From 3b9104c996159c502d9971eb37dd3b4fe792b7ee Mon Sep 17 00:00:00 2001 From: John Terpstra Date: Fri, 1 Jul 2005 15:35:19 +0000 Subject: Add index entries, fix lingo. (This used to be commit d417b5abf6b2d5d322cbeccc7313c09c69cabd35) --- docs/Samba3-HOWTO/TOSHARG-ConfigSmarts.xml | 84 +++++++++++++++++++++++++++--- docs/Samba3-HOWTO/index.xml | 2 +- 2 files changed, 78 insertions(+), 8 deletions(-) (limited to 'docs') diff --git a/docs/Samba3-HOWTO/TOSHARG-ConfigSmarts.xml b/docs/Samba3-HOWTO/TOSHARG-ConfigSmarts.xml index 7c9cfcbc04..f46cc8e181 100644 --- a/docs/Samba3-HOWTO/TOSHARG-ConfigSmarts.xml +++ b/docs/Samba3-HOWTO/TOSHARG-ConfigSmarts.xml @@ -8,30 +8,42 @@ Advanced Configuration Techniques +configuration techniques +include Since the release of the first edition of this book there have been repeated requests to better document configuration techniques that may help a network administrator to get more out of Samba. Some users have asked for documentation regarding the use of the file-name parameter. +multiple servers +multiple server personalities Commencing around mid-2004 there has been increasing interest in the ability to host multiple Samba servers on one machine. There has also been an interest in the hosting of multiple Samba server personalities on one server. -Feedback from technical reviewers made the inclusion of this chapter a necessity. So finally, here is an attempt -to answer the questions that have to date not been adequately addressed. Additional user input is welcome as +technical reviewers +reviewers +Feedback from technical reviewers made the inclusion of this chapter a necessity. So, here is an +answer the questions that have to date not been adequately addressed. Additional user input is welcome as it will help this chapter to mature. What is presented here is just a small beginning. +multiple servers +multiple hosting +domain controllers There are a number of ways in which multiple servers can be hosted on a single Samba server. Multiple server hosting makes it possible to host multiple domain controllers on one machine. Each such machine is independent, and each can be stopped or started without affecting another. +multiple servers +DMS +anonymous server Sometimes it is desirable to host multiple servers, each with its own security mode. For example, a single UNIX/Linux host may be a domain member server (DMS) as well as a generic anonymous print server. In this case, only domain member machines and domain users can access the DMS, but even guest users can access the generic @@ -40,8 +52,11 @@ is to host a CDROM server. +separate servers + Some environments dictate the need to have separate servers, each with their own resources, each of which are -accessible only by certain users or groups. This is one of the simple, but highly effective, capabilities +accessible only by certain users or groups. This is one of the simple, but highly effective, ways that Samba +can replace many physical Windows servers in one Samba installation. @@ -54,6 +69,13 @@ accessible only by certain users or groups. This is one of the simple, but highl Multiple Server Hosting +multiple server hosting +separate instances +nmbd +smbd +winbindd +recompiling +TDB The use of multiple server hosting involves running multiple separate instances of Samba, each with it's own configuration file. This method is complicated by the fact that each instance of &nmbd;, &smbd; and &winbindd; must have write access to entirely separate TDB files. The ability to keep separate the TDB files used by @@ -63,6 +85,10 @@ own default TDB directories, or by configuring these in the &smb.conf; file, in +independent +listen own socket +socket +SID Each instance should operate on its own IP address (that independent IP address can be an IP Alias). Each instance of &nmbd;, &smbd; and &winbindd; should listen only on its own IP socket. This can be secured using the parameter. Each instance of the Samba server will have its @@ -70,6 +96,15 @@ own SID also, this means that the servers are discrete and independent of each o +multiple server hosting +private dir +pid directory +lock directory +interfaces +bind interfaces only +netbios name +workgroup +socket address The user of multiple server hosting is non-trivial, and requires careful configuration of each aspect of process management and start up. The &smb.conf; parameters that must be carefully configured includes: , ,, , name, and each has its own distinct @@ -98,13 +139,22 @@ personality is hosted using its own name, +workgroup +security +netbios aliases When hosting multiple virtual servers, each with their own personality, each can be in a different workgroup. Only the primary server can be a domain member or a domain controller. The personality is defined by the combination of the mode it is operating in, the it has, and the that is defined for it. +aliases"/> it has, and the that is defined for it. +NetBIOS name +NetBIOS-less SMB +smb ports +TCP port 139 +TCP port 445 +%L This configuration style can be used either with NetBIOS names, or using NetBIOS-less SMB over TCP services. If run using NetBIOS mode (the most common method) it is important that the parameter 139 should be specified in the primary &smb.conf; file. Failure to do this will result @@ -112,13 +162,17 @@ in Samba operating over TCP port 445 and problematic operation at best, and at w the functionality that is specified in the primary &smb.conf; file. The use of NetBIOS over TCP/IP using only TCP port 139 means that the use of the %L macro is fully enabled. If the 139 is not specified (the default is 445 139, or if -the value of this parameter is set at 139 445 then the %L parameter +the value of this parameter is set at 139 445 then the %L macro is not serviceable. +host multiple servers +multiple personality +NetBIOS-less +%i macro It is possible to host multiple servers, each with their own personality, using port 445 (the NetBIOS-less SMB -port), in which case the %i parameter can be used to provide separate server identities (by +port), in which case the %i macro can be used to provide separate server identities (by IP Address). Each can have its own mode. It will be necessary to use the , and IP aliases in addition to the parameters to create the virtual servers. This method is considerably @@ -126,6 +180,7 @@ more complex than that using NetBIOS names only using TCP port 139. +anonymous file server Consider an example environment that consists of a standalone, user-mode security Samba server and a read-only Windows 95 file server that has to be replaced. Instead of replacing the Windows 95 machine with a new PC, it is possible to add this server as a read-only anonymous file server that is hosted on the Samba server. Here @@ -139,6 +194,10 @@ possible implementation is shown here: +/etc/samba +nmbd +smbd +smb.conf The &smb.conf; file for the master server is shown in Elastic smb.conf File. This file is placed in the /etc/samba directory. Only the &nmbd; and the &smbd; daemons are needed. When started the server will appear in Windows Network Neighborhood as the machine @@ -185,6 +244,7 @@ browsing much more reliable. +smb-cdserver.conf The configuration file for the CDROM server is listed in CDROM Server smb-cdserver.conf file. This file is called smb-cdserver.conf and it should be located in the /etc/samba directory. Machines that are in the workgroup @@ -210,6 +270,10 @@ located in the /etc/samba directory. Machines that are in t +different resources +separate workgroups +read-only access +nobody account The two servers have different resources and are in separate workgroups. The server ELASTIC can only be accessed by uses who have an appropriate account on the host server. All users will be able to access the CDROM data that is stored in the /export/cddata directory. File system @@ -223,6 +287,9 @@ contents. The files can be owned by root (any user other than the nobody account Multiple Virtual Server Hosting +primary domain controller +extra machine +same domain/workgroup In this example, the requirement is for a primary domain controller for the domain called MIDEARTH. The PDC will be called MERLIN. An extra machine called SAURON is required. Each machine will have only its own shares. Both machines belong to the @@ -230,6 +297,9 @@ same domain/workgroup. +master smb.conf +/etc/samba + The master &smb.conf; file is shown in the Master smb.conf File Global Section. The two files that specify the share information for each server are shown in the smb-merlin.conf File Share Section, and the smb-sauron.conf File Share diff --git a/docs/Samba3-HOWTO/index.xml b/docs/Samba3-HOWTO/index.xml index 609f7b174e..e49db5d225 100644 --- a/docs/Samba3-HOWTO/index.xml +++ b/docs/Samba3-HOWTO/index.xml @@ -164,7 +164,7 @@ The chapters in this part each cover specific Samba features. - + -- cgit