&author.jht; April 21, 2003 There are many and varied opinions regarding the usefulness or otherwise of SWAT. No matter how hard one tries to produce the perfect configuration tool it remains an object of personal taste. SWAT is a tool that will allow web based configuration of samba. It has a wizard that may help to get samba configured quickly, it has context sensitive help on each smb.conf parameter, it provides for monitoring of current state of connection information, and it allows network wide MS Windows network password management. There are network administrators who believe that it is a good idea to write systems documentation inside configuration files, for them SWAT will aways be a nasty tool. SWAT does not store the configuration file in any intermediate form, rather, it stores only the parameter settings, so when SWAT writes the smb.conf file to disk it will write only those parameters that are at other than the default settings. The result is that all comments will be lost from the smb.conf file. Additionally, the parameters will be written back in internal ordering. So before using SWAT please be warned - SWAT will completely replace your smb.conf with a fully optimised file that has been stripped of all comments you might have placed there and only non-default settings will be written to the file. SWAT should be installed to run via the network super daemon. Depending on which system your Unix/Linux system has you will have either an inetd or xinetd based system. The nature and location of the network super-daemon varies with the operating system implementation. The control file (or files) can be located in the file /etc/inetd.conf or in the directory /etc/[x]inet.d or similar. The control entry for the older style file might be: # swat is the Samba Web Administration Tool swat stream tcp nowait.400 root /usr/sbin/swat swat A control file for the newer style xinetd could be: # default: off # description: SWAT is the Samba Web Admin Tool. Use swat \ # to configure your Samba server. To use SWAT, \ # connect to port 901 with your favorite web browser. service swat { port = 901 socket_type = stream wait = no only_from = localhost user = root server = /usr/sbin/swat log_on_failure += USERID disable = yes } Both the above examples assume that the swat binary has been located in the /usr/sbin directory. In addition to the above SWAT will use a directory access point from which it will load all it's help files, as well as other control information. The default location for this on most Linux systems is in the directory /usr/share/samba/swat. Access to SWAT will prompt for a logon. If you log onto SWAT as any non-root user the only permission allowed is to view certain aspects of configuration as well as access to the password change facility. So long as you log onto SWAT as the user root you should obtain full change and commit ability. The SWAT title page provides access to the latest Samba documentation. The manual page for each samba component is accessible from this page as are the Samba-HOWTO-Collection (this document) as well as the O'Reilly book "Using Samba". Document steps right here! Lots of blah blah here. Document steps right here! Document steps right here! Document steps right here! Document steps right here!