
locking.tdb error messages
Additional Reading
15. Securing Samba
Introduction
Features and Benefits
Technical Discussion of Protective Measures and Issues
Using host based protection
User based protection
Using interface protection
Using a firewall
Using a IPC$ share deny
NTLMv2 Security
Upgrading Samba
Common Errors
Smbclient works on localhost, but the network is dead
Why can users access home directories of other users?
16. Interdomain Trust Relationships
Features and Benefits
Trust Relationship Background
Native MS Windows NT4 Trusts Configuration
NT4 as the Trusting Domain (ie. creating the trusted account)
NT4 as the Trusted Domain (ie. creating trusted account's password)
Configuring Samba NT-style Domain Trusts
Samba-3 as the Trusting Domain
Samba-3 as the Trusted Domain
Common Errors
Tell me about Trust Relationships using Samba
17. Hosting a Microsoft Distributed File System tree on Samba
Features and Benefits
Common Errors
18. Classical Printing Support
Features and Benefits
Technical Introduction
What happens if you send a Job from a Client
Printing Related Configuration Parameters
Parameters Recommended for Use
Parameters for Backwards Compatibility
Parameters no longer in use
A simple Configuration to Print with Samba-3
Verification of "Settings in Use" with testparm
A little Experiment to warn you
Extended Sample Configuration to Print with Samba-3
Detailed Explanation of the Example's Settings
The [global] Section
The [printers] Section
Any [my_printer_name] Section
Print Commands
Default Print Commands for various Unix Print Subsystems
Setting up your own Print Commands
Innovations in Samba Printing since 2.2
Client Drivers on Samba Server for Point'n'Print
The [printer$] Section is removed from Samba-3
Creating the [print$] Share
Parameters in the [print$] Section
Subdirectory Structure in [print$]
Installing Drivers into [print$]
Setting Drivers for existing Printers with a Client GUI
Setting Drivers for existing Printers with +rpcclient
"The Proof of the Pudding lies in the Eating" (Client Driver Insta +Procedure)
The first Client Driver Installation
IMPORTANT! Setting Device Modes on new Printers
Further Client Driver Install Procedures
Always make first Client Connection as root or "printer admin"
Other Gotchas
Setting Default Print Options for the Client Drivers
Supporting large Numbers of Printers
Adding new Printers with the Windows NT APW
Weird Error Message Cannot connect under a +different Name
Be careful when assembling Driver Files
Samba and Printer Ports
Avoiding the most common Misconfigurations of the Client Driver
The Imprints Toolset
What is Imprints?
Creating Printer Driver Packages
The Imprints Server
The Installation Client
Add Network Printers at Logon without User Interaction
The addprinter command
Migration of "Classical" printing to Samba-3
Publishing Printer Information in Active Directory or LDAP
Common Errors and Problems
I give my root password but I don't get access
My printjobs get spooled into the spooling directory, but then get lost
19. CUPS Printing Support in Samba 3.0
Introduction
Features and Benefits
Overview
Basic Configuration of CUPS support
Linking of smbd with libcups.so
Simple smb.conf Settings for CUPS
More complex smb.conf Settings for +CUPS
Advanced Configuration
Central spooling vs. "Peer-to-Peer" printing
CUPS/Samba as a "spooling-only" Print Server; "raw" printing +with Vendor Drivers on Windows Clients
Driver Installation Methods on Windows Clients
Explicitly enable "raw" printing for +application/octet-stream!
Three familiar Methods for driver upload plus a new one
Using CUPS/Samba in an advanced Way -- intelligent printing +with PostScript Driver Download
GDI on Windows -- PostScript on Unix
Windows Drivers, GDI and EMF
Unix Printfile Conversion and GUI Basics
PostScript and Ghostscript
Ghostscript -- the Software RIP for non-PostScript Printers
PostScript Printer Description (PPD) Specification
CUPS can use all Windows-formatted Vendor PPDs
CUPS also uses PPDs for non-PostScript Printers
The CUPS Filtering Architecture
MIME types and CUPS Filters
MIME type Conversion Rules
Filter Requirements
Prefilters
pstops
pstoraster
imagetops and imagetoraster
rasterto [printerspecific]
CUPS Backends
cupsomatic/Foomatic -- how do they fit into the Picture?
The Complete Picture
mime.convs
"Raw" printing
"application/octet-stream" printing
PostScript Printer Descriptions (PPDs) for non-PS Printers
Difference between cupsomatic/foomatic-rip and +native CUPS printing
Examples for filtering Chains
Sources of CUPS drivers / PPDs
Printing with Interface Scripts
Network printing (purely Windows)
From Windows Clients to an NT Print Server
Driver Execution on the Client
Driver Execution on the Server
Network Printing (Windows clients -- UNIX/Samba Print +Servers)
From Windows Clients to a CUPS/Samba Print Server
Samba receiving Jobfiles and passing them to CUPS
Network PostScript RIP: CUPS Filters on Server -- clients use +PostScript Driver with CUPS-PPDs
PPDs for non-PS Printers on UNIX
PPDs for non-PS Printers on Windows
Windows Terminal Servers (WTS) as CUPS Clients
Printer Drivers running in "Kernel Mode" cause many +Problems
Workarounds impose Heavy Limitations
CUPS: a "Magical Stone"?
PostScript Drivers with no major problems -- even in Kernel +Mode
Setting up CUPS for driver Download
cupsaddsmb: the unknown Utility
Prepare your smb.conf for +cupsaddsmb
CUPS Package of "PostScript Driver for WinNT/2k/XP"
Recognize the different Driver Files
Acquiring the Adobe Driver Files
ESP Print Pro Package of "PostScript Driver for +WinNT/2k/XP"
Caveats to be considered
What are the Benefits of using the "CUPS PostScript Driver for +Windows NT/2k/XP" as compared to the Adobe Driver?
Run "cupsaddsmb" (quiet Mode)
Run "cupsaddsmb" with verbose Output
Understanding cupsaddsmb
How to recognize if cupsaddsm completed successfully
cupsaddsmb with a Samba PDC
cupsaddsmb Flowchart
Installing the PostScript Driver on a Client
Avoiding critical PostScript Driver Settings on the +Client
Installing PostScript Driver Files manually (using +rpcclient)
A Check of the rpcclient man Page
Understanding the rpcclient man Page
Producing an Example by querying a Windows Box
What is required for adddriver and setdriver to succeed
Manual Commandline Driver Installation in 15 little Steps
Troubleshooting revisited
The printing *.tdb Files
Trivial DataBase Files
Binary Format
Losing *.tdb Files
Using tdbbackup
CUPS Print Drivers from Linuxprinting.org
foomatic-rip and Foomatic explained
foomatic-rip and Foomatic-PPD Download and Installation
Page Accounting with CUPS
Setting up Quotas
Correct and incorrect Accounting
Adobe and CUPS PostScript Drivers for Windows Clients
The page_log File Syntax
Possible Shortcomings
Future Developments
Other Accounting Tools
Additional Material
Auto-Deletion or Preservation of CUPS Spool Files
CUPS Configuration Settings explained
Pre-conditions
Manual Configuration
When not to use Samba to print to +CUPS
In Case of Trouble.....
Where to find Documentation
How to ask for Help
Where to find Help
Appendix
Printing from CUPS to Windows attached +Printers
More CUPS filtering Chains
Trouble Shooting Guidelines to fix typical Samba printing +Problems
An Overview of the CUPS Printing Processes
20. Stackable VFS modules
Features and Benefits
Discussion
Included modules
audit
extd_audit
fake_perms
recycle
netatalk
VFS modules available elsewhere
DatabaseFS
vscan
Common Errors
21. Integrated Logon Support using Winbind
Features and Benefits
Introduction
What Winbind Provides
Target Uses
How Winbind Works
Microsoft Remote Procedure Calls
Microsoft Active Directory Services
Name Service Switch
Pluggable Authentication Modules
User and Group ID Allocation
Result Caching
Installation and Configuration
Introduction
Requirements
Testing Things Out
Conclusion
Common Errors
22. Advanced Network Manangement
Features and Benefits
Remote Server Administration
Remote Desktop Management
Remote Management from NoMachines.Com
Network Logon Script Magic
Adding printers without user intervention
Common Errors
23. System and Account Policies
Features and Benefits
Creating and Managing System Policies
Windows 9x/Me Policies
Windows NT4 Style Policy Files
MS Windows 200x / XP Professional Policies
Managing Account/User Policies
Samba Editreg Toolset
Windows NT4/200x
Samba PDC
System Startup and Logon Processing Overview
Common Errors
Policy Does Not Work
24. Desktop Profile Management
Features and Benefits
Roaming Profiles
Samba Configuration for Profile Handling
Windows Client Profile Configuration Information
Sharing Profiles between W9x/Me and NT4/200x/XP workstations
Profile Migration from Windows NT4/200x Server to Samba
Mandatory profiles
Creating/Managing Group Profiles
Default Profile for Windows Users
MS Windows 9x/Me
MS Windows NT4 Workstation
MS Windows 200x/XP
Common Errors
How does one set up roaming profiles for just one (or a few) user/s or group/s?
Can NOT use Roaming Profiles
Changing the default profile
25. PAM based Distributed Authentication
Features and Benefits
Technical Discussion
PAM Configuration Syntax
Example System Configurations
smb.conf PAM Configuration
Remote CIFS Authentication using winbindd.so
Password Synchronization using pam_smbpass.so
Common Errors
pam_winbind problem
26. Integrating MS Windows networks with Samba
Features and Benefits
Background Information
Name Resolution in a pure Unix/Linux world
/etc/hosts
/etc/resolv.conf
/etc/host.conf
/etc/nsswitch.conf
Name resolution as used within MS Windows networking
The NetBIOS Name Cache
The LMHOSTS file
HOSTS file
DNS Lookup
WINS Lookup
Common Errors
My Boomerang Won't Come Back
Very Slow Network Connections
Samba server name change problem
27. Unicode/Charsets
Features and Benefits
What are charsets and unicode?
Samba and charsets
Conversion from old names
Japanese charsets
28. Samba Backup Techniques
Note
Features and Benefits
29. High Availability Options
Note
Prev Up Next
Chapter 9. MS Windows Network Configuration Guide Home Chapter 10. Samba / MS Windows Network Browsing Guide
-- cgit