diff options
Diffstat (limited to 'docs/htmldocs/Samba3-ByExample')
| -rw-r--r-- | docs/htmldocs/Samba3-ByExample/DomApps.html | 336 | ||||
| -rw-r--r-- | docs/htmldocs/Samba3-ByExample/HA.html | 234 | ||||
| -rw-r--r-- | docs/htmldocs/Samba3-ByExample/RefSection.html | 46 | ||||
| -rw-r--r-- | docs/htmldocs/Samba3-ByExample/apa.html | 90 | ||||
| -rw-r--r-- | docs/htmldocs/Samba3-ByExample/appendix.html | 152 | ||||
| -rw-r--r-- | docs/htmldocs/Samba3-ByExample/ch14.html | 72 | ||||
| -rw-r--r-- | docs/htmldocs/Samba3-ByExample/go01.html | 2 | ||||
| -rw-r--r-- | docs/htmldocs/Samba3-ByExample/index.html | 46 | ||||
| -rw-r--r-- | docs/htmldocs/Samba3-ByExample/ix01.html | 2 | ||||
| -rw-r--r-- | docs/htmldocs/Samba3-ByExample/kerberos.html | 102 | ||||
| -rw-r--r-- | docs/htmldocs/Samba3-ByExample/primer.html | 176 |
11 files changed, 630 insertions, 628 deletions
diff --git a/docs/htmldocs/Samba3-ByExample/DomApps.html b/docs/htmldocs/Samba3-ByExample/DomApps.html index ae1f4f6074..bf9777f654 100644 --- a/docs/htmldocs/Samba3-ByExample/DomApps.html +++ b/docs/htmldocs/Samba3-ByExample/DomApps.html @@ -1,9 +1,9 @@ -<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 12. Integrating Additional Services</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="kerberos.html" title="Chapter 11. Active Directory, Kerberos, and Security"><link rel="next" href="HA.html" title="Chapter 13. Performance, Reliability, and Availability"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 12. Integrating Additional Services</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="kerberos.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="HA.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="DomApps"></a>Chapter 12. Integrating Additional Services</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="DomApps.html#id2616162">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#id2616193">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2616294">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#id2616327">Technical Issues</a></span></dt><dt><span class="sect2"><a href="DomApps.html#id2616483">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2616500">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></span></dt><dt><span class="sect2"><a href="DomApps.html#id2618352">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2618413">Questions and Answers</a></span></dt></dl></div><p> - <a class="indexterm" name="id2616113"></a> - <a class="indexterm" name="id2616119"></a> - <a class="indexterm" name="id2616126"></a> - <a class="indexterm" name="id2616133"></a> - <a class="indexterm" name="id2616140"></a> +<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 12. Integrating Additional Services</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="kerberos.html" title="Chapter 11. Active Directory, Kerberos, and Security"><link rel="next" href="HA.html" title="Chapter 13. Performance, Reliability, and Availability"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 12. Integrating Additional Services</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="kerberos.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="HA.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="DomApps"></a>Chapter 12. Integrating Additional Services</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="DomApps.html#id2616172">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#id2616202">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2616313">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#id2616346">Technical Issues</a></span></dt><dt><span class="sect2"><a href="DomApps.html#id2616502">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2616520">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></span></dt><dt><span class="sect2"><a href="DomApps.html#id2618372">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2618432">Questions and Answers</a></span></dt></dl></div><p> + <a class="indexterm" name="id2616122"></a> + <a class="indexterm" name="id2616129"></a> + <a class="indexterm" name="id2616136"></a> + <a class="indexterm" name="id2616142"></a> + <a class="indexterm" name="id2616149"></a> You've come a long way now. You have pretty much mastered Samba-3 for most uses it can be put to. Up until now, you have cast Samba-3 in the leading role, and where authentication was required, you have used one or another of @@ -14,7 +14,7 @@ implementing Samba and Samba-supported services in a domain controlled by the latest Windows authentication technologies. Let's get started this is leading edge. - </p><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2616162"></a>Introduction</h2></div></div></div><p> + </p><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2616172"></a>Introduction</h2></div></div></div><p> Abmas has continued its miraculous growth; indeed, nothing seems to be able to stop its diversification into multiple (and seemingly unrelated) fields. Its latest acquisition is Abmas Snack Foods, a big player in the snack-food @@ -30,17 +30,17 @@ You have decided to set the ball rolling by introducing Samba-3 into the network gradually, taking over key services and easing the way to a full migration and, therefore, integration into Abmas's existing business later. - </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2616193"></a>Assignment Tasks</h3></div></div></div><p> - <a class="indexterm" name="id2616201"></a> + </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2616202"></a>Assignment Tasks</h3></div></div></div><p> <a class="indexterm" name="id2616210"></a> + <a class="indexterm" name="id2616219"></a> You've promised the skeptical Abmas Snack Foods management team that you can show them how Samba can ease itself and other Open Source technologies into their existing infrastructure and deliver sound business advantages. Cost cutting is high on their agenda (a major promise of the acquisition). You have chosen Web proxying and caching as your proving ground. </p><p> - <a class="indexterm" name="id2616228"></a> - <a class="indexterm" name="id2616235"></a> + <a class="indexterm" name="id2616238"></a> + <a class="indexterm" name="id2616245"></a> Abmas Snack Foods has several thousand users housed at its head office and multiple regional offices, plants, and warehouses. A high proportion of the business's work is done online, so Internet access for most of these @@ -50,9 +50,9 @@ the team soon discovered proxying and caching. In fact, they became one of the earliest commercial users of Microsoft ISA. </p><p> - <a class="indexterm" name="id2616256"></a> - <a class="indexterm" name="id2616263"></a> - <a class="indexterm" name="id2616270"></a> + <a class="indexterm" name="id2616275"></a> + <a class="indexterm" name="id2616282"></a> + <a class="indexterm" name="id2616289"></a> The team is not happy with ISA. Because it never lived up to its marketing promises, it underperformed and had reliability problems. You have pounced on the opportunity to show what Open Source can do. The one thing they do like, however, is ISA's @@ -63,7 +63,7 @@ </p><p> This is a hands-on exercise. You build software applications so that you obtain the functionality Abmas needs. - </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2616294"></a>Dissection and Discussion</h2></div></div></div><p> + </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2616313"></a>Dissection and Discussion</h2></div></div></div><p> The key requirements in this business example are straightforward. You are not required to do anything new, just to replicate an existing system, not lose any existing features, and improve performance. The key points are: @@ -73,20 +73,20 @@ Distributed system to accommodate load and geographical distribution of users </p></li><li><p> Seamless and transparent interoperability with the existing Active Directory domain - </p></li></ul></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2616327"></a>Technical Issues</h3></div></div></div><p> - <a class="indexterm" name="id2616334"></a> - <a class="indexterm" name="id2616341"></a> - <a class="indexterm" name="id2616348"></a> - <a class="indexterm" name="id2616355"></a> - <a class="indexterm" name="id2616362"></a> - <a class="indexterm" name="id2616369"></a> - <a class="indexterm" name="id2616376"></a> - <a class="indexterm" name="id2616382"></a> - <a class="indexterm" name="id2616389"></a> - <a class="indexterm" name="id2616396"></a> - <a class="indexterm" name="id2616403"></a> - <a class="indexterm" name="id2616410"></a> - <a class="indexterm" name="id2616419"></a><a class="indexterm" name="id2616425"></a> + </p></li></ul></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2616346"></a>Technical Issues</h3></div></div></div><p> + <a class="indexterm" name="id2616354"></a> + <a class="indexterm" name="id2616361"></a> + <a class="indexterm" name="id2616368"></a> + <a class="indexterm" name="id2616374"></a> + <a class="indexterm" name="id2616381"></a> + <a class="indexterm" name="id2616388"></a> + <a class="indexterm" name="id2616395"></a> + <a class="indexterm" name="id2616402"></a> + <a class="indexterm" name="id2616409"></a> + <a class="indexterm" name="id2616416"></a> + <a class="indexterm" name="id2616423"></a> + <a class="indexterm" name="id2616430"></a> + <a class="indexterm" name="id2616439"></a><a class="indexterm" name="id2616445"></a> Functionally, the user's Internet Explorer requests a browsing session with the Squid proxy, for which it offers its AD authentication token. Squid hands off the authentication request to the Samba-3 authentication helper application @@ -107,25 +107,25 @@ Configuring, compiling, and then installing the supporting Samba-3 components </p></li><li><p> Tying it all together - </p></li></ul></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2616483"></a>Political Issues</h3></div></div></div><p> + </p></li></ul></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2616502"></a>Political Issues</h3></div></div></div><p> You are a stranger in a strange land, and all eyes are upon you. Some would even like to see you fail. For you to gain the trust of your newly acquired IT people, it is essential that your solution does everything the old one did, but does it better in every way. Only then will the entrenched positions consider taking up your new way of doing things on a wider scale. - </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2616500"></a>Implementation</h2></div></div></div><p> - <a class="indexterm" name="id2616508"></a> + </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2616520"></a>Implementation</h2></div></div></div><p> + <a class="indexterm" name="id2616528"></a> First, your system needs to be prepared and in a known good state to proceed. This consists of making sure that everything the system depends on is present and that everything that could interfere or conflict with the system is removed. You will be configuring the Squid and Samba-3 packages and updating them if necessary. If conflicting packages of these programs are installed, they must be removed. </p><p> - <a class="indexterm" name="id2616525"></a> + <a class="indexterm" name="id2616545"></a> The following packages should be available on your Red Hat Linux system: </p><div class="itemizedlist"><ul type="disc"><li><p> - <a class="indexterm" name="id2616540"></a> - <a class="indexterm" name="id2616547"></a> + <a class="indexterm" name="id2616560"></a> + <a class="indexterm" name="id2616566"></a> krb5-libs </p></li><li><p> krb5-devel @@ -136,14 +136,14 @@ </p></li><li><p> pam_krb5 </p></li></ul></div><p> - <a class="indexterm" name="id2616577"></a> + <a class="indexterm" name="id2616597"></a> In the case of SUSE Linux, these packages are called: </p><div class="itemizedlist"><ul type="disc"><li><p> heimdal-lib </p></li><li><p> heimdal-devel </p></li><li><p> - <a class="indexterm" name="id2616602"></a> + <a class="indexterm" name="id2616621"></a> heimdal </p></li><li><p> pam_krb5 @@ -152,26 +152,26 @@ them from the vendor's installation media. Follow the administrative guide for your Linux system to ensure that the packages are correctly updated. </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p> - <a class="indexterm" name="id2616627"></a> - <a class="indexterm" name="id2616634"></a> - <a class="indexterm" name="id2616641"></a> + <a class="indexterm" name="id2616646"></a> + <a class="indexterm" name="id2616653"></a> + <a class="indexterm" name="id2616660"></a> If the requirement is for interoperation with MS Windows Server 2003, it will be necessary to ensure that you are using MIT Kerberos version 1.3.1 or later. Red Hat Linux 9 ships with MIT Kerberos 1.2.7 and thus requires updating. </p><p> - <a class="indexterm" name="id2616654"></a> - <a class="indexterm" name="id2616661"></a> + <a class="indexterm" name="id2616674"></a> + <a class="indexterm" name="id2616681"></a> Heimdal 0.6 or later is required in the case of SUSE Linux. SUSE Enterprise Linux Server 8 ships with Heimdal 0.4. SUSE 9 ships with the necessary version. </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="ch10-one"></a>Removal of Pre-Existing Conflicting RPMs</h3></div></div></div><p> - <a class="indexterm" name="id2616684"></a> + <a class="indexterm" name="id2616704"></a> If Samba and/or Squid RPMs are installed, they should be updated. You can build both from source. </p><p> - <a class="indexterm" name="id2616696"></a> - <a class="indexterm" name="id2616702"></a> - <a class="indexterm" name="id2616709"></a> + <a class="indexterm" name="id2616716"></a> + <a class="indexterm" name="id2616722"></a> + <a class="indexterm" name="id2616729"></a> Locating the packages to be un-installed can be achieved by running: </p><pre class="screen"> <code class="prompt">root# </code> rpm -qa | grep -i samba @@ -181,11 +181,11 @@ </p><pre class="screen"> <code class="prompt">root# </code> rpm -e samba-common </pre><p> - </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2616749"></a>Kerberos Configuration</h3></div></div></div><p> - <a class="indexterm" name="id2616757"></a> - <a class="indexterm" name="id2616764"></a> - <a class="indexterm" name="id2616774"></a> - <a class="indexterm" name="id2616780"></a> + </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2616769"></a>Kerberos Configuration</h3></div></div></div><p> + <a class="indexterm" name="id2616777"></a> + <a class="indexterm" name="id2616784"></a> + <a class="indexterm" name="id2616793"></a> + <a class="indexterm" name="id2616800"></a> The systems Kerberos installation must be configured to communicate with your primary Active Directory server (ADS KDC). </p><p> @@ -193,13 +193,13 @@ although the current default Red Hat MIT version 1.2.7 gives acceptable results unless you are using Windows 2003 servers. </p><p> - <a class="indexterm" name="id2616799"></a> - <a class="indexterm" name="id2616806"></a> - <a class="indexterm" name="id2616813"></a> <a class="indexterm" name="id2616819"></a> - <a class="indexterm" name="id2616826"></a> - <a class="indexterm" name="id2616835"></a> - <a class="indexterm" name="id2616842"></a> + <a class="indexterm" name="id2616825"></a> + <a class="indexterm" name="id2616832"></a> + <a class="indexterm" name="id2616839"></a> + <a class="indexterm" name="id2616846"></a> + <a class="indexterm" name="id2616855"></a> + <a class="indexterm" name="id2616861"></a> Officially, neither MIT (1.3.4) nor Heimdal (0.63) Kerberos needs an <code class="filename">/etc/krb5.conf</code> file in order to work correctly. All ADS domains automatically create SRV records in the DNS zone <code class="constant">Kerberos.REALM.NAME</code> for each KDC in the realm. Since both @@ -207,25 +207,25 @@ automatically find the KDCs. In addition, <code class="filename">krb5.conf</code> allows specifying only a single KDC, even if there is more than one. Using the DNS lookup allows the KRB5 libraries to use whichever KDCs are available. - </p><div class="procedure"><a name="id2616876"></a><p class="title"><b>Procedure 12.1. Kerberos Configuration Steps</b></p><ol type="1"><li><p> - <a class="indexterm" name="id2616887"></a> + </p><div class="procedure"><a name="id2616896"></a><p class="title"><b>Procedure 12.1. Kerberos Configuration Steps</b></p><ol type="1"><li><p> + <a class="indexterm" name="id2616907"></a> If you find the need to manually configure the <code class="filename">krb5.conf</code>, you should edit it to have the contents shown in <a class="link" href="DomApps.html#ch10-krb5conf" title="Example 12.1. Kerberos Configuration File: /etc/krb5.conf">“Kerberos Configuration File: /etc/krb5.conf”</a>. The final fully qualified path for this file should be <code class="filename">/etc/krb5.conf</code>. </p></li><li><p> - <a class="indexterm" name="id2616922"></a> - <a class="indexterm" name="id2616929"></a> - <a class="indexterm" name="id2616936"></a> - <a class="indexterm" name="id2616943"></a> + <a class="indexterm" name="id2616942"></a> <a class="indexterm" name="id2616949"></a> <a class="indexterm" name="id2616956"></a> - <a class="indexterm" name="id2616963"></a> - <a class="indexterm" name="id2616970"></a> - <a class="indexterm" name="id2616977"></a> - <a class="indexterm" name="id2616986"></a> - <a class="indexterm" name="id2616993"></a> - <a class="indexterm" name="id2617000"></a> + <a class="indexterm" name="id2616962"></a> + <a class="indexterm" name="id2616969"></a> + <a class="indexterm" name="id2616976"></a> + <a class="indexterm" name="id2616983"></a> + <a class="indexterm" name="id2616990"></a> + <a class="indexterm" name="id2616997"></a> <a class="indexterm" name="id2617006"></a> + <a class="indexterm" name="id2617012"></a> + <a class="indexterm" name="id2617019"></a> + <a class="indexterm" name="id2617026"></a> The following gotchas often catch people out. Kerberos is case sensitive. Your realm must be in UPPERCASE, or you will get an error: “<span class="quote">Cannot find KDC for requested realm while getting initial credentials</span>”. Kerberos is picky about time synchronization. The time @@ -241,7 +241,7 @@ NetBIOS name. If Kerberos cannot do this reverse lookup, you will get a local error when you try to join the realm. </p></li><li><p> - <a class="indexterm" name="id2617051"></a> + <a class="indexterm" name="id2617070"></a> You are now ready to test your installation by issuing the command: </p><pre class="screen"> <code class="prompt">root# </code> kinit [USERNAME@REALM] @@ -261,29 +261,29 @@ Password for ADMINISTRATOR@LONDON.ABMAS.BIZ: LONDON.ABMAS.BIZ = { kdc = w2k3s.london.abmas.biz } -</pre></div></div><br class="example-break"><p><a class="indexterm" name="id2617116"></a> +</pre></div></div><br class="example-break"><p><a class="indexterm" name="id2617135"></a> The command </p><pre class="screen"> <code class="prompt">root# </code> klist -e </pre><p> shows the Kerberos tickets cached by the system. - </p><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2617139"></a>Samba Configuration</h4></div></div></div><p> - <a class="indexterm" name="id2617146"></a> + </p><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2617158"></a>Samba Configuration</h4></div></div></div><p> + <a class="indexterm" name="id2617166"></a> Samba must be configured to correctly use Active Directory. Samba-3 must be used, since it has the necessary components to interface with Active Directory. - </p><div class="procedure"><a name="id2617157"></a><p class="title"><b>Procedure 12.2. Securing Samba-3 With ADS Support Steps</b></p><ol type="1"><li><p> - <a class="indexterm" name="id2617169"></a> - <a class="indexterm" name="id2617176"></a> - <a class="indexterm" name="id2617183"></a> - <a class="indexterm" name="id2617190"></a> - <a class="indexterm" name="id2617196"></a> + </p><div class="procedure"><a name="id2617177"></a><p class="title"><b>Procedure 12.2. Securing Samba-3 With ADS Support Steps</b></p><ol type="1"><li><p> + <a class="indexterm" name="id2617188"></a> + <a class="indexterm" name="id2617195"></a> + <a class="indexterm" name="id2617202"></a> + <a class="indexterm" name="id2617209"></a> + <a class="indexterm" name="id2617216"></a> Download the latest stable Samba-3 for Red Hat Linux from the official Samba Team <a class="ulink" href="http://ftp.samba.org" target="_top">FTP site.</a> The official Samba Team RPMs for Red Hat Fedora Linux contain the <code class="literal">ntlm_auth</code> tool needed, and are linked against MIT KRB5 version 1.3.1 and therefore are ready for use. </p><p> - <a class="indexterm" name="id2617223"></a> - <a class="indexterm" name="id2617230"></a> + <a class="indexterm" name="id2617242"></a> + <a class="indexterm" name="id2617249"></a> The necessary, validated RPM packages for SUSE Linux may be obtained from the <a class="ulink" href="ftp://ftp.sernet.de/pub/samba" target="_top">SerNet</a> FTP site that is located in Germany. All SerNet RPMs are validated, have the necessary @@ -293,11 +293,11 @@ Password for ADMINISTRATOR@LONDON.ABMAS.BIZ: Using your favorite editor, change the <code class="filename">/etc/samba/smb.conf</code> file so it has contents similar to the example shown in <a class="link" href="DomApps.html#ch10-smbconf" title="Example 12.2. Samba Configuration File: /etc/samba/smb.conf">“Samba Configuration File: /etc/samba/smb.conf”</a>. </p></li><li><p> - <a class="indexterm" name="id2617281"></a> - <a class="indexterm" name="id2617288"></a> - <a class="indexterm" name="id2617295"></a>i - <a class="indexterm" name="id2617306"></a> - <a class="indexterm" name="id2617313"></a> + <a class="indexterm" name="id2617301"></a> + <a class="indexterm" name="id2617307"></a> + <a class="indexterm" name="id2617314"></a>i + <a class="indexterm" name="id2617326"></a> + <a class="indexterm" name="id2617332"></a> Next you need to create a computer account in the Active Directory. This sets up the trust relationship needed for other clients to authenticate to the Samba server with an Active Directory Kerberos ticket. @@ -307,11 +307,11 @@ Password for ADMINISTRATOR@LONDON.ABMAS.BIZ: <code class="prompt">root# </code> net ads join -U administrator%vulcon </pre><p> </p></li><li><p> - <a class="indexterm" name="id2617347"></a> - <a class="indexterm" name="id2617354"></a> - <a class="indexterm" name="id2617361"></a> <a class="indexterm" name="id2617367"></a> - <a class="indexterm" name="id2617374"></a> + <a class="indexterm" name="id2617373"></a> + <a class="indexterm" name="id2617380"></a> + <a class="indexterm" name="id2617387"></a> + <a class="indexterm" name="id2617394"></a> Your new Samba binaries must be started in the standard manner as is applicable to the platform you are running on. Alternatively, start your Active Directory-enabled Samba with the following commands: </p><pre class="screen"> @@ -320,11 +320,11 @@ Password for ADMINISTRATOR@LONDON.ABMAS.BIZ: <code class="prompt">root# </code> winbindd -D </pre><p> </p></li><li><p> - <a class="indexterm" name="id2617415"></a> - <a class="indexterm" name="id2617422"></a> - <a class="indexterm" name="id2617431"></a> - <a class="indexterm" name="id2617438"></a> - <a class="indexterm" name="id2617445"></a> + <a class="indexterm" name="id2617435"></a> + <a class="indexterm" name="id2617441"></a> + <a class="indexterm" name="id2617451"></a> + <a class="indexterm" name="id2617458"></a> + <a class="indexterm" name="id2617464"></a> We now need to test that Samba is communicating with the Active Directory domain; most specifically, we want to see whether winbind is enumerating users and groups. Issue the following commands: @@ -357,8 +357,8 @@ LONDON+DnsUpdateProxy </pre><p> This enumerates all the groups in your Active Directory tree. </p></li><li><p> - <a class="indexterm" name="id2617509"></a> - <a class="indexterm" name="id2617516"></a> + <a class="indexterm" name="id2617528"></a> + <a class="indexterm" name="id2617535"></a> Squid uses the <code class="literal">ntlm_auth</code> helper build with Samba-3. You may test <code class="literal">ntlm_auth</code> with the command: </p><pre class="screen"> @@ -370,14 +370,14 @@ password: XXXXXXXX <code class="prompt">root# </code> NT_STATUS_OK: Success (0x0) </pre><p> </p></li><li><p> - <a class="indexterm" name="id2617568"></a> - <a class="indexterm" name="id2617575"></a> - <a class="indexterm" name="id2617582"></a> <a class="indexterm" name="id2617588"></a> - <a class="indexterm" name="id2617595"></a> - <a class="indexterm" name="id2617602"></a> - <a class="indexterm" name="id2617609"></a> - <a class="indexterm" name="id2617616"></a> + <a class="indexterm" name="id2617594"></a> + <a class="indexterm" name="id2617601"></a> + <a class="indexterm" name="id2617608"></a> + <a class="indexterm" name="id2617615"></a> + <a class="indexterm" name="id2617622"></a> + <a class="indexterm" name="id2617629"></a> + <a class="indexterm" name="id2617635"></a> The <code class="literal">ntlm_auth</code> helper, when run from a command line as the user “<span class="quote">root</span>”, authenticates against your Active Directory domain (with the aid of winbind). It manages this by reading from the winbind privileged pipe. @@ -395,37 +395,37 @@ password: XXXXXXXX <code class="prompt">root# </code> chgrp squid /var/lib/samba/winbindd_privileged <code class="prompt">root# </code> chmod 750 /var/lib/samba/winbindd_privileged </pre><p> - </p></li></ol></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2617691"></a>NSS Configuration</h4></div></div></div><p> - <a class="indexterm" name="id2617699"></a> - <a class="indexterm" name="id2617705"></a> - <a class="indexterm" name="id2617712"></a> + </p></li></ol></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2617710"></a>NSS Configuration</h4></div></div></div><p> + <a class="indexterm" name="id2617718"></a> + <a class="indexterm" name="id2617725"></a> + <a class="indexterm" name="id2617732"></a> For Squid to benefit from Samba-3, NSS must be updated to allow winbind as a valid route to user authentication. </p><p> Edit your <code class="filename">/etc/nsswitch.conf</code> file so it has the parameters shown in <a class="link" href="DomApps.html#ch10-etcnsscfg" title="Example 12.3. NSS Configuration File Extract File: /etc/nsswitch.conf">“NSS Configuration File Extract File: /etc/nsswitch.conf”</a>. - </p><div class="example"><a name="ch10-smbconf"></a><p class="title"><b>Example 12.2. Samba Configuration File: <code class="filename">/etc/samba/smb.conf</code></b></p><div class="example-contents"><table class="simplelist" border="0" summary="Simple list"><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id2617770"></a><em class="parameter"><code>workgroup = LONDON</code></em></td></tr><tr><td><a class="indexterm" name="id2617782"></a><em class="parameter"><code>netbios name = W2K3S</code></em></td></tr><tr><td><a class="indexterm" name="id2617794"></a><em class="parameter"><code>realm = LONDON.ABMAS.BIZ</code></em></td></tr><tr><td><a class="indexterm" name="id2617806"></a><em class="parameter"><code>security = ads</code></em></td></tr><tr><td><a class="indexterm" name="id2617817"></a><em class="parameter"><code>encrypt passwords = yes</code></em></td></tr><tr><td><a class="indexterm" name="id2617829"></a><em class="parameter"><code>password server = w2k3s.london.abmas.biz</code></em></td></tr><tr><td># separate domain and username with '/', like DOMAIN/username</td></tr><tr><td><a class="indexterm" name="id2617846"></a><em class="parameter"><code>winbind separator = /</code></em></td></tr><tr><td># use UIDs from 10000 to 20000 for domain users</td></tr><tr><td><a class="indexterm" name="id2617862"></a><em class="parameter"><code>idmap uid = 10000-20000</code></em></td></tr><tr><td># use GIDs from 10000 to 20000 for domain groups</td></tr><tr><td><a class="indexterm" name="id2617877"></a><em class="parameter"><code>idmap gid = 10000-20000</code></em></td></tr><tr><td># allow enumeration of winbind users and groups</td></tr><tr><td><a class="indexterm" name="id2617893"></a><em class="parameter"><code>winbind enum users = yes</code></em></td></tr><tr><td><a class="indexterm" name="id2617905"></a><em class="parameter"><code>winbind enum groups = yes</code></em></td></tr><tr><td><a class="indexterm" name="id2617917"></a><em class="parameter"><code>winbind user default domain = yes</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch10-etcnsscfg"></a><p class="title"><b>Example 12.3. NSS Configuration File Extract File: <code class="filename">/etc/nsswitch.conf</code></b></p><div class="example-contents"><pre class="screen"> + </p><div class="example"><a name="ch10-smbconf"></a><p class="title"><b>Example 12.2. Samba Configuration File: <code class="filename">/etc/samba/smb.conf</code></b></p><div class="example-contents"><table class="simplelist" border="0" summary="Simple list"><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id2617790"></a><em class="parameter"><code>workgroup = LONDON</code></em></td></tr><tr><td><a class="indexterm" name="id2617802"></a><em class="parameter"><code>netbios name = W2K3S</code></em></td></tr><tr><td><a class="indexterm" name="id2617813"></a><em class="parameter"><code>realm = LONDON.ABMAS.BIZ</code></em></td></tr><tr><td><a class="indexterm" name="id2617825"></a><em class="parameter"><code>security = ads</code></em></td></tr><tr><td><a class="indexterm" name="id2617837"></a><em class="parameter"><code>encrypt passwords = yes</code></em></td></tr><tr><td><a class="indexterm" name="id2617849"></a><em class="parameter"><code>password server = w2k3s.london.abmas.biz</code></em></td></tr><tr><td># separate domain and username with '/', like DOMAIN/username</td></tr><tr><td><a class="indexterm" name="id2617865"></a><em class="parameter"><code>winbind separator = /</code></em></td></tr><tr><td># use UIDs from 10000 to 20000 for domain users</td></tr><tr><td><a class="indexterm" name="id2617881"></a><em class="parameter"><code>idmap uid = 10000-20000</code></em></td></tr><tr><td># use GIDs from 10000 to 20000 for domain groups</td></tr><tr><td><a class="indexterm" name="id2617897"></a><em class="parameter"><code>idmap gid = 10000-20000</code></em></td></tr><tr><td># allow enumeration of winbind users and groups</td></tr><tr><td><a class="indexterm" name="id2617913"></a><em class="parameter"><code>winbind enum users = yes</code></em></td></tr><tr><td><a class="indexterm" name="id2617925"></a><em class="parameter"><code>winbind enum groups = yes</code></em></td></tr><tr><td><a class="indexterm" name="id2617937"></a><em class="parameter"><code>winbind user default domain = yes</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch10-etcnsscfg"></a><p class="title"><b>Example 12.3. NSS Configuration File Extract File: <code class="filename">/etc/nsswitch.conf</code></b></p><div class="example-contents"><pre class="screen"> passwd: files winbind shadow: files group: files winbind -</pre></div></div><br class="example-break"></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2617956"></a>Squid Configuration</h4></div></div></div><p> - <a class="indexterm" name="id2617964"></a> - <a class="indexterm" name="id2617971"></a> +</pre></div></div><br class="example-break"></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2617976"></a>Squid Configuration</h4></div></div></div><p> + <a class="indexterm" name="id2617983"></a> + <a class="indexterm" name="id2617990"></a> Squid must be configured correctly to interact with the Samba-3 components that handle Active Directory authentication. - </p></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2617986"></a>Configuration</h3></div></div></div></div><div class="procedure"><a name="id2617991"></a><p class="title"><b>Procedure 12.3. Squid Configuration Steps</b></p><ol type="1"><li><p> - <a class="indexterm" name="id2618003"></a> - <a class="indexterm" name="id2618009"></a> - <a class="indexterm" name="id2618017"></a> + </p></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2618005"></a>Configuration</h3></div></div></div></div><div class="procedure"><a name="id2618011"></a><p class="title"><b>Procedure 12.3. Squid Configuration Steps</b></p><ol type="1"><li><p> + <a class="indexterm" name="id2618022"></a> + <a class="indexterm" name="id2618029"></a> + <a class="indexterm" name="id2618037"></a> If your Linux distribution is SUSE Linux 9, the version of Squid supplied is already enabled to use the winbind helper agent. You can therefore omit the steps that would build the Squid binary programs. </p></li><li><p> - <a class="indexterm" name="id2618034"></a> - <a class="indexterm" name="id2618041"></a> - <a class="indexterm" name="id2618048"></a> - <a class="indexterm" name="id2618055"></a> - <a class="indexterm" name="id2618062"></a> + <a class="indexterm" name="id2618054"></a> + <a class="indexterm" name="id2618061"></a> + <a class="indexterm" name="id2618068"></a> + <a class="indexterm" name="id2618074"></a> + <a class="indexterm" name="id2618081"></a> Squid, by default, runs as the user <code class="constant">nobody</code>. You need to add a system user <code class="constant">squid</code> and a system group <code class="constant">squid</code> if they are not set up already (if the default @@ -433,16 +433,16 @@ group: files winbind <code class="constant">squid</code> user in <code class="filename">/etc/passwd</code> and a <code class="constant">squid</code> group in <code class="filename">/etc/group</code> if these aren't there already. </p></li><li><p> - <a class="indexterm" name="id2618109"></a> - <a class="indexterm" name="id2618116"></a> + <a class="indexterm" name="id2618129"></a> + <a class="indexterm" name="id2618136"></a> You now need to change the permissions on Squid's <code class="constant">var</code> directory. Enter the following command: </p><pre class="screen"> <code class="prompt">root# </code> chown -R squid /var/cache/squid </pre><p> </p></li><li><p> - <a class="indexterm" name="id2618147"></a> - <a class="indexterm" name="id2618154"></a> + <a class="indexterm" name="id2618167"></a> + <a class="indexterm" name="id2618173"></a> Squid must also have control over its logging. Enter the following commands: </p><pre class="screen"> <code class="prompt">root# </code> chown -R chown squid:squid /var/log/squid @@ -456,11 +456,11 @@ group: files winbind <code class="prompt">root# </code> chmod 770 /var/cache/squid </pre><p> </p></li><li><p> - <a class="indexterm" name="id2618214"></a> + <a class="indexterm" name="id2618233"></a> The <code class="filename">/etc/squid/squid.conf</code> file must be edited to include the lines from <a class="link" href="DomApps.html#etcsquidcfg" title="Example 12.4. Squid Configuration File Extract /etc/squid.conf [ADMINISTRATIVE PARAMETERS Section]">“Squid Configuration File Extract /etc/squid.conf [ADMINISTRATIVE PARAMETERS Section]”</a> and <a class="link" href="DomApps.html#etcsquid2" title="Example 12.5. Squid Configuration File extract File: /etc/squid.conf [AUTHENTICATION PARAMETERS Section]">“Squid Configuration File extract File: /etc/squid.conf [AUTHENTICATION PARAMETERS Section]”</a>. </p></li><li><p> - <a class="indexterm" name="id2618248"></a> + <a class="indexterm" name="id2618267"></a> You must create Squid's cache directories before it may be run. Enter the following command: </p><pre class="screen"> <code class="prompt">root# </code> squid -z @@ -487,23 +487,23 @@ group: files winbind auth_param basic credentialsttl 2 hours acl AuthorizedUsers proxy_auth REQUIRED http_access allow all AuthorizedUsers -</pre></div></div><br class="example-break"></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2618352"></a>Key Points Learned</h3></div></div></div><p> - <a class="indexterm" name="id2618360"></a> - <a class="indexterm" name="id2618367"></a> - <a class="indexterm" name="id2618374"></a> - <a class="indexterm" name="id2618381"></a> - <a class="indexterm" name="id2618393"></a> +</pre></div></div><br class="example-break"></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2618372"></a>Key Points Learned</h3></div></div></div><p> + <a class="indexterm" name="id2618380"></a> + <a class="indexterm" name="id2618387"></a> + <a class="indexterm" name="id2618394"></a> + <a class="indexterm" name="id2618401"></a> + <a class="indexterm" name="id2618412"></a> Microsoft Windows networking protocols permeate the spectrum of technologies that Microsoft Windows clients use, even when accessing traditional services such as Web browsers. Depending on whom you discuss this with, this is either good or bad. No matter how you might evaluate this, the use of NTLMSSP as the authentication protocol for Web proxy access has some advantages over the cookie-based authentication regime used by all competing browsers. It is Samba's implementation of NTLMSSP that makes it attractive to implement the solution that has been demonstrated in this chapter. - </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2618413"></a>Questions and Answers</h2></div></div></div><p> - <a class="indexterm" name="id2618421"></a> - <a class="indexterm" name="id2618428"></a> - <a class="indexterm" name="id2618435"></a> - <a class="indexterm" name="id2618441"></a> + </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2618432"></a>Questions and Answers</h2></div></div></div><p> + <a class="indexterm" name="id2618440"></a> + <a class="indexterm" name="id2618447"></a> + <a class="indexterm" name="id2618454"></a> + <a class="indexterm" name="id2618461"></a> The development of the <code class="literal">ntlm_auth</code> module was first discussed in many Open Source circles in 2002. At the SambaXP conference in Goettingen, Germany, Mr. Francesco Chemolli demonstrated the use of <code class="literal">ntlm_auth</code> during one of the late developer meetings that took place. Since that time, the @@ -522,34 +522,34 @@ group: files winbind You would be well-advised to recognize that all cache-intensive proxying solutions demand a lot of memory. Make certain that your Squid proxy server is equipped with sufficient memory to permit all proxy operations to run out of memory without invoking the overheads involved in the use of memory that has to be swapped to disk. - </p><div class="qandaset"><dl><dt> <a href="DomApps.html#id2618519"> + </p><div class="qandaset"><dl><dt> <a href="DomApps.html#id2618546"> What does Samba have to do with Web proxy serving? - </a></dt><dt> <a href="DomApps.html#id2618685"> + </a></dt><dt> <a href="DomApps.html#id2618712"> What other services does Samba provide? - </a></dt><dt> <a href="DomApps.html#id2618828"> + </a></dt><dt> <a href="DomApps.html#id2618855"> Does use of Samba (ntlm_auth) improve the performance of Squid? - </a></dt></dl><table border="0" summary="Q and A Set"><col align="left" width="1%"><tbody><tr class="question"><td align="left" valign="top"><a name="id2618519"></a><a name="id2618521"></a></td><td align="left" valign="top"><p> + </a></dt></dl><table border="0" summary="Q and A Set"><col align="left" width="1%"><tbody><tr class="question"><td align="left" valign="top"><a name="id2618546"></a><a name="id2618548"></a></td><td align="left" valign="top"><p> What does Samba have to do with Web proxy serving? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> - <a class="indexterm" name="id2618533"></a> - <a class="indexterm" name="id2618540"></a> - <a class="indexterm" name="id2618547"></a> - <a class="indexterm" name="id2618556"></a> - <a class="indexterm" name="id2618563"></a> + <a class="indexterm" name="id2618560"></a> + <a class="indexterm" name="id2618567"></a> + <a class="indexterm" name="id2618574"></a> + <a class="indexterm" name="id2618583"></a> + <a class="indexterm" name="id2618590"></a> To provide transparent interoperability between Windows clients and the network services that are used from them, Samba had to develop tools and facilities that deliver that feature. The benefit of Open Source software is that it can readily be reused. The current <code class="literal">ntlm_auth</code> module is basically a wrapper around authentication code from the core of the Samba project. </p><p> - <a class="indexterm" name="id2618585"></a> - <a class="indexterm" name="id2618592"></a> - <a class="indexterm" name="id2618601"></a> - <a class="indexterm" name="id2618610"></a> + <a class="indexterm" name="id2618612"></a> <a class="indexterm" name="id2618619"></a> - <a class="indexterm" name="id2618626"></a> - <a class="indexterm" name="id2618633"></a> - <a class="indexterm" name="id2618640"></a> - <a class="indexterm" name="id2618647"></a> + <a class="indexterm" name="id2618629"></a> + <a class="indexterm" name="id2618638"></a> + <a class="indexterm" name="id2618646"></a> + <a class="indexterm" name="id2618653"></a> + <a class="indexterm" name="id2618660"></a> + <a class="indexterm" name="id2618667"></a> + <a class="indexterm" name="id2618674"></a> The <code class="literal">ntlm_auth</code> module supports basic plain-text authentication and NTLMSSP protocols. This module makes it possible for Web and FTP proxy requests to be authenticated without the user being interrupted via his or her Windows logon credentials. This facility is available with @@ -557,36 +557,36 @@ group: files winbind There are a few open source initiatives to provide support for these protocols in the Apache Web server also. </p><p> - <a class="indexterm" name="id2618671"></a> + <a class="indexterm" name="id2618699"></a> The short answer is that by adding a wrapper around key authentication components of Samba, other projects (like Squid) can benefit from the labors expended in meeting user interoperability needs. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2618685"></a><a name="id2618687"></a></td><td align="left" valign="top"><p> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2618712"></a><a name="id2618714"></a></td><td align="left" valign="top"><p> What other services does Samba provide? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> - <a class="indexterm" name="id2618699"></a> - <a class="indexterm" name="id2618706"></a> - <a class="indexterm" name="id2618712"></a> - <a class="indexterm" name="id2618719"></a> <a class="indexterm" name="id2618726"></a> + <a class="indexterm" name="id2618733"></a> + <a class="indexterm" name="id2618740"></a> + <a class="indexterm" name="id2618746"></a> + <a class="indexterm" name="id2618753"></a> Samba-3 is a file and print server. The core components that provide this functionality are <code class="literal">smbd</code>, <code class="literal">nmbd</code>, and the identity resolver daemon, <code class="literal">winbindd</code>. </p><p> - <a class="indexterm" name="id2618757"></a> - <a class="indexterm" name="id2618763"></a> + <a class="indexterm" name="id2618784"></a> + <a class="indexterm" name="id2618791"></a> Samba-3 is an SMB/CIFS client. The core component that provides this is called <code class="literal">smbclient</code>. </p><p> - <a class="indexterm" name="id2618781"></a> - <a class="indexterm" name="id2618788"></a> - <a class="indexterm" name="id2618794"></a> - <a class="indexterm" name="id2618801"></a> <a class="indexterm" name="id2618808"></a> + <a class="indexterm" name="id2618815"></a> + <a class="indexterm" name="id2618822"></a> + <a class="indexterm" name="id2618828"></a> + <a class="indexterm" name="id2618835"></a> Samba-3 includes a number of helper tools, plug-in modules, utilities, and test and validation facilities. Samba-3 includes glue modules that help provide interoperability between MS Windows clients and UNIX/Linux servers and clients. It includes Winbind agents that make it possible to authenticate UNIX/Linux access attempts as well as logins to an SMB/CIFS authentication server backend. Samba-3 includes name service switch (NSS) modules to permit identity resolution via SMB/CIFS servers (Windows NT4/200x, Samba, and a host of other commercial server products). - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2618828"></a><a name="id2618830"></a></td><td align="left" valign="top"><p> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2618855"></a><a name="id2618858"></a></td><td align="left" valign="top"><p> Does use of Samba (<code class="literal">ntlm_auth</code>) improve the performance of Squid? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> Not really. Samba's <code class="literal">ntlm_auth</code> module handles only authentication. It requires that diff --git a/docs/htmldocs/Samba3-ByExample/HA.html b/docs/htmldocs/Samba3-ByExample/HA.html index ce01c67d7d..6356957d2e 100644 --- a/docs/htmldocs/Samba3-ByExample/HA.html +++ b/docs/htmldocs/Samba3-ByExample/HA.html @@ -1,7 +1,7 @@ -<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 13. Performance, Reliability, and Availability</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="DomApps.html" title="Chapter 12. Integrating Additional Services"><link rel="next" href="ch14.html" title="Chapter 14. Samba Support"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 13. Performance, Reliability, and Availability</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="DomApps.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="ch14.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="HA"></a>Chapter 13. Performance, Reliability, and Availability</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="HA.html#id2618932">Introduction</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619019">Dissection and Discussion</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619492">Guidelines for Reliable Samba Operation</a></span></dt><dd><dl><dt><span class="sect2"><a href="HA.html#id2619520">Name Resolution</a></span></dt><dt><span class="sect2"><a href="HA.html#id2619995">Samba Configuration</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620323">Use and Location of BDCs</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620398">Use One Consistent Version of MS Windows Client</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620420">For Scalability, Use SAN-Based Storage on Samba Servers</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620470">Distribute Network Load with MSDFS</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620524">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620570">Hardware Problems</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620728">Large Directories</a></span></dt></dl></dd><dt><span class="sect1"><a href="HA.html#id2620832">Key Points Learned</a></span></dt></dl></div><p> - <a class="indexterm" name="id2618894"></a> - <a class="indexterm" name="id2618901"></a> - <a class="indexterm" name="id2618907"></a> +<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 13. Performance, Reliability, and Availability</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="DomApps.html" title="Chapter 12. Integrating Additional Services"><link rel="next" href="ch14.html" title="Chapter 14. Samba Support"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 13. Performance, Reliability, and Availability</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="DomApps.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="ch14.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="HA"></a>Chapter 13. Performance, Reliability, and Availability</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="HA.html#id2618959">Introduction</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619057">Dissection and Discussion</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619530">Guidelines for Reliable Samba Operation</a></span></dt><dd><dl><dt><span class="sect2"><a href="HA.html#id2619557">Name Resolution</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620033">Samba Configuration</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620360">Use and Location of BDCs</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620435">Use One Consistent Version of MS Windows Client</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620457">For Scalability, Use SAN-Based Storage on Samba Servers</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620507">Distribute Network Load with MSDFS</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620562">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620607">Hardware Problems</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620755">Large Directories</a></span></dt></dl></dd><dt><span class="sect1"><a href="HA.html#id2620859">Key Points Learned</a></span></dt></dl></div><p> + <a class="indexterm" name="id2618921"></a> + <a class="indexterm" name="id2618928"></a> + <a class="indexterm" name="id2618935"></a> Well, you have reached one of the last chapters of this book. It is customary to attempt to wrap up the theme and contents of a book in what is generally regarded as the chapter that should draw conclusions. This book is a suspense thriller, and since @@ -10,8 +10,8 @@ regarding some of the things everyone can do to deliver a reliable Samba-3 network. </p><div class="blockquote"><table border="0" width="100%" cellspacing="0" cellpadding="0" class="blockquote" summary="Block quote"><tr><td width="10%" valign="top"> </td><td width="80%" valign="top"><p> In a world so full of noise, how can the sparrow be heard? - </p></td><td width="10%" valign="top"> </td></tr><tr><td width="10%" valign="top"> </td><td colspan="2" align="right" valign="top">--<span class="attribution">Anonymous</span></td></tr></table></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2618932"></a>Introduction</h2></div></div></div><p> - <a class="indexterm" name="id2618940"></a> + </p></td><td width="10%" valign="top"> </td></tr><tr><td width="10%" valign="top"> </td><td colspan="2" align="right" valign="top">--<span class="attribution">Anonymous</span></td></tr></table></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2618959"></a>Introduction</h2></div></div></div><p> + <a class="indexterm" name="id2618967"></a> The sparrow is a small bird whose sounds are drowned out by the noise of the busy world it lives in. Likewise, the simple steps that can be taken to improve the reliability and availability of a Samba network are often drowned out by the volume @@ -20,22 +20,22 @@ itself to discussion of clustering because each clustering methodology uses its own custom tools and methods. Only passing comments are offered concerning these methods. </p><p> - <a class="indexterm" name="id2618960"></a> - <a class="indexterm" name="id2618967"></a> - <a class="indexterm" name="id2618974"></a> + <a class="indexterm" name="id2618997"></a> + <a class="indexterm" name="id2619004"></a> + <a class="indexterm" name="id2619011"></a> <a class="ulink" href="http://www.google.com/search?hl=en&lr=&ie=ISO-8859-1&q=samba+cluster&btnG=Google+Search" target="_top">A search</a> for “<span class="quote">samba cluster</span>” produced 71,600 hits. And a search for “<span class="quote">highly available samba</span>” and “<span class="quote">highly available windows</span>” produced an amazing number of references. It is clear from the resources on the Internet that Windows file and print services availability, reliability, and scalability are of vital interest to corporate network users. </p><p> - <a class="indexterm" name="id2619007"></a> + <a class="indexterm" name="id2619044"></a> So without further background, you can review a checklist of simple steps that can be taken to ensure acceptable network performance while keeping costs of ownership well under control. - </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2619019"></a>Dissection and Discussion</h2></div></div></div><p> - <a class="indexterm" name="id2619027"></a> - <a class="indexterm" name="id2619034"></a> + </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2619057"></a>Dissection and Discussion</h2></div></div></div><p> + <a class="indexterm" name="id2619065"></a> + <a class="indexterm" name="id2619071"></a> If it is your purpose to get the best mileage out of your Samba servers, there is one rule that must be obeyed. If you want the best, keep your implementation as simple as possible. You may well be forced to introduce some complexities, but you should do so only as a last resort. @@ -44,8 +44,8 @@ make life easier for your successor. Simple implementations can be more readily audited than can complex ones. </p><p> - <a class="indexterm" name="id2619056"></a> - <a class="indexterm" name="id2619063"></a> + <a class="indexterm" name="id2619093"></a> + <a class="indexterm" name="id2619100"></a> Problems reported by users fall into three categories: configurations that do not work, those that have broken behavior, and poor performance. The term <span class="emphasis"><em>broken behavior</em></span> means that the function of a particular Samba component appears to work sometimes, but not at @@ -54,12 +54,12 @@ list of Windows machines in MS Explorer changes, sometimes listing machines that are running and at other times not listing them even though the machines are in use on the network. </p><p> - <a class="indexterm" name="id2619090"></a> - <a class="indexterm" name="id2619097"></a> - <a class="indexterm" name="id2619104"></a> - <a class="indexterm" name="id2619111"></a> - <a class="indexterm" name="id2619118"></a> - <a class="indexterm" name="id2619124"></a> + <a class="indexterm" name="id2619128"></a> + <a class="indexterm" name="id2619134"></a> + <a class="indexterm" name="id2619141"></a> + <a class="indexterm" name="id2619148"></a> + <a class="indexterm" name="id2619155"></a> + <a class="indexterm" name="id2619162"></a> A significant number of reports concern problems with the <code class="literal">smbfs</code> file system driver that is part of the Linux kernel, not part of Samba. Users continue to interpret that <code class="literal">smbfs</code> is part of Samba, simply because Samba includes the front-end tools @@ -70,32 +70,32 @@ common infrastructure with some Samba components, but they are not maintained as part of Samba and are really foreign to it. </p><p> - <a class="indexterm" name="id2619185"></a> + <a class="indexterm" name="id2619222"></a> The new project, <code class="literal">cifsfs</code>, is destined to replace <code class="literal">smbfs</code>. It, too, is not part of Samba, even though one of the Samba Team members is a prime mover in this project. </p><p> Table 13.1 lists typical causes of: </p><div class="itemizedlist"><ul type="disc"><li><p>Not Working (NW)</p></li><li><p>Broken Behavior (BB)</p></li><li><p>Poor Performance (PP)</p></li></ul></div><div class="table"><a name="ProbList"></a><p class="title"><b>Table 13.1. Effect of Common Problems</b></p><div class="table-contents"><table summary="Effect of Common Problems" border="1"><colgroup><col align="left"><col align="center"><col align="center"><col align="center"></colgroup><thead><tr><th align="left"><p>Problem</p></th><th align="center"><p>NW</p></th><th align="center"><p>BB</p></th><th align="center"><p>PP</p></th></tr></thead><tbody><tr><td align="left"><p>File locking</p></td><td align="center"><p>-</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr><tr><td align="left"><p>Hardware problems</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td></tr><tr><td align="left"><p>Incorrect authentication</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr><tr><td align="left"><p>Incorrect configuration</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td></tr><tr><td align="left"><p>LDAP problems</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr><tr><td align="left"><p>Name resolution</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td></tr><tr><td align="left"><p>Printing problems</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr><tr><td align="left"><p>Slow file transfer</p></td><td align="center"><p>-</p></td><td align="center"><p>-</p></td><td align="center"><p>X</p></td></tr><tr><td align="left"><p>Winbind problems</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr></tbody></table></div></div><br class="table-break"><p> - <a class="indexterm" name="id2619479"></a> + <a class="indexterm" name="id2619516"></a> It is obvious to all that the first requirement (as a matter of network hygiene) is to eliminate problems that affect basic network operation. This book has provided sufficient working examples to help you to avoid all these problems. - </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2619492"></a>Guidelines for Reliable Samba Operation</h2></div></div></div><p> - <a class="indexterm" name="id2619501"></a> - <a class="indexterm" name="id2619508"></a> + </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2619530"></a>Guidelines for Reliable Samba Operation</h2></div></div></div><p> + <a class="indexterm" name="id2619538"></a> + <a class="indexterm" name="id2619545"></a> Your objective is to provide a network that works correctly, can grow at all times, is resilient at times of extreme demand, and can scale to meet future needs. The following subject areas provide pointers that can help you today. - </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2619520"></a>Name Resolution</h3></div></div></div><p> + </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2619557"></a>Name Resolution</h3></div></div></div><p> There are three basic current problem areas: bad hostnames, routed networks, and network collisions. These are covered in the following discussion. - </p><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2619531"></a>Bad Hostnames</h4></div></div></div><p> - <a class="indexterm" name="id2619539"></a> - <a class="indexterm" name="id2619548"></a> - <a class="indexterm" name="id2619555"></a> - <a class="indexterm" name="id2619562"></a> - <a class="indexterm" name="id2619569"></a> + </p><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2619568"></a>Bad Hostnames</h4></div></div></div><p> + <a class="indexterm" name="id2619576"></a> + <a class="indexterm" name="id2619586"></a> + <a class="indexterm" name="id2619592"></a> + <a class="indexterm" name="id2619599"></a> + <a class="indexterm" name="id2619606"></a> When configured as a DHCP client, a number of Linux distributions set the system hostname to <code class="constant">localhost</code>. If the parameter <em class="parameter"><code>netbios name</code></em> is not specified to something other than <code class="constant">localhost</code>, the Samba server appears @@ -107,13 +107,13 @@ the local Windows machine itself. Hostnames must be valid for Windows networking to function correctly. </p><p> - <a class="indexterm" name="id2619624"></a> + <a class="indexterm" name="id2619661"></a> A few sites have tried to name Windows clients and Samba servers with a name that begins with the digits 1-9. This does not work either because it may result in the client or server attempting to use that name as an IP address. </p><p> - <a class="indexterm" name="id2619638"></a> - <a class="indexterm" name="id2619647"></a> + <a class="indexterm" name="id2619675"></a> + <a class="indexterm" name="id2619684"></a> A Samba server called <code class="constant">FRED</code> in a NetBIOS domain called <code class="constant">COLLISION</code> in a network environment that is part of the fully-qualified Internet domain namespace known as <code class="constant">parrots.com</code>, results in DNS name lookups for <code class="constant">fred.parrots.com</code> @@ -122,49 +122,49 @@ attempts to resolve <code class="constant">fred.parrots.com.parrots.com</code>, which most likely fails given that you probably do not have this in your DNS namespace. </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p> - <a class="indexterm" name="id2619691"></a> - <a class="indexterm" name="id2619700"></a> - <a class="indexterm" name="id2619707"></a> + <a class="indexterm" name="id2619728"></a> + <a class="indexterm" name="id2619738"></a> + <a class="indexterm" name="id2619744"></a> An Active Directory realm called <code class="constant">collision.parrots.com</code> is perfectly okay, although it too must be capable of being resolved via DNS, something that functions correctly if Windows 200x ADS has been properly installed and configured. - </p></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2619723"></a>Routed Networks</h4></div></div></div><p> - <a class="indexterm" name="id2619731"></a> - <a class="indexterm" name="id2619738"></a> - <a class="indexterm" name="id2619747"></a> + </p></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2619760"></a>Routed Networks</h4></div></div></div><p> + <a class="indexterm" name="id2619768"></a> + <a class="indexterm" name="id2619775"></a> + <a class="indexterm" name="id2619784"></a> NetBIOS networks (Windows networking with NetBIOS over TCP/IP enabled) makes extensive use of UDP-based broadcast traffic, as you saw during the exercises in <a class="link" href="primer.html" title="Chapter 16. Networking Primer">“Networking Primer”</a>. </p><p> - <a class="indexterm" name="id2619767"></a> - <a class="indexterm" name="id2619774"></a> - <a class="indexterm" name="id2619780"></a> + <a class="indexterm" name="id2619804"></a> + <a class="indexterm" name="id2619811"></a> + <a class="indexterm" name="id2619818"></a> UDP broadcast traffic is not forwarded by routers. This means that NetBIOS broadcast-based networking cannot function across routed networks (i.e., multi-subnet networks) unless special provisions are made: </p><div class="itemizedlist"><ul type="disc"><li><p> - <a class="indexterm" name="id2619797"></a> - <a class="indexterm" name="id2619804"></a> - <a class="indexterm" name="id2619811"></a> + <a class="indexterm" name="id2619835"></a> + <a class="indexterm" name="id2619841"></a> + <a class="indexterm" name="id2619848"></a> Either install on every Windows client an LMHOSTS file (located in the directory <code class="filename">C:\windows\system32\drivers\etc</code>). It is also necessary to add to the Samba server <code class="filename">smb.conf</code> file the parameters <em class="parameter"><code>remote announce</code></em> and <em class="parameter"><code>remote browse sync</code></em>. For more information, refer to the online manual page for the <code class="filename">smb.conf</code> file. </p></li><li><p> - <a class="indexterm" name="id2619857"></a> + <a class="indexterm" name="id2619894"></a> Or configure Samba as a WINS server, and configure all network clients to use that WINS server in their TCP/IP configuration. </p></li></ul></div><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p> - <a class="indexterm" name="id2619874"></a> - <a class="indexterm" name="id2619883"></a> + <a class="indexterm" name="id2619911"></a> + <a class="indexterm" name="id2619920"></a> The use of DNS is not an acceptable substitute for WINS. DNS does not store specific information regarding NetBIOS networking particulars that get stored in the WINS name resolution database and that Windows clients require and depend on. - </p></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2619896"></a>Network Collisions</h4></div></div></div><p> - <a class="indexterm" name="id2619904"></a> - <a class="indexterm" name="id2619913"></a> - <a class="indexterm" name="id2619922"></a> - <a class="indexterm" name="id2619929"></a> + </p></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2619933"></a>Network Collisions</h4></div></div></div><p> + <a class="indexterm" name="id2619941"></a> + <a class="indexterm" name="id2619950"></a> + <a class="indexterm" name="id2619959"></a> + <a class="indexterm" name="id2619966"></a> Excessive network activity causes NetBIOS network timeouts. Timeouts may result in blue screen of death (BSOD) experiences. High collision rates may be caused by excessive UDP broadcast activity, by defective networking hardware, or through excessive network @@ -173,9 +173,9 @@ The use of WINS is highly recommended to reduce network broadcast traffic, as outlined in <a class="link" href="primer.html" title="Chapter 16. Networking Primer">“Networking Primer”</a>. </p><p> - <a class="indexterm" name="id2619958"></a> - <a class="indexterm" name="id2619965"></a> - <a class="indexterm" name="id2619972"></a> + <a class="indexterm" name="id2619995"></a> + <a class="indexterm" name="id2620002"></a> + <a class="indexterm" name="id2620009"></a> Under no circumstances should the facility be supported by many routers, known as <code class="constant">NetBIOS forwarding</code>, unless you know exactly what you are doing. Inappropriate use of this facility can result in UDP broadcast storms. In one case in 1999, a university network became @@ -183,13 +183,13 @@ testing of a Samba server. The maximum throughput on a 100-Base-T (100 MB/sec) network was less than 15 KB/sec. After the NetBIOS forwarding was turned off, file transfer performance immediately returned to 11 MB/sec. - </p></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2619995"></a>Samba Configuration</h3></div></div></div><p> + </p></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620033"></a>Samba Configuration</h3></div></div></div><p> As a general rule, the contents of the <code class="filename">smb.conf</code> file should be kept as simple as possible. No parameter should be specified unless you know it is essential to operation. </p><p> - <a class="indexterm" name="id2620015"></a> - <a class="indexterm" name="id2620022"></a> - <a class="indexterm" name="id2620029"></a> + <a class="indexterm" name="id2620052"></a> + <a class="indexterm" name="id2620060"></a> + <a class="indexterm" name="id2620066"></a> Many UNIX administrators like to fully document the settings in the <code class="filename">smb.conf</code> file. This is a bad idea because it adds content to the file. The <code class="filename">smb.conf</code> file is re-read by every <code class="literal">smbd</code> process every time the file timestamp changes (or, on systems where this does not work, every 20 seconds or so). @@ -197,7 +197,7 @@ As the size of the <code class="filename">smb.conf</code> file grows, the risk of introducing parsing errors also increases. It is recommended to keep a fully documented <code class="filename">smb.conf</code> file on hand, and then to operate Samba only with an optimized file. - </p><p><a class="indexterm" name="id2620079"></a> + </p><p><a class="indexterm" name="id2620116"></a> The preferred way to maintain a documented file is to call it something like <code class="filename">smb.conf.master</code>. You can generate the optimized file by executing: </p><pre class="screen"> @@ -223,7 +223,7 @@ Loaded services file OK. Server role: ROLE_DOMAIN_PDC Press enter to see a dump of your service definitions </pre><p> - <a class="indexterm" name="id2620138"></a> + <a class="indexterm" name="id2620176"></a> You now, of course, press the enter key to complete the command, or else abort it by pressing Ctrl-C. The important thing to note is the noted Server role, as well as warning messages. Noted configuration conflicts must be remedied before proceeding. For example, the following error message represents a @@ -233,28 +233,28 @@ ERROR: both 'wins support = true' and 'wins server = <server list>' cannot be set in the smb.conf file. nmbd will abort with this setting. </pre><p> </p><p> - <a class="indexterm" name="id2620166"></a> - <a class="indexterm" name="id2620173"></a> - <a class="indexterm" name="id2620180"></a> + <a class="indexterm" name="id2620203"></a> + <a class="indexterm" name="id2620210"></a> + <a class="indexterm" name="id2620217"></a> There are two parameters that can cause severe network performance degradation: <em class="parameter"><code>socket options</code></em> and <em class="parameter"><code>socket address</code></em>. The <em class="parameter"><code>socket options</code></em> parameter was often necessary when Samba was used with the Linux 2.2.x kernels. Later kernels are largely self-tuning and seldom benefit from this parameter being set. Do not use either parameter unless it has been proven necessary to use them. </p><p> - <a class="indexterm" name="id2620214"></a> - <a class="indexterm" name="id2620221"></a> - <a class="indexterm" name="id2620228"></a> - <a class="indexterm" name="id2620235"></a> + <a class="indexterm" name="id2620251"></a> + <a class="indexterm" name="id2620258"></a> + <a class="indexterm" name="id2620265"></a> + <a class="indexterm" name="id2620272"></a> Another <code class="filename">smb.conf</code> parameter that may cause severe network performance degradation is the <em class="parameter"><code>strict sync</code></em> parameter. Do not use this at all. There is no good reason to use this with any modern Windows client. The <em class="parameter"><code>strict sync</code></em> is often used with the <em class="parameter"><code>sync always</code></em> parameter. This, too, can severely degrade network performance, so do not set it; if you must, do so with caution. </p><p> - <a class="indexterm" name="id2620276"></a> - <a class="indexterm" name="id2620283"></a> - <a class="indexterm" name="id2620290"></a> - <a class="indexterm" name="id2620297"></a> + <a class="indexterm" name="id2620313"></a> + <a class="indexterm" name="id2620320"></a> + <a class="indexterm" name="id2620327"></a> + <a class="indexterm" name="id2620334"></a> Finally, many network administrators deliberately disable opportunistic locking support. While this does not degrade Samba performance, it significantly degrades Windows client performance because this disables local file caching on Windows clients and forces every file read and written to @@ -262,12 +262,12 @@ cannot be set in the smb.conf file. nmbd will abort with this setting. support, do so only on the share on which it is required. That way, all other shares can provide oplock support for operations that are tolerant of it. See <a class="link" href="appendix.html#ch12dblck" title="Shared Data Integrity">“Shared Data Integrity”</a> for more information. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620323"></a>Use and Location of BDCs</h3></div></div></div><p> - <a class="indexterm" name="id2620331"></a> - <a class="indexterm" name="id2620337"></a> - <a class="indexterm" name="id2620344"></a> - <a class="indexterm" name="id2620351"></a> - <a class="indexterm" name="id2620358"></a> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620360"></a>Use and Location of BDCs</h3></div></div></div><p> + <a class="indexterm" name="id2620368"></a> + <a class="indexterm" name="id2620374"></a> + <a class="indexterm" name="id2620381"></a> + <a class="indexterm" name="id2620388"></a> + <a class="indexterm" name="id2620395"></a> On a network segment where there is a PDC and a BDC, the BDC carries the bulk of the network logon processing. If the BDC is a heavily loaded server, the PDC carries a greater proportion of authentication and logon processing. When a sole BDC on a routed network segment gets heavily @@ -275,13 +275,13 @@ cannot be set in the smb.conf file. nmbd will abort with this setting. to a BDC on a distant network segment. This significantly hinders WAN operations and is undesirable. </p><p> - <a class="indexterm" name="id2620376"></a> - <a class="indexterm" name="id2620383"></a> + <a class="indexterm" name="id2620413"></a> + <a class="indexterm" name="id2620420"></a> As a general guide, instead of adding domain member servers to a network, you would be better advised to add BDCs until there are fewer than 30 Windows clients per BDC. Beyond that ratio, you should add domain member servers. This practice ensures that there are always sufficient domain controllers to handle logon requests and authentication traffic. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620398"></a>Use One Consistent Version of MS Windows Client</h3></div></div></div><p> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620435"></a>Use One Consistent Version of MS Windows Client</h3></div></div></div><p> Every network client has its own peculiarities. From a management perspective, it is easier to deal with one version of MS Windows that is maintained to a consistent update level than it is to deal with a mixture of clients. @@ -289,61 +289,61 @@ cannot be set in the smb.conf file. nmbd will abort with this setting. On a number of occasions, particular Microsoft service pack updates of a Windows server or client have necessitated special handling from the Samba server end. If you want to remain sane, keep you client workstation configurations consistent. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620420"></a>For Scalability, Use SAN-Based Storage on Samba Servers</h3></div></div></div><p> - <a class="indexterm" name="id2620429"></a> - <a class="indexterm" name="id2620436"></a> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620457"></a>For Scalability, Use SAN-Based Storage on Samba Servers</h3></div></div></div><p> + <a class="indexterm" name="id2620466"></a> + <a class="indexterm" name="id2620473"></a> Many SAN-based storage systems permit more than one server to share a common data store. Use of a shared SAN data store means that you do not need to use time- and resource-hungry data synchronization techniques. </p><p> - <a class="indexterm" name="id2620450"></a> - <a class="indexterm" name="id2620456"></a> + <a class="indexterm" name="id2620487"></a> + <a class="indexterm" name="id2620494"></a> The use of a collection of relatively low-cost front-end Samba servers that are coupled to a shared backend SAN data store permits load distribution while containing costs below that of installing and managing a complex clustering facility. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620470"></a>Distribute Network Load with MSDFS</h3></div></div></div><p> - <a class="indexterm" name="id2620478"></a> - <a class="indexterm" name="id2620485"></a> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620507"></a>Distribute Network Load with MSDFS</h3></div></div></div><p> + <a class="indexterm" name="id2620515"></a> + <a class="indexterm" name="id2620522"></a> Microsoft DFS (distributed file system) technology has been implemented in Samba. MSDFS permits data to be accessed from a single share and yet to actually be distributed across multiple actual servers. Refer to <span class="emphasis"><em>TOSHARG2</em></span>, Chapter 19, for information regarding implementation of an MSDFS installation. </p><p> - <a class="indexterm" name="id2620503"></a> - <a class="indexterm" name="id2620512"></a> + <a class="indexterm" name="id2620540"></a> + <a class="indexterm" name="id2620550"></a> The combination of multiple backend servers together with a front-end server and use of MSDFS can achieve almost the same as you would obtain with a clustered Samba server. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620524"></a>Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</h3></div></div></div><p> - <a class="indexterm" name="id2620533"></a> - <a class="indexterm" name="id2620540"></a> - <a class="indexterm" name="id2620547"></a> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620562"></a>Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</h3></div></div></div><p> + <a class="indexterm" name="id2620570"></a> + <a class="indexterm" name="id2620577"></a> + <a class="indexterm" name="id2620584"></a> Consider using <code class="literal">rsync</code> to replicate data across the WAN during times of low utilization. Users can then access the replicated data store rather than needing to do so across the WAN. This works best for read-only data, but with careful planning can be implemented so that modified files get replicated back to the point of origin. Be careful with your implementation if you choose to permit modification and return replication of the modified file; otherwise, you may inadvertently overwrite important data. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620570"></a>Hardware Problems</h3></div></div></div><p> - <a class="indexterm" name="id2620578"></a> - <a class="indexterm" name="id2620585"></a> - <a class="indexterm" name="id2620592"></a> - <a class="indexterm" name="id2620599"></a> - <a class="indexterm" name="id2620608"></a> - <a class="indexterm" name="id2620617"></a> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620607"></a>Hardware Problems</h3></div></div></div><p> + <a class="indexterm" name="id2620615"></a> + <a class="indexterm" name="id2620622"></a> + <a class="indexterm" name="id2620629"></a> + <a class="indexterm" name="id2620636"></a> + <a class="indexterm" name="id2620645"></a> + <a class="indexterm" name="id2620654"></a> Networking hardware prices have fallen sharply over the past 5 years. A surprising number of Samba networking problems over this time have been traced to defective network interface cards (NICs) or defective HUBs, switches, and cables. </p><p> - <a class="indexterm" name="id2620634"></a> + <a class="indexterm" name="id2620671"></a> Not surprising is the fact that network administrators do not like to be shown to have made a bad decision. Money saved in buying low-cost hardware may result in high costs incurred in corrective action. </p><p> - <a class="indexterm" name="id2620647"></a> - <a class="indexterm" name="id2620654"></a> - <a class="indexterm" name="id2620661"></a> - <a class="indexterm" name="id2620668"></a> - <a class="indexterm" name="id2620675"></a> + <a class="indexterm" name="id2620684"></a> + <a class="indexterm" name="id2620691"></a> + <a class="indexterm" name="id2620698"></a> + <a class="indexterm" name="id2620705"></a> + <a class="indexterm" name="id2620712"></a> Defective NICs, HUBs, and switches may appear as intermittent network access problems, intermittent or persistent data corruption, slow network throughput, low performance, or even as BSOD problems with MS Windows clients. In one case, a company updated several workstations with newer, faster @@ -352,14 +352,14 @@ cannot be set in the smb.conf file. nmbd will abort with this setting. </p><p> Defective hardware problems may take patience and persistence before the real cause can be discovered. </p><p> - <a class="indexterm" name="id2620698"></a> + <a class="indexterm" name="id2620736"></a> Networking hardware defects can significantly impact perceived Samba performance, but defective RAID controllers as well as SCSI and IDE hard disk controllers have also been known to impair Samba server operations. One business came to this realization only after replacing a Samba installation with MS Windows Server 2000 running on the same hardware. The root of the problem completely eluded the network administrator until the entire server was replaced. While you may well think that this would never happen to you, experience shows that given the right (unfortunate) circumstances, this can happen to anyone. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620728"></a>Large Directories</h3></div></div></div><p> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620755"></a>Large Directories</h3></div></div></div><p> There exist applications that create or manage directories containing many thousands of files. Such applications typically generate many small files (less than 100 KB). At the best of times, under UNIX, listing of the files in a directory that contains many files is slow. By default, Windows NT, 200x, @@ -399,7 +399,7 @@ cannot be set in the smb.conf file. nmbd will abort with this setting. All files and directories under the <em class="parameter"><code>path</code></em> directory must be in the same case as specified in the <code class="filename">smb.conf</code> stanza. This means that smbd will not be able to find lower case filenames with these settings. Note, this is done on a per-share basis. - </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2620832"></a>Key Points Learned</h2></div></div></div><p> + </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2620859"></a>Key Points Learned</h2></div></div></div><p> This chapter has touched in broad sweeps on a number of simple steps that can be taken to ensure that your Samba network is resilient, scalable, and reliable, and that it performs well. @@ -408,7 +408,7 @@ cannot be set in the smb.conf file. nmbd will abort with this setting. In the long term, that may not be you. Spare a thought for your successor and give him or her an even break. </p><p> - <a class="indexterm" name="id2620853"></a> + <a class="indexterm" name="id2620880"></a> Last, but not least, you should not only keep the network design simple, but also be sure it is well documented. This book may serve as your pattern for documenting every aspect of your design, its implementation, and particularly the objects and assumptions diff --git a/docs/htmldocs/Samba3-ByExample/RefSection.html b/docs/htmldocs/Samba3-ByExample/RefSection.html index 03f4b0bfa2..b4ac64f50c 100644 --- a/docs/htmldocs/Samba3-ByExample/RefSection.html +++ b/docs/htmldocs/Samba3-ByExample/RefSection.html @@ -3,50 +3,50 @@ This section <span class="emphasis"><em>Samba-3 by Example</em></span> provides that may help you to solve network performance issues, to answer some of the critiques published regarding Samba, or just to gain a more broad understanding of how Samba can play in a Windows networking world. -</p><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="chapter"><a href="kerberos.html">11. Active Directory, Kerberos, and Security</a></span></dt><dd><dl><dt><span class="sect1"><a href="kerberos.html#id2610613">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2611264">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#id2611280">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2611677">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#ch10expl">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2613307">Share Access Controls</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2613656">Share Definition Controls</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2614672">Managing Windows 200x ACLs</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2615399">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#id2615533">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="DomApps.html">12. Integrating Additional Services</a></span></dt><dd><dl><dt><span class="sect1"><a href="DomApps.html#id2616162">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#id2616193">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2616294">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#id2616327">Technical Issues</a></span></dt><dt><span class="sect2"><a href="DomApps.html#id2616483">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2616500">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></span></dt><dt><span class="sect2"><a href="DomApps.html#id2618352">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2618413">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="HA.html">13. Performance, Reliability, and Availability</a></span></dt><dd><dl><dt><span class="sect1"><a href="HA.html#id2618932">Introduction</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619019">Dissection and Discussion</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619492">Guidelines for Reliable Samba Operation</a></span></dt><dd><dl><dt><span class="sect2"><a href="HA.html#id2619520">Name Resolution</a></span></dt><dt><span class="sect2"><a href="HA.html#id2619995">Samba Configuration</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620323">Use and Location of BDCs</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620398">Use One Consistent Version of MS Windows Client</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620420">For Scalability, Use SAN-Based Storage on Samba Servers</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620470">Distribute Network Load with MSDFS</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620524">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620570">Hardware Problems</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620728">Large Directories</a></span></dt></dl></dd><dt><span class="sect1"><a href="HA.html#id2620832">Key Points Learned</a></span></dt></dl></dd><dt><span class="chapter"><a href="ch14.html">14. Samba Support</a></span></dt><dd><dl><dt><span class="sect1"><a href="ch14.html#id2621002">Free Support</a></span></dt><dt><span class="sect1"><a href="ch14.html#id2621220">Commercial Support</a></span></dt></dl></dd><dt><span class="chapter"><a href="appendix.html">15. A Collection of Useful Tidbits</a></span></dt><dd><dl><dt><span class="sect1"><a href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2621928">Samba System File Location</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2622349">Starting Samba</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2622695">DNS Configuration Files</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2622707">The Forward Zone File for the Loopback Adaptor</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2622755">The Reverse Zone File for the Loopback Adaptor</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2622895">DNS Root Server Hint File</a></span></dt></dl></dd><dt><span class="sect1"><a href="appendix.html#altldapcfg">Alternative LDAP Database Initialization</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2622954">Initialization of the LDAP Database</a></span></dt></dl></dd><dt><span class="sect1"><a href="appendix.html#id2623532">The LDAP Account Manager</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2624529">IDEALX Management Console</a></span></dt><dt><span class="sect1"><a href="appendix.html#ch12-SUIDSGID">Effect of Setting File and Directory SUID/SGID Permissions Explained</a></span></dt><dt><span class="sect1"><a href="appendix.html#ch12dblck">Shared Data Integrity</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2625009">Microsoft Access</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2625156">Act! Database Sharing</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2625241">Opportunistic Locking Controls</a></span></dt></dl></dd></dl></dd><dt><span class="chapter"><a href="primer.html">16. Networking Primer</a></span></dt><dd><dl><dt><span class="sect1"><a href="primer.html#id2625407">Requirements and Notes</a></span></dt><dt><span class="sect1"><a href="primer.html#id2625568">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2625629">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#id2625745">Exercises</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2625871">Single-Machine Broadcast Activity</a></span></dt><dt><span class="sect2"><a href="primer.html#secondmachine">Second Machine Startup Broadcast Interaction</a></span></dt><dt><span class="sect2"><a href="primer.html#id2627019">Simple Windows Client Connection Characteristics</a></span></dt><dt><span class="sect2"><a href="primer.html#id2627521">Windows 200x/XP Client Interaction with Samba-3</a></span></dt><dt><span class="sect2"><a href="primer.html#id2628089">Conclusions to Exercises</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#chap01conc">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2628204">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#chap01qa">Questions and Answers</a></span></dt></dl></dd><dt><span class="appendix"><a href="apa.html">A. +</p><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="chapter"><a href="kerberos.html">11. Active Directory, Kerberos, and Security</a></span></dt><dd><dl><dt><span class="sect1"><a href="kerberos.html#id2610613">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2611264">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#id2611280">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2611677">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#ch10expl">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2613307">Share Access Controls</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2613656">Share Definition Controls</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2614682">Managing Windows 200x ACLs</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2615408">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#id2615543">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="DomApps.html">12. Integrating Additional Services</a></span></dt><dd><dl><dt><span class="sect1"><a href="DomApps.html#id2616172">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#id2616202">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2616313">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#id2616346">Technical Issues</a></span></dt><dt><span class="sect2"><a href="DomApps.html#id2616502">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2616520">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></span></dt><dt><span class="sect2"><a href="DomApps.html#id2618372">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2618432">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="HA.html">13. Performance, Reliability, and Availability</a></span></dt><dd><dl><dt><span class="sect1"><a href="HA.html#id2618959">Introduction</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619057">Dissection and Discussion</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619530">Guidelines for Reliable Samba Operation</a></span></dt><dd><dl><dt><span class="sect2"><a href="HA.html#id2619557">Name Resolution</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620033">Samba Configuration</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620360">Use and Location of BDCs</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620435">Use One Consistent Version of MS Windows Client</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620457">For Scalability, Use SAN-Based Storage on Samba Servers</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620507">Distribute Network Load with MSDFS</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620562">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620607">Hardware Problems</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620755">Large Directories</a></span></dt></dl></dd><dt><span class="sect1"><a href="HA.html#id2620859">Key Points Learned</a></span></dt></dl></dd><dt><span class="chapter"><a href="ch14.html">14. Samba Support</a></span></dt><dd><dl><dt><span class="sect1"><a href="ch14.html#id2621028">Free Support</a></span></dt><dt><span class="sect1"><a href="ch14.html#id2621247">Commercial Support</a></span></dt></dl></dd><dt><span class="chapter"><a href="appendix.html">15. A Collection of Useful Tidbits</a></span></dt><dd><dl><dt><span class="sect1"><a href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2621955">Samba System File Location</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2622376">Starting Samba</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2622715">DNS Configuration Files</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2622727">The Forward Zone File for the Loopback Adaptor</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2622776">The Reverse Zone File for the Loopback Adaptor</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2622916">DNS Root Server Hint File</a></span></dt></dl></dd><dt><span class="sect1"><a href="appendix.html#altldapcfg">Alternative LDAP Database Initialization</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2622975">Initialization of the LDAP Database</a></span></dt></dl></dd><dt><span class="sect1"><a href="appendix.html#id2623561">The LDAP Account Manager</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2624558">IDEALX Management Console</a></span></dt><dt><span class="sect1"><a href="appendix.html#ch12-SUIDSGID">Effect of Setting File and Directory SUID/SGID Permissions Explained</a></span></dt><dt><span class="sect1"><a href="appendix.html#ch12dblck">Shared Data Integrity</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2625032">Microsoft Access</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2625180">Act! Database Sharing</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2625264">Opportunistic Locking Controls</a></span></dt></dl></dd></dl></dd><dt><span class="chapter"><a href="primer.html">16. Networking Primer</a></span></dt><dd><dl><dt><span class="sect1"><a href="primer.html#id2625430">Requirements and Notes</a></span></dt><dt><span class="sect1"><a href="primer.html#id2625592">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2625652">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#id2625769">Exercises</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2625894">Single-Machine Broadcast Activity</a></span></dt><dt><span class="sect2"><a href="primer.html#secondmachine">Second Machine Startup Broadcast Interaction</a></span></dt><dt><span class="sect2"><a href="primer.html#id2627042">Simple Windows Client Connection Characteristics</a></span></dt><dt><span class="sect2"><a href="primer.html#id2627544">Windows 200x/XP Client Interaction with Samba-3</a></span></dt><dt><span class="sect2"><a href="primer.html#id2628113">Conclusions to Exercises</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#chap01conc">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2628227">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#chap01qa">Questions and Answers</a></span></dt></dl></dd><dt><span class="appendix"><a href="apa.html">A. GNU General Public License version 3 - </a></span></dt><dd><dl><dt><span class="bridgehead"><a href="apa.html#id2628870">A. + </a></span></dt><dd><dl><dt><span class="bridgehead"><a href="apa.html#id2628893">A. Preamble - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629015">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629038">A. TERMS AND CONDITIONS - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629019">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629042">A. 0. Definitions. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629111">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629134">A. 1. Source Code. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629210">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629233">A. 2. Basic Permissions. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629249">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629272">A. 3. Protecting Users’ Legal Rights From Anti-Circumvention Law. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629290">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629308">A. 4. Conveying Verbatim Copies. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629317">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629335">A. 5. Conveying Modified Source Versions. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629412">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629431">A. 6. Conveying Non-Source Forms. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629602">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629620">A. 7. Additional Terms. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629738">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629756">A. 8. Termination. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629781">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629800">A. 9. Acceptance Not Required for Having Copies. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629801">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629819">A. 10. Automatic Licensing of Downstream Recipients. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629853">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629871">A. 11. Patents. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629988">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630017">A. 12. No Surrender of Others’ Freedom. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630010">A. - 13. Use with the ???TITLE??? Affero General Public License. </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630039">A. + 13. Use with the ???TITLE??? Affero General Public License. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630067">A. 14. Revised Versions of this License. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630101">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630130">A. 15. Disclaimer of Warranty. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630128">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630156">A. 16. Limitation of Liability. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630148">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630176">A. 17. Interpretation of Sections 15 and 16. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630164">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630193">A. END OF TERMS AND CONDITIONS - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630168">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630197">A. How to Apply These Terms to Your New Programs </a></span></dt></dl></dd></dl></div></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="nw4migration.html">Prev</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="kerberos.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 10. Migrating NetWare Server to Samba-3 </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 11. Active Directory, Kerberos, and Security</td></tr></table></div></body></html> diff --git a/docs/htmldocs/Samba3-ByExample/apa.html b/docs/htmldocs/Samba3-ByExample/apa.html index 6f487d38d5..6f1b4c7b5b 100644 --- a/docs/htmldocs/Samba3-ByExample/apa.html +++ b/docs/htmldocs/Samba3-ByExample/apa.html @@ -1,50 +1,50 @@ <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Appendix A. GNU General Public License version 3</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="primer.html" title="Chapter 16. Networking Primer"><link rel="next" href="go01.html" title="Glossary"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Appendix A. GNU General Public License version 3 - </th></tr><tr><td width="20%" align="left"><a accesskey="p" href="primer.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="go01.html">Next</a></td></tr></table><hr></div><div class="appendix" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="id2628840"></a>Appendix A. + </th></tr><tr><td width="20%" align="left"><a accesskey="p" href="primer.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="go01.html">Next</a></td></tr></table><hr></div><div class="appendix" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="id2628864"></a>Appendix A. <acronym class="acronym">GNU</acronym> General Public License version 3 - </h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="bridgehead"><a href="apa.html#id2628870">A. + </h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="bridgehead"><a href="apa.html#id2628893">A. Preamble - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629015">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629038">A. TERMS AND CONDITIONS - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629019">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629042">A. 0. Definitions. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629111">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629134">A. 1. Source Code. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629210">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629233">A. 2. Basic Permissions. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629249">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629272">A. 3. Protecting Users’ Legal Rights From Anti-Circumvention Law. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629290">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629308">A. 4. Conveying Verbatim Copies. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629317">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629335">A. 5. Conveying Modified Source Versions. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629412">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629431">A. 6. Conveying Non-Source Forms. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629602">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629620">A. 7. Additional Terms. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629738">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629756">A. 8. Termination. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629781">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629800">A. 9. Acceptance Not Required for Having Copies. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629801">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629819">A. 10. Automatic Licensing of Downstream Recipients. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629853">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629871">A. 11. Patents. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629988">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630017">A. 12. No Surrender of Others’ Freedom. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630010">A. - 13. Use with the ???TITLE??? Affero General Public License. </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630039">A. + 13. Use with the ???TITLE??? Affero General Public License. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630067">A. 14. Revised Versions of this License. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630101">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630130">A. 15. Disclaimer of Warranty. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630128">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630156">A. 16. Limitation of Liability. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630148">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630176">A. 17. Interpretation of Sections 15 and 16. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630164">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630193">A. END OF TERMS AND CONDITIONS - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630168">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630197">A. How to Apply These Terms to Your New Programs </a></span></dt></dl></div><p> Version 3, 29 June 2007 @@ -54,7 +54,7 @@ </p><p> Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. - </p><h2><a name="id2628870"></a> + </p><h2><a name="id2628893"></a> Preamble </h2><p> The <acronym class="acronym">GNU</acronym> General Public License is a free, copyleft @@ -118,9 +118,9 @@ </p><p> The precise terms and conditions for copying, distribution and modification follow. - </p><h2><a name="id2629015"></a> + </p><h2><a name="id2629038"></a> TERMS AND CONDITIONS - </h2><h2><a name="id2629019"></a> + </h2><h2><a name="id2629042"></a> 0. Definitions. </h2><p> “This License” refers to version 3 of the <acronym class="acronym">GNU</acronym> @@ -162,7 +162,7 @@ License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. - </p><h2><a name="id2629111"></a> + </p><h2><a name="id2629134"></a> 1. Source Code. </h2><p> The “source code” for a work means the preferred form of the @@ -202,7 +202,7 @@ automatically from other parts of the Corresponding Source. </p><p> The Corresponding Source for a work in source code form is that same work. - </p><h2><a name="id2629210"></a> + </p><h2><a name="id2629233"></a> 2. Basic Permissions. </h2><p> All rights granted under this License are granted for the term of copyright @@ -227,7 +227,7 @@ Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. - </p><h2><a name="id2629249"></a> + </p><h2><a name="id2629272"></a> 3. Protecting Users’ Legal Rights From Anti-Circumvention Law. </h2><p> No covered work shall be deemed part of an effective technological measure @@ -242,7 +242,7 @@ the work as a means of enforcing, against the work’s users, your or third parties’ legal rights to forbid circumvention of technological measures. - </p><h2><a name="id2629290"></a> + </p><h2><a name="id2629308"></a> 4. Conveying Verbatim Copies. </h2><p> You may convey verbatim copies of the Program’s source code as you @@ -255,7 +255,7 @@ </p><p> You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. - </p><h2><a name="id2629317"></a> + </p><h2><a name="id2629335"></a> 5. Conveying Modified Source Versions. </h2><p> You may convey a work based on the Program, or the modifications to produce @@ -291,7 +291,7 @@ or legal rights of the compilation’s users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. - </p><h2><a name="id2629412"></a> + </p><h2><a name="id2629431"></a> 6. Conveying Non-Source Forms. </h2><p> You may convey a covered work in object code form under the terms of @@ -386,7 +386,7 @@ (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. - </p><h2><a name="id2629602"></a> + </p><h2><a name="id2629620"></a> 7. Additional Terms. </h2><p> “Additional permissions” are terms that supplement the terms of @@ -450,7 +450,7 @@ Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. - </p><h2><a name="id2629738"></a> + </p><h2><a name="id2629756"></a> 8. Termination. </h2><p> You may not propagate or modify a covered work except as expressly provided @@ -476,7 +476,7 @@ License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. - </p><h2><a name="id2629781"></a> + </p><h2><a name="id2629800"></a> 9. Acceptance Not Required for Having Copies. </h2><p> You are not required to accept this License in order to receive or run a @@ -487,7 +487,7 @@ These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. - </p><h2><a name="id2629801"></a> + </p><h2><a name="id2629819"></a> 10. Automatic Licensing of Downstream Recipients. </h2><p> Each time you convey a covered work, the recipient automatically receives a @@ -512,7 +512,7 @@ or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. - </p><h2><a name="id2629853"></a> + </p><h2><a name="id2629871"></a> 11. Patents. </h2><p> A “contributor” is a copyright holder who authorizes use under @@ -579,7 +579,7 @@ Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. - </p><h2><a name="id2629988"></a> + </p><h2><a name="id2630017"></a> 12. No Surrender of Others’ Freedom. </h2><p> If conditions are imposed on you (whether by court order, agreement or @@ -591,7 +591,7 @@ to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. - </p><h2><a name="id2630010"></a> + </p><h2><a name="id2630039"></a> 13. Use with the <acronym class="acronym">GNU</acronym> Affero General Public License. </h2><p> Notwithstanding any other provision of this License, you have permission to @@ -602,7 +602,7 @@ requirements of the <acronym class="acronym">GNU</acronym> Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. - </p><h2><a name="id2630039"></a> + </p><h2><a name="id2630067"></a> 14. Revised Versions of this License. </h2><p> The Free Software Foundation may publish revised and/or new versions of the @@ -627,7 +627,7 @@ Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. - </p><h2><a name="id2630101"></a> + </p><h2><a name="id2630130"></a> 15. Disclaimer of Warranty. </h2><p> THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE @@ -638,7 +638,7 @@ THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - </p><h2><a name="id2630128"></a> + </p><h2><a name="id2630156"></a> 16. Limitation of Liability. </h2><p> IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL @@ -650,7 +650,7 @@ PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. - </p><h2><a name="id2630148"></a> + </p><h2><a name="id2630176"></a> 17. Interpretation of Sections 15 and 16. </h2><p> If the disclaimer of warranty and limitation of liability provided above @@ -659,9 +659,9 @@ waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. - </p><h2><a name="id2630164"></a> + </p><h2><a name="id2630193"></a> END OF TERMS AND CONDITIONS - </h2><h2><a name="id2630168"></a> + </h2><h2><a name="id2630197"></a> How to Apply These Terms to Your New Programs </h2><p> If you develop a new program, and you want it to be of the greatest possible diff --git a/docs/htmldocs/Samba3-ByExample/appendix.html b/docs/htmldocs/Samba3-ByExample/appendix.html index 25b827dfb6..c3a4ef5e08 100644 --- a/docs/htmldocs/Samba3-ByExample/appendix.html +++ b/docs/htmldocs/Samba3-ByExample/appendix.html @@ -1,18 +1,18 @@ -<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 15. A Collection of Useful Tidbits</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="ch14.html" title="Chapter 14. Samba Support"><link rel="next" href="primer.html" title="Chapter 16. Networking Primer"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 15. A Collection of Useful Tidbits</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="ch14.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="primer.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="appendix"></a>Chapter 15. A Collection of Useful Tidbits</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2621928">Samba System File Location</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2622349">Starting Samba</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2622695">DNS Configuration Files</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2622707">The Forward Zone File for the Loopback Adaptor</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2622755">The Reverse Zone File for the Loopback Adaptor</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2622895">DNS Root Server Hint File</a></span></dt></dl></dd><dt><span class="sect1"><a href="appendix.html#altldapcfg">Alternative LDAP Database Initialization</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2622954">Initialization of the LDAP Database</a></span></dt></dl></dd><dt><span class="sect1"><a href="appendix.html#id2623532">The LDAP Account Manager</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2624529">IDEALX Management Console</a></span></dt><dt><span class="sect1"><a href="appendix.html#ch12-SUIDSGID">Effect of Setting File and Directory SUID/SGID Permissions Explained</a></span></dt><dt><span class="sect1"><a href="appendix.html#ch12dblck">Shared Data Integrity</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2625009">Microsoft Access</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2625156">Act! Database Sharing</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2625241">Opportunistic Locking Controls</a></span></dt></dl></dd></dl></div><p> - <a class="indexterm" name="id2621349"></a> - <a class="indexterm" name="id2621355"></a> +<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 15. A Collection of Useful Tidbits</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="ch14.html" title="Chapter 14. Samba Support"><link rel="next" href="primer.html" title="Chapter 16. Networking Primer"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 15. A Collection of Useful Tidbits</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="ch14.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="primer.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="appendix"></a>Chapter 15. A Collection of Useful Tidbits</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2621955">Samba System File Location</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2622376">Starting Samba</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2622715">DNS Configuration Files</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2622727">The Forward Zone File for the Loopback Adaptor</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2622776">The Reverse Zone File for the Loopback Adaptor</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2622916">DNS Root Server Hint File</a></span></dt></dl></dd><dt><span class="sect1"><a href="appendix.html#altldapcfg">Alternative LDAP Database Initialization</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2622975">Initialization of the LDAP Database</a></span></dt></dl></dd><dt><span class="sect1"><a href="appendix.html#id2623561">The LDAP Account Manager</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2624558">IDEALX Management Console</a></span></dt><dt><span class="sect1"><a href="appendix.html#ch12-SUIDSGID">Effect of Setting File and Directory SUID/SGID Permissions Explained</a></span></dt><dt><span class="sect1"><a href="appendix.html#ch12dblck">Shared Data Integrity</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2625032">Microsoft Access</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2625180">Act! Database Sharing</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2625264">Opportunistic Locking Controls</a></span></dt></dl></dd></dl></div><p> + <a class="indexterm" name="id2621376"></a> + <a class="indexterm" name="id2621382"></a> Information presented here is considered to be either basic or well-known material that is informative yet helpful. Over the years, I have observed an interesting behavior. There is an expectation that the process for joining a Windows client to a Samba-controlled Windows domain may somehow involve steps different from doing so with Windows NT4 or a Windows ADS domain. Be assured that the steps are identical, as shown in the example given below. </p><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="domjoin"></a>Joining a Domain: Windows 200x/XP Professional</h2></div></div></div><p> - <a class="indexterm" name="id2621386"></a> + <a class="indexterm" name="id2621412"></a> Microsoft Windows NT/200x/XP Professional platforms can participate in Domain Security. This section steps through the process for making a Windows 200x/XP Professional machine a member of a Domain Security environment. It should be noted that this process is identical when joining a domain that is controlled by Windows NT4/200x as well as a Samba PDC. - </p><div class="procedure"><a name="id2621400"></a><p class="title"><b>Procedure 15.1. Steps to Join a Domain</b></p><ol type="1"><li><p> + </p><div class="procedure"><a name="id2621426"></a><p class="title"><b>Procedure 15.1. Steps to Join a Domain</b></p><ol type="1"><li><p> Click <span class="guimenu">Start</span>. </p></li><li><p> Right-click <span class="guimenu">My Computer</span>, and then select <span class="guimenuitem">Properties</span>. @@ -50,19 +50,19 @@ The “<span class="quote">Welcome to the MIDEARTH domain</span>” dialog box should appear. At this point, the machine must be rebooted. Joining the domain is now complete. </p></li></ol></div><p> - <a class="indexterm" name="id2621818"></a> - <a class="indexterm" name="id2621825"></a> + <a class="indexterm" name="id2621845"></a> + <a class="indexterm" name="id2621852"></a> The screen capture shown in <a class="link" href="appendix.html#swxpp007" title="Figure 15.4. The Computer Name Changes Panel Domain MIDEARTH">“The Computer Name Changes Panel Domain MIDEARTH”</a> has a button labeled <span class="guimenu">More...</span>. This button opens a panel in which you can set (or change) the Primary DNS suffix of the computer. This is a parameter that mainly affects members of Microsoft Active Directory. Active Directory is heavily oriented around the DNS namespace. </p><p> - <a class="indexterm" name="id2621851"></a> - <a class="indexterm" name="id2621858"></a> + <a class="indexterm" name="id2621878"></a> + <a class="indexterm" name="id2621885"></a> Where NetBIOS technology uses WINS as well as UDP broadcast as key mechanisms for name resolution, Active Directory servers register their services with the Microsoft Dynamic DNS server. Windows clients must be able to query the correct DNS server to find the services (like which machines are domain controllers or which machines have the Netlogon service running). </p><p> - <a class="indexterm" name="id2621876"></a> + <a class="indexterm" name="id2621903"></a> The default setting of the Primary DNS suffix is the Active Directory domain name. When you change the Primary DNS suffix, this does not affect domain membership, but it can break network browsing and the ability to resolve your computer name to a valid IP address. @@ -70,12 +70,12 @@ The Primary DNS suffix parameter principally affects MS Windows clients that are members of an Active Directory domain. Where the client is a member of a Samba domain, it is preferable to leave this field blank. </p><p> - <a class="indexterm" name="id2621900"></a> + <a class="indexterm" name="id2621927"></a> According to Microsoft documentation, “<span class="quote">If this computer belongs to a group with <code class="constant">Group Policy</code> enabled on <code class="literal">Primary DNS suffice of this computer</code>, the string specified in the Group Policy is used as the primary DNS suffix and you might need to restart your computer to view the correct setting. The local setting is used only if Group Policy is disabled or unspecified.</span>” - </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2621928"></a>Samba System File Location</h2></div></div></div><p><a class="indexterm" name="id2621935"></a><a class="indexterm" name="id2621943"></a><a class="indexterm" name="id2621951"></a> + </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2621955"></a>Samba System File Location</h2></div></div></div><p><a class="indexterm" name="id2621962"></a><a class="indexterm" name="id2621970"></a><a class="indexterm" name="id2621978"></a> One of the frustrations expressed by subscribers to the Samba mailing lists revolves around the choice of where the default Samba Team build and installation process locates its Samba files. The location, chosen in the early 1990s, for the default installation is in the <code class="filename">/usr/local/samba</code> directory. This is a perfectly reasonable location, particularly given all the other @@ -83,7 +83,7 @@ </p><p> Several UNIX vendors, and Linux vendors in particular, elected to locate the Samba files in a location other than the Samba Team default. - </p><p><a class="indexterm" name="id2621987"></a><a class="indexterm" name="id2621999"></a><a class="indexterm" name="id2622006"></a><a class="indexterm" name="id2622018"></a><a class="indexterm" name="id2622026"></a><a class="indexterm" name="id2622037"></a><a class="indexterm" name="id2622045"></a><a class="indexterm" name="id2622053"></a><a class="indexterm" name="id2622061"></a><a class="indexterm" name="id2622069"></a><a class="indexterm" name="id2622076"></a><a class="indexterm" name="id2622084"></a><a class="indexterm" name="id2622092"></a><a class="indexterm" name="id2622100"></a><a class="indexterm" name="id2622108"></a><a class="indexterm" name="id2622116"></a> + </p><p><a class="indexterm" name="id2622014"></a><a class="indexterm" name="id2622025"></a><a class="indexterm" name="id2622033"></a><a class="indexterm" name="id2622045"></a><a class="indexterm" name="id2622052"></a><a class="indexterm" name="id2622064"></a><a class="indexterm" name="id2622072"></a><a class="indexterm" name="id2622080"></a><a class="indexterm" name="id2622088"></a><a class="indexterm" name="id2622095"></a><a class="indexterm" name="id2622103"></a><a class="indexterm" name="id2622111"></a><a class="indexterm" name="id2622119"></a><a class="indexterm" name="id2622127"></a><a class="indexterm" name="id2622135"></a><a class="indexterm" name="id2622143"></a> Linux vendors, working in conjunction with the Free Standards Group (FSG), Linux Standards Base (LSB), and File Hierarchy System (FHS), have elected to locate the configuration files under the <code class="filename">/etc/samba</code> directory, common binary files (those used by users) in the <code class="filename">/usr/bin</code> directory, and the administrative files (daemons) in the @@ -92,13 +92,13 @@ <code class="filename">/usr/share/swat</code>. There are additional support files for <code class="literal">smbd</code> in the <code class="filename">/usr/lib/samba</code> directory tree. The files located there include the dynamically loadable modules for the passdb backend as well as for the VFS modules. - </p><p><a class="indexterm" name="id2622185"></a><a class="indexterm" name="id2622193"></a><a class="indexterm" name="id2622201"></a> + </p><p><a class="indexterm" name="id2622212"></a><a class="indexterm" name="id2622220"></a><a class="indexterm" name="id2622228"></a> Samba creates runtime control files and generates log files. The runtime control files (tdb and dat files) are stored in the <code class="filename">/var/lib/samba</code> directory. Log files are created in <code class="filename">/var/log/samba.</code> </p><p> When Samba is built and installed using the default Samba Team process, all files are located under the <code class="filename">/usr/local/samba</code> directory tree. This makes it simple to find the files that Samba owns. - </p><p><a class="indexterm" name="id2622240"></a> + </p><p><a class="indexterm" name="id2622267"></a> One way to find the Samba files that are installed on your UNIX/Linux system is to search for the location of all files called <code class="literal">smbd</code>. Here is an example: </p><pre class="screen"> @@ -131,7 +131,7 @@ Version 3.0.20-SUSE </p><p> Many people have been caught by installation of Samba using the default Samba Team process when it was already installed by the platform vendor's method. If your platform uses RPM format packages, you can check to see if Samba is installed by - executing:<a class="indexterm" name="id2622313"></a> + executing:<a class="indexterm" name="id2622340"></a> </p><pre class="screen"> <code class="prompt">root# </code> rpm -qa | grep samba samba3-pdb-3.0.20-1 @@ -143,9 +143,9 @@ samba3-utils-3.0.20-1 samba3-doc-3.0.20-1 samba3-client-3.0.20-1 samba3-cifsmount-3.0.20-1 - </pre><p><a class="indexterm" name="id2622336"></a> + </pre><p><a class="indexterm" name="id2622362"></a> The package names, of course, vary according to how the vendor, or the binary package builder, prepared them. - </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2622349"></a>Starting Samba</h2></div></div></div><p><a class="indexterm" name="id2622356"></a> + </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2622376"></a>Starting Samba</h2></div></div></div><p><a class="indexterm" name="id2622382"></a> Samba essentially consists of two or three daemons. A daemon is a UNIX application that runs in the background and provides services. An example of a service is the Apache Web server for which the daemon is called <code class="literal">httpd</code>. In the case of Samba, there are three daemons, two of which are needed as a minimum. @@ -186,19 +186,19 @@ if [ $1 == 'restart' ]; then fi exit 0 </pre></div></div><br class="example-break"><div class="variablelist"><dl><dt><span class="term">nmbd</span></dt><dd><p> - <a class="indexterm" name="id2622418"></a> - <a class="indexterm" name="id2622425"></a> + <a class="indexterm" name="id2622445"></a> + <a class="indexterm" name="id2622452"></a> This daemon handles all name registration and resolution requests. It is the primary vehicle involved in network browsing. It handles all UDP-based protocols. The <code class="literal">nmbd</code> daemon should be the first command started as part of the Samba startup process. </p></dd><dt><span class="term">smbd</span></dt><dd><p> - <a class="indexterm" name="id2622455"></a> - <a class="indexterm" name="id2622462"></a> + <a class="indexterm" name="id2622482"></a> + <a class="indexterm" name="id2622488"></a> This daemon handles all TCP/IP-based connection services for file- and print-based operations. It also manages local authentication. It should be started immediately following the startup of <code class="literal">nmbd</code>. </p></dd><dt><span class="term">winbindd</span></dt><dd><p> - <a class="indexterm" name="id2622490"></a> - <a class="indexterm" name="id2622497"></a> + <a class="indexterm" name="id2622517"></a> + <a class="indexterm" name="id2622524"></a> This daemon should be started when Samba is a member of a Windows NT4 or ADS domain. It is also needed when Samba has trust relationships with another domain. The <code class="literal">winbindd</code> daemon will check the <code class="filename">smb.conf</code> file for the presence of the <em class="parameter"><code>idmap uid</code></em> and <em class="parameter"><code>idmap gid</code></em> @@ -252,22 +252,22 @@ case "$1" in echo "Usage: smb {start|stop|restart|status}" exit 1 esac -</pre></div></div><br class="example-break"><p><a class="indexterm" name="id2622616"></a> +</pre></div></div><br class="example-break"><p><a class="indexterm" name="id2622637"></a> SUSE Linux implements individual control over each Samba daemon. A Samba control script that can be conveniently executed from the command line is shown in <a class="link" href="appendix.html#ch12SL" title="Example 15.1. A Useful Samba Control Script for SUSE Linux">“A Useful Samba Control Script for SUSE Linux”</a>. This can be located in the directory <code class="filename">/sbin</code> in a file called <code class="filename">samba</code>. This type of control script should be owned by user root and group root, and set so that only root can execute it. - </p><p><a class="indexterm" name="id2622652"></a> + </p><p><a class="indexterm" name="id2622672"></a> A sample startup script for a Red Hat Linux system is shown in <a class="link" href="appendix.html#ch12RHscript" title="Example 15.2. A Sample Samba Control Script for Red Hat Linux">“A Sample Samba Control Script for Red Hat Linux”</a>. This file could be located in the directory <code class="filename">/etc/rc.d</code> and can be called <code class="filename">samba</code>. A similar startup script is required to control <code class="literal">winbind</code>. If you want to find more information regarding startup scripts please refer to the packaging section of the Samba source code distribution tarball. The packaging files for each platform include a startup control file. - </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2622695"></a>DNS Configuration Files</h2></div></div></div><p> + </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2622715"></a>DNS Configuration Files</h2></div></div></div><p> The following files are common to all DNS server configurations. Rather than repeat them multiple times, they are presented here for general reference. - </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2622707"></a>The Forward Zone File for the Loopback Adaptor</h3></div></div></div><p> + </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2622727"></a>The Forward Zone File for the Loopback Adaptor</h3></div></div></div><p> The forward zone file for the loopback address never changes. An example file is shown in <a class="link" href="appendix.html#loopback" title="Example 15.3. DNS Localhost Forward Zone File: /var/lib/named/localhost.zone">“DNS Localhost Forward Zone File: /var/lib/named/localhost.zone”</a>. All traffic destined for an IP address that is hosted on a physical interface on the machine itself is routed to the loopback adaptor. This is @@ -284,7 +284,7 @@ $TTL 1W IN NS @ IN A 127.0.0.1 -</pre></div></div><br class="example-break"></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2622755"></a>The Reverse Zone File for the Loopback Adaptor</h3></div></div></div><p> +</pre></div></div><br class="example-break"></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2622776"></a>The Reverse Zone File for the Loopback Adaptor</h3></div></div></div><p> The reverse zone file for the loopback address as shown in <a class="link" href="appendix.html#dnsloopy" title="Example 15.4. DNS Localhost Reverse Zone File: /var/lib/named/127.0.0.zone">“DNS Localhost Reverse Zone File: /var/lib/named/127.0.0.zone”</a> is necessary so that references to the address <code class="constant">127.0.0.1</code> can be resolved to the correct name of the interface. @@ -344,15 +344,15 @@ L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12 . 3600000 NS M.ROOT-SERVERS.NET. M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 ; End of File -</pre></div></div><br class="example-break"></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2622895"></a>DNS Root Server Hint File</h3></div></div></div><p> +</pre></div></div><br class="example-break"></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2622916"></a>DNS Root Server Hint File</h3></div></div></div><p> The content of the root hints file as shown in <a class="link" href="appendix.html#roothint" title="Example 15.5. DNS Root Name Server Hint File: /var/lib/named/root.hint">“DNS Root Name Server Hint File: /var/lib/named/root.hint”</a> changes slowly over time. Periodically this file should be updated from the source shown. Because of its size, this file is located at the end of this chapter. - </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="altldapcfg"></a>Alternative LDAP Database Initialization</h2></div></div></div><p><a class="indexterm" name="id2622926"></a><a class="indexterm" name="id2622937"></a> + </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="altldapcfg"></a>Alternative LDAP Database Initialization</h2></div></div></div><p><a class="indexterm" name="id2622947"></a><a class="indexterm" name="id2622958"></a> The following procedure may be used as an alternative means of configuring the initial LDAP database. Many administrators prefer to have greater control over how system files get configured. - </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2622954"></a>Initialization of the LDAP Database</h3></div></div></div><p><a class="indexterm" name="id2622961"></a><a class="indexterm" name="id2622969"></a><a class="indexterm" name="id2622981"></a> + </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2622975"></a>Initialization of the LDAP Database</h3></div></div></div><p><a class="indexterm" name="id2622982"></a><a class="indexterm" name="id2622990"></a><a class="indexterm" name="id2623001"></a> The first step to get the LDAP server ready for action is to create the LDIF file from which the LDAP database will be preloaded. This is necessary to create the containers into which the user, group, and other accounts are written. It is also necessary to @@ -705,14 +705,14 @@ sambaSID: DOMSID-513 sambaGroupType: 2 displayName: Domain Users description: Domain Users -</pre></div></div><br class="example-break"></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2623532"></a>The LDAP Account Manager</h2></div></div></div><p> -<a class="indexterm" name="id2623540"></a> -<a class="indexterm" name="id2623547"></a> -<a class="indexterm" name="id2623556"></a> -<a class="indexterm" name="id2623563"></a> -<a class="indexterm" name="id2623570"></a> -<a class="indexterm" name="id2623576"></a> -<a class="indexterm" name="id2623583"></a> +</pre></div></div><br class="example-break"></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2623561"></a>The LDAP Account Manager</h2></div></div></div><p> +<a class="indexterm" name="id2623569"></a> +<a class="indexterm" name="id2623575"></a> +<a class="indexterm" name="id2623585"></a> +<a class="indexterm" name="id2623591"></a> +<a class="indexterm" name="id2623598"></a> +<a class="indexterm" name="id2623605"></a> +<a class="indexterm" name="id2623612"></a> The LDAP Account Manager (LAM) is an application suite that has been written in PHP. LAM can be used with any Web server that has PHP4 support. It connects to the LDAP server either using unencrypted connections or via SSL/TLS. LAM can be used to manage @@ -724,24 +724,24 @@ home page and from its mirror sites. LAM has been released under the GNU GPL ver The current version of LAM is 0.4.9. Release of version 0.5 is expected in the third quarter of 2005. </p><p> -<a class="indexterm" name="id2623615"></a> -<a class="indexterm" name="id2623621"></a> -<a class="indexterm" name="id2623628"></a> +<a class="indexterm" name="id2623643"></a> +<a class="indexterm" name="id2623650"></a> +<a class="indexterm" name="id2623657"></a> Requirements: </p><div class="itemizedlist"><ul type="disc"><li><p>A web server that will work with PHP4.</p></li><li><p>PHP4 (available from the <a class="ulink" href="http://www.php.net/" target="_top">PHP</a> home page.)</p></li><li><p>OpenLDAP 2.0 or later.</p></li><li><p>A Web browser that supports CSS.</p></li><li><p>Perl.</p></li><li><p>The gettext package.</p></li><li><p>mcrypt + mhash (optional).</p></li><li><p>It is also a good idea to install SSL support.</p></li></ul></div><p> LAM is a useful tool that provides a simple Web-based device that can be used to manage the contents of the LDAP directory to: -<a class="indexterm" name="id2623689"></a> -<a class="indexterm" name="id2623696"></a> -<a class="indexterm" name="id2623703"></a> +<a class="indexterm" name="id2623717"></a> +<a class="indexterm" name="id2623724"></a> +<a class="indexterm" name="id2623731"></a> </p><div class="itemizedlist"><ul type="disc"><li><p>Display user/group/host and Domain entries.</p></li><li><p>Manage entries (Add/Delete/Edit).</p></li><li><p>Filter and sort entries.</p></li><li><p>Store and use multiple operating profiles.</p></li><li><p>Edit organizational units (OUs).</p></li><li><p>Upload accounts from a file.</p></li><li><p>Is compatible with Samba-2.2.x and Samba-3.</p></li></ul></div><p> When correctly configured, LAM allows convenient management of UNIX (Posix) and Samba user, group, and windows domain member machine accounts. </p><p> -<a class="indexterm" name="id2623757"></a> -<a class="indexterm" name="id2623764"></a> -<a class="indexterm" name="id2623771"></a> -<a class="indexterm" name="id2623777"></a> +<a class="indexterm" name="id2623785"></a> +<a class="indexterm" name="id2623792"></a> +<a class="indexterm" name="id2623799"></a> +<a class="indexterm" name="id2623806"></a> The default password is “<span class="quote">lam.</span>” It is highly recommended that you use only an SSL connection to your Web server for all remote operations involving LAM. If you want secure connections, you must configure your Apache Web server to permit connections @@ -760,7 +760,7 @@ to LAM using only SSL. For example, on SUSE Linux Enterprise Server 9, copy to the <code class="filename">/srv/www/htdocs</code> directory. </p></li><li><p> - <a class="indexterm" name="id2623857"></a> + <a class="indexterm" name="id2623886"></a> Set file permissions using the following commands: </p><pre class="screen"> <code class="prompt">root# </code> chown -R wwwrun:www /srv/www/htdocs/lam @@ -770,7 +770,7 @@ to LAM using only SSL. <code class="prompt">root# </code> chmod 755 /srv/www/htdocs/lam/lib/*pl </pre><p> </p></li><li><p> - <a class="indexterm" name="id2623910"></a> + <a class="indexterm" name="id2623938"></a> Using your favorite editor create the following <code class="filename">config.cfg</code> LAM configuration file: </p><pre class="screen"> @@ -778,8 +778,8 @@ to LAM using only SSL. <code class="prompt">root# </code> cp config.cfg_sample config.cfg <code class="prompt">root# </code> vi config.cfg </pre><p> - <a class="indexterm" name="id2623951"></a> - <a class="indexterm" name="id2623960"></a> + <a class="indexterm" name="id2623979"></a> + <a class="indexterm" name="id2623988"></a> An example file is shown in <a class="link" href="appendix.html#lamcfg" title="Example 15.11. Example LAM Configuration File config.cfg">“Example LAM Configuration File config.cfg”</a>. This is the minimum configuration that must be completed. The LAM profile file can be created using a convenient wizard that is part of the LAM @@ -794,7 +794,7 @@ to LAM using only SSL. <code class="filename">lam.conf</code> then, using your favorite editor, change the settings to match local site needs. </p></li></ol></div><p> - <a class="indexterm" name="id2624019"></a> + <a class="indexterm" name="id2624048"></a> An example of a working file is shown here in <a class="link" href="appendix.html#lamconf" title="Example 15.12. LAM Profile Control File lam.conf">“LAM Profile Control File lam.conf”</a>. This file has been stripped of comments to keep the size small. The comments and help information provided in the profile file that the wizard creates @@ -802,12 +802,12 @@ to LAM using only SSL. Your configuration file obviously reflects the configuration options that are preferred at your site. </p><p> - <a class="indexterm" name="id2624043"></a> + <a class="indexterm" name="id2624071"></a> It is important that your LDAP server is running at the time that LAM is being configured. This permits you to validate correct operation. An example of the LAM login screen is provided in <a class="link" href="appendix.html#lam-login" title="Figure 15.6. The LDAP Account Manager Login Screen">“The LDAP Account Manager Login Screen”</a>. </p><div class="figure"><a name="lam-login"></a><p class="title"><b>Figure 15.6. The LDAP Account Manager Login Screen</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/lam-login.png" width="270" alt="The LDAP Account Manager Login Screen"></div></div></div><br class="figure-break"><p> - <a class="indexterm" name="id2624105"></a> + <a class="indexterm" name="id2624134"></a> The LAM configuration editor has a number of options that must be managed correctly. An example of use of the LAM configuration editor is shown in <a class="link" href="appendix.html#lam-config" title="Figure 15.7. The LDAP Account Manager Configuration Screen">“The LDAP Account Manager Configuration Screen”</a>. It is important that you correctly set the minimum and maximum UID/GID values that are @@ -817,13 +817,13 @@ to LAM using only SSL. the initial settings to be made. Do not forget to reset these to sensible values before using LAM to add additional users and groups. </p><div class="figure"><a name="lam-config"></a><p class="title"><b>Figure 15.7. The LDAP Account Manager Configuration Screen</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/lam-config.png" width="270" alt="The LDAP Account Manager Configuration Screen"></div></div></div><br class="figure-break"><p> - <a class="indexterm" name="id2624177"></a> + <a class="indexterm" name="id2624205"></a> LAM has some nice, but unusual features. For example, one unexpected feature in most application screens permits the generation of a PDF file that lists configuration information. This is a well thought out facility. This option has been edited out of the following screen shots to conserve space. </p><p> - <a class="indexterm" name="id2624192"></a> + <a class="indexterm" name="id2624220"></a> When you log onto LAM the opening screen drops you right into the user manager as shown in <a class="link" href="appendix.html#lam-user" title="Figure 15.8. The LDAP Account Manager User Edit Screen">“The LDAP Account Manager User Edit Screen”</a>. This is a logical action as it permits the most-needed facility to be used immediately. The editing of an existing user, as with the addition of a new user, @@ -837,7 +837,7 @@ to LAM using only SSL. shows a sub-screen from the group editor that permits users to be assigned secondary group memberships. </p><div class="figure"><a name="lam-group"></a><p class="title"><b>Figure 15.9. The LDAP Account Manager Group Edit Screen</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/lam-groups.png" width="270" alt="The LDAP Account Manager Group Edit Screen"></div></div></div><br class="figure-break"><div class="figure"><a name="lam-group-mem"></a><p class="title"><b>Figure 15.10. The LDAP Account Manager Group Membership Edit Screen</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/lam-group-members.png" width="270" alt="The LDAP Account Manager Group Membership Edit Screen"></div></div></div><br class="figure-break"><p> - <a class="indexterm" name="id2624372"></a><a class="indexterm" name="id2624377"></a> + <a class="indexterm" name="id2624400"></a><a class="indexterm" name="id2624406"></a> The final screen presented here is one that you should not normally need to use. Host accounts will be automatically managed using the smbldap-tools scripts. This means that the screen <a class="link" href="appendix.html#lam-host" title="Figure 15.11. The LDAP Account Manager Host Edit Screen">“The LDAP Account Manager Host Edit Screen”</a> will, in most cases, not be used. @@ -883,7 +883,7 @@ scriptServer: samba3: yes cachetimeout: 5 pwdhash: SSHA -</pre></div></div><br class="example-break"></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2624529"></a>IDEALX Management Console</h2></div></div></div><p> +</pre></div></div><br class="example-break"></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2624558"></a>IDEALX Management Console</h2></div></div></div><p> IMC (the IDEALX Mamagement Console) is a tool that can be used as the basis for a comprehensive web-based management interface for UNIX and Linux systems. </p><p> @@ -897,7 +897,7 @@ pwdhash: SSHA </p><p> For further information regarding IMC refer to the web <a class="ulink" href="http://imc.sourceforge.net/" target="_top">site.</a> Prebuilt RPM packages are also <a class="ulink" href="http://imc.sourceforge.net/download.html" target="_top">available.</a> - </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="ch12-SUIDSGID"></a>Effect of Setting File and Directory SUID/SGID Permissions Explained</h2></div></div></div><a class="indexterm" name="id2624635"></a><a class="indexterm" name="id2624642"></a><p> + </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="ch12-SUIDSGID"></a>Effect of Setting File and Directory SUID/SGID Permissions Explained</h2></div></div></div><a class="indexterm" name="id2624663"></a><a class="indexterm" name="id2624670"></a><p> The setting of the SUID/SGID bits on the file or directory permissions flag has particular consequences. If the file is executable and the SUID bit is set, it executes with the privilege of (with the UID of) the owner of the file. For example, if you are logged onto a system as @@ -967,34 +967,34 @@ drwx------ 2 root root 48 Jan 26 2002 lost+found total 1 drw-rw-r-- 2 bobj Domain Users 12346 Dec 18 18:11 maryvfile.txt </pre><p> - </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="ch12dblck"></a>Shared Data Integrity</h2></div></div></div><p><a class="indexterm" name="id2624873"></a><a class="indexterm" name="id2624880"></a> + </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="ch12dblck"></a>Shared Data Integrity</h2></div></div></div><p><a class="indexterm" name="id2624901"></a><a class="indexterm" name="id2624909"></a> The integrity of shared data is often viewed as a particularly emotional issue, especially where there are concurrent problems with multiuser data access. Contrary to the assertions of some who have experienced problems in either area, the cause has nothing to do with the phases of the moons of Jupiter. </p><p> The solution to concurrent multiuser data access problems must consider three separate areas - from which the problem may stem:<a class="indexterm" name="id2624909"></a><a class="indexterm" name="id2624920"></a><a class="indexterm" name="id2624932"></a> - </p><div class="itemizedlist"><ul type="disc"><li><p>application-level locking controls</p></li><li><p>client-side locking controls</p></li><li><p>server-side locking controls</p></li></ul></div><p><a class="indexterm" name="id2624964"></a><a class="indexterm" name="id2624972"></a> + from which the problem may stem:<a class="indexterm" name="id2624932"></a><a class="indexterm" name="id2624943"></a><a class="indexterm" name="id2624955"></a> + </p><div class="itemizedlist"><ul type="disc"><li><p>application-level locking controls</p></li><li><p>client-side locking controls</p></li><li><p>server-side locking controls</p></li></ul></div><p><a class="indexterm" name="id2624987"></a><a class="indexterm" name="id2624995"></a> Many database applications use some form of application-level access control. An example of one well-known application that uses application-level locking is Microsoft Access. Detailed guidance is provided here because this is the most common application for which problems have been reported. - </p><p><a class="indexterm" name="id2624988"></a><a class="indexterm" name="id2624996"></a> + </p><p><a class="indexterm" name="id2625012"></a><a class="indexterm" name="id2625020"></a> Common applications that are affected by client- and server-side locking controls include MS Excel and Act!. Important locking guidance is provided here. - </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2625009"></a>Microsoft Access</h3></div></div></div><p> + </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2625032"></a>Microsoft Access</h3></div></div></div><p> The best advice that can be given is to carefully read the Microsoft knowledgebase articles that cover this area. Examples of relevant documents include: - </p><div class="itemizedlist"><ul type="disc"><li><p>http://support.microsoft.com/default.aspx?scid=kb;en-us;208778</p></li><li><p>http://support.microsoft.com/default.aspx?scid=kb;en-us;299373</p></li></ul></div><p><a class="indexterm" name="id2625036"></a><a class="indexterm" name="id2625048"></a> + </p><div class="itemizedlist"><ul type="disc"><li><p>http://support.microsoft.com/default.aspx?scid=kb;en-us;208778</p></li><li><p>http://support.microsoft.com/default.aspx?scid=kb;en-us;299373</p></li></ul></div><p><a class="indexterm" name="id2625059"></a><a class="indexterm" name="id2625071"></a> Make sure that your MS Access database file is configured for multiuser access (not set for exclusive open). Open MS Access on each client workstation, then set the following: <span class="guimenu">(Menu bar) Tools</span>+<span class="guimenu">Options</span>+<span class="guimenu">[tab] General</span>. Set network path to Default database folder: <code class="filename">\\server\share\folder</code>. </p><p> You can configure MS Access file sharing behavior as follows: click <span class="guimenu">[tab] Advanced</span>. - Set:<a class="indexterm" name="id2625098"></a> - </p><div class="itemizedlist"><ul type="disc"><li><p>Default open mode: Shared</p></li><li><p>Default Record Locking: Edited Record</p></li><li><p>Open databases using record_level locking</p></li></ul></div><p><a class="indexterm" name="id2625128"></a> + Set:<a class="indexterm" name="id2625122"></a> + </p><div class="itemizedlist"><ul type="disc"><li><p>Default open mode: Shared</p></li><li><p>Default Record Locking: Edited Record</p></li><li><p>Open databases using record_level locking</p></li></ul></div><p><a class="indexterm" name="id2625151"></a> You must now commit the changes so that they will take effect. To do so, click <span class="guimenu">Apply</span><span class="guimenu">Ok</span>. At this point, you should exit MS Access, restart it, and then validate that these settings have not changed. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2625156"></a>Act! Database Sharing</h3></div></div></div><p><a class="indexterm" name="id2625163"></a><a class="indexterm" name="id2625171"></a> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2625180"></a>Act! Database Sharing</h3></div></div></div><p><a class="indexterm" name="id2625186"></a><a class="indexterm" name="id2625194"></a> Where the server sharing the ACT! database(s) is running Samba,or Windows NT, 200x, or XP, you must disable opportunistic locking on the server and all workstations. Failure to do so results in data corruption. This information is available from the Act! Web site @@ -1002,7 +1002,7 @@ drw-rw-r-- 2 bobj Domain Users 12346 Dec 18 18:11 maryvfile.txt <a class="ulink" href="http://itdomino.saleslogix.com/act.nsf/docid/1998223162925" target="_top">1998223162925</a> as well as from article <a class="ulink" href="http://itdomino.saleslogix.com/act.nsf/docid/200110485036" target="_top">200110485036</a>. - </p><p><a class="indexterm" name="id2625201"></a><a class="indexterm" name="id2625210"></a> + </p><p><a class="indexterm" name="id2625225"></a><a class="indexterm" name="id2625233"></a> These documents clearly state that opportunistic locking must be disabled on both the server (Samba in the case we are interested in here), as well as on every workstation from which the centrally shared Act! database will be accessed. Act! provides @@ -1010,18 +1010,18 @@ drw-rw-r-- 2 bobj Domain Users 12346 Dec 18 18:11 maryvfile.txt registry settings that may otherwise interfere with the operation of Act! Registered Act! users may download this utility from the Act! Web <a class="ulink" href="http://www.act.com/support/updates/index.cfm" target="_top">site.</a> - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2625241"></a>Opportunistic Locking Controls</h3></div></div></div><p><a class="indexterm" name="id2625248"></a> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2625264"></a>Opportunistic Locking Controls</h3></div></div></div><p><a class="indexterm" name="id2625271"></a> Third-party Windows applications may not be compatible with the use of opportunistic file - and record locking. For applications that are known not to be compatible,<sup>[<a name="id2625260" href="#ftn.id2625260" class="footnote">14</a>]</sup> oplock + and record locking. For applications that are known not to be compatible,<sup>[<a name="id2625283" href="#ftn.id2625283" class="footnote">14</a>]</sup> oplock support may need to be disabled both on the Samba server and on the Windows workstations. - </p><p><a class="indexterm" name="id2625274"></a><a class="indexterm" name="id2625282"></a><a class="indexterm" name="id2625290"></a> + </p><p><a class="indexterm" name="id2625297"></a><a class="indexterm" name="id2625305"></a><a class="indexterm" name="id2625313"></a> Oplocks enable a Windows client to cache parts of a file that are being edited. Another windows client may then request to open the file with the ability to write to it. The server will then ask the original workstation that had the file open with a write lock to release its lock. Before doing so, that workstation must flush the file from cache memory to the disk or network drive. - </p><p><a class="indexterm" name="id2625311"></a> + </p><p><a class="indexterm" name="id2625334"></a> Disabling of Oplocks usage may require server and client changes. Oplocks may be disabled by file, by file pattern, on the share, or on the Samba server. diff --git a/docs/htmldocs/Samba3-ByExample/ch14.html b/docs/htmldocs/Samba3-ByExample/ch14.html index c6169ebcb9..cb6e5b9bd0 100644 --- a/docs/htmldocs/Samba3-ByExample/ch14.html +++ b/docs/htmldocs/Samba3-ByExample/ch14.html @@ -1,9 +1,9 @@ -<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 14. Samba Support</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="HA.html" title="Chapter 13. Performance, Reliability, and Availability"><link rel="next" href="appendix.html" title="Chapter 15. A Collection of Useful Tidbits"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 14. Samba Support</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="HA.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="appendix.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en-US"><div class="titlepage"><div><div><h2 class="title"><a name="id2620871"></a>Chapter 14. Samba Support</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="ch14.html#id2621002">Free Support</a></span></dt><dt><span class="sect1"><a href="ch14.html#id2621220">Commercial Support</a></span></dt></dl></div><p> -<a class="indexterm" name="id2620880"></a> +<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 14. Samba Support</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="HA.html" title="Chapter 13. Performance, Reliability, and Availability"><link rel="next" href="appendix.html" title="Chapter 15. A Collection of Useful Tidbits"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 14. Samba Support</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="HA.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="appendix.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en-US"><div class="titlepage"><div><div><h2 class="title"><a name="id2620898"></a>Chapter 14. Samba Support</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="ch14.html#id2621028">Free Support</a></span></dt><dt><span class="sect1"><a href="ch14.html#id2621247">Commercial Support</a></span></dt></dl></div><p> +<a class="indexterm" name="id2620907"></a> One of the most difficult to answer questions in the information technology industry is, “<span class="quote">What is support?</span>”. That question irritates some folks, as much as common answers may annoy others. </p><p> -<a class="indexterm" name="id2620897"></a> +<a class="indexterm" name="id2620924"></a> The most aggravating situation pertaining to support is typified when, as a Linux user, a call is made to an Internet service provider who, instead of listening to the problem to find a solution, blandly replies: “<span class="quote">Oh, Linux? We do not support Linux!</span>”. It has happened to me, and similar situations happen @@ -15,50 +15,50 @@ One way to consider support is to view it as consisting of the right answer, in at the right time, no matter the situation. Support is all that it takes to take away pain, disruption, inconvenience, loss of productivity, disorientation, uncertainty, and real or perceived risk. </p><p> -<a class="indexterm" name="id2620928"></a> -<a class="indexterm" name="id2620935"></a> -<a class="indexterm" name="id2620942"></a> +<a class="indexterm" name="id2620954"></a> +<a class="indexterm" name="id2620961"></a> +<a class="indexterm" name="id2620968"></a> One of the forces that has become a driving force for the adoption of open source software is the fact that many IT businesses have provided services that have perhaps failed to deliver what the customer expected, or that have been found wanting for other reasons. </p><p> -<a class="indexterm" name="id2620956"></a> -<a class="indexterm" name="id2620963"></a> +<a class="indexterm" name="id2620983"></a> +<a class="indexterm" name="id2620990"></a> In recognition of the need for needs satisfaction as the primary experience an information technology user or consumer expects, the information provided in this chapter may help someone to avoid an unpleasant experience in respect of problem resolution. </p><p> -<a class="indexterm" name="id2620978"></a> -<a class="indexterm" name="id2620985"></a> -<a class="indexterm" name="id2620992"></a> +<a class="indexterm" name="id2621004"></a> +<a class="indexterm" name="id2621011"></a> +<a class="indexterm" name="id2621018"></a> In the open source software arena there are two support options: free support and paid-for (commercial) support. -</p><div class="sect1" lang="en-US"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2621002"></a>Free Support</h2></div></div></div><p> -<a class="indexterm" name="id2621009"></a> -<a class="indexterm" name="id2621016"></a> -<a class="indexterm" name="id2621023"></a> -<a class="indexterm" name="id2621030"></a> -<a class="indexterm" name="id2621037"></a> -<a class="indexterm" name="id2621044"></a> +</p><div class="sect1" lang="en-US"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2621028"></a>Free Support</h2></div></div></div><p> +<a class="indexterm" name="id2621036"></a> +<a class="indexterm" name="id2621043"></a> +<a class="indexterm" name="id2621050"></a> +<a class="indexterm" name="id2621057"></a> +<a class="indexterm" name="id2621064"></a> +<a class="indexterm" name="id2621071"></a> Free support may be obtained from friends, colleagues, user groups, mailing lists, and interactive help facilities. An example of an interactive dacility is the Internet relay chat (IRC) channels that host user supported mutual assistance. </p><p> -<a class="indexterm" name="id2621058"></a> -<a class="indexterm" name="id2621065"></a> -<a class="indexterm" name="id2621072"></a> -<a class="indexterm" name="id2621079"></a> -<a class="indexterm" name="id2621086"></a> +<a class="indexterm" name="id2621085"></a> +<a class="indexterm" name="id2621092"></a> +<a class="indexterm" name="id2621099"></a> +<a class="indexterm" name="id2621106"></a> +<a class="indexterm" name="id2621112"></a> The Samba project maintains a mailing list that is commonly used to discuss solutions to Samba deployments. Information regarding subscription to the Samba mailing list can be found on the Samba <a class="ulink" href="https://lists.samba.org/mailman/" target="_top">web</a> site. The public mailing list that can be used to obtain free, user contributed, support is called the <code class="literal">samba</code> list. The email address for this list is at <code class="literal">mail:samba@samba.org</code>. Information regarding the Samba IRC channels may be found on the Samba <a class="ulink" href="http://www.samba.org/samba.irc.html" target="_top">IRC</a> web page. </p><p> -<a class="indexterm" name="id2621127"></a> -<a class="indexterm" name="id2621134"></a> -<a class="indexterm" name="id2621141"></a> -<a class="indexterm" name="id2621148"></a> +<a class="indexterm" name="id2621154"></a> +<a class="indexterm" name="id2621161"></a> +<a class="indexterm" name="id2621168"></a> +<a class="indexterm" name="id2621175"></a> As a general rule, it is considered poor net behavior to contact a Samba Team member directly for free support. Most active members of the Samba Team work exceptionally long hours to assist users who have demonstrated a qualified problem. Some team members may respond to direct email @@ -66,9 +66,9 @@ support. Team members actually provide professional paid-for Samba support and it is therefore wise to show appropriate discretion and reservation in all direct contact. </p><p> -<a class="indexterm" name="id2621168"></a> -<a class="indexterm" name="id2621174"></a> -<a class="indexterm" name="id2621181"></a> +<a class="indexterm" name="id2621194"></a> +<a class="indexterm" name="id2621201"></a> +<a class="indexterm" name="id2621208"></a> When you stumble across a Samba bug, often the quickest way to get it resolved is by posting a bug <a class="ulink" href="https://bugzilla.samba.org/" target="_top">report</a>. All such reports are mailed to the responsible code maintainer for action. The better the report, and the more serious it is, @@ -76,16 +76,16 @@ support. the reported bug it is likely to be rejected. It is up to you to provide sufficient information that will permit the problem to be reproduced. </p><p> -<a class="indexterm" name="id2621206"></a> +<a class="indexterm" name="id2621232"></a> We all recognize that sometimes free support does not provide the answer that is sought within the time-frame required. At other times the problem is elusive and you may lack the experience necessary to isolate the problem and thus to resolve it. This is a situation where is may be prudent to purchase paid-for support. - </p></div><div class="sect1" lang="en-US"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2621220"></a>Commercial Support</h2></div></div></div><p> + </p></div><div class="sect1" lang="en-US"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2621247"></a>Commercial Support</h2></div></div></div><p> There are six basic support oriented services that are most commonly sought by Samba sites: </p><div class="itemizedlist"><ul type="disc"><li><p>Assistance with network design</p></li><li><p>Staff Training</p></li><li><p>Assistance with Samba network deployment and installation</p></li><li><p>Priority telephone or email Samba configuration assistance</p></li><li><p>Trouble-shooting and diagnostic assistance</p></li><li><p>Provision of quality assured ready-to-install Samba binary packages</p></li></ul></div><p> -<a class="indexterm" name="id2621267"></a> -<a class="indexterm" name="id2621274"></a> +<a class="indexterm" name="id2621294"></a> +<a class="indexterm" name="id2621301"></a> Information regarding companies that provide professional Samba support can be obtained by performing a Google search, as well as by reference to the Samba <a class="ulink" href="http://www.samba.org/samba/support.html" target="_top">Support</a> web page. Companies who notify the Samba Team that they provide commercial support are given a free listing that is sorted by the country of origin. @@ -93,13 +93,13 @@ support. provider and to satisfy yourself that both the company and its staff are able to deliver what is required of them. </p><p> -<a class="indexterm" name="id2621300"></a> +<a class="indexterm" name="id2621326"></a> The policy within the Samba Team is to treat all commercial support providers equally and to show no preference. As a result, Samba Team members who provide commercial support are lumped in with everyone else. You are encouraged to obtain the services needed from a company in your local area. The open source movement is pro-community; so do what you can to help a local business to prosper. </p><p> -<a class="indexterm" name="id2621317"></a> +<a class="indexterm" name="id2621343"></a> Open source software support can be found in any quality, at any price and in any place you can to obtain it. Over 180 companies around the world provide Samba support, there is no excuse for suffering in the mistaken belief that Samba is unsupported software it is supported. diff --git a/docs/htmldocs/Samba3-ByExample/go01.html b/docs/htmldocs/Samba3-ByExample/go01.html index 80ca38d4d2..06c2100c83 100644 --- a/docs/htmldocs/Samba3-ByExample/go01.html +++ b/docs/htmldocs/Samba3-ByExample/go01.html @@ -1,4 +1,4 @@ -<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Glossary</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="index.html" title="Samba-3 by Example"><link rel="prev" href="apa.html" title="Appendix A. GNU General Public License version 3"><link rel="next" href="ix01.html" title="Index"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Glossary</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="apa.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="ix01.html">Next</a></td></tr></table><hr></div><div class="glossary"><div class="titlepage"><div><div><h2 class="title"><a name="id2630357"></a>Glossary</h2></div></div></div><dl><dt>Access Control List</dt><dd><p> +<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Glossary</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="index.html" title="Samba-3 by Example"><link rel="prev" href="apa.html" title="Appendix A. GNU General Public License version 3"><link rel="next" href="ix01.html" title="Index"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Glossary</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="apa.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="ix01.html">Next</a></td></tr></table><hr></div><div class="glossary"><div class="titlepage"><div><div><h2 class="title"><a name="id2630385"></a>Glossary</h2></div></div></div><dl><dt>Access Control List</dt><dd><p> A detailed list of permissions granted to users or groups with respect to file and network resource access. </p></dd><dt>Active Directory Service</dt><dd><p> diff --git a/docs/htmldocs/Samba3-ByExample/index.html b/docs/htmldocs/Samba3-ByExample/index.html index cbbde6bc27..d6e639ec94 100644 --- a/docs/htmldocs/Samba3-ByExample/index.html +++ b/docs/htmldocs/Samba3-ByExample/index.html @@ -1,47 +1,47 @@ -<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Samba-3 by Example</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="next" href="pr01.html" title="About the Cover Artwork"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Samba-3 by Example</th></tr><tr><td width="20%" align="left"> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="pr01.html">Next</a></td></tr></table><hr></div><div class="book" lang="en"><div class="titlepage"><div><div><h1 class="title"><a name="S3bE"></a>Samba-3 by Example</h1></div><div><h2 class="subtitle">Practical Exercises in Successful Samba Deployment</h2></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="othername">H.</span> <span class="orgname">Samba Team</span> <span class="surname">Terpstra</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><code class="email"><<a class="email" href="mailto:jht@samba.org">jht@samba.org</a>></code></p></div></div></div></div></div><div><p class="pubdate">July, 2006</p></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="preface"><a href="pr01.html">About the Cover Artwork</a></span></dt><dt><span class="preface"><a href="pr02.html">Acknowledgments</a></span></dt><dt><span class="preface"><a href="pr03.html">Foreword</a></span></dt><dd><dl><dt><span class="sect1"><a href="pr03.html#id2501076">By John M. Weathersby, Executive Director, OSSI</a></span></dt></dl></dd><dt><span class="preface"><a href="preface.html">Preface</a></span></dt><dd><dl><dt><span class="sect1"><a href="preface.html#id2501265">Why Is This Book Necessary?</a></span></dt><dd><dl><dt><span class="sect2"><a href="preface.html#id2498988">Samba 3.0.20 Update Edition</a></span></dt></dl></dd><dt><span class="sect1"><a href="preface.html#id2498874">Prerequisites</a></span></dt><dt><span class="sect1"><a href="preface.html#id2498906">Approach</a></span></dt><dt><span class="sect1"><a href="preface.html#id2498971">Summary of Topics</a></span></dt><dt><span class="sect1"><a href="preface.html#id2550668">Conventions Used</a></span></dt></dl></dd><dt><span class="part"><a href="ExNetworks.html">I. Example Network Configurations</a></span></dt><dd><dl><dt><span class="chapter"><a href="simple.html">1. No-Frills Samba Servers</a></span></dt><dd><dl><dt><span class="sect1"><a href="simple.html#id2550864">Introduction</a></span></dt><dt><span class="sect1"><a href="simple.html#id2550904">Assignment Tasks</a></span></dt><dd><dl><dt><span class="sect2"><a href="simple.html#id2550946">Drafting Office</a></span></dt><dt><span class="sect2"><a href="simple.html#id2551655">Charity Administration Office</a></span></dt><dt><span class="sect2"><a href="simple.html#AccountingOffice">Accounting Office</a></span></dt></dl></dd><dt><span class="sect1"><a href="simple.html#id2554992">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="small.html">2. Small Office Networking</a></span></dt><dd><dl><dt><span class="sect1"><a href="small.html#id2555462">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="small.html#id2555484">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="small.html#id2555545">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="small.html#id2555593">Technical Issues</a></span></dt><dt><span class="sect2"><a href="small.html#id2555791">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="small.html#id2555812">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="small.html#id2557356">Validation</a></span></dt><dt><span class="sect2"><a href="small.html#id2558004">Notebook Computers: A Special Case</a></span></dt><dt><span class="sect2"><a href="small.html#id2558030">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="small.html#id2558104">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="secure.html">3. Secure Office Networking</a></span></dt><dd><dl><dt><span class="sect1"><a href="secure.html#id2558582">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="secure.html#id2558634">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="secure.html#id2558867">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="secure.html#id2558882">Technical Issues</a></span></dt><dt><span class="sect2"><a href="secure.html#id2559309">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="secure.html#id2559348">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="secure.html#ch4bsc">Basic System Configuration</a></span></dt><dt><span class="sect2"><a href="secure.html#id2560202">Samba Configuration</a></span></dt><dt><span class="sect2"><a href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a></span></dt><dt><span class="sect2"><a href="secure.html#ch4ptrcfg">Printer Configuration</a></span></dt><dt><span class="sect2"><a href="secure.html#procstart">Process Startup Configuration</a></span></dt><dt><span class="sect2"><a href="secure.html#ch4valid">Validation</a></span></dt><dt><span class="sect2"><a href="secure.html#ch4appscfg">Application Share Configuration</a></span></dt><dt><span class="sect2"><a href="secure.html#ch4wincfg">Windows Client Configuration</a></span></dt><dt><span class="sect2"><a href="secure.html#id2564663">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="secure.html#id2564725">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="Big500users.html">4. The 500-User Office</a></span></dt><dd><dl><dt><span class="sect1"><a href="Big500users.html#id2565247">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#id2565292">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id2565398">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#id2565433">Technical Issues</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id2565636">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id2565659">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#ch5-dnshcp-setup">Installation of DHCP, DNS, and Samba Control Files</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id2566387">Server Preparation: All Servers</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id2566951">Server-Specific Preparation</a></span></dt><dt><span class="sect2"><a href="Big500users.html#ch5-procstart">Process Startup Configuration</a></span></dt><dt><span class="sect2"><a href="Big500users.html#ch5wincfg">Windows Client Configuration</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id2570151">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id2570210">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="happy.html">5. Making Happy Users</a></span></dt><dd><dl><dt><span class="sect1"><a href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a></span></dt><dt><span class="sect1"><a href="happy.html#id2571190">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="happy.html#id2571288">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="happy.html#id2571425">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="happy.html#id2571882">Technical Issues</a></span></dt><dt><span class="sect2"><a href="happy.html#id2573760">Political Issues</a></span></dt><dt><span class="sect2"><a href="happy.html#id2573776">Installation Checklist</a></span></dt></dl></dd><dt><span class="sect1"><a href="happy.html#id2573956">Samba Server Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></span></dt><dt><span class="sect2"><a href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></span></dt><dt><span class="sect2"><a href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a></span></dt><dt><span class="sect2"><a href="happy.html#sbeidealx">Install and Configure Idealx smbldap-tools Scripts</a></span></dt><dt><span class="sect2"><a href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></span></dt><dt><span class="sect2"><a href="happy.html#sbehap-ptrcfg">Printer Configuration</a></span></dt></dl></dd><dt><span class="sect1"><a href="happy.html#sbehap-bldg1">Samba-3 BDC Configuration</a></span></dt><dt><span class="sect1"><a href="happy.html#id2580803">Miscellaneous Server Preparation Tasks</a></span></dt><dd><dl><dt><span class="sect2"><a href="happy.html#id2580823">Configuring Directory Share Point Roots</a></span></dt><dt><span class="sect2"><a href="happy.html#id2580918">Configuring Profile Directories</a></span></dt><dt><span class="sect2"><a href="happy.html#id2581163">Preparation of Logon Scripts</a></span></dt><dt><span class="sect2"><a href="happy.html#id2581274">Assigning User Rights and Privileges</a></span></dt></dl></dd><dt><span class="sect1"><a href="happy.html#id2581407">Windows Client Configuration</a></span></dt><dd><dl><dt><span class="sect2"><a href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></span></dt><dt><span class="sect2"><a href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></span></dt><dt><span class="sect2"><a href="happy.html#id2582477">Configure Delete Cached Profiles on Logout</a></span></dt><dt><span class="sect2"><a href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></span></dt><dt><span class="sect2"><a href="happy.html#id2583160">Software Installation</a></span></dt><dt><span class="sect2"><a href="happy.html#id2583195">Roll-out Image Creation</a></span></dt></dl></dd><dt><span class="sect1"><a href="happy.html#id2583229">Key Points Learned</a></span></dt><dt><span class="sect1"><a href="happy.html#id2583345">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="2000users.html">6. A Distributed 2000-User Network</a></span></dt><dd><dl><dt><span class="sect1"><a href="2000users.html#id2583767">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="2000users.html#id2583797">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="2000users.html#id2583865">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="2000users.html#id2584139">Technical Issues</a></span></dt><dt><span class="sect2"><a href="2000users.html#id2585083">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="2000users.html#id2585101">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="2000users.html#id2588260">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="2000users.html#id2588407">Questions and Answers</a></span></dt></dl></dd></dl></dd><dt><span class="part"><a href="DMSMig.html">II. Domain Members, Updating Samba and Migration</a></span></dt><dd><dl><dt><span class="chapter"><a href="unixclients.html">7. Adding Domain Member Servers and Clients</a></span></dt><dd><dl><dt><span class="sect1"><a href="unixclients.html#id2589266">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="unixclients.html#id2589319">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="unixclients.html#id2589354">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="unixclients.html#id2589383">Technical Issues</a></span></dt><dt><span class="sect2"><a href="unixclients.html#id2590032">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="unixclients.html#id2590132">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></span></dt><dt><span class="sect2"><a href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a></span></dt><dt><span class="sect2"><a href="unixclients.html#dcwonss">NT4/Samba Domain with Samba Domain Member Server without NSS Support</a></span></dt><dt><span class="sect2"><a href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></span></dt><dt><span class="sect2"><a href="unixclients.html#id2596338">UNIX/Linux Client Domain Member</a></span></dt><dt><span class="sect2"><a href="unixclients.html#id2596913">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="unixclients.html#id2596967">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="upgrades.html">8. Updating Samba-3</a></span></dt><dd><dl><dt><span class="sect1"><a href="upgrades.html#id2598126">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="upgrades.html#id2598223">Cautions and Notes</a></span></dt></dl></dd><dt><span class="sect1"><a href="upgrades.html#id2599552">Upgrading from Samba 1.x and 2.x to Samba-3</a></span></dt><dd><dl><dt><span class="sect2"><a href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a></span></dt><dt><span class="sect2"><a href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></span></dt><dt><span class="sect2"><a href="upgrades.html#id2600254">Samba-2.x with LDAP Support</a></span></dt></dl></dd><dt><span class="sect1"><a href="upgrades.html#id2600436">Updating a Samba-3 Installation</a></span></dt><dd><dl><dt><span class="sect2"><a href="upgrades.html#id2600546">Samba-3 to Samba-3 Updates on the Same Server</a></span></dt><dt><span class="sect2"><a href="upgrades.html#id2600749">Migrating Samba-3 to a New Server</a></span></dt><dt><span class="sect2"><a href="upgrades.html#id2601164">Migration of Samba Accounts to Active Directory</a></span></dt></dl></dd></dl></dd><dt><span class="chapter"><a href="ntmigration.html">9. Migrating NT4 Domain to Samba-3</a></span></dt><dd><dl><dt><span class="sect1"><a href="ntmigration.html#id2601336">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="ntmigration.html#id2601421">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="ntmigration.html#id2601476">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="ntmigration.html#id2601662">Technical Issues</a></span></dt><dt><span class="sect2"><a href="ntmigration.html#id2601985">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="ntmigration.html#id2602011">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></span></dt><dt><span class="sect2"><a href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a></span></dt><dt><span class="sect2"><a href="ntmigration.html#id2605017">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="ntmigration.html#id2605055">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="nw4migration.html">10. Migrating NetWare Server to Samba-3</a></span></dt><dd><dl><dt><span class="sect1"><a href="nw4migration.html#id2606030">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="nw4migration.html#id2606147">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="nw4migration.html#id2606260">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="nw4migration.html#id2606337">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="nw4migration.html#id2606527">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="nw4migration.html#id2606536">NetWare Migration Using LDAP Backend</a></span></dt></dl></dd></dl></dd></dl></dd><dt><span class="part"><a href="RefSection.html">III. Reference Section</a></span></dt><dd><dl><dt><span class="chapter"><a href="kerberos.html">11. Active Directory, Kerberos, and Security</a></span></dt><dd><dl><dt><span class="sect1"><a href="kerberos.html#id2610613">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2611264">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#id2611280">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2611677">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#ch10expl">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2613307">Share Access Controls</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2613656">Share Definition Controls</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2614672">Managing Windows 200x ACLs</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2615399">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#id2615533">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="DomApps.html">12. Integrating Additional Services</a></span></dt><dd><dl><dt><span class="sect1"><a href="DomApps.html#id2616162">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#id2616193">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2616294">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#id2616327">Technical Issues</a></span></dt><dt><span class="sect2"><a href="DomApps.html#id2616483">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2616500">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></span></dt><dt><span class="sect2"><a href="DomApps.html#id2618352">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2618413">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="HA.html">13. Performance, Reliability, and Availability</a></span></dt><dd><dl><dt><span class="sect1"><a href="HA.html#id2618932">Introduction</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619019">Dissection and Discussion</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619492">Guidelines for Reliable Samba Operation</a></span></dt><dd><dl><dt><span class="sect2"><a href="HA.html#id2619520">Name Resolution</a></span></dt><dt><span class="sect2"><a href="HA.html#id2619995">Samba Configuration</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620323">Use and Location of BDCs</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620398">Use One Consistent Version of MS Windows Client</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620420">For Scalability, Use SAN-Based Storage on Samba Servers</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620470">Distribute Network Load with MSDFS</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620524">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620570">Hardware Problems</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620728">Large Directories</a></span></dt></dl></dd><dt><span class="sect1"><a href="HA.html#id2620832">Key Points Learned</a></span></dt></dl></dd><dt><span class="chapter"><a href="ch14.html">14. Samba Support</a></span></dt><dd><dl><dt><span class="sect1"><a href="ch14.html#id2621002">Free Support</a></span></dt><dt><span class="sect1"><a href="ch14.html#id2621220">Commercial Support</a></span></dt></dl></dd><dt><span class="chapter"><a href="appendix.html">15. A Collection of Useful Tidbits</a></span></dt><dd><dl><dt><span class="sect1"><a href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2621928">Samba System File Location</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2622349">Starting Samba</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2622695">DNS Configuration Files</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2622707">The Forward Zone File for the Loopback Adaptor</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2622755">The Reverse Zone File for the Loopback Adaptor</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2622895">DNS Root Server Hint File</a></span></dt></dl></dd><dt><span class="sect1"><a href="appendix.html#altldapcfg">Alternative LDAP Database Initialization</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2622954">Initialization of the LDAP Database</a></span></dt></dl></dd><dt><span class="sect1"><a href="appendix.html#id2623532">The LDAP Account Manager</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2624529">IDEALX Management Console</a></span></dt><dt><span class="sect1"><a href="appendix.html#ch12-SUIDSGID">Effect of Setting File and Directory SUID/SGID Permissions Explained</a></span></dt><dt><span class="sect1"><a href="appendix.html#ch12dblck">Shared Data Integrity</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2625009">Microsoft Access</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2625156">Act! Database Sharing</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2625241">Opportunistic Locking Controls</a></span></dt></dl></dd></dl></dd><dt><span class="chapter"><a href="primer.html">16. Networking Primer</a></span></dt><dd><dl><dt><span class="sect1"><a href="primer.html#id2625407">Requirements and Notes</a></span></dt><dt><span class="sect1"><a href="primer.html#id2625568">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2625629">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#id2625745">Exercises</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2625871">Single-Machine Broadcast Activity</a></span></dt><dt><span class="sect2"><a href="primer.html#secondmachine">Second Machine Startup Broadcast Interaction</a></span></dt><dt><span class="sect2"><a href="primer.html#id2627019">Simple Windows Client Connection Characteristics</a></span></dt><dt><span class="sect2"><a href="primer.html#id2627521">Windows 200x/XP Client Interaction with Samba-3</a></span></dt><dt><span class="sect2"><a href="primer.html#id2628089">Conclusions to Exercises</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#chap01conc">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2628204">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#chap01qa">Questions and Answers</a></span></dt></dl></dd><dt><span class="appendix"><a href="apa.html">A. +<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Samba-3 by Example</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="next" href="pr01.html" title="About the Cover Artwork"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Samba-3 by Example</th></tr><tr><td width="20%" align="left"> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="pr01.html">Next</a></td></tr></table><hr></div><div class="book" lang="en"><div class="titlepage"><div><div><h1 class="title"><a name="S3bE"></a>Samba-3 by Example</h1></div><div><h2 class="subtitle">Practical Exercises in Successful Samba Deployment</h2></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="othername">H.</span> <span class="orgname">Samba Team</span> <span class="surname">Terpstra</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><code class="email"><<a class="email" href="mailto:jht@samba.org">jht@samba.org</a>></code></p></div></div></div></div></div><div><p class="pubdate">July, 2006</p></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="preface"><a href="pr01.html">About the Cover Artwork</a></span></dt><dt><span class="preface"><a href="pr02.html">Acknowledgments</a></span></dt><dt><span class="preface"><a href="pr03.html">Foreword</a></span></dt><dd><dl><dt><span class="sect1"><a href="pr03.html#id2501076">By John M. Weathersby, Executive Director, OSSI</a></span></dt></dl></dd><dt><span class="preface"><a href="preface.html">Preface</a></span></dt><dd><dl><dt><span class="sect1"><a href="preface.html#id2501265">Why Is This Book Necessary?</a></span></dt><dd><dl><dt><span class="sect2"><a href="preface.html#id2498988">Samba 3.0.20 Update Edition</a></span></dt></dl></dd><dt><span class="sect1"><a href="preface.html#id2498874">Prerequisites</a></span></dt><dt><span class="sect1"><a href="preface.html#id2498906">Approach</a></span></dt><dt><span class="sect1"><a href="preface.html#id2498971">Summary of Topics</a></span></dt><dt><span class="sect1"><a href="preface.html#id2550668">Conventions Used</a></span></dt></dl></dd><dt><span class="part"><a href="ExNetworks.html">I. Example Network Configurations</a></span></dt><dd><dl><dt><span class="chapter"><a href="simple.html">1. No-Frills Samba Servers</a></span></dt><dd><dl><dt><span class="sect1"><a href="simple.html#id2550864">Introduction</a></span></dt><dt><span class="sect1"><a href="simple.html#id2550904">Assignment Tasks</a></span></dt><dd><dl><dt><span class="sect2"><a href="simple.html#id2550946">Drafting Office</a></span></dt><dt><span class="sect2"><a href="simple.html#id2551655">Charity Administration Office</a></span></dt><dt><span class="sect2"><a href="simple.html#AccountingOffice">Accounting Office</a></span></dt></dl></dd><dt><span class="sect1"><a href="simple.html#id2554992">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="small.html">2. Small Office Networking</a></span></dt><dd><dl><dt><span class="sect1"><a href="small.html#id2555462">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="small.html#id2555484">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="small.html#id2555545">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="small.html#id2555593">Technical Issues</a></span></dt><dt><span class="sect2"><a href="small.html#id2555791">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="small.html#id2555812">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="small.html#id2557356">Validation</a></span></dt><dt><span class="sect2"><a href="small.html#id2558004">Notebook Computers: A Special Case</a></span></dt><dt><span class="sect2"><a href="small.html#id2558030">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="small.html#id2558104">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="secure.html">3. Secure Office Networking</a></span></dt><dd><dl><dt><span class="sect1"><a href="secure.html#id2558582">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="secure.html#id2558634">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="secure.html#id2558867">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="secure.html#id2558882">Technical Issues</a></span></dt><dt><span class="sect2"><a href="secure.html#id2559309">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="secure.html#id2559348">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="secure.html#ch4bsc">Basic System Configuration</a></span></dt><dt><span class="sect2"><a href="secure.html#id2560202">Samba Configuration</a></span></dt><dt><span class="sect2"><a href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a></span></dt><dt><span class="sect2"><a href="secure.html#ch4ptrcfg">Printer Configuration</a></span></dt><dt><span class="sect2"><a href="secure.html#procstart">Process Startup Configuration</a></span></dt><dt><span class="sect2"><a href="secure.html#ch4valid">Validation</a></span></dt><dt><span class="sect2"><a href="secure.html#ch4appscfg">Application Share Configuration</a></span></dt><dt><span class="sect2"><a href="secure.html#ch4wincfg">Windows Client Configuration</a></span></dt><dt><span class="sect2"><a href="secure.html#id2564663">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="secure.html#id2564725">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="Big500users.html">4. The 500-User Office</a></span></dt><dd><dl><dt><span class="sect1"><a href="Big500users.html#id2565247">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#id2565292">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id2565398">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#id2565433">Technical Issues</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id2565636">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id2565659">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#ch5-dnshcp-setup">Installation of DHCP, DNS, and Samba Control Files</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id2566387">Server Preparation: All Servers</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id2566951">Server-Specific Preparation</a></span></dt><dt><span class="sect2"><a href="Big500users.html#ch5-procstart">Process Startup Configuration</a></span></dt><dt><span class="sect2"><a href="Big500users.html#ch5wincfg">Windows Client Configuration</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id2570151">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id2570210">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="happy.html">5. Making Happy Users</a></span></dt><dd><dl><dt><span class="sect1"><a href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a></span></dt><dt><span class="sect1"><a href="happy.html#id2571190">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="happy.html#id2571288">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="happy.html#id2571425">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="happy.html#id2571882">Technical Issues</a></span></dt><dt><span class="sect2"><a href="happy.html#id2573760">Political Issues</a></span></dt><dt><span class="sect2"><a href="happy.html#id2573776">Installation Checklist</a></span></dt></dl></dd><dt><span class="sect1"><a href="happy.html#id2573956">Samba Server Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></span></dt><dt><span class="sect2"><a href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></span></dt><dt><span class="sect2"><a href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a></span></dt><dt><span class="sect2"><a href="happy.html#sbeidealx">Install and Configure Idealx smbldap-tools Scripts</a></span></dt><dt><span class="sect2"><a href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></span></dt><dt><span class="sect2"><a href="happy.html#sbehap-ptrcfg">Printer Configuration</a></span></dt></dl></dd><dt><span class="sect1"><a href="happy.html#sbehap-bldg1">Samba-3 BDC Configuration</a></span></dt><dt><span class="sect1"><a href="happy.html#id2580803">Miscellaneous Server Preparation Tasks</a></span></dt><dd><dl><dt><span class="sect2"><a href="happy.html#id2580823">Configuring Directory Share Point Roots</a></span></dt><dt><span class="sect2"><a href="happy.html#id2580918">Configuring Profile Directories</a></span></dt><dt><span class="sect2"><a href="happy.html#id2581163">Preparation of Logon Scripts</a></span></dt><dt><span class="sect2"><a href="happy.html#id2581274">Assigning User Rights and Privileges</a></span></dt></dl></dd><dt><span class="sect1"><a href="happy.html#id2581407">Windows Client Configuration</a></span></dt><dd><dl><dt><span class="sect2"><a href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></span></dt><dt><span class="sect2"><a href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></span></dt><dt><span class="sect2"><a href="happy.html#id2582477">Configure Delete Cached Profiles on Logout</a></span></dt><dt><span class="sect2"><a href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></span></dt><dt><span class="sect2"><a href="happy.html#id2583160">Software Installation</a></span></dt><dt><span class="sect2"><a href="happy.html#id2583195">Roll-out Image Creation</a></span></dt></dl></dd><dt><span class="sect1"><a href="happy.html#id2583229">Key Points Learned</a></span></dt><dt><span class="sect1"><a href="happy.html#id2583345">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="2000users.html">6. A Distributed 2000-User Network</a></span></dt><dd><dl><dt><span class="sect1"><a href="2000users.html#id2583767">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="2000users.html#id2583797">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="2000users.html#id2583865">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="2000users.html#id2584139">Technical Issues</a></span></dt><dt><span class="sect2"><a href="2000users.html#id2585083">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="2000users.html#id2585101">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="2000users.html#id2588260">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="2000users.html#id2588407">Questions and Answers</a></span></dt></dl></dd></dl></dd><dt><span class="part"><a href="DMSMig.html">II. Domain Members, Updating Samba and Migration</a></span></dt><dd><dl><dt><span class="chapter"><a href="unixclients.html">7. Adding Domain Member Servers and Clients</a></span></dt><dd><dl><dt><span class="sect1"><a href="unixclients.html#id2589266">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="unixclients.html#id2589319">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="unixclients.html#id2589354">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="unixclients.html#id2589383">Technical Issues</a></span></dt><dt><span class="sect2"><a href="unixclients.html#id2590032">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="unixclients.html#id2590132">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></span></dt><dt><span class="sect2"><a href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a></span></dt><dt><span class="sect2"><a href="unixclients.html#dcwonss">NT4/Samba Domain with Samba Domain Member Server without NSS Support</a></span></dt><dt><span class="sect2"><a href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></span></dt><dt><span class="sect2"><a href="unixclients.html#id2596338">UNIX/Linux Client Domain Member</a></span></dt><dt><span class="sect2"><a href="unixclients.html#id2596913">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="unixclients.html#id2596967">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="upgrades.html">8. Updating Samba-3</a></span></dt><dd><dl><dt><span class="sect1"><a href="upgrades.html#id2598126">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="upgrades.html#id2598223">Cautions and Notes</a></span></dt></dl></dd><dt><span class="sect1"><a href="upgrades.html#id2599552">Upgrading from Samba 1.x and 2.x to Samba-3</a></span></dt><dd><dl><dt><span class="sect2"><a href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a></span></dt><dt><span class="sect2"><a href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></span></dt><dt><span class="sect2"><a href="upgrades.html#id2600254">Samba-2.x with LDAP Support</a></span></dt></dl></dd><dt><span class="sect1"><a href="upgrades.html#id2600436">Updating a Samba-3 Installation</a></span></dt><dd><dl><dt><span class="sect2"><a href="upgrades.html#id2600546">Samba-3 to Samba-3 Updates on the Same Server</a></span></dt><dt><span class="sect2"><a href="upgrades.html#id2600749">Migrating Samba-3 to a New Server</a></span></dt><dt><span class="sect2"><a href="upgrades.html#id2601164">Migration of Samba Accounts to Active Directory</a></span></dt></dl></dd></dl></dd><dt><span class="chapter"><a href="ntmigration.html">9. Migrating NT4 Domain to Samba-3</a></span></dt><dd><dl><dt><span class="sect1"><a href="ntmigration.html#id2601336">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="ntmigration.html#id2601421">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="ntmigration.html#id2601476">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="ntmigration.html#id2601662">Technical Issues</a></span></dt><dt><span class="sect2"><a href="ntmigration.html#id2601985">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="ntmigration.html#id2602011">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></span></dt><dt><span class="sect2"><a href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a></span></dt><dt><span class="sect2"><a href="ntmigration.html#id2605017">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="ntmigration.html#id2605055">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="nw4migration.html">10. Migrating NetWare Server to Samba-3</a></span></dt><dd><dl><dt><span class="sect1"><a href="nw4migration.html#id2606030">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="nw4migration.html#id2606147">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="nw4migration.html#id2606260">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="nw4migration.html#id2606337">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="nw4migration.html#id2606527">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="nw4migration.html#id2606536">NetWare Migration Using LDAP Backend</a></span></dt></dl></dd></dl></dd></dl></dd><dt><span class="part"><a href="RefSection.html">III. Reference Section</a></span></dt><dd><dl><dt><span class="chapter"><a href="kerberos.html">11. Active Directory, Kerberos, and Security</a></span></dt><dd><dl><dt><span class="sect1"><a href="kerberos.html#id2610613">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2611264">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#id2611280">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2611677">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#ch10expl">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2613307">Share Access Controls</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2613656">Share Definition Controls</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2614682">Managing Windows 200x ACLs</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2615408">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#id2615543">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="DomApps.html">12. Integrating Additional Services</a></span></dt><dd><dl><dt><span class="sect1"><a href="DomApps.html#id2616172">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#id2616202">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2616313">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#id2616346">Technical Issues</a></span></dt><dt><span class="sect2"><a href="DomApps.html#id2616502">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2616520">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></span></dt><dt><span class="sect2"><a href="DomApps.html#id2618372">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="DomApps.html#id2618432">Questions and Answers</a></span></dt></dl></dd><dt><span class="chapter"><a href="HA.html">13. Performance, Reliability, and Availability</a></span></dt><dd><dl><dt><span class="sect1"><a href="HA.html#id2618959">Introduction</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619057">Dissection and Discussion</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619530">Guidelines for Reliable Samba Operation</a></span></dt><dd><dl><dt><span class="sect2"><a href="HA.html#id2619557">Name Resolution</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620033">Samba Configuration</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620360">Use and Location of BDCs</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620435">Use One Consistent Version of MS Windows Client</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620457">For Scalability, Use SAN-Based Storage on Samba Servers</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620507">Distribute Network Load with MSDFS</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620562">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620607">Hardware Problems</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620755">Large Directories</a></span></dt></dl></dd><dt><span class="sect1"><a href="HA.html#id2620859">Key Points Learned</a></span></dt></dl></dd><dt><span class="chapter"><a href="ch14.html">14. Samba Support</a></span></dt><dd><dl><dt><span class="sect1"><a href="ch14.html#id2621028">Free Support</a></span></dt><dt><span class="sect1"><a href="ch14.html#id2621247">Commercial Support</a></span></dt></dl></dd><dt><span class="chapter"><a href="appendix.html">15. A Collection of Useful Tidbits</a></span></dt><dd><dl><dt><span class="sect1"><a href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2621955">Samba System File Location</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2622376">Starting Samba</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2622715">DNS Configuration Files</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2622727">The Forward Zone File for the Loopback Adaptor</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2622776">The Reverse Zone File for the Loopback Adaptor</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2622916">DNS Root Server Hint File</a></span></dt></dl></dd><dt><span class="sect1"><a href="appendix.html#altldapcfg">Alternative LDAP Database Initialization</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2622975">Initialization of the LDAP Database</a></span></dt></dl></dd><dt><span class="sect1"><a href="appendix.html#id2623561">The LDAP Account Manager</a></span></dt><dt><span class="sect1"><a href="appendix.html#id2624558">IDEALX Management Console</a></span></dt><dt><span class="sect1"><a href="appendix.html#ch12-SUIDSGID">Effect of Setting File and Directory SUID/SGID Permissions Explained</a></span></dt><dt><span class="sect1"><a href="appendix.html#ch12dblck">Shared Data Integrity</a></span></dt><dd><dl><dt><span class="sect2"><a href="appendix.html#id2625032">Microsoft Access</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2625180">Act! Database Sharing</a></span></dt><dt><span class="sect2"><a href="appendix.html#id2625264">Opportunistic Locking Controls</a></span></dt></dl></dd></dl></dd><dt><span class="chapter"><a href="primer.html">16. Networking Primer</a></span></dt><dd><dl><dt><span class="sect1"><a href="primer.html#id2625430">Requirements and Notes</a></span></dt><dt><span class="sect1"><a href="primer.html#id2625592">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2625652">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#id2625769">Exercises</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2625894">Single-Machine Broadcast Activity</a></span></dt><dt><span class="sect2"><a href="primer.html#secondmachine">Second Machine Startup Broadcast Interaction</a></span></dt><dt><span class="sect2"><a href="primer.html#id2627042">Simple Windows Client Connection Characteristics</a></span></dt><dt><span class="sect2"><a href="primer.html#id2627544">Windows 200x/XP Client Interaction with Samba-3</a></span></dt><dt><span class="sect2"><a href="primer.html#id2628113">Conclusions to Exercises</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#chap01conc">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2628227">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#chap01qa">Questions and Answers</a></span></dt></dl></dd><dt><span class="appendix"><a href="apa.html">A. GNU General Public License version 3 - </a></span></dt><dd><dl><dt><span class="bridgehead"><a href="apa.html#id2628870">A. + </a></span></dt><dd><dl><dt><span class="bridgehead"><a href="apa.html#id2628893">A. Preamble - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629015">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629038">A. TERMS AND CONDITIONS - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629019">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629042">A. 0. Definitions. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629111">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629134">A. 1. Source Code. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629210">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629233">A. 2. Basic Permissions. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629249">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629272">A. 3. Protecting Users’ Legal Rights From Anti-Circumvention Law. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629290">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629308">A. 4. Conveying Verbatim Copies. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629317">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629335">A. 5. Conveying Modified Source Versions. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629412">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629431">A. 6. Conveying Non-Source Forms. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629602">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629620">A. 7. Additional Terms. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629738">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629756">A. 8. Termination. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629781">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629800">A. 9. Acceptance Not Required for Having Copies. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629801">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629819">A. 10. Automatic Licensing of Downstream Recipients. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629853">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629871">A. 11. Patents. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2629988">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630017">A. 12. No Surrender of Others’ Freedom. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630010">A. - 13. Use with the ???TITLE??? Affero General Public License. </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630039">A. + 13. Use with the ???TITLE??? Affero General Public License. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630067">A. 14. Revised Versions of this License. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630101">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630130">A. 15. Disclaimer of Warranty. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630128">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630156">A. 16. Limitation of Liability. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630148">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630176">A. 17. Interpretation of Sections 15 and 16. - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630164">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630193">A. END OF TERMS AND CONDITIONS - </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630168">A. + </a></span></dt><dt><span class="bridgehead"><a href="apa.html#id2630197">A. How to Apply These Terms to Your New Programs </a></span></dt></dl></dd></dl></dd><dt><span class="glossary"><a href="go01.html">Glossary</a></span></dt><dt><span class="index"><a href="ix01.html">Index</a></span></dt></dl></div><div class="list-of-figures"><p><b>List of Figures</b></p><dl><dt>1.1. <a href="simple.html#charitynet">Charity Administration Office Network</a></dt><dt>1.2. <a href="simple.html#acctingnet2">Accounting Office Network Topology</a></dt><dt>2.1. <a href="small.html#acct2net">Abmas Accounting 52-User Network Topology</a></dt><dt>3.1. <a href="secure.html#ch04net">Abmas Network Topology 130 Users</a></dt><dt>4.1. <a href="Big500users.html#chap05net">Network Topology 500 User Network Using tdbsam passdb backend.</a></dt><dt>5.1. <a href="happy.html#sbehap-LDAPdiag">The Interaction of LDAP, UNIX Posix Accounts and Samba Accounts</a></dt><dt>5.2. <a href="happy.html#chap6net">Network Topology 500 User Network Using ldapsam passdb backend</a></dt><dt>5.3. <a href="happy.html#XP-screen001">Windows XP Professional User Shared Folders</a></dt><dt>6.1. <a href="2000users.html#chap7idres">Samba and Authentication Backend Search Pathways</a></dt><dt>6.2. <a href="2000users.html#ch7singleLDAP">Samba Configuration to Use a Single LDAP Server</a></dt><dt>6.3. <a href="2000users.html#ch7dualLDAP">Samba Configuration to Use a Dual (Fail-over) LDAP Server</a></dt><dt>6.4. <a href="2000users.html#ch7dualadd">Samba Configuration to Use Dual LDAP Databases - Broken - Do Not Use!</a></dt><dt>6.5. <a href="2000users.html#ch7dualok">Samba Configuration to Use Two LDAP Databases - The result is additive.</a></dt><dt>6.6. <a href="2000users.html#chap7net">Network Topology 2000 User Complex Design A</a></dt><dt>6.7. <a href="2000users.html#chap7net2">Network Topology 2000 User Complex Design B</a></dt><dt>7.1. <a href="unixclients.html#ch09openmag">Open Magazine Samba Survey</a></dt><dt>7.2. <a href="unixclients.html#ch9-sambadc">Samba Domain: Samba Member Server</a></dt><dt>7.3. <a href="unixclients.html#ch9-adsdc">Active Directory Domain: Samba Member Server</a></dt><dt>9.1. <a href="ntmigration.html#ch8-migration">Schematic Explaining the net rpc vampire Process</a></dt><dt>9.2. <a href="ntmigration.html#NT4DUM">View of Accounts in NT4 Domain User Manager</a></dt><dt>15.1. <a href="appendix.html#swxpp001">The General Panel.</a></dt><dt>15.2. <a href="appendix.html#swxpp004">The Computer Name Panel.</a></dt><dt>15.3. <a href="appendix.html#swxpp006">The Computer Name Changes Panel</a></dt><dt>15.4. <a href="appendix.html#swxpp007">The Computer Name Changes Panel Domain MIDEARTH</a></dt><dt>15.5. <a href="appendix.html#swxpp008">Computer Name Changes User name and Password Panel</a></dt><dt>15.6. <a href="appendix.html#lam-login">The LDAP Account Manager Login Screen</a></dt><dt>15.7. <a href="appendix.html#lam-config">The LDAP Account Manager Configuration Screen</a></dt><dt>15.8. <a href="appendix.html#lam-user">The LDAP Account Manager User Edit Screen</a></dt><dt>15.9. <a href="appendix.html#lam-group">The LDAP Account Manager Group Edit Screen</a></dt><dt>15.10. <a href="appendix.html#lam-group-mem">The LDAP Account Manager Group Membership Edit Screen</a></dt><dt>15.11. <a href="appendix.html#lam-host">The LDAP Account Manager Host Edit Screen</a></dt><dt>15.12. <a href="appendix.html#imcidealx">The IMC Samba User Account Screen</a></dt><dt>16.1. <a href="primer.html#pktcap01">Windows Me Broadcasts The First 10 Minutes</a></dt><dt>16.2. <a href="primer.html#pktcap02">Windows Me Later Broadcast Sample</a></dt><dt>16.3. <a href="primer.html#hostannounce">Typical Windows 9x/Me Host Announcement</a></dt><dt>16.4. <a href="primer.html#nullconnect">Typical Windows 9x/Me NULL SessionSetUp AndX Request</a></dt><dt>16.5. <a href="primer.html#userconnect">Typical Windows 9x/Me User SessionSetUp AndX Request</a></dt><dt>16.6. <a href="primer.html#XPCap01">Typical Windows XP NULL Session Setup AndX Request</a></dt><dt>16.7. <a href="primer.html#XPCap02">Typical Windows XP User Session Setup AndX Request</a></dt></dl></div><div class="list-of-tables"><p><b>List of Tables</b></p><dl><dt>1. <a href="preface.html#pref-new">Samba Changes 3.0.2 to 3.0.20</a></dt><dt>1.1. <a href="simple.html#acctingnet">Accounting Office Network Information</a></dt><dt>3.1. <a href="secure.html#chap4netid">Abmas.US ISP Information</a></dt><dt>3.2. <a href="secure.html#namedrscfiles">DNS (named) Resource Files</a></dt><dt>4.1. <a href="Big500users.html#ch5-filelocations">Domain: MEGANET, File Locations for Servers</a></dt><dt>5.1. <a href="happy.html#sbehap-privs">Current Privilege Capabilities</a></dt><dt>5.2. <a href="happy.html#oldapreq">Required OpenLDAP Linux Packages</a></dt><dt>5.3. <a href="happy.html#sbehap-bigacct">Abmas Network Users and Groups</a></dt><dt>5.4. <a href="happy.html#proffold">Default Profile Redirections</a></dt><dt>9.1. <a href="ntmigration.html#ch8-vampire">Samba smb.conf Scripts Essential to Samba Operation</a></dt><dt>13.1. <a href="HA.html#ProbList">Effect of Common Problems</a></dt><dt>16.1. <a href="primer.html#capsstats01">Windows Me Startup Broadcast Capture Statistics</a></dt><dt>16.2. <a href="primer.html#capsstats02">Second Machine (Windows 98) Capture Statistics</a></dt></dl></div><div class="list-of-examples"><p><b>List of Examples</b></p><dl><dt>1.1. <a href="simple.html#draft-smbconf">Drafting Office smb.conf File</a></dt><dt>1.2. <a href="simple.html#charity-smbconfnew">Charity Administration Office smb.conf New-style File</a></dt><dt>1.3. <a href="simple.html#charity-smbconf">Charity Administration Office smb.conf Old-style File</a></dt><dt>1.4. <a href="simple.html#MEreg">Windows Me Registry Edit File: Disable Password Caching</a></dt><dt>1.5. <a href="simple.html#acctconf">Accounting Office Network smb.conf Old Style Configuration File</a></dt><dt>2.1. <a href="small.html#initGrps">Script to Map Windows NT Groups to UNIX Groups</a></dt><dt>2.2. <a href="small.html#dhcp01">Abmas Accounting DHCP Server Configuration File /etc/dhcpd.conf</a></dt><dt>2.3. <a href="small.html#acct2conf">Accounting Office Network smb.conf File [globals] Section</a></dt><dt>2.4. <a href="small.html#acct3conf">Accounting Office Network smb.conf File Services and Shares Section</a></dt><dt>3.1. <a href="secure.html#ch4memoryest">Estimation of Memory Requirements</a></dt><dt>3.2. <a href="secure.html#ch4diskest">Estimation of Disk Storage Requirements</a></dt><dt>3.3. <a href="secure.html#ch4natfw">NAT Firewall Configuration Script</a></dt><dt>3.4. <a href="secure.html#promisnet">130 User Network with tdbsam [globals] Section</a></dt><dt>3.5. <a href="secure.html#promisnetsvca">130 User Network with tdbsam Services Section Part A</a></dt><dt>3.6. <a href="secure.html#promisnetsvcb">130 User Network with tdbsam Services Section Part B</a></dt><dt>3.7. <a href="secure.html#ch4initGrps">Script to Map Windows NT Groups to UNIX Groups</a></dt><dt>3.8. <a href="secure.html#prom-dhcp">DHCP Server Configuration File /etc/dhcpd.conf</a></dt><dt>3.9. <a href="secure.html#ch4namedcfg">DNS Master Configuration File /etc/named.conf Master Section</a></dt><dt>3.10. <a href="secure.html#ch4namedvarfwd">DNS Master Configuration File /etc/named.conf Forward Lookup Definition Section</a></dt><dt>3.11. <a href="secure.html#ch4namedvarrev">DNS Master Configuration File /etc/named.conf Reverse Lookup Definition Section</a></dt><dt>3.12. <a href="secure.html#eth1zone">DNS 192.168.1 Reverse Zone File</a></dt><dt>3.13. <a href="secure.html#eth2zone">DNS 192.168.2 Reverse Zone File</a></dt><dt>3.14. <a href="secure.html#abmasbiz">DNS Abmas.biz Forward Zone File</a></dt><dt>3.15. <a href="secure.html#abmasus">DNS Abmas.us Forward Zone File</a></dt><dt>4.1. <a href="Big500users.html#ch5-massivesmb">Server: MASSIVE (PDC), File: /etc/samba/smb.conf</a></dt><dt>4.2. <a href="Big500users.html#ch5-dc-common">Server: MASSIVE (PDC), File: /etc/samba/dc-common.conf</a></dt><dt>4.3. <a href="Big500users.html#ch5-commonsmb">Common Samba Configuration File: /etc/samba/common.conf</a></dt><dt>4.4. <a href="Big500users.html#ch5-bldg1-smb">Server: BLDG1 (Member), File: smb.conf</a></dt><dt>4.5. <a href="Big500users.html#ch5-bldg2-smb">Server: BLDG2 (Member), File: smb.conf</a></dt><dt>4.6. <a href="Big500users.html#ch5-dommem-smb">Common Domain Member Include File: dom-mem.conf</a></dt><dt>4.7. <a href="Big500users.html#massive-dhcp">Server: MASSIVE, File: dhcpd.conf</a></dt><dt>4.8. <a href="Big500users.html#bldg1dhcp">Server: BLDG1, File: dhcpd.conf</a></dt><dt>4.9. <a href="Big500users.html#bldg2dhcp">Server: BLDG2, File: dhcpd.conf</a></dt><dt>4.10. <a href="Big500users.html#massive-nameda">Server: MASSIVE, File: named.conf, Part: A</a></dt><dt>4.11. <a href="Big500users.html#massive-namedb">Server: MASSIVE, File: named.conf, Part: B</a></dt><dt>4.12. <a href="Big500users.html#massive-namedc">Server: MASSIVE, File: named.conf, Part: C</a></dt><dt>4.13. <a href="Big500users.html#abmasbizdns">Forward Zone File: abmas.biz.hosts</a></dt><dt>4.14. <a href="Big500users.html#abmasusdns">Forward Zone File: abmas.biz.hosts</a></dt><dt>4.15. <a href="Big500users.html#bldg12nameda">Servers: BLDG1/BLDG2, File: named.conf, Part: A</a></dt><dt>4.16. <a href="Big500users.html#bldg12namedb">Servers: BLDG1/BLDG2, File: named.conf, Part: B</a></dt><dt>4.17. <a href="Big500users.html#ch5-initgrps">Initialize Groups Script, File: /etc/samba/initGrps.sh</a></dt><dt>5.1. <a href="happy.html#sbehap-dbconf">LDAP DB_CONFIG File</a></dt><dt>5.2. <a href="happy.html#sbehap-slapdconf">LDAP Master Configuration File /etc/openldap/slapd.conf Part A</a></dt><dt>5.3. <a href="happy.html#sbehap-slapdconf2">LDAP Master Configuration File /etc/openldap/slapd.conf Part B</a></dt><dt>5.4. <a href="happy.html#sbehap-nss01">Configuration File for NSS LDAP Support /etc/ldap.conf</a></dt><dt>5.5. <a href="happy.html#sbehap-nss02">Configuration File for NSS LDAP Clients Support /etc/ldap.conf</a></dt><dt>5.6. <a href="happy.html#sbehap-massive-smbconfa">LDAP Based smb.conf File, Server: MASSIVE global Section: Part A</a></dt><dt>5.7. <a href="happy.html#sbehap-massive-smbconfb">LDAP Based smb.conf File, Server: MASSIVE global Section: Part B</a></dt><dt>5.8. <a href="happy.html#sbehap-bldg1-smbconf">LDAP Based smb.conf File, Server: BLDG1</a></dt><dt>5.9. <a href="happy.html#sbehap-bldg2-smbconf">LDAP Based smb.conf File, Server: BLDG2</a></dt><dt>5.10. <a href="happy.html#sbehap-shareconfa">LDAP Based smb.conf File, Shares Section Part A</a></dt><dt>5.11. <a href="happy.html#sbehap-shareconfb">LDAP Based smb.conf File, Shares Section Part B</a></dt><dt>5.12. <a href="happy.html#sbehap-ldifadd">LDIF IDMAP Add-On Load File File: /etc/openldap/idmap.LDIF</a></dt><dt>6.1. <a href="2000users.html#ch7-LDAP-master">LDAP Master Server Configuration File /etc/openldap/slapd.conf</a></dt><dt>6.2. <a href="2000users.html#ch7-LDAP-slave">LDAP Slave Configuration File /etc/openldap/slapd.conf</a></dt><dt>6.3. <a href="2000users.html#ch7-massmbconfA">Primary Domain Controller smb.conf File Part A</a></dt><dt>6.4. <a href="2000users.html#ch7-massmbconfB">Primary Domain Controller smb.conf File Part B</a></dt><dt>6.5. <a href="2000users.html#ch7-massmbconfC">Primary Domain Controller smb.conf File Part C</a></dt><dt>6.6. <a href="2000users.html#ch7-slvsmbocnfA">Backup Domain Controller smb.conf File Part A</a></dt><dt>6.7. <a href="2000users.html#ch7-slvsmbocnfB">Backup Domain Controller smb.conf File Part B</a></dt><dt>7.1. <a href="unixclients.html#ch9-sdmsdc">Samba Domain Member in Samba Domain Using LDAP smb.conf File</a></dt><dt>7.2. <a href="unixclients.html#ch9-ldifadd">LDIF IDMAP Add-On Load File File: /etc/openldap/idmap.LDIF</a></dt><dt>7.3. <a href="unixclients.html#ch9-sdmlcnf">Configuration File for NSS LDAP Support /etc/ldap.conf</a></dt><dt>7.4. <a href="unixclients.html#ch9-sdmnss">NSS using LDAP for Identity Resolution File: /etc/nsswitch.conf</a></dt><dt>7.5. <a href="unixclients.html#ch0-NT4DSDM">Samba Domain Member Server Using Winbind smb.conf File for NT4 Domain</a></dt><dt>7.6. <a href="unixclients.html#ch0-NT4DSCM">Samba Domain Member Server Using Local Accounts smb.conf File for NT4 Domain</a></dt><dt>7.7. <a href="unixclients.html#ch9-adssdm">Samba Domain Member smb.conf File for Active Directory Membership</a></dt><dt>7.8. <a href="unixclients.html#sbe-idmapridex">Example smb.conf File Using idmap_rid</a></dt><dt>7.9. <a href="unixclients.html#sbeunxa">Typical ADS Style Domain smb.conf File</a></dt><dt>7.10. <a href="unixclients.html#sbewinbindex">ADS Membership Using RFC2307bis Identity Resolution smb.conf File</a></dt><dt>7.11. <a href="unixclients.html#ch9-pamwnbdlogin">SUSE: PAM login Module Using Winbind</a></dt><dt>7.12. <a href="unixclients.html#ch9-pamwbndxdm">SUSE: PAM xdm Module Using Winbind</a></dt><dt>7.13. <a href="unixclients.html#ch9-rhsysauth">Red Hat 9: PAM System Authentication File: /etc/pam.d/system-auth Module Using Winbind</a></dt><dt>9.1. <a href="ntmigration.html#sbent4smb">NT4 Migration Samba-3 Server smb.conf Part: A</a></dt><dt>9.2. <a href="ntmigration.html#sbent4smb2">NT4 Migration Samba-3 Server smb.conf Part: B</a></dt><dt>9.3. <a href="ntmigration.html#sbentslapd">NT4 Migration LDAP Server Configuration File: /etc/openldap/slapd.conf Part A</a></dt><dt>9.4. <a href="ntmigration.html#sbentslapd2">NT4 Migration LDAP Server Configuration File: /etc/openldap/slapd.conf Part B</a></dt><dt>9.5. <a href="ntmigration.html#sbrntldapconf">NT4 Migration NSS LDAP File: /etc/ldap.conf</a></dt><dt>9.6. <a href="ntmigration.html#sbentnss">NT4 Migration NSS Control File: /etc/nsswitch.conf (Stage:1)</a></dt><dt>9.7. <a href="ntmigration.html#sbentnss2">NT4 Migration NSS Control File: /etc/nsswitch.conf (Stage:2)</a></dt><dt>10.1. <a href="nw4migration.html#sbeamg">A Rough Tool to Create an LDIF File from the System Account Files</a></dt><dt>10.2. <a href="nw4migration.html#ch8ldap">NSS LDAP Control File /etc/ldap.conf</a></dt><dt>10.3. <a href="nw4migration.html#sbepu2">The PAM Control File /etc/security/pam_unix2.conf</a></dt><dt>10.4. <a href="nw4migration.html#ch8smbconf">Samba Configuration File smb.conf Part A</a></dt><dt>10.5. <a href="nw4migration.html#ch8smbconf2">Samba Configuration File smb.conf Part B</a></dt><dt>10.6. <a href="nw4migration.html#ch8smbconf3">Samba Configuration File smb.conf Part C</a></dt><dt>10.7. <a href="nw4migration.html#ch8smbconf4">Samba Configuration File smb.conf Part D</a></dt><dt>10.8. <a href="nw4migration.html#ch8smbconf5">Samba Configuration File smb.conf Part E</a></dt><dt>10.9. <a href="nw4migration.html#sbersync">Rsync Script</a></dt><dt>10.10. <a href="nw4migration.html#sbexcld">Rsync Files Exclusion List /root/excludes.txt</a></dt><dt>10.11. <a href="nw4migration.html#ch8ideal">Idealx smbldap-tools Control File Part A</a></dt><dt>10.12. <a href="nw4migration.html#ch8ideal2">Idealx smbldap-tools Control File Part B</a></dt><dt>10.13. <a href="nw4migration.html#ch8ideal3">Idealx smbldap-tools Control File Part C</a></dt><dt>10.14. <a href="nw4migration.html#ch8ideal4">Idealx smbldap-tools Control File Part D</a></dt><dt>10.15. <a href="nw4migration.html#ch8kix">Kixtart Control File File: logon.kix</a></dt><dt>10.16. <a href="nw4migration.html#ch8kix2">Kixtart Control File File: main.kix</a></dt><dt>10.17. <a href="nw4migration.html#ch8kix3">Kixtart Control File File: setup.kix, Part A</a></dt><dt>10.18. <a href="nw4migration.html#ch8kix3b">Kixtart Control File File: setup.kix, Part B</a></dt><dt>10.19. <a href="nw4migration.html#ch8kix4">Kixtart Control File File: acct.kix</a></dt><dt>12.1. <a href="DomApps.html#ch10-krb5conf">Kerberos Configuration File: /etc/krb5.conf</a></dt><dt>12.2. <a href="DomApps.html#ch10-smbconf">Samba Configuration File: /etc/samba/smb.conf</a></dt><dt>12.3. <a href="DomApps.html#ch10-etcnsscfg">NSS Configuration File Extract File: /etc/nsswitch.conf</a></dt><dt>12.4. <a href="DomApps.html#etcsquidcfg">Squid Configuration File Extract /etc/squid.conf [ADMINISTRATIVE PARAMETERS Section]</a></dt><dt>12.5. <a href="DomApps.html#etcsquid2">Squid Configuration File extract File: /etc/squid.conf [AUTHENTICATION PARAMETERS Section]</a></dt><dt>15.1. <a href="appendix.html#ch12SL">A Useful Samba Control Script for SUSE Linux</a></dt><dt>15.2. <a href="appendix.html#ch12RHscript">A Sample Samba Control Script for Red Hat Linux</a></dt><dt>15.3. <a href="appendix.html#loopback">DNS Localhost Forward Zone File: /var/lib/named/localhost.zone</a></dt><dt>15.4. <a href="appendix.html#dnsloopy">DNS Localhost Reverse Zone File: /var/lib/named/127.0.0.zone</a></dt><dt>15.5. <a href="appendix.html#roothint">DNS Root Name Server Hint File: /var/lib/named/root.hint</a></dt><dt>15.6. <a href="appendix.html#sbehap-ldapreconfa">LDAP Pre-configuration Script: SMBLDAP-ldif-preconfig.sh Part A</a></dt><dt>15.7. <a href="appendix.html#sbehap-ldapreconfb">LDAP Pre-configuration Script: SMBLDAP-ldif-preconfig.sh Part B</a></dt><dt>15.8. <a href="appendix.html#sbehap-ldapreconfc">LDAP Pre-configuration Script: SMBLDAP-ldif-preconfig.sh Part C</a></dt><dt>15.9. <a href="appendix.html#sbehap-ldifpata">LDIF Pattern File Used to Pre-configure LDAP Part A</a></dt><dt>15.10. <a href="appendix.html#sbehap-ldifpatb">LDIF Pattern File Used to Pre-configure LDAP Part B</a></dt><dt>15.11. <a href="appendix.html#lamcfg">Example LAM Configuration File config.cfg</a></dt><dt>15.12. <a href="appendix.html#lamconf">LAM Profile Control File lam.conf</a></dt></dl></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="pr01.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top"> </td><td width="20%" align="center"> </td><td width="40%" align="right" valign="top"> About the Cover Artwork</td></tr></table></div></body></html> diff --git a/docs/htmldocs/Samba3-ByExample/ix01.html b/docs/htmldocs/Samba3-ByExample/ix01.html index 4b52dd66d8..06a742e500 100644 --- a/docs/htmldocs/Samba3-ByExample/ix01.html +++ b/docs/htmldocs/Samba3-ByExample/ix01.html @@ -1 +1 @@ -<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Index</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="index.html" title="Samba-3 by Example"><link rel="prev" href="go01.html" title="Glossary"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Index</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="go01.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> </td></tr></table><hr></div><div class="index"><div class="titlepage"><div><div><h2 class="title"><a name="id2630860"></a>Index</h2></div></div></div><div class="index"><div class="indexdiv"><h3>Symbols</h3><dl><dt>%LOGONSERVER%, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>%USERNAME%, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a>, <a class="indexterm" href="happy.html#id2572694">Profile Changes</a></dt><dt>%USERPROFILE%, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>/data/ldap, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>/etc/cups/mime.convs, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a></dt><dt>/etc/cups/mime.types, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a></dt><dt>/etc/dhcpd.conf, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>/etc/exports, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a></dt><dt>/etc/group, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>/etc/hosts, <a class="indexterm" href="simple.html#id2551082">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a>, <a class="indexterm" href="HA.html#id2619531">Bad Hostnames</a></dt><dt>/etc/krb5.conf, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a>, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>/etc/ldap.conf, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a>, <a class="indexterm" href="unixclients.html#id2596001">IDMAP and NSS Using LDAP from ADS with RFC2307bis Schema Extension</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>/etc/mime.convs, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>/etc/mime.types, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>/etc/named.conf, <a class="indexterm" href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a></dt><dt>/etc/nsswitch.conf, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a>, <a class="indexterm" href="Big500users.html#ch5-domsvrspec">Configuration Specific to Domain Member Servers: BLDG1, BLDG2</a>, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="unixclients.html#id2596001">IDMAP and NSS Using LDAP from ADS with RFC2307bis Schema Extension</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>/etc/openldap/slapd.conf, <a class="indexterm" href="happy.html#id2573271">Debugging LDAP</a>, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>/etc/passwd, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a>, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a>, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a>, <a class="indexterm" href="primer.html#id2627256">Findings and Comments</a></dt><dt>/etc/rc.d/boot.local, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt><dt>/etc/rc.d/rc.local, <a class="indexterm" href="small.html#id2555812">Implementation</a></dt><dt>/etc/resolv.conf, <a class="indexterm" href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a></dt><dt>/etc/samba, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>/etc/samba/secrets.tdb, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>/etc/samba/smbusers, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a></dt><dt>/etc/shadow, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a></dt><dt>/etc/squid/squid.conf, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>/etc/syslog.conf, <a class="indexterm" href="happy.html#id2573271">Debugging LDAP</a></dt><dt>/etc/xinetd.d, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a>, <a class="indexterm" href="Big500users.html#ch5-procstart">Process Startup Configuration</a></dt><dt>/lib/libnss_ldap.so.2, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></dt><dt>/opt/IDEALX/sbin, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>/proc/sys/net/ipv4/ip_forward, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a></dt><dt>/usr/bin, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>/usr/lib/samba, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>/usr/local, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>/usr/local/samba, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>/usr/local/samba/var/locks, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a></dt><dt>/usr/sbin, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>/usr/share, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>/usr/share/samba/swat, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>/usr/share/swat, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>/var/cache/samba, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a></dt><dt>/var/lib/samba, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a>, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>/var/log/ldaplogs, <a class="indexterm" href="happy.html#id2573271">Debugging LDAP</a></dt><dt>/var/log/samba, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>8-bit, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt></dl></div><div class="indexdiv"><h3></h3><dl><dt>, <a class="indexterm" href="simple.html#id2551082">Implementation</a>, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="secure.html#ch4appscfg">Application Share Configuration</a>, <a class="indexterm" href="Big500users.html#id2565659">Implementation</a>, <a class="indexterm" href="happy.html#sbehap-ppc">Addition of Machines to the Domain</a>, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="happy.html#sbehap-bldg1">Samba-3 BDC Configuration</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#dcwonss">NT4/Samba Domain with Samba Domain Member Server without NSS Support</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a>, <a class="indexterm" href="unixclients.html#id2596001">IDMAP and NSS Using LDAP from ADS with RFC2307bis Schema Extension</a>, <a class="indexterm" href="upgrades.html#sbeug1">Location of config files</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="DomApps.html#id2617691">NSS Configuration</a></dt><dd><dl><dt>Domain account, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>liability, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>logon, <a class="indexterm" href="simple.html#id2551974">Implementation</a></dt><dt>problem, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>transparent inter-operability, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt></dl></dd></dl></div><div class="indexdiv"><h3>A</h3><dl><dt>abmas-netfw.sh, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a></dt><dt>accept, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a></dt><dt>accepts liability, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>access, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>access control, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a>, <a class="indexterm" href="kerberos.html#id2614727">Using the MMC Computer Management Interface</a></dt><dt>Access Control Lists (see ACLs)</dt><dt>access control settings, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>access controls, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>accessible, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>account, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dd><dl><dt>ADS Domain, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></dd><dt>account credentials, <a class="indexterm" href="primer.html#id2627256">Findings and Comments</a></dt><dt>account information, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>account names, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>account policies, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>accountable, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>accounts</dt><dd><dl><dt>authoritative, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>Domain, <a class="indexterm" href="ntmigration.html#id2601336">Introduction</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>group, <a class="indexterm" href="ntmigration.html#id2601336">Introduction</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>machine, <a class="indexterm" href="ntmigration.html#id2601336">Introduction</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>manage, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>user, <a class="indexterm" href="ntmigration.html#id2601336">Introduction</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt></dl></dd><dt>ACL, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>ACLs, <a class="indexterm" href="happy.html#id2583229">Key Points Learned</a>, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a>, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>acquisitions, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Act!, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>ACT! database, <a class="indexterm" href="appendix.html#id2625156">Act! Database Sharing</a></dt><dt>Act!Diag, <a class="indexterm" href="appendix.html#id2625156">Act! Database Sharing</a></dt><dt>Active Directory, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="happy.html#sbehap-locgrppol">The Local Group Policy</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#id2589319">Assignment Tasks</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2615399">Key Points Learned</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a>, <a class="indexterm" href="DomApps.html">Integrating Additional Services</a>, <a class="indexterm" href="DomApps.html#id2616193">Assignment Tasks</a>, <a class="indexterm" href="DomApps.html#id2616327">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a>, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt><dd><dl><dt>authentication, <a class="indexterm" href="DomApps.html#id2617956">Squid Configuration</a></dt><dt>domain, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>join, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>management tools, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>realm, <a class="indexterm" href="HA.html#id2619531">Bad Hostnames</a></dt><dt>Replacement, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>server, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>Server, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>tree, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt></dl></dd><dt>active directory, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>AD printer publishing, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>ADAM, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a></dt><dt>add group script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>add machine script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>Add Printer Wizard</dt><dd><dl><dt>APW, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt></dl></dd><dt>add user script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>add user to group script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>adduser, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt><dt>adequate precautions, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a></dt><dt>administrative installation, <a class="indexterm" href="secure.html#ch4appscfg">Application Share Configuration</a></dt><dt>administrative rights, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>administrator, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a></dt><dt>ADMT, <a class="indexterm" href="upgrades.html#id2601164">Migration of Samba Accounts to Active Directory</a></dt><dt>ADS, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a>, <a class="indexterm" href="HA.html#id2619531">Bad Hostnames</a></dt><dd><dl><dt>server, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></dd><dt>ADS Domain, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>affordability, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>alarm, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>algorithm, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>allow trusted domains, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>alternative, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>analysis, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>anonymous connection, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>Apache Web server, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>appliance mode, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>application server, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="secure.html#ch4appscfg">Application Share Configuration</a></dt><dt>application servers, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>application/octet-stream, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>APW, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>arp, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>assessment, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>assistance, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>assumptions, <a class="indexterm" href="HA.html#id2620832">Key Points Learned</a></dt><dt>authconfig, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></dt><dt>authenticate, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>authenticated, <a class="indexterm" href="DomApps.html#id2616193">Assignment Tasks</a></dt><dt>authenticated connection, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>authentication, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a>, <a class="indexterm" href="DomApps.html">Integrating Additional Services</a>, <a class="indexterm" href="DomApps.html#id2616327">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2617691">NSS Configuration</a>, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dd><dl><dt>plain-text, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt></dl></dd><dt>authentication process, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a></dt><dt>authentication protocols, <a class="indexterm" href="DomApps.html#id2618352">Key Points Learned</a></dt><dt>authoritative, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>authorized location, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>auto-generated SID, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>automatically allocate, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>availability, <a class="indexterm" href="HA.html">Performance, Reliability, and Availability</a></dt></dl></div><div class="indexdiv"><h3>B</h3><dl><dt>backends, <a class="indexterm" href="DomApps.html">Integrating Additional Services</a></dt><dt>background communication, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>Backup, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Backup Domain Controller (see BDC)</dt><dt>bandwidth, <a class="indexterm" href="DomApps.html#id2616193">Assignment Tasks</a></dt><dd><dl><dt>requirements, <a class="indexterm" href="2000users.html#id2584178">User Needs</a></dt></dl></dd><dt>bandwidth calculations, <a class="indexterm" href="secure.html#id2559155">Hardware Requirements</a></dt><dt>BDC, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a>, <a class="indexterm" href="happy.html">Making Happy Users</a>, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a>, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="happy.html#id2573956">Samba Server Implementation</a>, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="2000users.html#id2588260">Key Points Learned</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a>, <a class="indexterm" href="HA.html#id2620323">Use and Location of BDCs</a></dt><dt>benefit, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>best practices, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>bias, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>binary database, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>binary files, <a class="indexterm" href="upgrades.html#id2600436">Updating a Samba-3 Installation</a></dt><dt>binary package, <a class="indexterm" href="upgrades.html#id2600436">Updating a Samba-3 Installation</a></dt><dt>bind interfaces only, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>broadcast, <a class="indexterm" href="HA.html#id2619723">Routed Networks</a>, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dd><dl><dt>directed, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>mailslot, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt></dl></dd><dt>broadcast messages, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>broadcast storms, <a class="indexterm" href="HA.html#id2619896">Network Collisions</a></dt><dt>broken, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>broken behavior, <a class="indexterm" href="HA.html#id2619019">Dissection and Discussion</a></dt><dt>browse, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>browse master, <a class="indexterm" href="primer.html#id2626005">Findings</a></dt><dt>Browse Master, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dt>browse.dat, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a></dt><dt>Browser Election Service, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dt>browsing, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2616327">Technical Issues</a>, <a class="indexterm" href="primer.html#id2625629">Assignment Tasks</a></dt><dt>budgetted, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>bug fixes, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>bug report, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt></dl></div><div class="indexdiv"><h3>C</h3><dl><dt>cache, <a class="indexterm" href="appendix.html#id2625241">Opportunistic Locking Controls</a></dt><dt>cache directories, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>caching, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>case-sensitive, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>centralized storage, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>character set, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt><dt>check samba daemons, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>check-point, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>check-point controls, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>Checkpoint Controls, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>chgrp, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>chkconfig, <a class="indexterm" href="simple.html#id2551082">Implementation</a>, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a>, <a class="indexterm" href="Big500users.html#ch5-procstart">Process Startup Configuration</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>chmod, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>choice, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>chown, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>CIFS, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="primer.html#id2626005">Findings</a></dt><dt>cifsfs, <a class="indexterm" href="HA.html#id2619019">Dissection and Discussion</a></dt><dt>clean database, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>clients per DC, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>Clock skew, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>cluster, <a class="indexterm" href="HA.html#id2618932">Introduction</a></dt><dt>clustering, <a class="indexterm" href="HA.html#id2618932">Introduction</a>, <a class="indexterm" href="HA.html#id2620420">For Scalability, Use SAN-Based Storage on Samba Servers</a></dt><dt>code maintainer, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>codepage, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt><dt>collision rates, <a class="indexterm" href="HA.html#id2619896">Network Collisions</a></dt><dt>commercial, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>commercial software, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>commercial support, <a class="indexterm" href="ch14.html">Samba Support</a>, <a class="indexterm" href="ch14.html#id2621220">Commercial Support</a></dt><dt>Common Internet File System (see CIFS)</dt><dt>comparison</dt><dd><dl><dt>Active Directory & OpenLDAP, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt></dl></dd><dt>compat, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>compatible, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>compile-time, <a class="indexterm" href="upgrades.html#sbeug1">Location of config files</a></dt><dt>complexities, <a class="indexterm" href="HA.html#id2619019">Dissection and Discussion</a></dt><dt>compromise, <a class="indexterm" href="happy.html#id2571190">Introduction</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>computer account, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>Computer Management, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>computer name, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>condemns, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>conferences, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>configuration files, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a></dt><dt>configure.pl, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>connection, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>connectivity, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>consequential risk, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>consultant, <a class="indexterm" href="simple.html#id2550946">Drafting Office</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>consumer, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>consumer expects, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>contiguous directory, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>contributions, <a class="indexterm" href="upgrades.html">Updating Samba-3</a></dt><dt>control files, <a class="indexterm" href="upgrades.html#id2600436">Updating a Samba-3 Installation</a></dt><dt>convmv, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt><dt>copy, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>corrective action, <a class="indexterm" href="HA.html#id2620570">Hardware Problems</a></dt><dt>cost, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>cost-benefit, <a class="indexterm" href="nw4migration.html#id2606147">Assignment Tasks</a></dt><dt>country of origin, <a class="indexterm" href="ch14.html#id2621220">Commercial Support</a></dt><dt>Courier-IMAP, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>credential, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>credentials, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>crippled, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>criticism, <a class="indexterm" href="kerberos.html">Active Directory, Kerberos, and Security</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Critics, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>Cryptographic, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>CUPS, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="small.html#id2555593">Technical Issues</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="small.html#id2558030">Key Points Learned</a>, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a>, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dd><dl><dt>queue, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt></dl></dd><dt>cupsd, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a></dt><dt>customer expected, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>customers, <a class="indexterm" href="ch14.html">Samba Support</a></dt></dl></div><div class="indexdiv"><h3>D</h3><dl><dt>daemon, <a class="indexterm" href="simple.html#validate1">Validation</a>, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="DomApps.html#id2616327">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a>, <a class="indexterm" href="appendix.html#id2622349">Starting Samba</a></dt><dt>daemon control, <a class="indexterm" href="Big500users.html#ch5-procstart">Process Startup Configuration</a></dt><dt>data</dt><dd><dl><dt>corruption, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>integrity, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt></dl></dd><dt>data corruption, <a class="indexterm" href="HA.html#id2620570">Hardware Problems</a>, <a class="indexterm" href="appendix.html#id2625156">Act! Database Sharing</a></dt><dt>data integrity, <a class="indexterm" href="HA.html#id2620570">Hardware Problems</a>, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>data storage, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a></dt><dt>database, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a></dt><dt>database applications, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>DB_CONFIG, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>DCE, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>DDNS (see dynamic DNS)</dt><dt>Debian, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>default installation, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>default password, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>default profile, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt><dt>Default User, <a class="indexterm" href="happy.html#id2572694">Profile Changes</a>, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>defective</dt><dd><dl><dt>cables, <a class="indexterm" href="HA.html#id2620570">Hardware Problems</a></dt><dt>HUBs, <a class="indexterm" href="HA.html#id2620570">Hardware Problems</a></dt><dt>switches, <a class="indexterm" href="HA.html#id2620570">Hardware Problems</a></dt></dl></dd><dt>defects, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>defensible standards, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>defragmentation, <a class="indexterm" href="secure.html#ch4wincfg">Windows Client Configuration</a></dt><dt>delete group script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>delete user from group script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>delimiter, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>dependability, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>deployment, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>desired security setting, <a class="indexterm" href="kerberos.html#id2615189">Setting Posix ACLs in UNIX/Linux</a></dt><dt>development, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>DHCP, <a class="indexterm" href="small.html#id2555593">Technical Issues</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="small.html#id2558030">Key Points Learned</a>, <a class="indexterm" href="secure.html#ch4wincfg">Windows Client Configuration</a>, <a class="indexterm" href="Big500users.html#ch5wincfg">Windows Client Configuration</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dd><dl><dt>client, <a class="indexterm" href="HA.html#id2619531">Bad Hostnames</a></dt><dt>relay, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a></dt><dt>Relay Agent, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>request, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>requests, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a></dt><dt>servers, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>traffic, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt></dl></dd><dt>dhcp client validation, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>DHCP Server, <a class="indexterm" href="small.html#id2555812">Implementation</a></dt><dt>DHCP server, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a></dt><dt>diagnostic, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a></dt><dt>diffusion, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>digital rights, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>digital sign'n'seal, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>digits, <a class="indexterm" href="HA.html#id2619531">Bad Hostnames</a></dt><dt>diligence, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>directory, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#id2590032">Political Issues</a>, <a class="indexterm" href="upgrades.html#sbeug1">Location of config files</a></dt><dd><dl><dt>Computers container, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>management, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>People container, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>replication, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>schema, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>server, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt><dt>synchronization, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt></dl></dd><dt>directory tree, <a class="indexterm" href="kerberos.html#id2615189">Setting Posix ACLs in UNIX/Linux</a></dt><dt>disable, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>disaster recovery, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>disk image, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a></dt><dt>disruptive, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>distributed, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="HA.html#id2620470">Distribute Network Load with MSDFS</a></dt><dt>distributed domain, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>DMB, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dt>DMS, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a></dt><dt>DNS, <a class="indexterm" href="small.html#id2555593">Technical Issues</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="HA.html#id2619531">Bad Hostnames</a>, <a class="indexterm" href="HA.html#id2619723">Routed Networks</a>, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt><dd><dl><dt>configuration, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>Dynamic, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>dynamic, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt><dt>lookup, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>name lookup, <a class="indexterm" href="HA.html#id2619531">Bad Hostnames</a></dt><dt>SRV records, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>suffix, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt></dl></dd><dt>DNS server, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a></dt><dt>document the settings, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>documentation, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>documented, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>Domain, <a class="indexterm" href="small.html#id2555593">Technical Issues</a></dt><dd><dl><dt>groups, <a class="indexterm" href="small.html#id2555593">Technical Issues</a></dt></dl></dd><dt>domain</dt><dd><dl><dt>Active Directory, <a class="indexterm" href="DomApps.html#id2616327">Technical Issues</a></dt><dt>controller, <a class="indexterm" href="upgrades.html#id2600964">Replacing a Domain Controller</a></dt><dt>joining, <a class="indexterm" href="appendix.html">A Collection of Useful Tidbits</a></dt><dt>trusted, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt></dl></dd><dt>Domain accounts, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>Domain Administrator, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>Domain Controller, <a class="indexterm" href="small.html#id2558030">Key Points Learned</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a>, <a class="indexterm" href="HA.html#id2620323">Use and Location of BDCs</a></dt><dd><dl><dt>closest, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt></dl></dd><dt>domain controller, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>domain controllers, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>Domain Controllers, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>Domain Groups</dt><dd><dl><dt>well-known, <a class="indexterm" href="appendix.html#id2622954">Initialization of the LDAP Database</a></dt></dl></dd><dt>Domain join, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>domain master, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a>, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a></dt><dt>Domain Master Browser (see DMB)</dt><dt>Domain Member, <a class="indexterm" href="HA.html#id2620323">Use and Location of BDCs</a></dt><dd><dl><dt>authoritative</dt><dd><dl><dt>local accounts, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt></dl></dd><dt>client, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a></dt><dt>desktop, <a class="indexterm" href="unixclients.html#id2589266">Introduction</a></dt><dt>server, <a class="indexterm" href="unixclients.html#id2589266">Introduction</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>servers, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>workstations, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a></dt></dl></dd><dt>domain member</dt><dd><dl><dt>servers, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt></dl></dd><dt>Domain Member server, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>Domain Member servers, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>domain members, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>domain name space, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>domain replication, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>domain SID, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>Domain SID, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>domain tree, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>Domain User Manager, <a class="indexterm" href="happy.html#id2580918">Configuring Profile Directories</a></dt><dt>Domain users, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>DOS, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>dos2unix, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt><dt>down-grade, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a></dt><dt>drive letters, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>drive mapping, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>dumb printing, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a></dt><dt>dump, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>duplicate accounts, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a></dt><dt>dynamic DNS, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a></dt></dl></div><div class="indexdiv"><h3>E</h3><dl><dt>e-Directory, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a></dt><dt>Easy Software Products, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a></dt><dt>economically sustainable, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>eDirectory, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>education, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>election, <a class="indexterm" href="primer.html#id2626005">Findings</a></dt><dt>employment, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>enable, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a></dt><dt>encrypted, <a class="indexterm" href="primer.html#id2627256">Findings and Comments</a></dt><dt>encrypted password, <a class="indexterm" href="primer.html#id2627521">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>encrypted passwords, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>End User License Agreement (see EULA)</dt><dt>enumerating, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>essential, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>ethereal, <a class="indexterm" href="primer.html#id2625745">Exercises</a></dt><dt>Ethernet switch, <a class="indexterm" href="small.html#id2555593">Technical Issues</a></dt><dt>ethernet switch, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>EULA, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>Everyone, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>Excel, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>exclusive open, <a class="indexterm" href="appendix.html#id2625009">Microsoft Access</a></dt><dt>experiment, <a class="indexterm" href="kerberos.html">Active Directory, Kerberos, and Security</a></dt><dt>export, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>extent, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>External Domains, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>extreme demand, <a class="indexterm" href="HA.html#id2619492">Guidelines for Reliable Samba Operation</a></dt></dl></div><div class="indexdiv"><h3>F</h3><dl><dt>fail, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>fail-over, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>failed, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>failed join, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>failure, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>familiar, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>fatal problem, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>fear, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>fears, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>Fedora, <a class="indexterm" href="simple.html#id2550946">Drafting Office</a></dt><dt>FHS, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>file and print server, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>file and print service, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>file caching, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a>, <a class="indexterm" href="appendix.html#id2625241">Opportunistic Locking Controls</a></dt><dt>File Hierarchy System (see FHS)</dt><dt>file locations, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>file permissions, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>file server</dt><dd><dl><dt>read-only, <a class="indexterm" href="simple.html#id2551026">Dissection and Discussion</a></dt></dl></dd><dt>file servers, <a class="indexterm" href="happy.html#id2573956">Samba Server Implementation</a></dt><dt>file system, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dd><dl><dt>access control, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a></dt><dt>Ext3, <a class="indexterm" href="simple.html#id2551082">Implementation</a></dt><dt>permissions, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt></dl></dd><dt>file system security, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>filter, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>financial responsibility, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>firewall, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>fix, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>flaws, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>flexibility, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>flush</dt><dd><dl><dt>cache memory, <a class="indexterm" href="appendix.html#id2625241">Opportunistic Locking Controls</a></dt></dl></dd><dt>folder redirection, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>force group, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>force user, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>forced settings, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a></dt><dt>foreign, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>foreign SID, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>forwarded, <a class="indexterm" href="HA.html#id2619723">Routed Networks</a></dt><dt>foundation members, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>Free Standards Group (see FSG)</dt><dt>free support, <a class="indexterm" href="ch14.html">Samba Support</a>, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>front-end, <a class="indexterm" href="HA.html#id2619019">Dissection and Discussion</a></dt><dd><dl><dt>server, <a class="indexterm" href="HA.html#id2620470">Distribute Network Load with MSDFS</a></dt></dl></dd><dt>frustration, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a></dt><dt>FSG, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>FTP</dt><dd><dl><dt>proxy, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt></dl></dd><dt>full control, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a>, <a class="indexterm" href="kerberos.html#id2615018">Using MS Windows Explorer (File Manager)</a></dt><dt>fully qualified, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>functional differences, <a class="indexterm" href="upgrades.html#id2598223">Cautions and Notes</a></dt></dl></div><div class="indexdiv"><h3>G</h3><dl><dt>generation, <a class="indexterm" href="upgrades.html#id2598223">Cautions and Notes</a></dt><dt>Gentoo, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>getent, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="happy.html#sbehap-bldg1">Samba-3 BDC Configuration</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>getfacl, <a class="indexterm" href="kerberos.html#id2615189">Setting Posix ACLs in UNIX/Linux</a></dt><dt>getgrnam, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>getpwnam, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>getpwnam(), <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>GID, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>Goettingen, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>government, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>GPL, <a class="indexterm" href="secure.html#id2564111">Comments Regarding Software Terms of Use</a></dt><dt>group account, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>group management, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>group mapping, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>group membership, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>group names, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>group policies, <a class="indexterm" href="ntmigration.html#id2601336">Introduction</a></dt><dt>Group Policy, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt><dt>Group Policy editor, <a class="indexterm" href="happy.html#sbehap-locgrppol">The Local Group Policy</a></dt><dt>Group Policy Objects, <a class="indexterm" href="happy.html#sbehap-locgrppol">The Local Group Policy</a></dt><dt>groupadd, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>groupdel, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>groupmem, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>groupmod, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>GSS-API, <a class="indexterm" href="primer.html#id2627521">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>guest account, <a class="indexterm" href="primer.html#id2627256">Findings and Comments</a>, <a class="indexterm" href="primer.html#chap01conc">Dissection and Discussion</a>, <a class="indexterm" href="primer.html#id2628204">Technical Issues</a>, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt></dl></div><div class="indexdiv"><h3>H</h3><dl><dt>hackers, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>hardware prices, <a class="indexterm" href="HA.html#id2620570">Hardware Problems</a></dt><dt>hardware problems, <a class="indexterm" href="HA.html#id2620570">Hardware Problems</a></dt><dt>Heimdal, <a class="indexterm" href="DomApps.html#id2616500">Implementation</a>, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>Heimdal Kerberos, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>Heimdal kerberos, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a></dt><dt>help, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>helper agent, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>hesiod, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>hierarchy of control, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>high availability, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>hire, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>HKEY_CURRENT_USER, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a></dt><dt>HKEY_LOCAL_MACHINE, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>HKEY_LOCAL_USER, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>host announcement, <a class="indexterm" href="primer.html#id2625629">Assignment Tasks</a>, <a class="indexterm" href="primer.html#id2626658">Findings</a></dt><dt>hostname, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>hosts, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>HUB, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>Hybrid, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dt>hypothetical, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt></dl></div><div class="indexdiv"><h3>I</h3><dl><dt>Idealx, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dd><dl><dt>smbldap-tools, <a class="indexterm" href="happy.html#sbeidealx">Install and Configure Idealx smbldap-tools Scripts</a>, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt></dl></dd><dt>identifiers, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>identity, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dd><dl><dt>management, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt></dl></dd><dt>identity management, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#id2590032">Political Issues</a>, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a></dt><dt>Identity Management, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>Identity management, <a class="indexterm" href="unixclients.html#id2596338">UNIX/Linux Client Domain Member</a></dt><dt>Identity resolution, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2596338">UNIX/Linux Client Domain Member</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>Identity resolver, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>IDMAP, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>idmap backend, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>IDMAP backend, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>idmap gid, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>idmap uid, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>idmap_rid, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>IMAP, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a></dt><dt>import, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>income, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>independent expert, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>inetd, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a></dt><dt>inetOrgPerson, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a></dt><dt>inheritance, <a class="indexterm" href="kerberos.html#id2615189">Setting Posix ACLs in UNIX/Linux</a></dt><dt>initGrps.sh, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt><dt>initial credentials, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>inoperative, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>install, <a class="indexterm" href="upgrades.html">Updating Samba-3</a></dt><dt>installation, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>integrate, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>integrity, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>inter-domain, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>inter-operability, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615399">Key Points Learned</a>, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>interactive help, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>interdomain trusts, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>interfaces, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>intermittent, <a class="indexterm" href="HA.html#id2620570">Hardware Problems</a></dt><dt>internationalization, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt><dt>Internet Explorer, <a class="indexterm" href="DomApps.html#id2616327">Technical Issues</a></dt><dt>Internet Information Server, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>interoperability, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>IP forwarding, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt><dt>IPC$, <a class="indexterm" href="primer.html#id2627256">Findings and Comments</a></dt><dt>iptables, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a></dt><dt>IRC, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>isolated, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Italian, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt></dl></div><div class="indexdiv"><h3>J</h3><dl><dt>jobs, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>joining a domain, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt></dl></div><div class="indexdiv"><h3>K</h3><dl><dt>KDC, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>Kerberos, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615399">Key Points Learned</a>, <a class="indexterm" href="DomApps.html#id2616327">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2616500">Implementation</a>, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dd><dl><dt>Heimdal, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>interoperability, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>libraries, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>MIT, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>unspecified fields, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt></dl></dd><dt>kerberos, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dd><dl><dt>server, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt></dl></dd><dt>Kerberos ticket, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>kinit, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>Kixtart, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>klist, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>krb5, <a class="indexterm" href="DomApps.html#id2616500">Implementation</a></dt><dt>krb5.conf, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt></dl></div><div class="indexdiv"><h3>L</h3><dl><dt>LAM, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dd><dl><dt>configuration editor, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>configuration file, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>login screen, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>opening screen, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>profile, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>wizard, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt></dl></dd><dt>large domain, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>LDAP, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a>, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a>, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#id2573037">Preliminary Advice: Dangers Can Be Avoided</a>, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="2000users.html#id2583767">Introduction</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="2000users.html#id2588260">Key Points Learned</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2601421">Assignment Tasks</a>, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dd><dl><dt>backend, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>database, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="appendix.html#altldapcfg">Alternative LDAP Database Initialization</a></dt><dt>directory, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>fail-over, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>initial configuration, <a class="indexterm" href="appendix.html#altldapcfg">Alternative LDAP Database Initialization</a></dt><dt>master, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>master/slave</dt><dd><dl><dt>background communication, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt></dl></dd><dt>preload, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>schema, <a class="indexterm" href="upgrades.html#id2600580">Updating from Samba Versions between 3.0.6 and 3.0.10</a></dt><dt>secure, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt><dt>server, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>slave, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>updates, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt></dl></dd><dt>ldap, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>LDAP Account Manager (see LAM)</dt><dt>LDAP backend, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>LDAP database, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>LDAP Interchange Format (see LDIF)</dt><dt>LDAP server, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>LDAP-transfer-LDIF.txt, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>ldap.conf, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>ldapadd, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>ldapsam, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="upgrades.html#id2600580">Updating from Samba Versions between 3.0.6 and 3.0.10</a>, <a class="indexterm" href="ntmigration.html#id2601421">Assignment Tasks</a>, <a class="indexterm" href="DomApps.html">Integrating Additional Services</a></dt><dt>ldapsam backend, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>ldapsearch, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>LDIF, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="appendix.html#id2622954">Initialization of the LDAP Database</a></dt><dt>leadership, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>Lightweight Directory Access Protocol (see LDAP)</dt><dt>limit, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>Linux desktop, <a class="indexterm" href="unixclients.html#id2589266">Introduction</a></dt><dt>Linux Standards Base (see LSB)</dt><dt>LMB, <a class="indexterm" href="primer.html#id2626005">Findings</a>, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dt>LMHOSTS, <a class="indexterm" href="HA.html#id2619723">Routed Networks</a></dt><dt>load distribution, <a class="indexterm" href="HA.html#id2620420">For Scalability, Use SAN-Based Storage on Samba Servers</a></dt><dt>local accounts, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>Local Group Policy, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a></dt><dt>Local Master Announcement, <a class="indexterm" href="primer.html#id2626658">Findings</a></dt><dt>Local Master Browser (see LMB)</dt><dt>localhost, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="HA.html#id2619531">Bad Hostnames</a></dt><dt>lock directory, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a></dt><dt>locking</dt><dd><dl><dt>Application level, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>Client side, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>Server side, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt></dl></dd><dt>logging, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>login, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a></dt><dt>loglevel, <a class="indexterm" href="happy.html#id2573271">Debugging LDAP</a></dt><dt>logon credentials, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>logon hours, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615399">Key Points Learned</a></dt><dt>logon machines, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>logon path, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>logon process, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a></dt><dt>logon scrip, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a></dt><dt>logon script, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#id2581163">Preparation of Logon Scripts</a>, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>logon server, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>logon services, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>logon time, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a></dt><dt>logon traffic, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>logon.kix, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>loopback, <a class="indexterm" href="simple.html#validate1">Validation</a></dt><dt>low performance, <a class="indexterm" href="HA.html#id2620570">Hardware Problems</a></dt><dt>lower-case, <a class="indexterm" href="ntmigration.html#id2602011">Implementation</a></dt><dt>lpadmin, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>LSB, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt></dl></div><div class="indexdiv"><h3>M</h3><dl><dt>machine, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>machine account, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a></dt><dt>machine accounts, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>machine secret password, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a></dt><dt>MACHINE.SID, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>mailing list, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>mailing lists, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>managed, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>management, <a class="indexterm" href="unixclients.html#id2590032">Political Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dd><dl><dt>group, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>User, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></dd><dt>mandatory profile, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#id2580918">Configuring Profile Directories</a></dt><dt>Mandrake, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>mapped drives, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>mapping, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dd><dl><dt>consistent, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt></dl></dd><dt>Mars_NWE, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>master, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a></dt><dt>material, <a class="indexterm" href="appendix.html">A Collection of Useful Tidbits</a></dt><dt>memberUID, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>memory requirements, <a class="indexterm" href="secure.html#id2559155">Hardware Requirements</a></dt><dt>merge, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>merged, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>meta-directory, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>meta-service, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>Microsoft Access, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>Microsoft Excel, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>Microsoft ISA, <a class="indexterm" href="DomApps.html#id2616193">Assignment Tasks</a></dt><dt>Microsoft Management Console (see MMC)</dt><dt>Microsoft Office, <a class="indexterm" href="secure.html#ch4appscfg">Application Share Configuration</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>Microsoft Outlook</dt><dd><dl><dt>PST files, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt></dl></dd><dt>migrate, <a class="indexterm" href="upgrades.html">Updating Samba-3</a>, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>migration, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a>, <a class="indexterm" href="ntmigration.html#id2601336">Introduction</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dd><dl><dt>objectives, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt></dl></dd><dt>Migration speed, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>mime type, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>mime types, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a></dt><dt>missing RPC's, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>MIT, <a class="indexterm" href="DomApps.html#id2616500">Implementation</a>, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>MIT Kerberos, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>MIT kerberos, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a></dt><dt>MIT KRB5, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>mixed mode, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>mixed-mode, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>MMC, <a class="indexterm" href="happy.html#id2582477">Configure Delete Cached Profiles on Logout</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>mobile computing, <a class="indexterm" href="small.html#id2555545">Dissection and Discussion</a></dt><dt>mobility, <a class="indexterm" href="2000users.html#id2584139">Technical Issues</a></dt><dt>modularization, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>modules, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>MS Access</dt><dd><dl><dt>validate, <a class="indexterm" href="appendix.html#id2625009">Microsoft Access</a></dt></dl></dd><dt>MS Outlook, <a class="indexterm" href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></dt><dd><dl><dt>PST, <a class="indexterm" href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></dt><dt>PST file, <a class="indexterm" href="happy.html">Making Happy Users</a></dt></dl></dd><dt>MS Windows Server 2003, <a class="indexterm" href="DomApps.html#id2616500">Implementation</a></dt><dt>MS Word, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>MSDFS, <a class="indexterm" href="HA.html#id2620470">Distribute Network Load with MSDFS</a></dt><dt>multi-subnet, <a class="indexterm" href="HA.html#id2619723">Routed Networks</a></dt><dt>multi-user</dt><dd><dl><dt>access, <a class="indexterm" href="appendix.html#id2625009">Microsoft Access</a></dt><dt>data access, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt></dl></dd><dt>multiple directories, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>multiple domain controllers, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>multiple group mappings, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>mutual assistance, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>My Documents, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a></dt><dt>My Network Places, <a class="indexterm" href="simple.html#id2551974">Implementation</a></dt><dt>mysqlsam, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt></dl></div><div class="indexdiv"><h3>N</h3><dl><dt>name resolution, <a class="indexterm" href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="primer.html#id2625629">Assignment Tasks</a></dt><dd><dl><dt>Defective, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt></dl></dd><dt>name resolve order, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>name service switch, <a class="indexterm" href="small.html#id2555812">Implementation</a> (see NSS)</dt><dt>named, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a></dt><dt>NAT, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a></dt><dt>native, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>net</dt><dd><dl><dt>ads</dt><dd><dl><dt>info, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>join, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>status, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt></dl></dd><dt>getlocalsid, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>group, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a></dt><dt>groupmap</dt><dd><dl><dt>add, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a></dt><dt>list, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>modify, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a></dt></dl></dd><dt>rpc</dt><dd><dl><dt>info, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>join, <a class="indexterm" href="Big500users.html#ch5-domsvrspec">Configuration Specific to Domain Member Servers: BLDG1, BLDG2</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#dcwonss">NT4/Samba Domain with Samba Domain Member Server without NSS Support</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a></dt><dt>vampire, <a class="indexterm" href="upgrades.html">Updating Samba-3</a>, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a></dt></dl></dd><dt>setlocalsid, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt></dl></dd><dt>NetBIOS, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="HA.html#id2619531">Bad Hostnames</a>, <a class="indexterm" href="HA.html#id2619723">Routed Networks</a>, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dd><dl><dt>name cache, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>name resolution</dt><dd><dl><dt>delays, <a class="indexterm" href="happy.html">Making Happy Users</a></dt></dl></dd><dt>Node Type, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt></dl></dd><dt>netbios</dt><dd><dl><dt>machine name, <a class="indexterm" href="upgrades.html#id2599055">Change of hostname</a></dt></dl></dd><dt>netbios forwarding, <a class="indexterm" href="HA.html#id2619896">Network Collisions</a></dt><dt>NetBIOS name, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dd><dl><dt>aliases, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt></dl></dd><dt>netbios name, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599055">Change of hostname</a>, <a class="indexterm" href="HA.html#id2619531">Bad Hostnames</a></dt><dt>NETLOGON, <a class="indexterm" href="happy.html#id2572788">Using a Network Default User Profile</a>, <a class="indexterm" href="happy.html#id2581407">Windows Client Configuration</a></dt><dt>netlogon, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>Netlogon, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt><dt>netmask, <a class="indexterm" href="simple.html#id2551082">Implementation</a></dt><dt>Netware, <a class="indexterm" href="small.html">Small Office Networking</a></dt><dt>NetWare, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>network</dt><dd><dl><dt>administrators, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>analyzer, <a class="indexterm" href="primer.html#id2625629">Assignment Tasks</a></dt><dt>bandwidth, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>broadcast, <a class="indexterm" href="primer.html#id2625568">Introduction</a></dt><dt>captures, <a class="indexterm" href="primer.html#id2625407">Requirements and Notes</a></dt><dt>collisions, <a class="indexterm" href="HA.html#id2619896">Network Collisions</a></dt><dt>load, <a class="indexterm" href="HA.html#id2619896">Network Collisions</a></dt><dt>logon, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>logon scripts, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>management, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>multi-segment, <a class="indexterm" href="happy.html#id2571190">Introduction</a></dt><dt>overload, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>performance, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>routed, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a></dt><dt>secure, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>segment, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>services, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>sniffer, <a class="indexterm" href="primer.html#id2625407">Requirements and Notes</a></dt><dt>timeout, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>timeouts, <a class="indexterm" href="HA.html#id2619896">Network Collisions</a></dt><dt>trace, <a class="indexterm" href="primer.html#id2625629">Assignment Tasks</a></dt><dt>traffic</dt><dd><dl><dt>observation, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></dd><dt>wide-area, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a></dt></dl></dd><dt>Network Address Translation (see NAT)</dt><dt>network administrators, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>network attached storage (see NAS)</dt><dt>network bandwidth</dt><dd><dl><dt>utilization, <a class="indexterm" href="happy.html">Making Happy Users</a></dt></dl></dd><dt>Network Default Profile, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a></dt><dt>network hardware</dt><dd><dl><dt>defective, <a class="indexterm" href="happy.html">Making Happy Users</a></dt></dl></dd><dt>network hygiene, <a class="indexterm" href="HA.html#id2619019">Dissection and Discussion</a></dt><dt>network Identities, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>network load factors, <a class="indexterm" href="Big500users.html#id2565398">Dissection and Discussion</a></dt><dt>Network Neighborhood, <a class="indexterm" href="simple.html#validate1">Validation</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>network segment, <a class="indexterm" href="HA.html#id2620323">Use and Location of BDCs</a></dt><dt>network segments, <a class="indexterm" href="secure.html#id2559155">Hardware Requirements</a></dt><dt>network share, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a></dt><dt>networking</dt><dd><dl><dt>client, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt></dl></dd><dt>networking hardware</dt><dd><dl><dt>defective, <a class="indexterm" href="happy.html">Making Happy Users</a></dt></dl></dd><dt>networking protocols, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>next generation, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>NextFreeUnixId, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>NFS server, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a></dt><dt>NICs, <a class="indexterm" href="HA.html#id2620570">Hardware Problems</a></dt><dt>NIS, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2590032">Political Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>nis, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>NIS schema, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>NIS server, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>NIS+, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>nisplus, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>NLM, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>nmap, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>nmbd, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a>, <a class="indexterm" href="appendix.html#id2622349">Starting Samba</a></dt><dt>nobody, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a>, <a class="indexterm" href="primer.html#id2627256">Findings and Comments</a></dt><dt>Novell, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a>, <a class="indexterm" href="nw4migration.html#id2606030">Introduction</a></dt><dt>Novell SUSE SLES 9, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>NSS, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="unixclients.html#id2596338">UNIX/Linux Client Domain Member</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="DomApps.html#id2617691">NSS Configuration</a> (see same service switch)</dt><dt>nss_ldap, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a>, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#id2596001">IDMAP and NSS Using LDAP from ADS with RFC2307bis Schema Extension</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>nt acl support, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a></dt><dt>NT4 registry, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>NTLM, <a class="indexterm" href="DomApps.html#id2616327">Technical Issues</a></dt><dt>NTLM authentication daemon, <a class="indexterm" href="DomApps.html#id2616327">Technical Issues</a></dt><dt>NTLMSSP, <a class="indexterm" href="DomApps.html#id2618352">Key Points Learned</a>, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a>, <a class="indexterm" href="primer.html#id2627521">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>NTLMSSP_AUTH, <a class="indexterm" href="primer.html#id2627521">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>ntlm_auth, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a>, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>NTP, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>NTUSER.DAT, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a>, <a class="indexterm" href="happy.html#id2572694">Profile Changes</a>, <a class="indexterm" href="happy.html#id2572788">Using a Network Default User Profile</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>NULL connection, <a class="indexterm" href="simple.html#validate1">Validation</a></dt><dt>NULL session, <a class="indexterm" href="primer.html#id2627256">Findings and Comments</a></dt><dt>NULL-Session, <a class="indexterm" href="primer.html#id2628058">Discussion</a></dt></dl></div><div class="indexdiv"><h3>O</h3><dl><dt>objectClass, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>off-site storage, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Open Magazine, <a class="indexterm" href="unixclients.html">Adding Domain Member Servers and Clients</a></dt><dt>Open Source, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>OpenLDAP, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="unixclients.html#id2590032">Political Issues</a>, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615399">Key Points Learned</a>, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>openldap, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>OpenOffice, <a class="indexterm" href="secure.html#ch4appscfg">Application Share Configuration</a></dt><dt>operating profiles, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>oplock break, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a></dt><dt>oplocks, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>Oplocks</dt><dd><dl><dt>disabled, <a class="indexterm" href="appendix.html#id2625241">Opportunistic Locking Controls</a></dt></dl></dd><dt>opportunistic</dt><dd><dl><dt>locking, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a></dt></dl></dd><dt>opportunistic locking, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a>, <a class="indexterm" href="appendix.html#id2625156">Act! Database Sharing</a></dt><dt>optimized, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>organizational units, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>OS/2, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>Outlook</dt><dd><dl><dt>PST, <a class="indexterm" href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></dt></dl></dd><dt>Outlook Address Book, <a class="indexterm" href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></dt><dt>Outlook Express, <a class="indexterm" href="secure.html#id2559309">Political Issues</a>, <a class="indexterm" href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></dt><dt>over-ride, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>over-ride controls, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a></dt><dt>over-rule, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a>, <a class="indexterm" href="kerberos.html#id2615018">Using MS Windows Explorer (File Manager)</a></dt><dt>overheads, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a></dt><dt>ownership, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt></dl></div><div class="indexdiv"><h3>P</h3><dl><dt>package, <a class="indexterm" href="simple.html#id2551082">Implementation</a></dt><dt>package names, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>packages, <a class="indexterm" href="upgrades.html#id2600436">Updating a Samba-3 Installation</a></dt><dt>PADL, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a></dt><dt>PADL LDAP tools, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt><dt>PADL Software, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>paid-for support, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>PAM, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="unixclients.html#id2596338">UNIX/Linux Client Domain Member</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>pam_ldap, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>pam_ldap.so, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></dt><dt>pam_unix2.so, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></dt><dd><dl><dt>use_ldap, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></dt></dl></dd><dt>parameters, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>passdb backend, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="Big500users.html">The 500-User Office</a>, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html">Updating Samba-3</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="upgrades.html#id2600580">Updating from Samba Versions between 3.0.6 and 3.0.10</a>, <a class="indexterm" href="ntmigration.html#id2601421">Assignment Tasks</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>passdb.tdb, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>passwd, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a></dt><dt>password</dt><dd><dl><dt>backend, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt></dl></dd><dt>password caching, <a class="indexterm" href="simple.html#id2551974">Implementation</a></dt><dt>password change, <a class="indexterm" href="kerberos.html#id2615399">Key Points Learned</a></dt><dt>password length, <a class="indexterm" href="primer.html#id2627019">Simple Windows Client Connection Characteristics</a>, <a class="indexterm" href="primer.html#id2627521">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>payroll, <a class="indexterm" href="nw4migration.html#id2606030">Introduction</a></dt><dt>pdbedit, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="happy.html#sbehap-bldg1">Samba-3 BDC Configuration</a>, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>PDC, <a class="indexterm" href="Big500users.html#id2565292">Assignment Tasks</a>, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a>, <a class="indexterm" href="happy.html">Making Happy Users</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#sbehap-locgrppol">The Local Group Policy</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2602011">Implementation</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a>, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a>, <a class="indexterm" href="HA.html#id2620323">Use and Location of BDCs</a></dt><dt>PDC/BDC ratio, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>PDF, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>performance, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a>, <a class="indexterm" href="HA.html">Performance, Reliability, and Availability</a>, <a class="indexterm" href="HA.html#id2618932">Introduction</a>, <a class="indexterm" href="HA.html#id2619896">Network Collisions</a></dt><dt>performance degradation, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a>, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>Perl, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>permission, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>permissions, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a>, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dd><dl><dt>excessive, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>group, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>user, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt></dl></dd><dt>Permissions, <a class="indexterm" href="kerberos.html#id2614727">Using the MMC Computer Management Interface</a></dt><dt>permits, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>permitted group, <a class="indexterm" href="kerberos.html#id2614727">Using the MMC Computer Management Interface</a></dt><dt>PHP, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>PHP4, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>pile-driver, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>ping, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>pitfalls, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>plain-text, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>Pluggable Authentication Modules (see PAM)</dt><dt>policy, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>poor performance, <a class="indexterm" href="HA.html#id2619019">Dissection and Discussion</a></dt><dt>POP3, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a></dt><dt>Posix, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="ntmigration.html#id2602011">Implementation</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>POSIX, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>Posix accounts, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>Posix ACLs, <a class="indexterm" href="kerberos.html#id2614672">Managing Windows 200x ACLs</a></dt><dt>PosixAccount, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>posixAccount, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>Postfix, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>Postscript, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a></dt><dt>powers, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>practices, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>precaution, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a></dt><dt>presence and leadership, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>price paid, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>primary group, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>principals, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>print filter, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>print queue, <a class="indexterm" href="simple.html#id2551655">Charity Administration Office</a>, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a></dt><dt>print spooler, <a class="indexterm" href="simple.html#id2551655">Charity Administration Office</a></dt><dt>Print Test Page, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>printcap name, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>printer validation, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>printers</dt><dd><dl><dt>Advanced, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>Default Settings, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>General, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>Properties, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>Security, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>Sharing, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt></dl></dd><dt>printing, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dd><dl><dt>drag-and-drop, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a>, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>dumb, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a></dt><dt>point-n-click, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a></dt><dt>raw, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a></dt></dl></dd><dt>privacy, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>Privilege Attribute Certificates (see PAC)</dt><dt>privilege controls, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>privileged pipe, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>privileges, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="upgrades.html#id2600658">Updating from Samba Versions after 3.0.6 to a Current Release</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>problem report, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>problem resolution, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>product defects, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>professional support, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>profile</dt><dd><dl><dt>default, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a></dt><dt>mandatory, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>roaming, <a class="indexterm" href="happy.html">Making Happy Users</a></dt></dl></dd><dt>profile path, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>profile share, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>profiles, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>profiles share, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>programmer, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>project, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>project maintainers, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>Properties, <a class="indexterm" href="kerberos.html#id2614727">Using the MMC Computer Management Interface</a></dt><dt>proprietary, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>protected, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>protection, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>protocol</dt><dd><dl><dt>negotiation, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt></dl></dd><dt>protocol analysis, <a class="indexterm" href="primer.html#id2625407">Requirements and Notes</a></dt><dt>protocols, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>provided services, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>proxy, <a class="indexterm" href="DomApps.html#id2616193">Assignment Tasks</a>, <a class="indexterm" href="DomApps.html#id2616327">Technical Issues</a></dt><dt>PST file, <a class="indexterm" href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></dt><dt>public specifications, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>purchase support, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt></dl></div><div class="indexdiv"><h3>Q</h3><dl><dt>Qbasic, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>qualified problem, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt></dl></div><div class="indexdiv"><h3>R</h3><dl><dt>RAID, <a class="indexterm" href="secure.html#id2559155">Hardware Requirements</a></dt><dt>RAID controllers, <a class="indexterm" href="HA.html#id2620570">Hardware Problems</a></dt><dt>Raw Print Through, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a></dt><dt>raw printing, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>Rbase, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>rcldap, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>realm, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a>, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>recognize, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>record locking, <a class="indexterm" href="appendix.html#id2625009">Microsoft Access</a></dt><dt>recursively, <a class="indexterm" href="kerberos.html#id2615189">Setting Posix ACLs in UNIX/Linux</a></dt><dt>Red Hat, <a class="indexterm" href="simple.html#id2550946">Drafting Office</a>, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>Red Hat Fedora Linux, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>Red Hat Linux, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="simple.html#AccountingOffice">Accounting Office</a>, <a class="indexterm" href="happy.html#id2573956">Samba Server Implementation</a>, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2616500">Implementation</a>, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>redirected folders, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>refereed standards, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>regedit, <a class="indexterm" href="simple.html#id2551974">Implementation</a></dt><dt>regedt32, <a class="indexterm" href="happy.html#id2572694">Profile Changes</a>, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>registry, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dd><dl><dt>keys</dt><dd><dl><dt>SAM, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>SECURITY, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt></dl></dd></dl></dd><dt>registry change, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>Registry Editor, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>registry hacks, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>registry keys, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>reimburse, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>rejected, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>rejoin, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>reliability, <a class="indexterm" href="HA.html">Performance, Reliability, and Availability</a></dt><dt>remote announce, <a class="indexterm" href="HA.html#id2619723">Routed Networks</a></dt><dt>remote browse sync, <a class="indexterm" href="HA.html#id2619723">Routed Networks</a></dt><dt>remote procedure call (see RPC)</dt><dt>replicate, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="HA.html#id2620524">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></dt><dt>replicated, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a></dt><dt>requesting payment, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>resilient, <a class="indexterm" href="HA.html#id2619492">Guidelines for Reliable Samba Operation</a></dt><dt>resolution, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a></dt><dt>resolve, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="HA.html#id2619531">Bad Hostnames</a></dt><dt>response, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>responsibility, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>responsible, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>restrict anonymous, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>restricted export, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>Restrictive security, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>reverse DNS, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a></dt><dt>rfc2307bis, <a class="indexterm" href="unixclients.html#id2596001">IDMAP and NSS Using LDAP from ADS with RFC2307bis Schema Extension</a></dt><dt>RID, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>risk, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>road-map, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dd><dl><dt>published, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></dd><dt>roaming profile, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a>, <a class="indexterm" href="happy.html#id2580918">Configuring Profile Directories</a>, <a class="indexterm" href="2000users.html#id2584178">User Needs</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>roaming profiles, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a></dt><dt>routed network, <a class="indexterm" href="HA.html#id2620323">Use and Location of BDCs</a></dt><dt>router, <a class="indexterm" href="small.html#id2555812">Implementation</a></dt><dt>routers, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="HA.html#id2619723">Routed Networks</a></dt><dt>RPC, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>rpc, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>rpcclient, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>RPM, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a>, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a></dt><dd><dl><dt>install, <a class="indexterm" href="simple.html#id2551082">Implementation</a></dt></dl></dd><dt>rpm, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a>, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>RPMs, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>rpms, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>rsync, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="HA.html#id2620524">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></dt><dt>rsyncd.conf, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>run-time control files, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt></dl></div><div class="indexdiv"><h3>S</h3><dl><dt>safe-guards, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>SAM, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>samba, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dd><dl><dt>starting samba, <a class="indexterm" href="simple.html#id2551082">Implementation</a></dt></dl></dd><dt>Samba, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>Samba accounts, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>samba cluster, <a class="indexterm" href="HA.html#id2618932">Introduction</a></dt><dt>samba control script, <a class="indexterm" href="appendix.html#id2622349">Starting Samba</a></dt><dt>Samba Domain, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>Samba Domain server, <a class="indexterm" href="kerberos.html#id2614727">Using the MMC Computer Management Interface</a></dt><dt>Samba RPM Packages, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a></dt><dt>Samba Tea, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>sambaDomainName, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>sambaGroupMapping, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>SambaSAMAccount, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a></dt><dt>SambaSamAccount, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>sambaSamAccount, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>SambaXP conference, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>SAN, <a class="indexterm" href="HA.html#id2620420">For Scalability, Use SAN-Based Storage on Samba Servers</a></dt><dt>SAS, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>scalability, <a class="indexterm" href="HA.html#id2618932">Introduction</a></dt><dt>scalable, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>schannel, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615399">Key Points Learned</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>schema, <a class="indexterm" href="unixclients.html#id2596001">IDMAP and NSS Using LDAP from ADS with RFC2307bis Schema Extension</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2600254">Samba-2.x with LDAP Support</a>, <a class="indexterm" href="upgrades.html#id2600580">Updating from Samba Versions between 3.0.6 and 3.0.10</a></dt><dt>scripts, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>secondary group, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>secret, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>secrets.tdb, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#sbeug1">Location of config files</a></dt><dt>secure, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>secure account password, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>secure connections, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>secure networking, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>secure networking protocols, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>security, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dd><dl><dt>identifier, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>share mode, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a></dt><dt>user mode, <a class="indexterm" href="simple.html#id2553821">Dissection and Discussion</a></dt></dl></dd><dt>Security, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2614727">Using the MMC Computer Management Interface</a></dt><dt>Security Account Manager (see SAM)</dt><dt>security controls, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>security descriptors, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>security fixes, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>security updates, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>SerNet, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>server</dt><dd><dl><dt>domain member, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>stand-alone, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt></dl></dd><dt>service, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dd><dl><dt>smb</dt><dd><dl><dt>start, <a class="indexterm" href="Big500users.html#ch5-domsvrspec">Configuration Specific to Domain Member Servers: BLDG1, BLDG2</a></dt></dl></dd></dl></dd><dt>Service Packs, <a class="indexterm" href="secure.html#ch4appscfg">Application Share Configuration</a></dt><dt>services, <a class="indexterm" href="DomApps.html#id2618352">Key Points Learned</a></dt><dt>services provided, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>session setup, <a class="indexterm" href="primer.html#id2627019">Simple Windows Client Connection Characteristics</a>, <a class="indexterm" href="primer.html#id2627521">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>Session Setup, <a class="indexterm" href="primer.html#id2627019">Simple Windows Client Connection Characteristics</a></dt><dt>SessionSetUpAndX, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>set primary group script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>setfacl, <a class="indexterm" href="kerberos.html#id2615189">Setting Posix ACLs in UNIX/Linux</a></dt><dt>severely degrade, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>SFU, <a class="indexterm" href="unixclients.html#id2596287">IDMAP, Active Directory, and MS Services for UNIX 3.5</a></dt><dt>SGID, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a>, <a class="indexterm" href="appendix.html#ch12-SUIDSGID">Effect of Setting File and Directory SUID/SGID Permissions Explained</a></dt><dt>shadow-utils, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>Share Access Controls, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>share ACLs, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>share definition, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>Share Definition</dt><dd><dl><dt>Controls, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt></dl></dd><dt>share definition controls, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>share level access controls, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>share level ACL, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>Share Permissions, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>shared resource, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615189">Setting Posix ACLs in UNIX/Linux</a></dt><dt>shares, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>SID, <a class="indexterm" href="secure.html#ch4wincfg">Windows Client Configuration</a>, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599120">Change of Workgroup (Domain) Name</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="appendix.html#id2622954">Initialization of the LDAP Database</a></dt><dt>side effects, <a class="indexterm" href="kerberos.html#id2614672">Managing Windows 200x ACLs</a></dt><dt>Sign'n'seal, <a class="indexterm" href="kerberos.html#id2615399">Key Points Learned</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>silent return, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>simple, <a class="indexterm" href="HA.html#id2619019">Dissection and Discussion</a></dt><dt>Single Sign-On (see SSO)</dt><dt>slapcat, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>slapd, <a class="indexterm" href="happy.html#id2573271">Debugging LDAP</a></dt><dt>slapd.conf, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>slave, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a></dt><dt>slow logon, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>slow network, <a class="indexterm" href="HA.html#id2620570">Hardware Problems</a></dt><dt>slurpd, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>smart printing, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>SMB, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>SMB passwords, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>SMB/CIFS, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>smbclient, <a class="indexterm" href="simple.html#validate1">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>smbd, <a class="indexterm" href="simple.html#validate1">Validation</a>, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#sbeug1">Location of config files</a>, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a>, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a>, <a class="indexterm" href="appendix.html#id2622349">Starting Samba</a></dt><dd><dl><dt>location of files, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt></dl></dd><dt>smbfs, <a class="indexterm" href="HA.html#id2619019">Dissection and Discussion</a></dt><dt>smbldap-groupadd, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>smbldap-groupmod, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>smbldap-passwd, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>smbldap-populate, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>smbldap-tools, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>smbldap-tools updating, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>smbldap-useradd, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>smbldap-usermod, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>smbmnt, <a class="indexterm" href="HA.html#id2619019">Dissection and Discussion</a></dt><dt>smbmount, <a class="indexterm" href="HA.html#id2619019">Dissection and Discussion</a></dt><dt>smbpasswd, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555593">Technical Issues</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a>, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="happy.html#sbehap-bldg1">Samba-3 BDC Configuration</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html">Updating Samba-3</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="DomApps.html">Integrating Additional Services</a></dt><dt>smbumnt, <a class="indexterm" href="HA.html#id2619019">Dissection and Discussion</a></dt><dt>smbumount, <a class="indexterm" href="HA.html#id2619019">Dissection and Discussion</a></dt><dt>SMTP, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a></dt><dt>snap-shot, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>socket address, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>socket options, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>software, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>solve, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>source code, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>SPNEGO, <a class="indexterm" href="primer.html#id2627521">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>SQL, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>Squid, <a class="indexterm" href="DomApps.html#id2616500">Implementation</a>, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a>, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a>, <a class="indexterm" href="DomApps.html#id2617956">Squid Configuration</a></dt><dt>squid, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a>, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>Squid proxy, <a class="indexterm" href="DomApps.html#id2616327">Technical Issues</a></dt><dt>SRVTOOLS.EXE, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="happy.html#id2580918">Configuring Profile Directories</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>SSL, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>stand-alone server, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>starting CUPS, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a>, <a class="indexterm" href="Big500users.html#ch5-procstart">Process Startup Configuration</a></dt><dt>starting dhcpd, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a>, <a class="indexterm" href="Big500users.html#ch5-procstart">Process Startup Configuration</a></dt><dt>starting samba, <a class="indexterm" href="simple.html#id2551082">Implementation</a>, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a>, <a class="indexterm" href="Big500users.html#ch5-procstart">Process Startup Configuration</a></dt><dd><dl><dt>nmbd, <a class="indexterm" href="appendix.html#id2622349">Starting Samba</a></dt><dt>smbd, <a class="indexterm" href="appendix.html#id2622349">Starting Samba</a></dt><dt>winbindd, <a class="indexterm" href="appendix.html#id2622349">Starting Samba</a></dt></dl></dd><dt>startingCUPS, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a></dt><dt>startup script, <a class="indexterm" href="appendix.html#id2622349">Starting Samba</a></dt><dt>sticky bit, <a class="indexterm" href="small.html#id2555812">Implementation</a></dt><dt>storage capacity, <a class="indexterm" href="secure.html#id2559155">Hardware Requirements</a></dt><dt>strategic, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>strategy, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>straw-man, <a class="indexterm" href="kerberos.html">Active Directory, Kerberos, and Security</a></dt><dt>strict sync, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>stripped, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a></dt><dt>strong cryptography, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>subscription, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>SUID, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a>, <a class="indexterm" href="appendix.html#ch12-SUIDSGID">Effect of Setting File and Directory SUID/SGID Permissions Explained</a></dt><dt>Sun ONE Identity Server, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>super daemon, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a></dt><dt>support, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a>, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>survey, <a class="indexterm" href="unixclients.html">Adding Domain Member Servers and Clients</a></dt><dt>SUSE, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>SUSE Enterprise Linux Server, <a class="indexterm" href="simple.html#id2551655">Charity Administration Office</a>, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="DomApps.html#id2616500">Implementation</a></dt><dt>SUSE Linux, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="happy.html#id2573956">Samba Server Implementation</a>, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2616500">Implementation</a>, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>SWAT, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>sync always, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>synchronization, <a class="indexterm" href="DomApps.html#id2616749">Kerberos Configuration</a>, <a class="indexterm" href="HA.html#id2620420">For Scalability, Use SAN-Based Storage on Samba Servers</a></dt><dt>synchronize, <a class="indexterm" href="2000users.html#id2584178">User Needs</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>synchronized, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>syslog, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>system level logins, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>system security, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></div><div class="indexdiv"><h3>T</h3><dl><dt>tattooing, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>TCP/IP, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>tdbdump, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>tdbsam, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="Big500users.html">The 500-User Office</a>, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="upgrades.html#id2600580">Updating from Samba Versions between 3.0.6 and 3.0.10</a>, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>testparm, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a>, <a class="indexterm" href="HA.html#id2619995">Samba Configuration</a></dt><dt>ticket, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>time server, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>Tivoli Directory Server, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>TLS, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>token, <a class="indexterm" href="DomApps.html#id2616327">Technical Issues</a></dt><dt>tool, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>TOSHARG2, <a class="indexterm" href="simple.html#id2551974">Implementation</a></dt><dt>track record, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>traffic collisions, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>transaction processing, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a></dt><dt>transactional, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>transfer, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>translate, <a class="indexterm" href="kerberos.html#id2614672">Managing Windows 200x ACLs</a></dt><dt>traverse, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a></dt><dt>tree, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a></dt><dt>Tree Connect, <a class="indexterm" href="primer.html#id2627019">Simple Windows Client Connection Characteristics</a></dt><dt>trust account, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a></dt><dt>trusted computing, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Trusted Domains, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>trusted domains, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>trusted third-party, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>trusting, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>turn-around time, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></div><div class="indexdiv"><h3>U</h3><dl><dt>UDP</dt><dd><dl><dt>broadcast, <a class="indexterm" href="HA.html#id2619723">Routed Networks</a></dt></dl></dd><dt>UID, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>un-join, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>unauthorized activities, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>UNC name, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>unencrypted, <a class="indexterm" href="appendix.html#id2623532">The LDAP Account Manager</a></dt><dt>Unicast, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>unicode, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt><dt>Universal Naming Convention (see UNC name)</dt><dt>UNIX, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dd><dl><dt>groups, <a class="indexterm" href="small.html#id2555593">Technical Issues</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a></dt></dl></dd><dt>UNIX accounts, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt><dt>UNIX/Linux server, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>unix2dos, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt><dt>unknown, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>unsupported software, <a class="indexterm" href="ch14.html#id2621220">Commercial Support</a></dt><dt>update, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a>, <a class="indexterm" href="upgrades.html#id2598223">Cautions and Notes</a></dt><dt>updates, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>updating smbldap-tools, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>upgrade, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a>, <a class="indexterm" href="upgrades.html#id2598223">Cautions and Notes</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>uppercase, <a class="indexterm" href="ntmigration.html#id2602011">Implementation</a></dt><dt>user</dt><dd><dl><dt>management, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt></dl></dd><dt>user account, <a class="indexterm" href="happy.html">Making Happy Users</a>, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>User and Group Controls, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>user credentials, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="unixclients.html#id2596338">UNIX/Linux Client Domain Member</a></dt><dt>user errors, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>user groups, <a class="indexterm" href="ch14.html#id2621002">Free Support</a></dt><dt>user identities, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a></dt><dt>user logins, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>user management, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>User Manager, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>User Mode, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="primer.html#id2627019">Simple Windows Client Connection Characteristics</a>, <a class="indexterm" href="primer.html#id2627521">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>useradd, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>userdel, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>usermod, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>username, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>username map, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a></dt><dt>UTF-8, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt><dt>utilities, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt></dl></div><div class="indexdiv"><h3>V</h3><dl><dt>valid users, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a>, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>validate, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>validated, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>validation, <a class="indexterm" href="simple.html#validate1">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>vampire, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>vendor, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>vendors, <a class="indexterm" href="upgrades.html#id2600436">Updating a Samba-3 Installation</a></dt><dt>VFS modules, <a class="indexterm" href="appendix.html#id2621928">Samba System File Location</a></dt><dt>virus, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>VPN, <a class="indexterm" href="2000users.html#id2583797">Assignment Tasks</a></dt><dt>vulnerabilities, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt></dl></div><div class="indexdiv"><h3>W</h3><dl><dt>wbinfo, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a></dt><dt>weakness, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>web</dt><dd><dl><dt>caching, <a class="indexterm" href="DomApps.html#id2616193">Assignment Tasks</a></dt><dt>proxying, <a class="indexterm" href="DomApps.html#id2616193">Assignment Tasks</a></dt></dl></dd><dt>Web</dt><dd><dl><dt>proxy, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dd><dl><dt>access, <a class="indexterm" href="DomApps.html#id2618352">Key Points Learned</a></dt></dl></dd></dl></dd><dt>Web browsers, <a class="indexterm" href="DomApps.html#id2618352">Key Points Learned</a></dt><dt>WebClient, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>WHATSNEW.txt, <a class="indexterm" href="upgrades.html#id2600254">Samba-2.x with LDAP Support</a></dt><dt>white-pages, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>wide-area, <a class="indexterm" href="2000users.html#id2584178">User Needs</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2588260">Key Points Learned</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a></dt><dt>wide-area network, <a class="indexterm" href="HA.html#id2620323">Use and Location of BDCs</a>, <a class="indexterm" href="HA.html#id2620524">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></dt><dt>winbind, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#id2589354">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2616327">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a>, <a class="indexterm" href="DomApps.html#id2617691">NSS Configuration</a></dt><dt>Winbind, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615399">Key Points Learned</a></dt><dt>winbind trusted domains only, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>winbind use default domain, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>winbindd, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a>, <a class="indexterm" href="upgrades.html#id2600658">Updating from Samba Versions after 3.0.6 to a Current Release</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2617139">Samba Configuration</a>, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a>, <a class="indexterm" href="appendix.html#id2622349">Starting Samba</a></dt><dt>winbindd_cache.tdb, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>winbindd_idmap.tdb, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>Windows, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dd><dl><dt>client, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>NT, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt></dl></dd><dt>Windows 2000 ACLs, <a class="indexterm" href="kerberos.html#id2614672">Managing Windows 200x ACLs</a></dt><dt>Windows 2003 Serve, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Windows 200x ACLs, <a class="indexterm" href="kerberos.html#id2615533">Questions and Answers</a></dt><dt>Windows accounts, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt><dt>Windows ACLs, <a class="indexterm" href="kerberos.html#id2615189">Setting Posix ACLs in UNIX/Linux</a></dt><dt>Windows Address Book, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>Windows ADS Domain, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a></dt><dt>Windows clients, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>Windows Explorer, <a class="indexterm" href="simple.html#validate1">Validation</a></dt><dt>Windows explorer, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>Windows security identifier (see SID)</dt><dt>Windows Servers, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Windows Services for UNIX (see SUS)</dt><dt>Windows XP, <a class="indexterm" href="small.html#id2555484">Assignment Tasks</a></dt><dt>WINS, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="small.html#id2555593">Technical Issues</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4wincfg">Windows Client Configuration</a>, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a>, <a class="indexterm" href="Big500users.html#ch5wincfg">Windows Client Configuration</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dd><dl><dt>lookup, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>name resolution, <a class="indexterm" href="HA.html#id2619723">Routed Networks</a></dt><dt>server, <a class="indexterm" href="happy.html">Making Happy Users</a>, <a class="indexterm" href="HA.html#id2619723">Routed Networks</a></dt></dl></dd><dt>WINS server, <a class="indexterm" href="Big500users.html">The 500-User Office</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>WINS serving, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>wins support, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>wins.dat, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a></dt><dt>Wireshark, <a class="indexterm" href="primer.html#id2625407">Requirements and Notes</a></dt><dt>wireshark, <a class="indexterm" href="primer.html#id2625745">Exercises</a></dt><dt>Word, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>workgroup, <a class="indexterm" href="simple.html#id2551082">Implementation</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599120">Change of Workgroup (Domain) Name</a></dt><dt>Workgroup Announcement, <a class="indexterm" href="primer.html#id2626658">Findings</a></dt><dt>workstation, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a></dt><dt>wrapper, <a class="indexterm" href="DomApps.html#id2618413">Questions and Answers</a></dt><dt>write lock, <a class="indexterm" href="appendix.html#id2625241">Opportunistic Locking Controls</a></dt></dl></div><div class="indexdiv"><h3>X</h3><dl><dt>xinetd, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a></dt><dt>XML, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a></dt><dt>xmlsam, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt></dl></div><div class="indexdiv"><h3>Y</h3><dl><dt>YaST, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></dt><dt>Yellow Pages, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>yellow pages (see NIS)</dt></dl></div></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="go01.html">Prev</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> </td></tr><tr><td width="40%" align="left" valign="top">Glossary </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> </td></tr></table></div></body></html> +<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Index</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="index.html" title="Samba-3 by Example"><link rel="prev" href="go01.html" title="Glossary"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Index</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="go01.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> </td></tr></table><hr></div><div class="index"><div class="titlepage"><div><div><h2 class="title"><a name="id2630895"></a>Index</h2></div></div></div><div class="index"><div class="indexdiv"><h3>Symbols</h3><dl><dt>%LOGONSERVER%, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>%USERNAME%, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a>, <a class="indexterm" href="happy.html#id2572694">Profile Changes</a></dt><dt>%USERPROFILE%, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>/data/ldap, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>/etc/cups/mime.convs, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a></dt><dt>/etc/cups/mime.types, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a></dt><dt>/etc/dhcpd.conf, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>/etc/exports, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a></dt><dt>/etc/group, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>/etc/hosts, <a class="indexterm" href="simple.html#id2551082">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a>, <a class="indexterm" href="HA.html#id2619568">Bad Hostnames</a></dt><dt>/etc/krb5.conf, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a>, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>/etc/ldap.conf, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a>, <a class="indexterm" href="unixclients.html#id2596001">IDMAP and NSS Using LDAP from ADS with RFC2307bis Schema Extension</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>/etc/mime.convs, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>/etc/mime.types, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>/etc/named.conf, <a class="indexterm" href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a></dt><dt>/etc/nsswitch.conf, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a>, <a class="indexterm" href="Big500users.html#ch5-domsvrspec">Configuration Specific to Domain Member Servers: BLDG1, BLDG2</a>, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="unixclients.html#id2596001">IDMAP and NSS Using LDAP from ADS with RFC2307bis Schema Extension</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>/etc/openldap/slapd.conf, <a class="indexterm" href="happy.html#id2573271">Debugging LDAP</a>, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>/etc/passwd, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a>, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a>, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a>, <a class="indexterm" href="primer.html#id2627280">Findings and Comments</a></dt><dt>/etc/rc.d/boot.local, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt><dt>/etc/rc.d/rc.local, <a class="indexterm" href="small.html#id2555812">Implementation</a></dt><dt>/etc/resolv.conf, <a class="indexterm" href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a></dt><dt>/etc/samba, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>/etc/samba/secrets.tdb, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>/etc/samba/smbusers, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a></dt><dt>/etc/shadow, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a></dt><dt>/etc/squid/squid.conf, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>/etc/syslog.conf, <a class="indexterm" href="happy.html#id2573271">Debugging LDAP</a></dt><dt>/etc/xinetd.d, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a>, <a class="indexterm" href="Big500users.html#ch5-procstart">Process Startup Configuration</a></dt><dt>/lib/libnss_ldap.so.2, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></dt><dt>/opt/IDEALX/sbin, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>/proc/sys/net/ipv4/ip_forward, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a></dt><dt>/usr/bin, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>/usr/lib/samba, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>/usr/local, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>/usr/local/samba, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>/usr/local/samba/var/locks, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a></dt><dt>/usr/sbin, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>/usr/share, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>/usr/share/samba/swat, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>/usr/share/swat, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>/var/cache/samba, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a></dt><dt>/var/lib/samba, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a>, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>/var/log/ldaplogs, <a class="indexterm" href="happy.html#id2573271">Debugging LDAP</a></dt><dt>/var/log/samba, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>8-bit, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt></dl></div><div class="indexdiv"><h3></h3><dl><dt>, <a class="indexterm" href="simple.html#id2551082">Implementation</a>, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="secure.html#ch4appscfg">Application Share Configuration</a>, <a class="indexterm" href="Big500users.html#id2565659">Implementation</a>, <a class="indexterm" href="happy.html#sbehap-ppc">Addition of Machines to the Domain</a>, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="happy.html#sbehap-bldg1">Samba-3 BDC Configuration</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#dcwonss">NT4/Samba Domain with Samba Domain Member Server without NSS Support</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a>, <a class="indexterm" href="unixclients.html#id2596001">IDMAP and NSS Using LDAP from ADS with RFC2307bis Schema Extension</a>, <a class="indexterm" href="upgrades.html#sbeug1">Location of config files</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="DomApps.html#id2617710">NSS Configuration</a></dt><dd><dl><dt>Domain account, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>liability, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>logon, <a class="indexterm" href="simple.html#id2551974">Implementation</a></dt><dt>problem, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>transparent inter-operability, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt></dl></dd></dl></div><div class="indexdiv"><h3>A</h3><dl><dt>abmas-netfw.sh, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a></dt><dt>accept, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a></dt><dt>accepts liability, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>access, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>access control, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a>, <a class="indexterm" href="kerberos.html#id2614736">Using the MMC Computer Management Interface</a></dt><dt>Access Control Lists (see ACLs)</dt><dt>access control settings, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>access controls, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>accessible, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>account, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dd><dl><dt>ADS Domain, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></dd><dt>account credentials, <a class="indexterm" href="primer.html#id2627280">Findings and Comments</a></dt><dt>account information, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>account names, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>account policies, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>accountable, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>accounts</dt><dd><dl><dt>authoritative, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>Domain, <a class="indexterm" href="ntmigration.html#id2601336">Introduction</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>group, <a class="indexterm" href="ntmigration.html#id2601336">Introduction</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>machine, <a class="indexterm" href="ntmigration.html#id2601336">Introduction</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>manage, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>user, <a class="indexterm" href="ntmigration.html#id2601336">Introduction</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt></dl></dd><dt>ACL, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>ACLs, <a class="indexterm" href="happy.html#id2583229">Key Points Learned</a>, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a>, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>acquisitions, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Act!, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>ACT! database, <a class="indexterm" href="appendix.html#id2625180">Act! Database Sharing</a></dt><dt>Act!Diag, <a class="indexterm" href="appendix.html#id2625180">Act! Database Sharing</a></dt><dt>Active Directory, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="happy.html#sbehap-locgrppol">The Local Group Policy</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#id2589319">Assignment Tasks</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2615408">Key Points Learned</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a>, <a class="indexterm" href="DomApps.html">Integrating Additional Services</a>, <a class="indexterm" href="DomApps.html#id2616202">Assignment Tasks</a>, <a class="indexterm" href="DomApps.html#id2616346">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a>, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt><dd><dl><dt>authentication, <a class="indexterm" href="DomApps.html#id2617976">Squid Configuration</a></dt><dt>domain, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>join, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>management tools, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>realm, <a class="indexterm" href="HA.html#id2619568">Bad Hostnames</a></dt><dt>Replacement, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>server, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>Server, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>tree, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt></dl></dd><dt>active directory, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>AD printer publishing, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>ADAM, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a></dt><dt>add group script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>add machine script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>Add Printer Wizard</dt><dd><dl><dt>APW, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt></dl></dd><dt>add user script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>add user to group script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>adduser, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt><dt>adequate precautions, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a></dt><dt>administrative installation, <a class="indexterm" href="secure.html#ch4appscfg">Application Share Configuration</a></dt><dt>administrative rights, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>administrator, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a></dt><dt>ADMT, <a class="indexterm" href="upgrades.html#id2601164">Migration of Samba Accounts to Active Directory</a></dt><dt>ADS, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a>, <a class="indexterm" href="HA.html#id2619568">Bad Hostnames</a></dt><dd><dl><dt>server, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></dd><dt>ADS Domain, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>affordability, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>alarm, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>algorithm, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>allow trusted domains, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>alternative, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>analysis, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>anonymous connection, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>Apache Web server, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>appliance mode, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>application server, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="secure.html#ch4appscfg">Application Share Configuration</a></dt><dt>application servers, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>application/octet-stream, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>APW, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>arp, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>assessment, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>assistance, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>assumptions, <a class="indexterm" href="HA.html#id2620859">Key Points Learned</a></dt><dt>authconfig, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></dt><dt>authenticate, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>authenticated, <a class="indexterm" href="DomApps.html#id2616202">Assignment Tasks</a></dt><dt>authenticated connection, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>authentication, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a>, <a class="indexterm" href="DomApps.html">Integrating Additional Services</a>, <a class="indexterm" href="DomApps.html#id2616346">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2617710">NSS Configuration</a>, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dd><dl><dt>plain-text, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt></dl></dd><dt>authentication process, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a></dt><dt>authentication protocols, <a class="indexterm" href="DomApps.html#id2618372">Key Points Learned</a></dt><dt>authoritative, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>authorized location, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>auto-generated SID, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>automatically allocate, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>availability, <a class="indexterm" href="HA.html">Performance, Reliability, and Availability</a></dt></dl></div><div class="indexdiv"><h3>B</h3><dl><dt>backends, <a class="indexterm" href="DomApps.html">Integrating Additional Services</a></dt><dt>background communication, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>Backup, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Backup Domain Controller (see BDC)</dt><dt>bandwidth, <a class="indexterm" href="DomApps.html#id2616202">Assignment Tasks</a></dt><dd><dl><dt>requirements, <a class="indexterm" href="2000users.html#id2584178">User Needs</a></dt></dl></dd><dt>bandwidth calculations, <a class="indexterm" href="secure.html#id2559155">Hardware Requirements</a></dt><dt>BDC, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a>, <a class="indexterm" href="happy.html">Making Happy Users</a>, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a>, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="happy.html#id2573956">Samba Server Implementation</a>, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="2000users.html#id2588260">Key Points Learned</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a>, <a class="indexterm" href="HA.html#id2620360">Use and Location of BDCs</a></dt><dt>benefit, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>best practices, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>bias, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>binary database, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>binary files, <a class="indexterm" href="upgrades.html#id2600436">Updating a Samba-3 Installation</a></dt><dt>binary package, <a class="indexterm" href="upgrades.html#id2600436">Updating a Samba-3 Installation</a></dt><dt>bind interfaces only, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>broadcast, <a class="indexterm" href="HA.html#id2619760">Routed Networks</a>, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dd><dl><dt>directed, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>mailslot, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt></dl></dd><dt>broadcast messages, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>broadcast storms, <a class="indexterm" href="HA.html#id2619933">Network Collisions</a></dt><dt>broken, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>broken behavior, <a class="indexterm" href="HA.html#id2619057">Dissection and Discussion</a></dt><dt>browse, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>browse master, <a class="indexterm" href="primer.html#id2626028">Findings</a></dt><dt>Browse Master, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dt>browse.dat, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a></dt><dt>Browser Election Service, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dt>browsing, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2616346">Technical Issues</a>, <a class="indexterm" href="primer.html#id2625652">Assignment Tasks</a></dt><dt>budgetted, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>bug fixes, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>bug report, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt></dl></div><div class="indexdiv"><h3>C</h3><dl><dt>cache, <a class="indexterm" href="appendix.html#id2625264">Opportunistic Locking Controls</a></dt><dt>cache directories, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>caching, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>case-sensitive, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>centralized storage, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>character set, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt><dt>check samba daemons, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>check-point, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>check-point controls, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>Checkpoint Controls, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>chgrp, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>chkconfig, <a class="indexterm" href="simple.html#id2551082">Implementation</a>, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a>, <a class="indexterm" href="Big500users.html#ch5-procstart">Process Startup Configuration</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>chmod, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>choice, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>chown, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>CIFS, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="primer.html#id2626028">Findings</a></dt><dt>cifsfs, <a class="indexterm" href="HA.html#id2619057">Dissection and Discussion</a></dt><dt>clean database, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>clients per DC, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>Clock skew, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>cluster, <a class="indexterm" href="HA.html#id2618959">Introduction</a></dt><dt>clustering, <a class="indexterm" href="HA.html#id2618959">Introduction</a>, <a class="indexterm" href="HA.html#id2620457">For Scalability, Use SAN-Based Storage on Samba Servers</a></dt><dt>code maintainer, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>codepage, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt><dt>collision rates, <a class="indexterm" href="HA.html#id2619933">Network Collisions</a></dt><dt>commercial, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>commercial software, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>commercial support, <a class="indexterm" href="ch14.html">Samba Support</a>, <a class="indexterm" href="ch14.html#id2621247">Commercial Support</a></dt><dt>Common Internet File System (see CIFS)</dt><dt>comparison</dt><dd><dl><dt>Active Directory & OpenLDAP, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt></dl></dd><dt>compat, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>compatible, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>compile-time, <a class="indexterm" href="upgrades.html#sbeug1">Location of config files</a></dt><dt>complexities, <a class="indexterm" href="HA.html#id2619057">Dissection and Discussion</a></dt><dt>compromise, <a class="indexterm" href="happy.html#id2571190">Introduction</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>computer account, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>Computer Management, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>computer name, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>condemns, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>conferences, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>configuration files, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a></dt><dt>configure.pl, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>connection, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>connectivity, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>consequential risk, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>consultant, <a class="indexterm" href="simple.html#id2550946">Drafting Office</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>consumer, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>consumer expects, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>contiguous directory, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>contributions, <a class="indexterm" href="upgrades.html">Updating Samba-3</a></dt><dt>control files, <a class="indexterm" href="upgrades.html#id2600436">Updating a Samba-3 Installation</a></dt><dt>convmv, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt><dt>copy, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>corrective action, <a class="indexterm" href="HA.html#id2620607">Hardware Problems</a></dt><dt>cost, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>cost-benefit, <a class="indexterm" href="nw4migration.html#id2606147">Assignment Tasks</a></dt><dt>country of origin, <a class="indexterm" href="ch14.html#id2621247">Commercial Support</a></dt><dt>Courier-IMAP, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>credential, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>credentials, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>crippled, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>criticism, <a class="indexterm" href="kerberos.html">Active Directory, Kerberos, and Security</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Critics, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>Cryptographic, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>CUPS, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="small.html#id2555593">Technical Issues</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="small.html#id2558030">Key Points Learned</a>, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a>, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dd><dl><dt>queue, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt></dl></dd><dt>cupsd, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a></dt><dt>customer expected, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>customers, <a class="indexterm" href="ch14.html">Samba Support</a></dt></dl></div><div class="indexdiv"><h3>D</h3><dl><dt>daemon, <a class="indexterm" href="simple.html#validate1">Validation</a>, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="DomApps.html#id2616346">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a>, <a class="indexterm" href="appendix.html#id2622376">Starting Samba</a></dt><dt>daemon control, <a class="indexterm" href="Big500users.html#ch5-procstart">Process Startup Configuration</a></dt><dt>data</dt><dd><dl><dt>corruption, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>integrity, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt></dl></dd><dt>data corruption, <a class="indexterm" href="HA.html#id2620607">Hardware Problems</a>, <a class="indexterm" href="appendix.html#id2625180">Act! Database Sharing</a></dt><dt>data integrity, <a class="indexterm" href="HA.html#id2620607">Hardware Problems</a>, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>data storage, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a></dt><dt>database, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a></dt><dt>database applications, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>DB_CONFIG, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>DCE, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>DDNS (see dynamic DNS)</dt><dt>Debian, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>default installation, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>default password, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>default profile, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt><dt>Default User, <a class="indexterm" href="happy.html#id2572694">Profile Changes</a>, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>defective</dt><dd><dl><dt>cables, <a class="indexterm" href="HA.html#id2620607">Hardware Problems</a></dt><dt>HUBs, <a class="indexterm" href="HA.html#id2620607">Hardware Problems</a></dt><dt>switches, <a class="indexterm" href="HA.html#id2620607">Hardware Problems</a></dt></dl></dd><dt>defects, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>defensible standards, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>defragmentation, <a class="indexterm" href="secure.html#ch4wincfg">Windows Client Configuration</a></dt><dt>delete group script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>delete user from group script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>delimiter, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>dependability, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>deployment, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>desired security setting, <a class="indexterm" href="kerberos.html#id2615198">Setting Posix ACLs in UNIX/Linux</a></dt><dt>development, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>DHCP, <a class="indexterm" href="small.html#id2555593">Technical Issues</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="small.html#id2558030">Key Points Learned</a>, <a class="indexterm" href="secure.html#ch4wincfg">Windows Client Configuration</a>, <a class="indexterm" href="Big500users.html#ch5wincfg">Windows Client Configuration</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dd><dl><dt>client, <a class="indexterm" href="HA.html#id2619568">Bad Hostnames</a></dt><dt>relay, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a></dt><dt>Relay Agent, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>request, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>requests, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a></dt><dt>servers, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>traffic, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt></dl></dd><dt>dhcp client validation, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>DHCP Server, <a class="indexterm" href="small.html#id2555812">Implementation</a></dt><dt>DHCP server, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a></dt><dt>diagnostic, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a></dt><dt>diffusion, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>digital rights, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>digital sign'n'seal, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>digits, <a class="indexterm" href="HA.html#id2619568">Bad Hostnames</a></dt><dt>diligence, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>directory, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#id2590032">Political Issues</a>, <a class="indexterm" href="upgrades.html#sbeug1">Location of config files</a></dt><dd><dl><dt>Computers container, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>management, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>People container, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>replication, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>schema, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>server, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt><dt>synchronization, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt></dl></dd><dt>directory tree, <a class="indexterm" href="kerberos.html#id2615198">Setting Posix ACLs in UNIX/Linux</a></dt><dt>disable, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>disaster recovery, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>disk image, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a></dt><dt>disruptive, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>distributed, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="HA.html#id2620507">Distribute Network Load with MSDFS</a></dt><dt>distributed domain, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>DMB, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dt>DMS, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a></dt><dt>DNS, <a class="indexterm" href="small.html#id2555593">Technical Issues</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="HA.html#id2619568">Bad Hostnames</a>, <a class="indexterm" href="HA.html#id2619760">Routed Networks</a>, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt><dd><dl><dt>configuration, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>Dynamic, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>dynamic, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt><dt>lookup, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>name lookup, <a class="indexterm" href="HA.html#id2619568">Bad Hostnames</a></dt><dt>SRV records, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>suffix, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt></dl></dd><dt>DNS server, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a></dt><dt>document the settings, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>documentation, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>documented, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>Domain, <a class="indexterm" href="small.html#id2555593">Technical Issues</a></dt><dd><dl><dt>groups, <a class="indexterm" href="small.html#id2555593">Technical Issues</a></dt></dl></dd><dt>domain</dt><dd><dl><dt>Active Directory, <a class="indexterm" href="DomApps.html#id2616346">Technical Issues</a></dt><dt>controller, <a class="indexterm" href="upgrades.html#id2600964">Replacing a Domain Controller</a></dt><dt>joining, <a class="indexterm" href="appendix.html">A Collection of Useful Tidbits</a></dt><dt>trusted, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt></dl></dd><dt>Domain accounts, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>Domain Administrator, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>Domain Controller, <a class="indexterm" href="small.html#id2558030">Key Points Learned</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a>, <a class="indexterm" href="HA.html#id2620360">Use and Location of BDCs</a></dt><dd><dl><dt>closest, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt></dl></dd><dt>domain controller, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>domain controllers, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>Domain Controllers, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>Domain Groups</dt><dd><dl><dt>well-known, <a class="indexterm" href="appendix.html#id2622975">Initialization of the LDAP Database</a></dt></dl></dd><dt>Domain join, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>domain master, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a>, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a></dt><dt>Domain Master Browser (see DMB)</dt><dt>Domain Member, <a class="indexterm" href="HA.html#id2620360">Use and Location of BDCs</a></dt><dd><dl><dt>authoritative</dt><dd><dl><dt>local accounts, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt></dl></dd><dt>client, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a></dt><dt>desktop, <a class="indexterm" href="unixclients.html#id2589266">Introduction</a></dt><dt>server, <a class="indexterm" href="unixclients.html#id2589266">Introduction</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>servers, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>workstations, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a></dt></dl></dd><dt>domain member</dt><dd><dl><dt>servers, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt></dl></dd><dt>Domain Member server, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>Domain Member servers, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>domain members, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>domain name space, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>domain replication, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>domain SID, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>Domain SID, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>domain tree, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>Domain User Manager, <a class="indexterm" href="happy.html#id2580918">Configuring Profile Directories</a></dt><dt>Domain users, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>DOS, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>dos2unix, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt><dt>down-grade, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a></dt><dt>drive letters, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>drive mapping, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>dumb printing, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a></dt><dt>dump, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>duplicate accounts, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a></dt><dt>dynamic DNS, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a></dt></dl></div><div class="indexdiv"><h3>E</h3><dl><dt>e-Directory, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a></dt><dt>Easy Software Products, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a></dt><dt>economically sustainable, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>eDirectory, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>education, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>election, <a class="indexterm" href="primer.html#id2626028">Findings</a></dt><dt>employment, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>enable, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a></dt><dt>encrypted, <a class="indexterm" href="primer.html#id2627280">Findings and Comments</a></dt><dt>encrypted password, <a class="indexterm" href="primer.html#id2627544">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>encrypted passwords, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>End User License Agreement (see EULA)</dt><dt>enumerating, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>essential, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>ethereal, <a class="indexterm" href="primer.html#id2625769">Exercises</a></dt><dt>Ethernet switch, <a class="indexterm" href="small.html#id2555593">Technical Issues</a></dt><dt>ethernet switch, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>EULA, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>Everyone, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>Excel, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>exclusive open, <a class="indexterm" href="appendix.html#id2625032">Microsoft Access</a></dt><dt>experiment, <a class="indexterm" href="kerberos.html">Active Directory, Kerberos, and Security</a></dt><dt>export, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>extent, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>External Domains, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>extreme demand, <a class="indexterm" href="HA.html#id2619530">Guidelines for Reliable Samba Operation</a></dt></dl></div><div class="indexdiv"><h3>F</h3><dl><dt>fail, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>fail-over, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>failed, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>failed join, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>failure, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>familiar, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>fatal problem, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>fear, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>fears, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>Fedora, <a class="indexterm" href="simple.html#id2550946">Drafting Office</a></dt><dt>FHS, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>file and print server, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>file and print service, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>file caching, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a>, <a class="indexterm" href="appendix.html#id2625264">Opportunistic Locking Controls</a></dt><dt>File Hierarchy System (see FHS)</dt><dt>file locations, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>file permissions, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>file server</dt><dd><dl><dt>read-only, <a class="indexterm" href="simple.html#id2551026">Dissection and Discussion</a></dt></dl></dd><dt>file servers, <a class="indexterm" href="happy.html#id2573956">Samba Server Implementation</a></dt><dt>file system, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dd><dl><dt>access control, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a></dt><dt>Ext3, <a class="indexterm" href="simple.html#id2551082">Implementation</a></dt><dt>permissions, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt></dl></dd><dt>file system security, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>filter, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>financial responsibility, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>firewall, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>fix, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>flaws, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>flexibility, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>flush</dt><dd><dl><dt>cache memory, <a class="indexterm" href="appendix.html#id2625264">Opportunistic Locking Controls</a></dt></dl></dd><dt>folder redirection, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>force group, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>force user, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>forced settings, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a></dt><dt>foreign, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>foreign SID, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>forwarded, <a class="indexterm" href="HA.html#id2619760">Routed Networks</a></dt><dt>foundation members, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>Free Standards Group (see FSG)</dt><dt>free support, <a class="indexterm" href="ch14.html">Samba Support</a>, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>front-end, <a class="indexterm" href="HA.html#id2619057">Dissection and Discussion</a></dt><dd><dl><dt>server, <a class="indexterm" href="HA.html#id2620507">Distribute Network Load with MSDFS</a></dt></dl></dd><dt>frustration, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a></dt><dt>FSG, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>FTP</dt><dd><dl><dt>proxy, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt></dl></dd><dt>full control, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a>, <a class="indexterm" href="kerberos.html#id2615027">Using MS Windows Explorer (File Manager)</a></dt><dt>fully qualified, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>functional differences, <a class="indexterm" href="upgrades.html#id2598223">Cautions and Notes</a></dt></dl></div><div class="indexdiv"><h3>G</h3><dl><dt>generation, <a class="indexterm" href="upgrades.html#id2598223">Cautions and Notes</a></dt><dt>Gentoo, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>getent, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="happy.html#sbehap-bldg1">Samba-3 BDC Configuration</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>getfacl, <a class="indexterm" href="kerberos.html#id2615198">Setting Posix ACLs in UNIX/Linux</a></dt><dt>getgrnam, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>getpwnam, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>getpwnam(), <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>GID, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>Goettingen, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>government, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>GPL, <a class="indexterm" href="secure.html#id2564111">Comments Regarding Software Terms of Use</a></dt><dt>group account, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>group management, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>group mapping, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>group membership, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>group names, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>group policies, <a class="indexterm" href="ntmigration.html#id2601336">Introduction</a></dt><dt>Group Policy, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt><dt>Group Policy editor, <a class="indexterm" href="happy.html#sbehap-locgrppol">The Local Group Policy</a></dt><dt>Group Policy Objects, <a class="indexterm" href="happy.html#sbehap-locgrppol">The Local Group Policy</a></dt><dt>groupadd, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>groupdel, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>groupmem, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>groupmod, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>GSS-API, <a class="indexterm" href="primer.html#id2627544">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>guest account, <a class="indexterm" href="primer.html#id2627280">Findings and Comments</a>, <a class="indexterm" href="primer.html#chap01conc">Dissection and Discussion</a>, <a class="indexterm" href="primer.html#id2628227">Technical Issues</a>, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt></dl></div><div class="indexdiv"><h3>H</h3><dl><dt>hackers, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>hardware prices, <a class="indexterm" href="HA.html#id2620607">Hardware Problems</a></dt><dt>hardware problems, <a class="indexterm" href="HA.html#id2620607">Hardware Problems</a></dt><dt>Heimdal, <a class="indexterm" href="DomApps.html#id2616520">Implementation</a>, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>Heimdal Kerberos, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>Heimdal kerberos, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a></dt><dt>help, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>helper agent, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>hesiod, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>hierarchy of control, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>high availability, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>hire, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>HKEY_CURRENT_USER, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a></dt><dt>HKEY_LOCAL_MACHINE, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>HKEY_LOCAL_USER, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>host announcement, <a class="indexterm" href="primer.html#id2625652">Assignment Tasks</a>, <a class="indexterm" href="primer.html#id2626681">Findings</a></dt><dt>hostname, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>hosts, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>HUB, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>Hybrid, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dt>hypothetical, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt></dl></div><div class="indexdiv"><h3>I</h3><dl><dt>Idealx, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dd><dl><dt>smbldap-tools, <a class="indexterm" href="happy.html#sbeidealx">Install and Configure Idealx smbldap-tools Scripts</a>, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt></dl></dd><dt>identifiers, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>identity, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dd><dl><dt>management, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt></dl></dd><dt>identity management, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#id2590032">Political Issues</a>, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a></dt><dt>Identity Management, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>Identity management, <a class="indexterm" href="unixclients.html#id2596338">UNIX/Linux Client Domain Member</a></dt><dt>Identity resolution, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2596338">UNIX/Linux Client Domain Member</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>Identity resolver, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>IDMAP, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>idmap backend, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>IDMAP backend, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>idmap gid, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>idmap uid, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>idmap_rid, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>IMAP, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a></dt><dt>import, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>income, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>independent expert, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>inetd, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a></dt><dt>inetOrgPerson, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a></dt><dt>inheritance, <a class="indexterm" href="kerberos.html#id2615198">Setting Posix ACLs in UNIX/Linux</a></dt><dt>initGrps.sh, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt><dt>initial credentials, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>inoperative, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>install, <a class="indexterm" href="upgrades.html">Updating Samba-3</a></dt><dt>installation, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>integrate, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>integrity, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>inter-domain, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>inter-operability, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615408">Key Points Learned</a>, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>interactive help, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>interdomain trusts, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>interfaces, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>intermittent, <a class="indexterm" href="HA.html#id2620607">Hardware Problems</a></dt><dt>internationalization, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt><dt>Internet Explorer, <a class="indexterm" href="DomApps.html#id2616346">Technical Issues</a></dt><dt>Internet Information Server, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>interoperability, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>IP forwarding, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt><dt>IPC$, <a class="indexterm" href="primer.html#id2627280">Findings and Comments</a></dt><dt>iptables, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a></dt><dt>IRC, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>isolated, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Italian, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt></dl></div><div class="indexdiv"><h3>J</h3><dl><dt>jobs, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>joining a domain, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt></dl></div><div class="indexdiv"><h3>K</h3><dl><dt>KDC, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>Kerberos, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615408">Key Points Learned</a>, <a class="indexterm" href="DomApps.html#id2616346">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2616520">Implementation</a>, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dd><dl><dt>Heimdal, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>interoperability, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>libraries, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>MIT, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>unspecified fields, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt></dl></dd><dt>kerberos, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dd><dl><dt>server, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt></dl></dd><dt>Kerberos ticket, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>kinit, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>Kixtart, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>klist, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>krb5, <a class="indexterm" href="DomApps.html#id2616520">Implementation</a></dt><dt>krb5.conf, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt></dl></div><div class="indexdiv"><h3>L</h3><dl><dt>LAM, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dd><dl><dt>configuration editor, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>configuration file, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>login screen, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>opening screen, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>profile, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>wizard, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt></dl></dd><dt>large domain, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>LDAP, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a>, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a>, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#id2573037">Preliminary Advice: Dangers Can Be Avoided</a>, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="2000users.html#id2583767">Introduction</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="2000users.html#id2588260">Key Points Learned</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2601421">Assignment Tasks</a>, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dd><dl><dt>backend, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>database, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="appendix.html#altldapcfg">Alternative LDAP Database Initialization</a></dt><dt>directory, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>fail-over, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>initial configuration, <a class="indexterm" href="appendix.html#altldapcfg">Alternative LDAP Database Initialization</a></dt><dt>master, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>master/slave</dt><dd><dl><dt>background communication, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt></dl></dd><dt>preload, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>schema, <a class="indexterm" href="upgrades.html#id2600580">Updating from Samba Versions between 3.0.6 and 3.0.10</a></dt><dt>secure, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt><dt>server, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>slave, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>updates, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt></dl></dd><dt>ldap, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>LDAP Account Manager (see LAM)</dt><dt>LDAP backend, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>LDAP database, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>LDAP Interchange Format (see LDIF)</dt><dt>LDAP server, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>LDAP-transfer-LDIF.txt, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>ldap.conf, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>ldapadd, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>ldapsam, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="upgrades.html#id2600580">Updating from Samba Versions between 3.0.6 and 3.0.10</a>, <a class="indexterm" href="ntmigration.html#id2601421">Assignment Tasks</a>, <a class="indexterm" href="DomApps.html">Integrating Additional Services</a></dt><dt>ldapsam backend, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>ldapsearch, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>LDIF, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="appendix.html#id2622975">Initialization of the LDAP Database</a></dt><dt>leadership, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>Lightweight Directory Access Protocol (see LDAP)</dt><dt>limit, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>Linux desktop, <a class="indexterm" href="unixclients.html#id2589266">Introduction</a></dt><dt>Linux Standards Base (see LSB)</dt><dt>LMB, <a class="indexterm" href="primer.html#id2626028">Findings</a>, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dt>LMHOSTS, <a class="indexterm" href="HA.html#id2619760">Routed Networks</a></dt><dt>load distribution, <a class="indexterm" href="HA.html#id2620457">For Scalability, Use SAN-Based Storage on Samba Servers</a></dt><dt>local accounts, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>Local Group Policy, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a></dt><dt>Local Master Announcement, <a class="indexterm" href="primer.html#id2626681">Findings</a></dt><dt>Local Master Browser (see LMB)</dt><dt>localhost, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="HA.html#id2619568">Bad Hostnames</a></dt><dt>lock directory, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a></dt><dt>locking</dt><dd><dl><dt>Application level, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>Client side, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>Server side, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt></dl></dd><dt>logging, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>login, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a></dt><dt>loglevel, <a class="indexterm" href="happy.html#id2573271">Debugging LDAP</a></dt><dt>logon credentials, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>logon hours, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615408">Key Points Learned</a></dt><dt>logon machines, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>logon path, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>logon process, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a></dt><dt>logon scrip, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a></dt><dt>logon script, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#id2581163">Preparation of Logon Scripts</a>, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>logon server, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>logon services, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>logon time, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a></dt><dt>logon traffic, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>logon.kix, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>loopback, <a class="indexterm" href="simple.html#validate1">Validation</a></dt><dt>low performance, <a class="indexterm" href="HA.html#id2620607">Hardware Problems</a></dt><dt>lower-case, <a class="indexterm" href="ntmigration.html#id2602011">Implementation</a></dt><dt>lpadmin, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>LSB, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt></dl></div><div class="indexdiv"><h3>M</h3><dl><dt>machine, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>machine account, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a></dt><dt>machine accounts, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>machine secret password, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a></dt><dt>MACHINE.SID, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>mailing list, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>mailing lists, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>managed, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>management, <a class="indexterm" href="unixclients.html#id2590032">Political Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dd><dl><dt>group, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>User, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></dd><dt>mandatory profile, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#id2580918">Configuring Profile Directories</a></dt><dt>Mandrake, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>mapped drives, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>mapping, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dd><dl><dt>consistent, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt></dl></dd><dt>Mars_NWE, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>master, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a></dt><dt>material, <a class="indexterm" href="appendix.html">A Collection of Useful Tidbits</a></dt><dt>memberUID, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>memory requirements, <a class="indexterm" href="secure.html#id2559155">Hardware Requirements</a></dt><dt>merge, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>merged, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>meta-directory, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>meta-service, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>Microsoft Access, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>Microsoft Excel, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt><dt>Microsoft ISA, <a class="indexterm" href="DomApps.html#id2616202">Assignment Tasks</a></dt><dt>Microsoft Management Console (see MMC)</dt><dt>Microsoft Office, <a class="indexterm" href="secure.html#ch4appscfg">Application Share Configuration</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>Microsoft Outlook</dt><dd><dl><dt>PST files, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt></dl></dd><dt>migrate, <a class="indexterm" href="upgrades.html">Updating Samba-3</a>, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>migration, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a>, <a class="indexterm" href="ntmigration.html#id2601336">Introduction</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dd><dl><dt>objectives, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt></dl></dd><dt>Migration speed, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>mime type, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>mime types, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a></dt><dt>missing RPC's, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>MIT, <a class="indexterm" href="DomApps.html#id2616520">Implementation</a>, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>MIT Kerberos, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>MIT kerberos, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a></dt><dt>MIT KRB5, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>mixed mode, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>mixed-mode, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>MMC, <a class="indexterm" href="happy.html#id2582477">Configure Delete Cached Profiles on Logout</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>mobile computing, <a class="indexterm" href="small.html#id2555545">Dissection and Discussion</a></dt><dt>mobility, <a class="indexterm" href="2000users.html#id2584139">Technical Issues</a></dt><dt>modularization, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>modules, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>MS Access</dt><dd><dl><dt>validate, <a class="indexterm" href="appendix.html#id2625032">Microsoft Access</a></dt></dl></dd><dt>MS Outlook, <a class="indexterm" href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></dt><dd><dl><dt>PST, <a class="indexterm" href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></dt><dt>PST file, <a class="indexterm" href="happy.html">Making Happy Users</a></dt></dl></dd><dt>MS Windows Server 2003, <a class="indexterm" href="DomApps.html#id2616520">Implementation</a></dt><dt>MS Word, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>MSDFS, <a class="indexterm" href="HA.html#id2620507">Distribute Network Load with MSDFS</a></dt><dt>multi-subnet, <a class="indexterm" href="HA.html#id2619760">Routed Networks</a></dt><dt>multi-user</dt><dd><dl><dt>access, <a class="indexterm" href="appendix.html#id2625032">Microsoft Access</a></dt><dt>data access, <a class="indexterm" href="appendix.html#ch12dblck">Shared Data Integrity</a></dt></dl></dd><dt>multiple directories, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>multiple domain controllers, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>multiple group mappings, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>mutual assistance, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>My Documents, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a></dt><dt>My Network Places, <a class="indexterm" href="simple.html#id2551974">Implementation</a></dt><dt>mysqlsam, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt></dl></div><div class="indexdiv"><h3>N</h3><dl><dt>name resolution, <a class="indexterm" href="secure.html#ch4dhcpdns">Configuration of DHCP and DNS Servers</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="primer.html#id2625652">Assignment Tasks</a></dt><dd><dl><dt>Defective, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt></dl></dd><dt>name resolve order, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>name service switch, <a class="indexterm" href="small.html#id2555812">Implementation</a> (see NSS)</dt><dt>named, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a></dt><dt>NAT, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a></dt><dt>native, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>net</dt><dd><dl><dt>ads</dt><dd><dl><dt>info, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>join, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>status, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt></dl></dd><dt>getlocalsid, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>group, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a></dt><dt>groupmap</dt><dd><dl><dt>add, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a></dt><dt>list, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>modify, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a></dt></dl></dd><dt>rpc</dt><dd><dl><dt>info, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>join, <a class="indexterm" href="Big500users.html#ch5-domsvrspec">Configuration Specific to Domain Member Servers: BLDG1, BLDG2</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#dcwonss">NT4/Samba Domain with Samba Domain Member Server without NSS Support</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a></dt><dt>vampire, <a class="indexterm" href="upgrades.html">Updating Samba-3</a>, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a></dt></dl></dd><dt>setlocalsid, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt></dl></dd><dt>NetBIOS, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="HA.html#id2619568">Bad Hostnames</a>, <a class="indexterm" href="HA.html#id2619760">Routed Networks</a>, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dd><dl><dt>name cache, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>name resolution</dt><dd><dl><dt>delays, <a class="indexterm" href="happy.html">Making Happy Users</a></dt></dl></dd><dt>Node Type, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt></dl></dd><dt>netbios</dt><dd><dl><dt>machine name, <a class="indexterm" href="upgrades.html#id2599055">Change of hostname</a></dt></dl></dd><dt>netbios forwarding, <a class="indexterm" href="HA.html#id2619933">Network Collisions</a></dt><dt>NetBIOS name, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dd><dl><dt>aliases, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt></dl></dd><dt>netbios name, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599055">Change of hostname</a>, <a class="indexterm" href="HA.html#id2619568">Bad Hostnames</a></dt><dt>NETLOGON, <a class="indexterm" href="happy.html#id2572788">Using a Network Default User Profile</a>, <a class="indexterm" href="happy.html#id2581407">Windows Client Configuration</a></dt><dt>netlogon, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>Netlogon, <a class="indexterm" href="appendix.html#domjoin">Joining a Domain: Windows 200x/XP Professional</a></dt><dt>netmask, <a class="indexterm" href="simple.html#id2551082">Implementation</a></dt><dt>Netware, <a class="indexterm" href="small.html">Small Office Networking</a></dt><dt>NetWare, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>network</dt><dd><dl><dt>administrators, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>analyzer, <a class="indexterm" href="primer.html#id2625652">Assignment Tasks</a></dt><dt>bandwidth, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>broadcast, <a class="indexterm" href="primer.html#id2625592">Introduction</a></dt><dt>captures, <a class="indexterm" href="primer.html#id2625430">Requirements and Notes</a></dt><dt>collisions, <a class="indexterm" href="HA.html#id2619933">Network Collisions</a></dt><dt>load, <a class="indexterm" href="HA.html#id2619933">Network Collisions</a></dt><dt>logon, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>logon scripts, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>management, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>multi-segment, <a class="indexterm" href="happy.html#id2571190">Introduction</a></dt><dt>overload, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>performance, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>routed, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a></dt><dt>secure, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>segment, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>services, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>sniffer, <a class="indexterm" href="primer.html#id2625430">Requirements and Notes</a></dt><dt>timeout, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>timeouts, <a class="indexterm" href="HA.html#id2619933">Network Collisions</a></dt><dt>trace, <a class="indexterm" href="primer.html#id2625652">Assignment Tasks</a></dt><dt>traffic</dt><dd><dl><dt>observation, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></dd><dt>wide-area, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a></dt></dl></dd><dt>Network Address Translation (see NAT)</dt><dt>network administrators, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>network attached storage (see NAS)</dt><dt>network bandwidth</dt><dd><dl><dt>utilization, <a class="indexterm" href="happy.html">Making Happy Users</a></dt></dl></dd><dt>Network Default Profile, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a></dt><dt>network hardware</dt><dd><dl><dt>defective, <a class="indexterm" href="happy.html">Making Happy Users</a></dt></dl></dd><dt>network hygiene, <a class="indexterm" href="HA.html#id2619057">Dissection and Discussion</a></dt><dt>network Identities, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>network load factors, <a class="indexterm" href="Big500users.html#id2565398">Dissection and Discussion</a></dt><dt>Network Neighborhood, <a class="indexterm" href="simple.html#validate1">Validation</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>network segment, <a class="indexterm" href="HA.html#id2620360">Use and Location of BDCs</a></dt><dt>network segments, <a class="indexterm" href="secure.html#id2559155">Hardware Requirements</a></dt><dt>network share, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a></dt><dt>networking</dt><dd><dl><dt>client, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt></dl></dd><dt>networking hardware</dt><dd><dl><dt>defective, <a class="indexterm" href="happy.html">Making Happy Users</a></dt></dl></dd><dt>networking protocols, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>next generation, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>NextFreeUnixId, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>NFS server, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a></dt><dt>NICs, <a class="indexterm" href="HA.html#id2620607">Hardware Problems</a></dt><dt>NIS, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2590032">Political Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>nis, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>NIS schema, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>NIS server, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>NIS+, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>nisplus, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>NLM, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>nmap, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>nmbd, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a>, <a class="indexterm" href="appendix.html#id2622376">Starting Samba</a></dt><dt>nobody, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a>, <a class="indexterm" href="primer.html#id2627280">Findings and Comments</a></dt><dt>Novell, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a>, <a class="indexterm" href="nw4migration.html#id2606030">Introduction</a></dt><dt>Novell SUSE SLES 9, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>NSS, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="unixclients.html#id2596338">UNIX/Linux Client Domain Member</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="DomApps.html#id2617710">NSS Configuration</a> (see same service switch)</dt><dt>nss_ldap, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a>, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#id2596001">IDMAP and NSS Using LDAP from ADS with RFC2307bis Schema Extension</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>nt acl support, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a></dt><dt>NT4 registry, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>NTLM, <a class="indexterm" href="DomApps.html#id2616346">Technical Issues</a></dt><dt>NTLM authentication daemon, <a class="indexterm" href="DomApps.html#id2616346">Technical Issues</a></dt><dt>NTLMSSP, <a class="indexterm" href="DomApps.html#id2618372">Key Points Learned</a>, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a>, <a class="indexterm" href="primer.html#id2627544">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>NTLMSSP_AUTH, <a class="indexterm" href="primer.html#id2627544">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>ntlm_auth, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a>, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>NTP, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>NTUSER.DAT, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a>, <a class="indexterm" href="happy.html#id2572694">Profile Changes</a>, <a class="indexterm" href="happy.html#id2572788">Using a Network Default User Profile</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>NULL connection, <a class="indexterm" href="simple.html#validate1">Validation</a></dt><dt>NULL session, <a class="indexterm" href="primer.html#id2627280">Findings and Comments</a></dt><dt>NULL-Session, <a class="indexterm" href="primer.html#id2628081">Discussion</a></dt></dl></div><div class="indexdiv"><h3>O</h3><dl><dt>objectClass, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>off-site storage, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Open Magazine, <a class="indexterm" href="unixclients.html">Adding Domain Member Servers and Clients</a></dt><dt>Open Source, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>OpenLDAP, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="unixclients.html#id2590032">Political Issues</a>, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615408">Key Points Learned</a>, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>openldap, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>OpenOffice, <a class="indexterm" href="secure.html#ch4appscfg">Application Share Configuration</a></dt><dt>operating profiles, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>oplock break, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a></dt><dt>oplocks, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>Oplocks</dt><dd><dl><dt>disabled, <a class="indexterm" href="appendix.html#id2625264">Opportunistic Locking Controls</a></dt></dl></dd><dt>opportunistic</dt><dd><dl><dt>locking, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a></dt></dl></dd><dt>opportunistic locking, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a>, <a class="indexterm" href="appendix.html#id2625180">Act! Database Sharing</a></dt><dt>optimized, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>organizational units, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>OS/2, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>Outlook</dt><dd><dl><dt>PST, <a class="indexterm" href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></dt></dl></dd><dt>Outlook Address Book, <a class="indexterm" href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></dt><dt>Outlook Express, <a class="indexterm" href="secure.html#id2559309">Political Issues</a>, <a class="indexterm" href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></dt><dt>over-ride, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>over-ride controls, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a></dt><dt>over-rule, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a>, <a class="indexterm" href="kerberos.html#id2615027">Using MS Windows Explorer (File Manager)</a></dt><dt>overheads, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a></dt><dt>ownership, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt></dl></div><div class="indexdiv"><h3>P</h3><dl><dt>package, <a class="indexterm" href="simple.html#id2551082">Implementation</a></dt><dt>package names, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>packages, <a class="indexterm" href="upgrades.html#id2600436">Updating a Samba-3 Installation</a></dt><dt>PADL, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a></dt><dt>PADL LDAP tools, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt><dt>PADL Software, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>paid-for support, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>PAM, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="unixclients.html#id2596338">UNIX/Linux Client Domain Member</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>pam_ldap, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>pam_ldap.so, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></dt><dt>pam_unix2.so, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></dt><dd><dl><dt>use_ldap, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></dt></dl></dd><dt>parameters, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>passdb backend, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="Big500users.html">The 500-User Office</a>, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html">Updating Samba-3</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="upgrades.html#id2600580">Updating from Samba Versions between 3.0.6 and 3.0.10</a>, <a class="indexterm" href="ntmigration.html#id2601421">Assignment Tasks</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>passdb.tdb, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>passwd, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a></dt><dt>password</dt><dd><dl><dt>backend, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt></dl></dd><dt>password caching, <a class="indexterm" href="simple.html#id2551974">Implementation</a></dt><dt>password change, <a class="indexterm" href="kerberos.html#id2615408">Key Points Learned</a></dt><dt>password length, <a class="indexterm" href="primer.html#id2627042">Simple Windows Client Connection Characteristics</a>, <a class="indexterm" href="primer.html#id2627544">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>payroll, <a class="indexterm" href="nw4migration.html#id2606030">Introduction</a></dt><dt>pdbedit, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="happy.html#sbehap-bldg1">Samba-3 BDC Configuration</a>, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>PDC, <a class="indexterm" href="Big500users.html#id2565292">Assignment Tasks</a>, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a>, <a class="indexterm" href="happy.html">Making Happy Users</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#sbehap-locgrppol">The Local Group Policy</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2602011">Implementation</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a>, <a class="indexterm" href="ntmigration.html#id2604610">NT4 Migration Using tdbsam Backend</a>, <a class="indexterm" href="HA.html#id2620360">Use and Location of BDCs</a></dt><dt>PDC/BDC ratio, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>PDF, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>performance, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a>, <a class="indexterm" href="HA.html">Performance, Reliability, and Availability</a>, <a class="indexterm" href="HA.html#id2618959">Introduction</a>, <a class="indexterm" href="HA.html#id2619933">Network Collisions</a></dt><dt>performance degradation, <a class="indexterm" href="kerberos.html#id2614108">Override Controls</a>, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>Perl, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>permission, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>permissions, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a>, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dd><dl><dt>excessive, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>group, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>user, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt></dl></dd><dt>Permissions, <a class="indexterm" href="kerberos.html#id2614736">Using the MMC Computer Management Interface</a></dt><dt>permits, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>permitted group, <a class="indexterm" href="kerberos.html#id2614736">Using the MMC Computer Management Interface</a></dt><dt>PHP, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>PHP4, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>pile-driver, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>ping, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>pitfalls, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>plain-text, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>Pluggable Authentication Modules (see PAM)</dt><dt>policy, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>poor performance, <a class="indexterm" href="HA.html#id2619057">Dissection and Discussion</a></dt><dt>POP3, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a></dt><dt>Posix, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="ntmigration.html#id2602011">Implementation</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>POSIX, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>Posix accounts, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>Posix ACLs, <a class="indexterm" href="kerberos.html#id2614682">Managing Windows 200x ACLs</a></dt><dt>PosixAccount, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>posixAccount, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>Postfix, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>Postscript, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a></dt><dt>powers, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>practices, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>precaution, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a></dt><dt>presence and leadership, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>price paid, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>primary group, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>principals, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>print filter, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>print queue, <a class="indexterm" href="simple.html#id2551655">Charity Administration Office</a>, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a></dt><dt>print spooler, <a class="indexterm" href="simple.html#id2551655">Charity Administration Office</a></dt><dt>Print Test Page, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>printcap name, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>printer validation, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a></dt><dt>printers</dt><dd><dl><dt>Advanced, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>Default Settings, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>General, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>Properties, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>Security, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>Sharing, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt></dl></dd><dt>printing, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dd><dl><dt>drag-and-drop, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a>, <a class="indexterm" href="happy.html#id2582657">Uploading Printer Drivers to Samba Servers</a></dt><dt>dumb, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a></dt><dt>point-n-click, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a></dt><dt>raw, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a></dt></dl></dd><dt>privacy, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>Privilege Attribute Certificates (see PAC)</dt><dt>privilege controls, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>privileged pipe, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>privileges, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="upgrades.html#id2600658">Updating from Samba Versions after 3.0.6 to a Current Release</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt><dt>problem report, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>problem resolution, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>product defects, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>professional support, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>profile</dt><dd><dl><dt>default, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a></dt><dt>mandatory, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>roaming, <a class="indexterm" href="happy.html">Making Happy Users</a></dt></dl></dd><dt>profile path, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>profile share, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>profiles, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>profiles share, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>programmer, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>project, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>project maintainers, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>Properties, <a class="indexterm" href="kerberos.html#id2614736">Using the MMC Computer Management Interface</a></dt><dt>proprietary, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>protected, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>protection, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>protocol</dt><dd><dl><dt>negotiation, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt></dl></dd><dt>protocol analysis, <a class="indexterm" href="primer.html#id2625430">Requirements and Notes</a></dt><dt>protocols, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>provided services, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>proxy, <a class="indexterm" href="DomApps.html#id2616202">Assignment Tasks</a>, <a class="indexterm" href="DomApps.html#id2616346">Technical Issues</a></dt><dt>PST file, <a class="indexterm" href="happy.html#id2582162">Configuration of MS Outlook to Relocate PST File</a></dt><dt>public specifications, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>purchase support, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt></dl></div><div class="indexdiv"><h3>Q</h3><dl><dt>Qbasic, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>qualified problem, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt></dl></div><div class="indexdiv"><h3>R</h3><dl><dt>RAID, <a class="indexterm" href="secure.html#id2559155">Hardware Requirements</a></dt><dt>RAID controllers, <a class="indexterm" href="HA.html#id2620607">Hardware Problems</a></dt><dt>Raw Print Through, <a class="indexterm" href="happy.html#id2572847">Installation of Printer Driver Auto-Download</a></dt><dt>raw printing, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4ptrcfg">Printer Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="happy.html#sbehap-ptrcfg">Printer Configuration</a></dt><dt>Rbase, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>rcldap, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>realm, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="unixclients.html#id2595406">IDMAP Storage in LDAP using Winbind</a>, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>recognize, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>record locking, <a class="indexterm" href="appendix.html#id2625032">Microsoft Access</a></dt><dt>recursively, <a class="indexterm" href="kerberos.html#id2615198">Setting Posix ACLs in UNIX/Linux</a></dt><dt>Red Hat, <a class="indexterm" href="simple.html#id2550946">Drafting Office</a>, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>Red Hat Fedora Linux, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>Red Hat Linux, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="simple.html#AccountingOffice">Accounting Office</a>, <a class="indexterm" href="happy.html#id2573956">Samba Server Implementation</a>, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2616520">Implementation</a>, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>redirected folders, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>refereed standards, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>regedit, <a class="indexterm" href="simple.html#id2551974">Implementation</a></dt><dt>regedt32, <a class="indexterm" href="happy.html#id2572694">Profile Changes</a>, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>registry, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dd><dl><dt>keys</dt><dd><dl><dt>SAM, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>SECURITY, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt></dl></dd></dl></dd><dt>registry change, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>Registry Editor, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>registry hacks, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>registry keys, <a class="indexterm" href="happy.html#redirfold">Configuration of Default Profile with Folder Redirection</a></dt><dt>reimburse, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>rejected, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>rejoin, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>reliability, <a class="indexterm" href="HA.html">Performance, Reliability, and Availability</a></dt><dt>remote announce, <a class="indexterm" href="HA.html#id2619760">Routed Networks</a></dt><dt>remote browse sync, <a class="indexterm" href="HA.html#id2619760">Routed Networks</a></dt><dt>remote procedure call (see RPC)</dt><dt>replicate, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="HA.html#id2620562">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></dt><dt>replicated, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a></dt><dt>requesting payment, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>resilient, <a class="indexterm" href="HA.html#id2619530">Guidelines for Reliable Samba Operation</a></dt><dt>resolution, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a></dt><dt>resolve, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="HA.html#id2619568">Bad Hostnames</a></dt><dt>response, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a></dt><dt>responsibility, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>responsible, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>restrict anonymous, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>restricted export, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>Restrictive security, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>reverse DNS, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a></dt><dt>rfc2307bis, <a class="indexterm" href="unixclients.html#id2596001">IDMAP and NSS Using LDAP from ADS with RFC2307bis Schema Extension</a></dt><dt>RID, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>risk, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>road-map, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dd><dl><dt>published, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></dd><dt>roaming profile, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a>, <a class="indexterm" href="happy.html#id2580918">Configuring Profile Directories</a>, <a class="indexterm" href="2000users.html#id2584178">User Needs</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>roaming profiles, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="happy.html#id2572394">Roaming Profile Background</a></dt><dt>routed network, <a class="indexterm" href="HA.html#id2620360">Use and Location of BDCs</a></dt><dt>router, <a class="indexterm" href="small.html#id2555812">Implementation</a></dt><dt>routers, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="HA.html#id2619760">Routed Networks</a></dt><dt>RPC, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>rpc, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>rpcclient, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>RPM, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a>, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a></dt><dd><dl><dt>install, <a class="indexterm" href="simple.html#id2551082">Implementation</a></dt></dl></dd><dt>rpm, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a>, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>RPMs, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>rpms, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>rsync, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="HA.html#id2620562">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></dt><dt>rsyncd.conf, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>run-time control files, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt></dl></div><div class="indexdiv"><h3>S</h3><dl><dt>safe-guards, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>SAM, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>samba, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dd><dl><dt>starting samba, <a class="indexterm" href="simple.html#id2551082">Implementation</a></dt></dl></dd><dt>Samba, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>Samba accounts, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>samba cluster, <a class="indexterm" href="HA.html#id2618959">Introduction</a></dt><dt>samba control script, <a class="indexterm" href="appendix.html#id2622376">Starting Samba</a></dt><dt>Samba Domain, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>Samba Domain server, <a class="indexterm" href="kerberos.html#id2614736">Using the MMC Computer Management Interface</a></dt><dt>Samba RPM Packages, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a></dt><dt>Samba Tea, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>sambaDomainName, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>sambaGroupMapping, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>SambaSAMAccount, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a></dt><dt>SambaSamAccount, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>sambaSamAccount, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>SambaXP conference, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>SAN, <a class="indexterm" href="HA.html#id2620457">For Scalability, Use SAN-Based Storage on Samba Servers</a></dt><dt>SAS, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>scalability, <a class="indexterm" href="HA.html#id2618959">Introduction</a></dt><dt>scalable, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>schannel, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615408">Key Points Learned</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>schema, <a class="indexterm" href="unixclients.html#id2596001">IDMAP and NSS Using LDAP from ADS with RFC2307bis Schema Extension</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2600254">Samba-2.x with LDAP Support</a>, <a class="indexterm" href="upgrades.html#id2600580">Updating from Samba Versions between 3.0.6 and 3.0.10</a></dt><dt>scripts, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>secondary group, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a></dt><dt>secret, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>secrets.tdb, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#sbeug1">Location of config files</a></dt><dt>secure, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>secure account password, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>secure connections, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>secure networking, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>secure networking protocols, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>security, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dd><dl><dt>identifier, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>share mode, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a></dt><dt>user mode, <a class="indexterm" href="simple.html#id2553821">Dissection and Discussion</a></dt></dl></dd><dt>Security, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2614736">Using the MMC Computer Management Interface</a></dt><dt>Security Account Manager (see SAM)</dt><dt>security controls, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>security descriptors, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>security fixes, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>security updates, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>SerNet, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>server</dt><dd><dl><dt>domain member, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>stand-alone, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt></dl></dd><dt>service, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dd><dl><dt>smb</dt><dd><dl><dt>start, <a class="indexterm" href="Big500users.html#ch5-domsvrspec">Configuration Specific to Domain Member Servers: BLDG1, BLDG2</a></dt></dl></dd></dl></dd><dt>Service Packs, <a class="indexterm" href="secure.html#ch4appscfg">Application Share Configuration</a></dt><dt>services, <a class="indexterm" href="DomApps.html#id2618372">Key Points Learned</a></dt><dt>services provided, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>session setup, <a class="indexterm" href="primer.html#id2627042">Simple Windows Client Connection Characteristics</a>, <a class="indexterm" href="primer.html#id2627544">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>Session Setup, <a class="indexterm" href="primer.html#id2627042">Simple Windows Client Connection Characteristics</a></dt><dt>SessionSetUpAndX, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>set primary group script, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>setfacl, <a class="indexterm" href="kerberos.html#id2615198">Setting Posix ACLs in UNIX/Linux</a></dt><dt>severely degrade, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>SFU, <a class="indexterm" href="unixclients.html#id2596287">IDMAP, Active Directory, and MS Services for UNIX 3.5</a></dt><dt>SGID, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a>, <a class="indexterm" href="appendix.html#ch12-SUIDSGID">Effect of Setting File and Directory SUID/SGID Permissions Explained</a></dt><dt>shadow-utils, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>Share Access Controls, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>share ACLs, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>share definition, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>Share Definition</dt><dd><dl><dt>Controls, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a></dt></dl></dd><dt>share definition controls, <a class="indexterm" href="kerberos.html#id2613656">Share Definition Controls</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a>, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>share level access controls, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>share level ACL, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>Share Permissions, <a class="indexterm" href="kerberos.html#id2613307">Share Access Controls</a></dt><dt>shared resource, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615198">Setting Posix ACLs in UNIX/Linux</a></dt><dt>shares, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>SID, <a class="indexterm" href="secure.html#ch4wincfg">Windows Client Configuration</a>, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2594802">IDMAP_RID with Winbind</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599120">Change of Workgroup (Domain) Name</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="appendix.html#id2622975">Initialization of the LDAP Database</a></dt><dt>side effects, <a class="indexterm" href="kerberos.html#id2614682">Managing Windows 200x ACLs</a></dt><dt>Sign'n'seal, <a class="indexterm" href="kerberos.html#id2615408">Key Points Learned</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>silent return, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a></dt><dt>simple, <a class="indexterm" href="HA.html#id2619057">Dissection and Discussion</a></dt><dt>Single Sign-On (see SSO)</dt><dt>slapcat, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>slapd, <a class="indexterm" href="happy.html#id2573271">Debugging LDAP</a></dt><dt>slapd.conf, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>slave, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a></dt><dt>slow logon, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>slow network, <a class="indexterm" href="HA.html#id2620607">Hardware Problems</a></dt><dt>slurpd, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>smart printing, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>SMB, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>SMB passwords, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>SMB/CIFS, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>smbclient, <a class="indexterm" href="simple.html#validate1">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>smbd, <a class="indexterm" href="simple.html#validate1">Validation</a>, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#sbeug1">Location of config files</a>, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a>, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a>, <a class="indexterm" href="appendix.html#id2622376">Starting Samba</a></dt><dd><dl><dt>location of files, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt></dl></dd><dt>smbfs, <a class="indexterm" href="HA.html#id2619057">Dissection and Discussion</a></dt><dt>smbldap-groupadd, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>smbldap-groupmod, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>smbldap-passwd, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>smbldap-populate, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a></dt><dt>smbldap-tools, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a>, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>smbldap-tools updating, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>smbldap-useradd, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt><dt>smbldap-usermod, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>smbmnt, <a class="indexterm" href="HA.html#id2619057">Dissection and Discussion</a></dt><dt>smbmount, <a class="indexterm" href="HA.html#id2619057">Dissection and Discussion</a></dt><dt>smbpasswd, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555593">Technical Issues</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a>, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="happy.html#id2576854">LDAP Initialization and Creation of User and Group Accounts</a>, <a class="indexterm" href="happy.html#sbehap-bldg1">Samba-3 BDC Configuration</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html">Updating Samba-3</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="DomApps.html">Integrating Additional Services</a></dt><dt>smbumnt, <a class="indexterm" href="HA.html#id2619057">Dissection and Discussion</a></dt><dt>smbumount, <a class="indexterm" href="HA.html#id2619057">Dissection and Discussion</a></dt><dt>SMTP, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a></dt><dt>snap-shot, <a class="indexterm" href="ntmigration.html#id2601476">Dissection and Discussion</a></dt><dt>socket address, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>socket options, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>software, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>solve, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>source code, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>SPNEGO, <a class="indexterm" href="primer.html#id2627544">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>SQL, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>Squid, <a class="indexterm" href="DomApps.html#id2616520">Implementation</a>, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a>, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a>, <a class="indexterm" href="DomApps.html#id2617976">Squid Configuration</a></dt><dt>squid, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a>, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>Squid proxy, <a class="indexterm" href="DomApps.html#id2616346">Technical Issues</a></dt><dt>SRVTOOLS.EXE, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="happy.html#id2580918">Configuring Profile Directories</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>SSL, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>stand-alone server, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>starting CUPS, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a>, <a class="indexterm" href="Big500users.html#ch5-procstart">Process Startup Configuration</a></dt><dt>starting dhcpd, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a>, <a class="indexterm" href="Big500users.html#ch5-procstart">Process Startup Configuration</a></dt><dt>starting samba, <a class="indexterm" href="simple.html#id2551082">Implementation</a>, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a>, <a class="indexterm" href="Big500users.html#ch5-procstart">Process Startup Configuration</a></dt><dd><dl><dt>nmbd, <a class="indexterm" href="appendix.html#id2622376">Starting Samba</a></dt><dt>smbd, <a class="indexterm" href="appendix.html#id2622376">Starting Samba</a></dt><dt>winbindd, <a class="indexterm" href="appendix.html#id2622376">Starting Samba</a></dt></dl></dd><dt>startingCUPS, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a></dt><dt>startup script, <a class="indexterm" href="appendix.html#id2622376">Starting Samba</a></dt><dt>sticky bit, <a class="indexterm" href="small.html#id2555812">Implementation</a></dt><dt>storage capacity, <a class="indexterm" href="secure.html#id2559155">Hardware Requirements</a></dt><dt>strategic, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a></dt><dt>strategy, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>straw-man, <a class="indexterm" href="kerberos.html">Active Directory, Kerberos, and Security</a></dt><dt>strict sync, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>stripped, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a></dt><dt>strong cryptography, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>subscription, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>SUID, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a>, <a class="indexterm" href="appendix.html#ch12-SUIDSGID">Effect of Setting File and Directory SUID/SGID Permissions Explained</a></dt><dt>Sun ONE Identity Server, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>super daemon, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a></dt><dt>support, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a>, <a class="indexterm" href="ch14.html">Samba Support</a></dt><dt>survey, <a class="indexterm" href="unixclients.html">Adding Domain Member Servers and Clients</a></dt><dt>SUSE, <a class="indexterm" href="nw4migration.html">Migrating NetWare Server to Samba-3</a></dt><dt>SUSE Enterprise Linux Server, <a class="indexterm" href="simple.html#id2551655">Charity Administration Office</a>, <a class="indexterm" href="secure.html#ch4bsc">Basic System Configuration</a>, <a class="indexterm" href="DomApps.html#id2616520">Implementation</a></dt><dt>SUSE Linux, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="happy.html#id2573956">Samba Server Implementation</a>, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2616520">Implementation</a>, <a class="indexterm" href="DomApps.html#ch10-one">Removal of Pre-Existing Conflicting RPMs</a></dt><dt>SWAT, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>sync always, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>synchronization, <a class="indexterm" href="DomApps.html#id2616769">Kerberos Configuration</a>, <a class="indexterm" href="HA.html#id2620457">For Scalability, Use SAN-Based Storage on Samba Servers</a></dt><dt>synchronize, <a class="indexterm" href="2000users.html#id2584178">User Needs</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>synchronized, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>syslog, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>system level logins, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>system security, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></div><div class="indexdiv"><h3>T</h3><dl><dt>tattooing, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>TCP/IP, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>tdbdump, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>tdbsam, <a class="indexterm" href="secure.html#id2558882">Technical Issues</a>, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="Big500users.html">The 500-User Office</a>, <a class="indexterm" href="happy.html#id2571288">Assignment Tasks</a>, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="upgrades.html#id2600580">Updating from Samba Versions between 3.0.6 and 3.0.10</a>, <a class="indexterm" href="ntmigration.html#id2601662">Technical Issues</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>testparm, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="happy.html#sbehap-massive">Samba-3 PDC Configuration</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a>, <a class="indexterm" href="HA.html#id2620033">Samba Configuration</a></dt><dt>ticket, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>time server, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>Tivoli Directory Server, <a class="indexterm" href="happy.html#id2571425">Dissection and Discussion</a></dt><dt>TLS, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>token, <a class="indexterm" href="DomApps.html#id2616346">Technical Issues</a></dt><dt>tool, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>TOSHARG2, <a class="indexterm" href="simple.html#id2551974">Implementation</a></dt><dt>track record, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>traffic collisions, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>transaction processing, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a></dt><dt>transactional, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>transfer, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>translate, <a class="indexterm" href="kerberos.html#id2614682">Managing Windows 200x ACLs</a></dt><dt>traverse, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a></dt><dt>tree, <a class="indexterm" href="nw4migration.html#id2606260">Dissection and Discussion</a></dt><dt>Tree Connect, <a class="indexterm" href="primer.html#id2627042">Simple Windows Client Connection Characteristics</a></dt><dt>trust account, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a></dt><dt>trusted computing, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Trusted Domains, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>trusted domains, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>trusted third-party, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>trusting, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>turn-around time, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt></dl></div><div class="indexdiv"><h3>U</h3><dl><dt>UDP</dt><dd><dl><dt>broadcast, <a class="indexterm" href="HA.html#id2619760">Routed Networks</a></dt></dl></dd><dt>UID, <a class="indexterm" href="simple.html#id2551779">Dissection and Discussion</a>, <a class="indexterm" href="happy.html#id2571048">Regarding LDAP Directories and Windows Computer Accounts</a>, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a>, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>un-join, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>unauthorized activities, <a class="indexterm" href="kerberos.html#id2612961">Kerberos Exposed</a></dt><dt>UNC name, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>unencrypted, <a class="indexterm" href="appendix.html#id2623561">The LDAP Account Manager</a></dt><dt>Unicast, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a></dt><dt>unicode, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt><dt>Universal Naming Convention (see UNC name)</dt><dt>UNIX, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dd><dl><dt>groups, <a class="indexterm" href="small.html#id2555593">Technical Issues</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a></dt></dl></dd><dt>UNIX accounts, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt><dt>UNIX/Linux server, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>unix2dos, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt><dt>unknown, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>unsupported software, <a class="indexterm" href="ch14.html#id2621247">Commercial Support</a></dt><dt>update, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a>, <a class="indexterm" href="upgrades.html#id2598223">Cautions and Notes</a></dt><dt>updates, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>updating smbldap-tools, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>upgrade, <a class="indexterm" href="upgrades.html#id2598126">Introduction</a>, <a class="indexterm" href="upgrades.html#id2598223">Cautions and Notes</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>uppercase, <a class="indexterm" href="ntmigration.html#id2602011">Implementation</a></dt><dt>user</dt><dd><dl><dt>management, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a></dt></dl></dd><dt>user account, <a class="indexterm" href="happy.html">Making Happy Users</a>, <a class="indexterm" href="happy.html#ldapsetup">OpenLDAP Server Configuration</a></dt><dt>User and Group Controls, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>user credentials, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="unixclients.html#id2596338">UNIX/Linux Client Domain Member</a></dt><dt>user errors, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>user groups, <a class="indexterm" href="ch14.html#id2621028">Free Support</a></dt><dt>user identities, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a></dt><dt>user logins, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>user management, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>User Manager, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>User Mode, <a class="indexterm" href="secure.html#id2559348">Implementation</a>, <a class="indexterm" href="primer.html#id2627042">Simple Windows Client Connection Characteristics</a>, <a class="indexterm" href="primer.html#id2627544">Windows 200x/XP Client Interaction with Samba-3</a></dt><dt>useradd, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="simple.html#AcctgNet">Implementation</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566965">Configuration for Server: MASSIVE</a>, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>userdel, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a></dt><dt>usermod, <a class="indexterm" href="upgrades.html#id2599920">Applicable to All Samba 2.x to Samba-3 Upgrades</a>, <a class="indexterm" href="ntmigration.html#id2602152">NT4 Migration Using LDAP Backend</a></dt><dt>username, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>username map, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#id2560202">Samba Configuration</a>, <a class="indexterm" href="Big500users.html#id2566387">Server Preparation: All Servers</a></dt><dt>UTF-8, <a class="indexterm" href="upgrades.html#id2599386">International Language Support</a></dt><dt>utilities, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt></dl></div><div class="indexdiv"><h3>V</h3><dl><dt>valid users, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a>, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>validate, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>validated, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>validation, <a class="indexterm" href="simple.html#validate1">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>vampire, <a class="indexterm" href="ntmigration.html#id2605055">Questions and Answers</a></dt><dt>vendor, <a class="indexterm" href="kerberos.html#id2611280">Dissection and Discussion</a></dt><dt>vendors, <a class="indexterm" href="upgrades.html#id2600436">Updating a Samba-3 Installation</a></dt><dt>VFS modules, <a class="indexterm" href="appendix.html#id2621955">Samba System File Location</a></dt><dt>virus, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>VPN, <a class="indexterm" href="2000users.html#id2583797">Assignment Tasks</a></dt><dt>vulnerabilities, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt></dl></div><div class="indexdiv"><h3>W</h3><dl><dt>wbinfo, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#adssdm">Active Directory Domain with Samba Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a></dt><dt>weakness, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a></dt><dt>web</dt><dd><dl><dt>caching, <a class="indexterm" href="DomApps.html#id2616202">Assignment Tasks</a></dt><dt>proxying, <a class="indexterm" href="DomApps.html#id2616202">Assignment Tasks</a></dt></dl></dd><dt>Web</dt><dd><dl><dt>proxy, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dd><dl><dt>access, <a class="indexterm" href="DomApps.html#id2618372">Key Points Learned</a></dt></dl></dd></dl></dd><dt>Web browsers, <a class="indexterm" href="DomApps.html#id2618372">Key Points Learned</a></dt><dt>WebClient, <a class="indexterm" href="happy.html">Making Happy Users</a></dt><dt>WHATSNEW.txt, <a class="indexterm" href="upgrades.html#id2600254">Samba-2.x with LDAP Support</a></dt><dt>white-pages, <a class="indexterm" href="nw4migration.html#id2606337">Technical Issues</a>, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>wide-area, <a class="indexterm" href="2000users.html#id2584178">User Needs</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2588260">Key Points Learned</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a></dt><dt>wide-area network, <a class="indexterm" href="HA.html#id2620360">Use and Location of BDCs</a>, <a class="indexterm" href="HA.html#id2620562">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></dt><dt>winbind, <a class="indexterm" href="2000users.html#id2585101">Implementation</a>, <a class="indexterm" href="unixclients.html#id2589354">Dissection and Discussion</a>, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2616346">Technical Issues</a>, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a>, <a class="indexterm" href="DomApps.html#id2617710">NSS Configuration</a></dt><dt>Winbind, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="kerberos.html#id2611677">Technical Issues</a>, <a class="indexterm" href="kerberos.html#id2615408">Key Points Learned</a></dt><dt>winbind trusted domains only, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>winbind use default domain, <a class="indexterm" href="kerberos.html#id2613795">Checkpoint Controls</a></dt><dt>winbindd, <a class="indexterm" href="small.html#id2557356">Validation</a>, <a class="indexterm" href="secure.html#ch4valid">Validation</a>, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a>, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a>, <a class="indexterm" href="unixclients.html#sdcsdmldap">Samba Domain with Samba Domain Member Server Using NSS LDAP</a>, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a>, <a class="indexterm" href="upgrades.html#sbeug2">Samba 1.9.x and 2.x Versions Without LDAP</a>, <a class="indexterm" href="upgrades.html#id2600658">Updating from Samba Versions after 3.0.6 to a Current Release</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a>, <a class="indexterm" href="DomApps.html#id2617158">Samba Configuration</a>, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a>, <a class="indexterm" href="appendix.html#id2622376">Starting Samba</a></dt><dt>winbindd_cache.tdb, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>winbindd_idmap.tdb, <a class="indexterm" href="unixclients.html#id2589383">Technical Issues</a></dt><dt>Windows, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dd><dl><dt>client, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt><dt>NT, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a></dt></dl></dd><dt>Windows 2000 ACLs, <a class="indexterm" href="kerberos.html#id2614682">Managing Windows 200x ACLs</a></dt><dt>Windows 2003 Serve, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Windows 200x ACLs, <a class="indexterm" href="kerberos.html#id2615543">Questions and Answers</a></dt><dt>Windows accounts, <a class="indexterm" href="happy.html#id2571882">Technical Issues</a></dt><dt>Windows ACLs, <a class="indexterm" href="kerberos.html#id2615198">Setting Posix ACLs in UNIX/Linux</a></dt><dt>Windows Address Book, <a class="indexterm" href="nw4migration.html#id2606611">LDAP Server Configuration</a></dt><dt>Windows ADS Domain, <a class="indexterm" href="unixclients.html#wdcsdm">NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind</a></dt><dt>Windows clients, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>Windows Explorer, <a class="indexterm" href="simple.html#validate1">Validation</a></dt><dt>Windows explorer, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>Windows security identifier (see SID)</dt><dt>Windows Servers, <a class="indexterm" href="kerberos.html#id2610613">Introduction</a></dt><dt>Windows Services for UNIX (see SUS)</dt><dt>Windows XP, <a class="indexterm" href="small.html#id2555484">Assignment Tasks</a></dt><dt>WINS, <a class="indexterm" href="simple.html#id2551974">Implementation</a>, <a class="indexterm" href="small.html#id2555593">Technical Issues</a>, <a class="indexterm" href="small.html#id2555812">Implementation</a>, <a class="indexterm" href="secure.html#ch4wincfg">Windows Client Configuration</a>, <a class="indexterm" href="Big500users.html#id2565433">Technical Issues</a>, <a class="indexterm" href="Big500users.html#ch5wincfg">Windows Client Configuration</a>, <a class="indexterm" href="2000users.html#id2584272">The Nature of Windows Networking Protocols</a>, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a>, <a class="indexterm" href="primer.html#chap01qa">Questions and Answers</a></dt><dd><dl><dt>lookup, <a class="indexterm" href="unixclients.html#id2596967">Questions and Answers</a></dt><dt>name resolution, <a class="indexterm" href="HA.html#id2619760">Routed Networks</a></dt><dt>server, <a class="indexterm" href="happy.html">Making Happy Users</a>, <a class="indexterm" href="HA.html#id2619760">Routed Networks</a></dt></dl></dd><dt>WINS server, <a class="indexterm" href="Big500users.html">The 500-User Office</a>, <a class="indexterm" href="2000users.html#id2588407">Questions and Answers</a></dt><dt>WINS serving, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>wins support, <a class="indexterm" href="secure.html#id2559348">Implementation</a></dt><dt>wins.dat, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a>, <a class="indexterm" href="upgrades.html#id2600761">Replacing a Domain Member Server</a></dt><dt>Wireshark, <a class="indexterm" href="primer.html#id2625430">Requirements and Notes</a></dt><dt>wireshark, <a class="indexterm" href="primer.html#id2625769">Exercises</a></dt><dt>Word, <a class="indexterm" href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></dt><dt>workgroup, <a class="indexterm" href="simple.html#id2551082">Implementation</a>, <a class="indexterm" href="upgrades.html#id2598326">Security Identifiers (SIDs)</a>, <a class="indexterm" href="upgrades.html#id2599120">Change of Workgroup (Domain) Name</a></dt><dt>Workgroup Announcement, <a class="indexterm" href="primer.html#id2626681">Findings</a></dt><dt>workstation, <a class="indexterm" href="unixclients.html#id2590132">Implementation</a></dt><dt>wrapper, <a class="indexterm" href="DomApps.html#id2618432">Questions and Answers</a></dt><dt>write lock, <a class="indexterm" href="appendix.html#id2625264">Opportunistic Locking Controls</a></dt></dl></div><div class="indexdiv"><h3>X</h3><dl><dt>xinetd, <a class="indexterm" href="secure.html#procstart">Process Startup Configuration</a></dt><dt>XML, <a class="indexterm" href="2000users.html#id2583865">Dissection and Discussion</a></dt><dt>xmlsam, <a class="indexterm" href="2000users.html#id2585101">Implementation</a></dt></dl></div><div class="indexdiv"><h3>Y</h3><dl><dt>YaST, <a class="indexterm" href="happy.html#sbehap-PAM-NSS">PAM and NSS Client Configuration</a></dt><dt>Yellow Pages, <a class="indexterm" href="2000users.html#id2584619">Identity Management Needs</a></dt><dt>yellow pages (see NIS)</dt></dl></div></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="go01.html">Prev</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> </td></tr><tr><td width="40%" align="left" valign="top">Glossary </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> </td></tr></table></div></body></html> diff --git a/docs/htmldocs/Samba3-ByExample/kerberos.html b/docs/htmldocs/Samba3-ByExample/kerberos.html index a67fc182eb..f5969d665c 100644 --- a/docs/htmldocs/Samba3-ByExample/kerberos.html +++ b/docs/htmldocs/Samba3-ByExample/kerberos.html @@ -1,4 +1,4 @@ -<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 11. Active Directory, Kerberos, and Security</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="RefSection.html" title="Part III. Reference Section"><link rel="next" href="DomApps.html" title="Chapter 12. Integrating Additional Services"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 11. Active Directory, Kerberos, and Security</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="RefSection.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="DomApps.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="kerberos"></a>Chapter 11. Active Directory, Kerberos, and Security</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="kerberos.html#id2610613">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2611264">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#id2611280">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2611677">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#ch10expl">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2613307">Share Access Controls</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2613656">Share Definition Controls</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2614672">Managing Windows 200x ACLs</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2615399">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#id2615533">Questions and Answers</a></span></dt></dl></div><p><a class="indexterm" name="id2610549"></a> +<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 11. Active Directory, Kerberos, and Security</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="RefSection.html" title="Part III. Reference Section"><link rel="next" href="DomApps.html" title="Chapter 12. Integrating Additional Services"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 11. Active Directory, Kerberos, and Security</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="RefSection.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="DomApps.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="kerberos"></a>Chapter 11. Active Directory, Kerberos, and Security</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="kerberos.html#id2610613">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2611264">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#id2611280">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2611677">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#ch10expl">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="kerberos.html#id2613307">Share Access Controls</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2613656">Share Definition Controls</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2614269">Share Point Directory and File Permissions</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2614682">Managing Windows 200x ACLs</a></span></dt><dt><span class="sect2"><a href="kerberos.html#id2615408">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="kerberos.html#id2615543">Questions and Answers</a></span></dt></dl></div><p><a class="indexterm" name="id2610549"></a> By this point in the book, you have been exposed to many Samba-3 features and capabilities. More importantly, if you have implemented the examples given, you are well on your way to becoming a Samba-3 networking guru who knows a lot about Microsoft Windows. If you have taken the time to @@ -526,8 +526,10 @@ One of the common issues that repeatedly pops up on the Samba mailing lists involves the saving of Microsoft Office files (Word and Excel) to a network drive. Here is the typical sequence: </p><div class="orderedlist"><ol type="1"><li><p> - A user opens a Work document from a network drive. The file was owned by user <code class="constant">janetp</code> + A user opens a Word document from a network drive. The file was owned by user <code class="constant">janetp</code> and [users], and was set read/write-enabled for everyone. + A user opens a Word document from a network drive. The file was owned by user <code class="constant">janetp</code> + and <code class="constant">users</code>, and was set read/write-enabled for everyone. </p></li><li><p> File changes and edits are made. </p></li><li><p> @@ -542,7 +544,7 @@ There have been many postings over the years that report the same basic problem. Frequently Samba users want to know when this “<span class="quote">bug</span>” will be fixed. The fact is, this is not a bug in Samba at all. Here is the real sequence of what happens in this case. - </p><p><a class="indexterm" name="id2614430"></a><a class="indexterm" name="id2614438"></a><a class="indexterm" name="id2614446"></a> + </p><p><a class="indexterm" name="id2614440"></a><a class="indexterm" name="id2614448"></a><a class="indexterm" name="id2614456"></a> When the user saves a file, MS Word creates a new (temporary) file. This file is naturally owned by the user who creates the file (<code class="constant">billc</code>) and has the permissions that follow that user's default settings within the operating system (UNIX/Linux). When MS Word has finished writing @@ -560,7 +562,7 @@ The solution is simple. Use UNIX file system permissions and controls to your advantage. Follow these simple steps to create a share in which all files will consistently be owned by the same user and the same group: - </p><div class="procedure"><a name="id2614493"></a><p class="title"><b>Procedure 11.2. Using Directory Permissions to Force File User and Group Ownership</b></p><ol type="1"><li><p> + </p><div class="procedure"><a name="id2614502"></a><p class="title"><b>Procedure 11.2. Using Directory Permissions to Force File User and Group Ownership</b></p><ol type="1"><li><p> Change your share definition so that it matches this pattern: </p><pre class="screen"> [finance] @@ -568,18 +570,18 @@ browseable = Yes read only = No </pre><p> - </p></li><li><p><a class="indexterm" name="id2614519"></a><a class="indexterm" name="id2614530"></a> + </p></li><li><p><a class="indexterm" name="id2614528"></a><a class="indexterm" name="id2614539"></a> Set consistent user and group permissions recursively down the directory tree as shown here: </p><pre class="screen"> <code class="prompt">root# </code> chown -R janetp.users /usr/data/finance </pre><p> - </p></li><li><p><a class="indexterm" name="id2614562"></a> + </p></li><li><p><a class="indexterm" name="id2614571"></a> Set the files and directory permissions to be read/write for owner and group, and not accessible to others (everyone), using the following command: </p><pre class="screen"> <code class="prompt">root# </code> chmod ug+rwx,o-rwx /usr/data/finance </pre><p> - </p></li><li><p><a class="indexterm" name="id2614591"></a> + </p></li><li><p><a class="indexterm" name="id2614600"></a> Set the SGID (supergroup) bit on all directories from the top down. This means all files can be created with the permissions of the group set on the directory. It means all users who are members of the group <code class="constant">finance</code> can read and write all files in @@ -589,11 +591,11 @@ <code class="prompt">root# </code> find /usr/data/finance -type d -exec chmod ug+s {}\; </pre><p> - </p></li><li><p><a class="indexterm" name="id2614631"></a><a class="indexterm" name="id2614639"></a><a class="indexterm" name="id2614647"></a> + </p></li><li><p><a class="indexterm" name="id2614641"></a><a class="indexterm" name="id2614649"></a><a class="indexterm" name="id2614657"></a> Make sure all users that must have read/write access to the directory have <code class="constant">finance</code> group membership as their primary group, for example, the group they belong to in <code class="filename">/etc/passwd</code>. - </p></li></ol></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2614672"></a>Managing Windows 200x ACLs</h3></div></div></div><p><a class="indexterm" name="id2614679"></a><a class="indexterm" name="id2614687"></a><a class="indexterm" name="id2614695"></a><a class="indexterm" name="id2614703"></a> + </p></li></ol></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2614682"></a>Managing Windows 200x ACLs</h3></div></div></div><p><a class="indexterm" name="id2614688"></a><a class="indexterm" name="id2614696"></a><a class="indexterm" name="id2614704"></a><a class="indexterm" name="id2614712"></a> Samba must translate Windows 2000 ACLs to UNIX POSIX ACLs. This has some interesting side effects because there is not a one-to-one equivalence between them. The as-close-as-possible ACLs match means that some transactions are not possible from MS Windows clients. One of these is to reset the ownership @@ -601,7 +603,7 @@ </p><p> There are two possible ways to set ACLs on UNIX/Linux file systems from a Windows network workstation, either via File Manager or via the Microsoft Management Console (MMC) Computer Management interface. - </p><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2614727"></a>Using the MMC Computer Management Interface</h4></div></div></div><div class="procedure"><ol type="1"><li><p> + </p><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2614736"></a>Using the MMC Computer Management Interface</h4></div></div></div><div class="procedure"><ol type="1"><li><p> From a Windows 200x/XP Professional workstation, log on to the domain using the Domain Administrator account (on Samba domains, this is usually the account called <code class="constant">root</code>). </p></li><li><p> @@ -616,14 +618,14 @@ the Computer Management entry should now say: <span class="guimenu">Computer Management (FRODO)</span>. </p></li><li><p> In the left panel, click <span class="guimenu">Computer Management (FRODO)</span> → <span class="guimenuitem">[+] Shared Folders</span> → <span class="guimenuitem">Shares</span>. - </p></li><li><p><a class="indexterm" name="id2614910"></a><a class="indexterm" name="id2614918"></a><a class="indexterm" name="id2614925"></a><a class="indexterm" name="id2614933"></a> + </p></li><li><p><a class="indexterm" name="id2614919"></a><a class="indexterm" name="id2614927"></a><a class="indexterm" name="id2614935"></a><a class="indexterm" name="id2614943"></a> In the right panel, double-click on the share on which you wish to set/edit ACLs. This brings up the Properties panel. Click the <span class="guimenu">Security</span> tab. It is best to edit ACLs using the <code class="constant">Advanced</code> editing features. Click the <span class="guimenu">Advanced</span> button. This opens a panel that has four tabs. Only the functionality under the <code class="constant">Permissions</code> tab can be utilized with respect to a Samba domain server. - </p></li><li><p><a class="indexterm" name="id2614973"></a><a class="indexterm" name="id2614981"></a> + </p></li><li><p><a class="indexterm" name="id2614982"></a><a class="indexterm" name="id2614990"></a> You may now edit/add/remove access control settings. Be very careful. Many problems have been created by people who decided that everyone should be rejected but one particular group should have full control. This is a catch-22 situation because members of that particular group also @@ -632,7 +634,7 @@ </p></li><li><p> When you are done with editing, close all panels by clicking through the <span class="guimenu">OK</span> buttons until the last panel closes. - </p></li></ol></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2615018"></a>Using MS Windows Explorer (File Manager)</h4></div></div></div><p> + </p></li></ol></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2615027"></a>Using MS Windows Explorer (File Manager)</h4></div></div></div><p> The following alternative method may be used from a Windows workstation. In this example we work with a domain called <code class="constant">MEGANET</code>, a server called <code class="constant">MASSIVE</code>, and a share called <code class="constant">Apps</code>. The underlying UNIX/Linux share point for this share is @@ -640,7 +642,7 @@ </p><div class="procedure"><ol type="1"><li><p> Click <span class="guimenu">Start</span> → <span class="guimenuitem">[right-click] My Computer</span> → <span class="guimenuitem">Explore</span> → <span class="guimenuitem">[left panel] [+] My Network Places</span> → <span class="guimenuitem">[+] Entire Network</span> → <span class="guimenuitem">[+] Microsoft Windows Network</span> → <span class="guimenuitem">[+] Meganet</span> → <span class="guimenuitem">[+] Massive</span> → <span class="guimenuitem">[right-click] Apps</span> → <span class="guimenuitem">Properties</span> → <span class="guimenuitem">Security</span> → <span class="guimenuitem">Advanced</span>. This opens a panel that has four tabs. Only the functionality under the <code class="constant">Permissions</code> tab can be utilized for a Samba domain server. - </p></li><li><p><a class="indexterm" name="id2615142"></a><a class="indexterm" name="id2615150"></a> + </p></li><li><p><a class="indexterm" name="id2615152"></a><a class="indexterm" name="id2615160"></a> You may now edit/add/remove access control settings. Be very careful. Many problems have been created by people who decided that everyone should be rejected but one particular group should have full control. This is a catch-22 situation because members of that particular group also @@ -649,7 +651,7 @@ </p></li><li><p> When you are done with editing, close all panels by clicking through the <span class="guimenu">OK</span> buttons until the last panel closes. - </p></li></ol></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2615189"></a>Setting Posix ACLs in UNIX/Linux</h4></div></div></div><p><a class="indexterm" name="id2615196"></a><a class="indexterm" name="id2615204"></a> + </p></li></ol></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2615198"></a>Setting Posix ACLs in UNIX/Linux</h4></div></div></div><p><a class="indexterm" name="id2615205"></a><a class="indexterm" name="id2615213"></a> Yet another alternative method for setting desired security settings on the shared resource files and directories can be achieved by logging into UNIX/Linux and setting POSIX ACLs directly using command-line tools. Here is an example session on the same resource as in the immediately preceding example on a SUSE 9 @@ -672,7 +674,7 @@ user::rwx group::rwx other::r-x </pre><p> - </p></li><li><p><a class="indexterm" name="id2615278"></a> + </p></li><li><p><a class="indexterm" name="id2615287"></a> You want to add permission for <code class="constant">AppsMgrs</code> to enable them to manage the applications (apps) share. It is important to set the ACL recursively so that the AppsMgrs have this capability throughout the directory tree that is @@ -695,26 +697,26 @@ mask::rwx other::r-x </pre><p> This confirms that the change of POSIX ACL permissions has been effective. - </p></li><li><p><a class="indexterm" name="id2615334"></a><a class="indexterm" name="id2615341"></a><a class="indexterm" name="id2615349"></a><a class="indexterm" name="id2615357"></a><a class="indexterm" name="id2615365"></a> + </p></li><li><p><a class="indexterm" name="id2615343"></a><a class="indexterm" name="id2615351"></a><a class="indexterm" name="id2615359"></a><a class="indexterm" name="id2615367"></a><a class="indexterm" name="id2615375"></a> It is highly recommended that you read the online manual page for the <code class="literal">setfacl</code> and <code class="literal">getfacl</code> commands. This provides information regarding how to set/read the default ACLs and how that may be propagated through the directory tree. In Windows ACLs terms, this is the equivalent of setting <code class="constant">inheritance</code> properties. - </p></li></ol></div></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2615399"></a>Key Points Learned</h3></div></div></div><p> + </p></li></ol></div></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2615408"></a>Key Points Learned</h3></div></div></div><p> The mish-mash of issues were thrown together into one chapter because it seemed like a good idea. Looking back, this chapter could be broken into two, but it's too late now. It has been done. The highlights covered are as follows: - </p><div class="itemizedlist"><ul type="disc"><li><p><a class="indexterm" name="id2615416"></a><a class="indexterm" name="id2615424"></a><a class="indexterm" name="id2615432"></a><a class="indexterm" name="id2615440"></a> + </p><div class="itemizedlist"><ul type="disc"><li><p><a class="indexterm" name="id2615426"></a><a class="indexterm" name="id2615434"></a><a class="indexterm" name="id2615442"></a><a class="indexterm" name="id2615450"></a> Winbind honors and does not override account controls set in Active Directory. This means that password change, logon hours, and so on, are (or soon will be) enforced by Samba winbind. At this time, an out-of-hours login is denied and password change is enforced. At this time, if logon hours expire, the user is not forcibly logged off. That may be implemented at some later date. - </p></li><li><p><a class="indexterm" name="id2615459"></a><a class="indexterm" name="id2615467"></a> + </p></li><li><p><a class="indexterm" name="id2615468"></a><a class="indexterm" name="id2615476"></a> Sign'n'seal (plus schannel support) has been implemented in Samba-3. Beware of potential problems acknowledged by Microsoft as having been fixed but reported by some as still possibly an open issue. - </p></li><li><p><a class="indexterm" name="id2615483"></a><a class="indexterm" name="id2615491"></a><a class="indexterm" name="id2615498"></a><a class="indexterm" name="id2615506"></a> + </p></li><li><p><a class="indexterm" name="id2615492"></a><a class="indexterm" name="id2615500"></a><a class="indexterm" name="id2615508"></a><a class="indexterm" name="id2615516"></a> The combination of Kerberos 5, plus OpenLDAP, plus Samba, cannot replace Microsoft Active Directory. The possibility to do this is not planned in the current Samba-3 roadmap. Samba-3 does aim to provide further improvements in interoperability so that @@ -723,83 +725,83 @@ other::r-x This chapter reviewed mechanisms by which Samba servers may be kept secure. Each of the four key methodologies was reviewed with specific reference to example deployment techniques. - </p></li></ul></div></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2615533"></a>Questions and Answers</h2></div></div></div><p> - </p><div class="qandaset"><dl><dt> <a href="kerberos.html#id2615549"> + </p></li></ul></div></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2615543"></a>Questions and Answers</h2></div></div></div><p> + </p><div class="qandaset"><dl><dt> <a href="kerberos.html#id2615558"> Does Samba-3 require the Sign'n'seal registry hacks needed by Samba-2? - </a></dt><dt> <a href="kerberos.html#id2615619"> + </a></dt><dt> <a href="kerberos.html#id2615629"> Does Samba-3 support Active Directory? - </a></dt><dt> <a href="kerberos.html#id2615650"> + </a></dt><dt> <a href="kerberos.html#id2615660"> When Samba-3 is used with Active Directory, is it necessary to run mixed-mode operation, as was necessary with Samba-2? - </a></dt><dt> <a href="kerberos.html#id2615689"> + </a></dt><dt> <a href="kerberos.html#id2615698"> Is it safe to set share-level access controls in Samba? - </a></dt><dt> <a href="kerberos.html#id2615718"> + </a></dt><dt> <a href="kerberos.html#id2615728"> Is it mandatory to set share ACLs to get a secure Samba-3 server? - </a></dt><dt> <a href="kerberos.html#id2615795"> + </a></dt><dt> <a href="kerberos.html#id2615804"> The valid users did not work on the [homes]. Has this functionality been restored yet? - </a></dt><dt> <a href="kerberos.html#id2615861"> + </a></dt><dt> <a href="kerberos.html#id2615870"> Is the bias against use of the force user and force group really warranted? - </a></dt><dt> <a href="kerberos.html#id2615924"> + </a></dt><dt> <a href="kerberos.html#id2615934"> The example given for file and directory access control forces all files to be owned by one particular user. I do not like that. Is there any way I can see who created the file? - </a></dt><dt> <a href="kerberos.html#id2615972"> + </a></dt><dt> <a href="kerberos.html#id2615982"> In the book, “The Official Samba-3 HOWTO and Reference Guide”, you recommended use of the Windows NT4 Server Manager (part of the SRVTOOLS.EXE) utility. Why have you mentioned only the use of the Windows 200x/XP MMC Computer Management utility? - </a></dt><dt> <a href="kerberos.html#id2616039"> + </a></dt><dt> <a href="kerberos.html#id2616048"> I tried to set valid users = @Engineers, but it does not work. My Samba server is an Active Directory domain member server. Has this been fixed now? - </a></dt></dl><table border="0" summary="Q and A Set"><col align="left" width="1%"><tbody><tr class="question"><td align="left" valign="top"><a name="id2615549"></a><a name="id2615551"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615554"></a><a class="indexterm" name="id2615562"></a> + </a></dt></dl><table border="0" summary="Q and A Set"><col align="left" width="1%"><tbody><tr class="question"><td align="left" valign="top"><a name="id2615558"></a><a name="id2615561"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615564"></a><a class="indexterm" name="id2615572"></a> Does Samba-3 require the <code class="constant">Sign'n'seal</code> registry hacks needed by Samba-2? - </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615582"></a><a class="indexterm" name="id2615589"></a><a class="indexterm" name="id2615597"></a> + </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615591"></a><a class="indexterm" name="id2615599"></a><a class="indexterm" name="id2615607"></a> No. Samba-3 fully supports <code class="constant">Sign'n'seal</code> as well as <code class="constant">schannel</code> operation. The registry change should not be applied when Samba-3 is used as a domain controller. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615619"></a><a name="id2615622"></a></td><td align="left" valign="top"><p> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615629"></a><a name="id2615631"></a></td><td align="left" valign="top"><p> Does Samba-3 support Active Directory? - </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615632"></a> + </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615642"></a> Yes. Samba-3 can be a fully participating native mode Active Directory client. Samba-3 does not provide Active Directory services. It cannot be used to replace a Microsoft Active Directory server implementation. Samba-3 can function as an Active Directory client (workstation) toolkit, and it can function as an Active Directory domain member server. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615650"></a><a name="id2615653"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615656"></a> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615660"></a><a name="id2615662"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615665"></a> When Samba-3 is used with Active Directory, is it necessary to run mixed-mode operation, as was necessary with Samba-2? - </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615672"></a> + </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615682"></a> No. Samba-3 can be used with NetBIOS over TCP/IP disabled, just as can be done with Windows 200x Server and 200x/XPPro client products. It is no longer necessary to run mixed-mode operation, because Samba-3 can join a native Windows 2003 Server ADS domain. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615689"></a><a name="id2615691"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615694"></a> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615698"></a><a name="id2615701"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615704"></a> Is it safe to set share-level access controls in Samba? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> Yes. Share-level access controls have been supported since early versions of Samba-2. This is very mature technology. Not enough sites make use of this powerful capability, neither on Windows server or with Samba servers. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615718"></a><a name="id2615720"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615724"></a> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615728"></a><a name="id2615730"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615733"></a> Is it mandatory to set share ACLs to get a secure Samba-3 server? - </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615739"></a><a class="indexterm" name="id2615747"></a><a class="indexterm" name="id2615755"></a><a class="indexterm" name="id2615764"></a><a class="indexterm" name="id2615772"></a> + </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615749"></a><a class="indexterm" name="id2615757"></a><a class="indexterm" name="id2615765"></a><a class="indexterm" name="id2615773"></a><a class="indexterm" name="id2615781"></a> No. Samba-3 honors UNIX/Linux file system security, supports Windows 200x ACLs, and provides means of securing shares through share definition controls in the <code class="filename">smb.conf</code> file. The additional support for share-level ACLs is like frosting on the cake. It adds to security but is not essential to it. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615795"></a><a name="id2615797"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615800"></a> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615804"></a><a name="id2615806"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615810"></a> The <em class="parameter"><code>valid users</code></em> did not work on the <em class="parameter"><code>[homes]</code></em>. Has this functionality been restored yet? - </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615828"></a> + </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615837"></a> Yes. This was fixed in Samba-3.0.2. The use of this parameter is strongly recommended as a safeguard on the <em class="parameter"><code>[homes]</code></em> meta-service. The correct way to specify this is: <a class="link" href="smb.conf.5.html#VALIDUSERS" target="_top">valid users = %S</a>. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615861"></a><a name="id2615863"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615866"></a><a class="indexterm" name="id2615874"></a><a class="indexterm" name="id2615882"></a> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615870"></a><a name="id2615872"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615876"></a><a class="indexterm" name="id2615883"></a><a class="indexterm" name="id2615891"></a> Is the bias against use of the <em class="parameter"><code>force user</code></em> and <em class="parameter"><code>force group</code></em> really warranted? - </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615909"></a> + </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615918"></a> There is no bias. There is a determination to recommend the right tool for the task at hand. After all, it is better than putting users through performance problems, isn't it? - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615924"></a><a name="id2615926"></a></td><td align="left" valign="top"><p> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615934"></a><a name="id2615936"></a></td><td align="left" valign="top"><p> The example given for file and directory access control forces all files to be owned by one particular user. I do not like that. Is there any way I can see who created the file? - </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615939"></a> + </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2615948"></a> Sure. You do not have to set the SUID bit on the directory. Simply execute the following command to permit file ownership to be retained by the user who created it: </p><pre class="screen"> @@ -807,17 +809,17 @@ other::r-x </pre><p> Note that this required no more than removing the <code class="constant">u</code> argument so that the SUID bit is not set for the owner. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615972"></a><a name="id2615974"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615978"></a> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2615982"></a><a name="id2615984"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2615987"></a> In the book, “<span class="quote">The Official Samba-3 HOWTO and Reference Guide</span>”, you recommended use of the Windows NT4 Server Manager (part of the <code class="filename">SRVTOOLS.EXE</code>) utility. Why have you mentioned only the use of the Windows 200x/XP MMC Computer Management utility? - </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2616006"></a><a class="indexterm" name="id2616013"></a> + </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p><a class="indexterm" name="id2616015"></a><a class="indexterm" name="id2616023"></a> Either tool can be used with equal effect. There is no benefit of one over the other, except that the MMC utility is present on all Windows 200x/XP systems and does not require additional software to be downloaded and installed. Note that if you want to manage user and group accounts in your Samba-controlled domain, the only tool that permits that is the NT4 Domain User Manager, which is provided as part of the <code class="filename">SRVTOOLS.EXE</code> utility. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2616039"></a><a name="id2616041"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2616044"></a><a class="indexterm" name="id2616052"></a><a class="indexterm" name="id2616060"></a> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2616048"></a><a name="id2616051"></a></td><td align="left" valign="top"><p><a class="indexterm" name="id2616054"></a><a class="indexterm" name="id2616062"></a><a class="indexterm" name="id2616070"></a> I tried to set <em class="parameter"><code>valid users = @Engineers</code></em>, but it does not work. My Samba server is an Active Directory domain member server. Has this been fixed now? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> diff --git a/docs/htmldocs/Samba3-ByExample/primer.html b/docs/htmldocs/Samba3-ByExample/primer.html index 1808006bd5..497a5c3dc7 100644 --- a/docs/htmldocs/Samba3-ByExample/primer.html +++ b/docs/htmldocs/Samba3-ByExample/primer.html @@ -1,4 +1,4 @@ -<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 16. Networking Primer</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="appendix.html" title="Chapter 15. A Collection of Useful Tidbits"><link rel="next" href="apa.html" title="Appendix A. GNU General Public License version 3"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 16. Networking Primer</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="appendix.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="apa.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="primer"></a>Chapter 16. Networking Primer</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="primer.html#id2625407">Requirements and Notes</a></span></dt><dt><span class="sect1"><a href="primer.html#id2625568">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2625629">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#id2625745">Exercises</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2625871">Single-Machine Broadcast Activity</a></span></dt><dt><span class="sect2"><a href="primer.html#secondmachine">Second Machine Startup Broadcast Interaction</a></span></dt><dt><span class="sect2"><a href="primer.html#id2627019">Simple Windows Client Connection Characteristics</a></span></dt><dt><span class="sect2"><a href="primer.html#id2627521">Windows 200x/XP Client Interaction with Samba-3</a></span></dt><dt><span class="sect2"><a href="primer.html#id2628089">Conclusions to Exercises</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#chap01conc">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2628204">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#chap01qa">Questions and Answers</a></span></dt></dl></div><p> +<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 16. Networking Primer</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="appendix.html" title="Chapter 15. A Collection of Useful Tidbits"><link rel="next" href="apa.html" title="Appendix A. GNU General Public License version 3"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 16. Networking Primer</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="appendix.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="apa.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="primer"></a>Chapter 16. Networking Primer</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="primer.html#id2625430">Requirements and Notes</a></span></dt><dt><span class="sect1"><a href="primer.html#id2625592">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2625652">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#id2625769">Exercises</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2625894">Single-Machine Broadcast Activity</a></span></dt><dt><span class="sect2"><a href="primer.html#secondmachine">Second Machine Startup Broadcast Interaction</a></span></dt><dt><span class="sect2"><a href="primer.html#id2627042">Simple Windows Client Connection Characteristics</a></span></dt><dt><span class="sect2"><a href="primer.html#id2627544">Windows 200x/XP Client Interaction with Samba-3</a></span></dt><dt><span class="sect2"><a href="primer.html#id2628113">Conclusions to Exercises</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#chap01conc">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="primer.html#id2628227">Technical Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="primer.html#chap01qa">Questions and Answers</a></span></dt></dl></div><p> You are about to use the equivalent of a microscope to look at the information that runs through the veins of a Windows network. We do more to observe the information than to interrogate it. When you are done with this primer, you should have a good understanding @@ -8,7 +8,7 @@ </p><p> Samba can be configured with a minimum of complexity. Simplicity should be mastered before you get too deeply into complexities. Let's get moving: we have work to do. - </p><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2625407"></a>Requirements and Notes</h2></div></div></div><p> + </p><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2625430"></a>Requirements and Notes</h2></div></div></div><p> Successful completion of this primer requires two Microsoft Windows 9x/Me Workstations as well as two Microsoft Windows XP Professional Workstations, each equipped with an Ethernet card connected using a hub. Also required is one additional server (either Windows @@ -16,7 +16,7 @@ sniffer and analysis application (Wireshark is a good choice). All work should be undertaken on a quiet network where there is no other traffic. It is best to use a dedicated hub with only the machines under test connected at the time of the exercises. - </p><p><a class="indexterm" name="id2625428"></a> + </p><p><a class="indexterm" name="id2625451"></a> Wireshark (formerly Ethereal) has become the network protocol analyzer of choice for many network administrators. You may find more information regarding this tool from the <a class="ulink" href="http://www.wireshark.org" target="_top">Wireshark</a> Web site. Wireshark installation @@ -36,11 +36,11 @@ filter. Ethernet switches may filter out traffic that is not directed at the machine that is used to monitor traffic; this would not allow you to complete the projects. </p></div><p> - <a class="indexterm" name="id2625497"></a> + <a class="indexterm" name="id2625520"></a> Do not worry too much if you do not have access to all this equipment; network captures from the exercises are provided on the enclosed CD-ROM. This makes it possible to dive directly into the analytical part of the exercises if you so desire. - </p><p><a class="indexterm" name="id2625513"></a><a class="indexterm" name="id2625524"></a> + </p><p><a class="indexterm" name="id2625536"></a><a class="indexterm" name="id2625547"></a> Please do not be alarmed at the use of a high-powered analysis tool (Wireshark) in this primer. We expose you only to a minimum of detail necessary to complete the exercises. If you choose to use any other network sniffer and protocol @@ -54,11 +54,11 @@ </p><p> <a class="link" href="primer.html#chap01qa" title="Questions and Answers">“Questions and Answers”</a> also provides useful information that may help you to avoid significantly time-consuming networking problems. - </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2625568"></a>Introduction</h2></div></div></div><p> + </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2625592"></a>Introduction</h2></div></div></div><p> The purpose of this chapter is to create familiarity with key aspects of Microsoft Windows network computing. If you want a solid technical grounding, do not gloss over these exercises. The points covered are recurrent issues on the Samba mailing lists. - </p><p><a class="indexterm" name="id2625583"></a> + </p><p><a class="indexterm" name="id2625606"></a> You can see from these exercises that Windows networking involves quite a lot of network broadcast traffic. You can look into the contents of some packets, but only to see some particular information that the Windows client sends to a server in the course of @@ -74,18 +74,18 @@ Recommended preparatory reading: <span class="emphasis"><em>The Official Samba-3 HOWTO and Reference Guide, Second Edition</em></span> (TOSHARG2) Chapter 9, “<span class="quote">Network Browsing,</span>” and Chapter 3, “<span class="quote">Server Types and Security Modes.</span>” - </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2625629"></a>Assignment Tasks</h3></div></div></div><p><a class="indexterm" name="id2625636"></a> + </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2625652"></a>Assignment Tasks</h3></div></div></div><p><a class="indexterm" name="id2625659"></a> You are about to witness how Microsoft Windows computer networking functions. The exercises step through identification of how a client machine establishes a connection to a remote Windows server. You observe how Windows machines find each other (i.e., how browsing works) and how the two key types of user identification (share mode security and user mode security) are affected. - </p><p><a class="indexterm" name="id2625653"></a> + </p><p><a class="indexterm" name="id2625676"></a> The networking protocols used by MS Windows networking when working with Samba use TCP/IP as the transport protocol. The protocols that are specific to Windows networking are encapsulated in TCP/IP. The network analyzer we use (Wireshark) is able to show you the contents of the TCP/IP packets (or messages). - </p><div class="procedure"><a name="chap01tasks"></a><p class="title"><b>Procedure 16.1. Diagnostic Tasks</b></p><ol type="1"><li><p><a class="indexterm" name="id2625686"></a><a class="indexterm" name="id2625697"></a><a class="indexterm" name="id2625705"></a> + </p><div class="procedure"><a name="chap01tasks"></a><p class="title"><b>Procedure 16.1. Diagnostic Tasks</b></p><ol type="1"><li><p><a class="indexterm" name="id2625709"></a><a class="indexterm" name="id2625720"></a><a class="indexterm" name="id2625728"></a> Examine network traces to witness SMB broadcasts, host announcements, and name resolution processes. </p></li><li><p> @@ -95,8 +95,8 @@ </p></li><li><p> Review traces of network logons for a Windows 9x/Me client as well as a domain logon for a Windows XP Professional client. - </p></li></ol></div></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2625745"></a>Exercises</h2></div></div></div><p> - <a class="indexterm" name="id2625753"></a> + </p></li></ol></div></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2625769"></a>Exercises</h2></div></div></div><p> + <a class="indexterm" name="id2625776"></a> You are embarking on a course of discovery. The first part of the exercise requires two MS Windows 9x/Me systems. We called one machine <code class="constant">WINEPRESSME</code> and the other <code class="constant">MILGATE98</code>. Each needs an IP address; we used <code class="literal">10.1.1.10</code> @@ -111,7 +111,7 @@ </p><div class="itemizedlist"><ul type="disc"><li><p>Windows 98 name: MILGATE98</p></li><li><p>Windows Me name: WINEPRESSME</p></li><li><p>Windows XP Professional name: LightrayXP</p></li><li><p>Samba-3.0.20 running on a SUSE Enterprise Linux 9</p></li></ul></div><p> Choose a workgroup name (MIDEARTH) for each exercise. </p><p> - <a class="indexterm" name="id2625842"></a> + <a class="indexterm" name="id2625866"></a> The network captures provided on the CD-ROM included with this book were captured using <code class="constant">Ethereal</code> version <code class="literal">0.10.6</code>. A later version suffices without problems (i.e. you should be using Wireshark), but an earlier version may not expose all the information needed. Each capture file has been decoded and listed as a trace file. A summary of all @@ -119,9 +119,9 @@ perform the time-consuming equipment configuration and test work. This is a good time to point out that the value that can be derived from this book really does warrant your taking sufficient time to practice each exercise with care and attention to detail. - </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2625871"></a>Single-Machine Broadcast Activity</h3></div></div></div><p> + </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2625894"></a>Single-Machine Broadcast Activity</h3></div></div></div><p> In this section, we start a single Windows 9x/Me machine, then monitor network activity for 30 minutes. - </p><div class="procedure"><a name="id2625882"></a><p class="title"><b>Procedure 16.2. Monitoring Windows 9x Steps</b></p><ol type="1"><li><p> + </p><div class="procedure"><a name="id2625906"></a><p class="title"><b>Procedure 16.2. Monitoring Windows 9x Steps</b></p><ol type="1"><li><p> Start the machine from which network activity will be monitored (using <code class="literal">Wireshark</code>). Launch <code class="literal">Wireshark</code>, click <span class="guimenu">Capture</span> → <span class="guimenuitem">Start</span>. @@ -138,28 +138,28 @@ </p></li><li><p> Analyze the capture. Identify each discrete message type that was captured. Note what transport protocol was used. Identify the timing between messages of identical types. - </p></li></ol></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2626005"></a>Findings</h4></div></div></div><p> + </p></li></ol></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2626028"></a>Findings</h4></div></div></div><p> The summary of the first 10 minutes of the packet capture should look like <a class="link" href="primer.html#pktcap01" title="Figure 16.1. Windows Me Broadcasts The First 10 Minutes">“Windows Me Broadcasts The First 10 Minutes”</a>. A screenshot of a later stage of the same capture is shown in <a class="link" href="primer.html#pktcap02" title="Figure 16.2. Windows Me Later Broadcast Sample">“Windows Me Later Broadcast Sample”</a>. - </p><div class="figure"><a name="pktcap01"></a><p class="title"><b>Figure 16.1. Windows Me Broadcasts The First 10 Minutes</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/WINREPRESSME-Capture.png" width="216" alt="Windows Me Broadcasts The First 10 Minutes"></div></div></div><br class="figure-break"><div class="figure"><a name="pktcap02"></a><p class="title"><b>Figure 16.2. Windows Me Later Broadcast Sample</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/WINREPRESSME-Capture2.png" width="226.8" alt="Windows Me Later Broadcast Sample"></div></div></div><br class="figure-break"><p><a class="indexterm" name="id2626122"></a><a class="indexterm" name="id2626134"></a> + </p><div class="figure"><a name="pktcap01"></a><p class="title"><b>Figure 16.1. Windows Me Broadcasts The First 10 Minutes</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/WINREPRESSME-Capture.png" width="216" alt="Windows Me Broadcasts The First 10 Minutes"></div></div></div><br class="figure-break"><div class="figure"><a name="pktcap02"></a><p class="title"><b>Figure 16.2. Windows Me Later Broadcast Sample</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/WINREPRESSME-Capture2.png" width="226.8" alt="Windows Me Later Broadcast Sample"></div></div></div><br class="figure-break"><p><a class="indexterm" name="id2626145"></a><a class="indexterm" name="id2626157"></a> Broadcast messages observed are shown in <a class="link" href="primer.html#capsstats01" title="Table 16.1. Windows Me Startup Broadcast Capture Statistics">“Windows Me Startup Broadcast Capture Statistics”</a>. Actual observations vary a little, but not by much. Early in the startup process, the Windows Me machine broadcasts its name for two reasons: first to ensure that its name would not result in a name clash, and second to establish its presence with the Local Master Browser (LMB). - </p><div class="table"><a name="capsstats01"></a><p class="title"><b>Table 16.1. Windows Me Startup Broadcast Capture Statistics</b></p><div class="table-contents"><table summary="Windows Me Startup Broadcast Capture Statistics" border="1"><colgroup><col align="left"><col align="center"><col align="center"><col align="left"></colgroup><thead><tr><th align="left">Message</th><th align="center">Type</th><th align="center">Num</th><th align="left">Notes</th></tr></thead><tbody><tr><td align="left">WINEPRESSME<00></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.6 sec apart</td></tr><tr><td align="left">WINEPRESSME<03></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.6 sec apart</td></tr><tr><td align="left">WINEPRESSME<20></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.75 sec apart</td></tr><tr><td align="left">MIDEARTH<00></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.75 sec apart</td></tr><tr><td align="left">MIDEARTH<1d></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.75 sec apart</td></tr><tr><td align="left">MIDEARTH<1e></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.75 sec apart</td></tr><tr><td align="left">MIDEARTH<1b></td><td align="center">Qry</td><td align="center">84</td><td align="left">300 sec apart at stable operation</td></tr><tr><td align="left">__MSBROWSE__</td><td align="center">Reg</td><td align="center">8</td><td align="left">Registered after winning election to Browse Master</td></tr><tr><td align="left">JHT<03></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 x 2. This is the name of the user that logged onto Windows</td></tr><tr><td align="left">Host Announcement WINEPRESSME</td><td align="center">Ann</td><td align="center">2</td><td align="left">Observed at 10 sec</td></tr><tr><td align="left">Domain/Workgroup Announcement MIDEARTH</td><td align="center">Ann</td><td align="center">18</td><td align="left">300 sec apart at stable operation</td></tr><tr><td align="left">Local Master Announcement WINEPRESSME</td><td align="center">Ann</td><td align="center">18</td><td align="left">300 sec apart at stable operation</td></tr><tr><td align="left">Get Backup List Request</td><td align="center">Qry</td><td align="center">12</td><td align="left">6 x 2 early in startup, 0.5 sec apart</td></tr><tr><td align="left">Browser Election Request</td><td align="center">Ann</td><td align="center">10</td><td align="left">5 x 2 early in startup</td></tr><tr><td align="left">Request Announcement WINEPRESSME</td><td align="center">Ann</td><td align="center">4</td><td align="left">Early in startup</td></tr></tbody></table></div></div><br class="table-break"><p><a class="indexterm" name="id2626480"></a><a class="indexterm" name="id2626488"></a> + </p><div class="table"><a name="capsstats01"></a><p class="title"><b>Table 16.1. Windows Me Startup Broadcast Capture Statistics</b></p><div class="table-contents"><table summary="Windows Me Startup Broadcast Capture Statistics" border="1"><colgroup><col align="left"><col align="center"><col align="center"><col align="left"></colgroup><thead><tr><th align="left">Message</th><th align="center">Type</th><th align="center">Num</th><th align="left">Notes</th></tr></thead><tbody><tr><td align="left">WINEPRESSME<00></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.6 sec apart</td></tr><tr><td align="left">WINEPRESSME<03></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.6 sec apart</td></tr><tr><td align="left">WINEPRESSME<20></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.75 sec apart</td></tr><tr><td align="left">MIDEARTH<00></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.75 sec apart</td></tr><tr><td align="left">MIDEARTH<1d></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.75 sec apart</td></tr><tr><td align="left">MIDEARTH<1e></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.75 sec apart</td></tr><tr><td align="left">MIDEARTH<1b></td><td align="center">Qry</td><td align="center">84</td><td align="left">300 sec apart at stable operation</td></tr><tr><td align="left">__MSBROWSE__</td><td align="center">Reg</td><td align="center">8</td><td align="left">Registered after winning election to Browse Master</td></tr><tr><td align="left">JHT<03></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 x 2. This is the name of the user that logged onto Windows</td></tr><tr><td align="left">Host Announcement WINEPRESSME</td><td align="center">Ann</td><td align="center">2</td><td align="left">Observed at 10 sec</td></tr><tr><td align="left">Domain/Workgroup Announcement MIDEARTH</td><td align="center">Ann</td><td align="center">18</td><td align="left">300 sec apart at stable operation</td></tr><tr><td align="left">Local Master Announcement WINEPRESSME</td><td align="center">Ann</td><td align="center">18</td><td align="left">300 sec apart at stable operation</td></tr><tr><td align="left">Get Backup List Request</td><td align="center">Qry</td><td align="center">12</td><td align="left">6 x 2 early in startup, 0.5 sec apart</td></tr><tr><td align="left">Browser Election Request</td><td align="center">Ann</td><td align="center">10</td><td align="left">5 x 2 early in startup</td></tr><tr><td align="left">Request Announcement WINEPRESSME</td><td align="center">Ann</td><td align="center">4</td><td align="left">Early in startup</td></tr></tbody></table></div></div><br class="table-break"><p><a class="indexterm" name="id2626504"></a><a class="indexterm" name="id2626512"></a> From the packet trace, it should be noted that no messages were propagated over TCP/IP; all messages employed UDP/IP. When steady-state operation has been achieved, there is a cycle of various announcements, re-election of a browse master, and name queries. These create the symphony of announcements by which network browsing is made possible. - </p><p><a class="indexterm" name="id2626506"></a> + </p><p><a class="indexterm" name="id2626529"></a> For detailed information regarding the precise behavior of the CIFS/SMB protocols, refer to the book “<span class="quote">Implementing CIFS: The Common Internet File System,</span>” by Christopher Hertel, (Prentice Hall PTR, ISBN: 013047116X). </p></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="secondmachine"></a>Second Machine Startup Broadcast Interaction</h3></div></div></div><p> At this time, the machine you used to capture the single-system startup trace should still be running. The objective of this task is to identify the interaction of two machines in respect to broadcast activity. - </p><div class="procedure"><a name="id2626542"></a><p class="title"><b>Procedure 16.3. Monitoring of Second Machine Activity</b></p><ol type="1"><li><p> + </p><div class="procedure"><a name="id2626565"></a><p class="title"><b>Procedure 16.3. Monitoring of Second Machine Activity</b></p><ol type="1"><li><p> On the machine from which network activity will be monitored (using <code class="literal">Wireshark</code>), launch <code class="literal">Wireshark</code> and click <span class="guimenu">Capture</span> → <span class="guimenuitem">Start</span>. @@ -176,7 +176,7 @@ </p></li><li><p> Analyze the capture trace, taking note of the transport protocols used, the types of messages observed, and what interaction took place between the two machines. Leave both machines running for the next task. - </p></li></ol></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2626658"></a>Findings</h4></div></div></div><p> + </p></li></ol></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2626681"></a>Findings</h4></div></div></div><p> <a class="link" href="primer.html#capsstats02" title="Table 16.2. Second Machine (Windows 98) Capture Statistics">“Second Machine (Windows 98) Capture Statistics”</a> summarizes capture statistics observed. As in the previous case, all announcements used UDP/IP broadcasts. Also, as was observed with the last example, the second Windows 9x/Me machine broadcasts its name on startup to ensure that there exists no name clash @@ -184,18 +184,18 @@ to explore the inner details of the precise mechanism of how this functions should refer to “<span class="quote">Implementing CIFS: The Common Internet File System.</span>” </p><div class="table"><a name="capsstats02"></a><p class="title"><b>Table 16.2. Second Machine (Windows 98) Capture Statistics</b></p><div class="table-contents"><table summary="Second Machine (Windows 98) Capture Statistics" border="1"><colgroup><col align="left"><col align="center"><col align="center"><col align="left"></colgroup><thead><tr><th align="left">Message</th><th align="center">Type</th><th align="center">Num</th><th align="left">Notes</th></tr></thead><tbody><tr><td align="left">MILGATE98<00></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.6 sec apart</td></tr><tr><td align="left">MILGATE98<03></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.6 sec apart</td></tr><tr><td align="left">MILGATE98<20></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.75 sec apart</td></tr><tr><td align="left">MIDEARTH<00></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.75 sec apart</td></tr><tr><td align="left">MIDEARTH<1d></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.75 sec apart</td></tr><tr><td align="left">MIDEARTH<1e></td><td align="center">Reg</td><td align="center">8</td><td align="left">4 lots of 2, 0.75 sec apart</td></tr><tr><td align="left">MIDEARTH<1b></td><td align="center">Qry</td><td align="center">18</td><td align="left">900 sec apart at stable operation</td></tr><tr><td align="left">JHT<03></td><td align="center">Reg</td><td align="center">2</td><td align="left">This is the name of the user that logged onto Windows</td></tr><tr><td align="left">Host Announcement MILGATE98</td><td align="center">Ann</td><td align="center">14</td><td align="left">Every 120 sec</td></tr><tr><td align="left">Domain/Workgroup Announcement MIDEARTH</td><td align="center">Ann</td><td align="center">6</td><td align="left">900 sec apart at stable operation</td></tr><tr><td align="left">Local Master Announcement WINEPRESSME</td><td align="center">Ann</td><td align="center">6</td><td align="left">Insufficient detail to determine frequency</td></tr></tbody></table></div></div><br class="table-break"><p> - <a class="indexterm" name="id2626940"></a> - <a class="indexterm" name="id2626947"></a> - <a class="indexterm" name="id2626954"></a> + <a class="indexterm" name="id2626964"></a> + <a class="indexterm" name="id2626971"></a> + <a class="indexterm" name="id2626978"></a> Observation of the contents of Host Announcements, Domain/Workgroup Announcements, and Local Master Announcements is instructive. These messages convey a significant level of detail regarding the nature of each machine that is on the network. An example dissection of a Host Announcement is given in <a class="link" href="primer.html#hostannounce" title="Figure 16.3. Typical Windows 9x/Me Host Announcement">“Typical Windows 9x/Me Host Announcement”</a>. - </p><div class="figure"><a name="hostannounce"></a><p class="title"><b>Figure 16.3. Typical Windows 9x/Me Host Announcement</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/HostAnnouncment.png" width="221.4" alt="Typical Windows 9x/Me Host Announcement"></div></div></div><br class="figure-break"></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2627019"></a>Simple Windows Client Connection Characteristics</h3></div></div></div><p> + </p><div class="figure"><a name="hostannounce"></a><p class="title"><b>Figure 16.3. Typical Windows 9x/Me Host Announcement</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/HostAnnouncment.png" width="221.4" alt="Typical Windows 9x/Me Host Announcement"></div></div></div><br class="figure-break"></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2627042"></a>Simple Windows Client Connection Characteristics</h3></div></div></div><p> The purpose of this exercise is to discover how Microsoft Windows clients create (establish) connections with remote servers. The methodology involves analysis of a key aspect of how Windows clients access remote servers: the session setup protocol. - </p><div class="procedure"><a name="id2627033"></a><p class="title"><b>Procedure 16.4. Client Connection Exploration Steps</b></p><ol type="1"><li><p> + </p><div class="procedure"><a name="id2627056"></a><p class="title"><b>Procedure 16.4. Client Connection Exploration Steps</b></p><ol type="1"><li><p> Configure a Windows 9x/Me machine (MILGATE98) with a share called <code class="constant">Stuff</code>. Create a <em class="parameter"><code>Full Access</code></em> control password on this share. </p></li><li><p> @@ -216,11 +216,11 @@ When the share called <code class="constant">Stuff</code> is being displayed, stop the capture. Save the captured data in case it is needed for later analysis. </p></li><li><p> - <a class="indexterm" name="id2627164"></a> + <a class="indexterm" name="id2627187"></a> From the top of the packets captured, scan down to locate the first packet that has interpreted as <code class="constant">Session Setup AndX, User: anonymous; Tree Connect AndX, Path: \\MILGATE98\IPC$</code>. - </p></li><li><p><a class="indexterm" name="id2627183"></a><a class="indexterm" name="id2627191"></a> + </p></li><li><p><a class="indexterm" name="id2627206"></a><a class="indexterm" name="id2627214"></a> In the dissection (analysis) panel, expand the <code class="constant">SMB, Session Setup AndX Request, and Tree Connect AndX Request</code>. Examine both operations. Identify the name of the user Account and what password was used. The Account name should be empty. @@ -230,29 +230,29 @@ decoded of the type <code class="constant">Session Setup AndX</code>. Locate the last such packet that was targeted at the <code class="constant">\\MILGATE98\IPC$</code> service. </p></li><li><p> - <a class="indexterm" name="id2627236"></a> - <a class="indexterm" name="id2627242"></a> + <a class="indexterm" name="id2627259"></a> + <a class="indexterm" name="id2627266"></a> Dissect this packet as per the previous one. This packet should have a password length of 24 (characters) and should have a password field, the contents of which is a long hexadecimal number. Observe the name in the Account field. This is a User Mode session setup packet. - </p></li></ol></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2627256"></a>Findings and Comments</h4></div></div></div><p> - <a class="indexterm" name="id2627265"></a> - The <code class="constant">IPC$</code> share serves a vital purpose<sup>[<a name="id2627276" href="#ftn.id2627276" class="footnote">15</a>]</sup> + </p></li></ol></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2627280"></a>Findings and Comments</h4></div></div></div><p> + <a class="indexterm" name="id2627288"></a> + The <code class="constant">IPC$</code> share serves a vital purpose<sup>[<a name="id2627299" href="#ftn.id2627299" class="footnote">15</a>]</sup> in SMB/CIFS-based networking. A Windows client connects to this resource to obtain the list of resources that are available on the server. The server responds with the shares and print queues that are available. In most but not all cases, the connection is made with a <code class="constant">NULL</code> username and a <code class="constant">NULL</code> password. </p><p> - <a class="indexterm" name="id2627296"></a> + <a class="indexterm" name="id2627320"></a> The two packets examined are material evidence of how Windows clients may interoperate with Samba. Samba requires every connection setup to be authenticated using valid UNIX account credentials (UID/GID). This means that even a <code class="constant">NULL</code> session setup can be established only by automatically mapping it to a valid UNIX account. </p><p> - <a class="indexterm" name="id2627316"></a><a class="indexterm" name="id2627322"></a> - <a class="indexterm" name="id2627331"></a> + <a class="indexterm" name="id2627339"></a><a class="indexterm" name="id2627345"></a> + <a class="indexterm" name="id2627354"></a> Samba has a special name for the <code class="constant">NULL</code>, or empty, user account: it calls it the <a class="link" href="smb.conf.5.html#GUESTACCOUNT" target="_top">guest account</a>. The default value of this parameter is <code class="constant">nobody</code>; however, this can be @@ -261,9 +261,9 @@ FTP account. A sample NULL Session Setup AndX packet dissection is shown in <a class="link" href="primer.html#nullconnect" title="Figure 16.4. Typical Windows 9x/Me NULL SessionSetUp AndX Request">“Typical Windows 9x/Me NULL SessionSetUp AndX Request”</a>. </p><div class="figure"><a name="nullconnect"></a><p class="title"><b>Figure 16.4. Typical Windows 9x/Me NULL SessionSetUp AndX Request</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/NullConnect.png" width="221.4" alt="Typical Windows 9x/Me NULL SessionSetUp AndX Request"></div></div></div><br class="figure-break"><p> - <a class="indexterm" name="id2627416"></a> - <a class="indexterm" name="id2627423"></a> - <a class="indexterm" name="id2627430"></a> + <a class="indexterm" name="id2627439"></a> + <a class="indexterm" name="id2627446"></a> + <a class="indexterm" name="id2627453"></a> When a UNIX/Linux system does not have a <code class="constant">nobody</code> user account (<code class="filename">/etc/passwd</code>), the operation of the <code class="constant">NULL</code> account cannot validate and thus connections that utilize the guest account @@ -271,11 +271,11 @@ problem reported on the Samba mailing list. A sample User Mode session setup AndX is shown in <a class="link" href="primer.html#userconnect" title="Figure 16.5. Typical Windows 9x/Me User SessionSetUp AndX Request">“Typical Windows 9x/Me User SessionSetUp AndX Request”</a>. </p><div class="figure"><a name="userconnect"></a><p class="title"><b>Figure 16.5. Typical Windows 9x/Me User SessionSetUp AndX Request</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/UserConnect.png" width="221.4" alt="Typical Windows 9x/Me User SessionSetUp AndX Request"></div></div></div><br class="figure-break"><p> - <a class="indexterm" name="id2627507"></a> + <a class="indexterm" name="id2627530"></a> The User Mode connection packet contains the account name and the domain name. The password is provided in Microsoft encrypted form, and its length is shown as 24 characters. This is the length of Microsoft encrypted passwords. - </p></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2627521"></a>Windows 200x/XP Client Interaction with Samba-3</h3></div></div></div><p> + </p></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2627544"></a>Windows 200x/XP Client Interaction with Samba-3</h3></div></div></div><p> By now you may be asking, “<span class="quote">Why did you choose to work with Windows 9x/Me?</span>” </p><p> First, we want to demonstrate the simple case. This book is not intended to be a detailed treatise @@ -290,7 +290,7 @@ To complete this exercise, you need a Windows XP Professional client that has been configured as a domain member of either a Samba-controlled domain or a Windows NT4 or 200x Active Directory domain. Here we do not provide details for how to configure this, as full coverage is provided earlier in this book. - </p><div class="procedure"><a name="id2627564"></a><p class="title"><b>Procedure 16.5. Steps to Explore Windows XP Pro Connection Set-up</b></p><ol type="1"><li><p> + </p><div class="procedure"><a name="id2627587"></a><p class="title"><b>Procedure 16.5. Steps to Explore Windows XP Pro Connection Set-up</b></p><ol type="1"><li><p> Start your domain controller. Also, start the Wireshark monitoring machine, launch Wireshark, and then wait for the next step to complete. </p></li><li><p> @@ -319,14 +319,14 @@ If desired, the Windows XP Professional client and the domain controller are no longer needed for exercises in this chapter. </p></li><li><p> - <a class="indexterm" name="id2627790"></a> - <a class="indexterm" name="id2627797"></a> + <a class="indexterm" name="id2627813"></a> + <a class="indexterm" name="id2627820"></a> From the top of the packets captured, scan down to locate the first packet that has interpreted as <code class="constant">Session Setup AndX Request, NTLMSSP_AUTH</code>. </p></li><li><p> - <a class="indexterm" name="id2627817"></a> - <a class="indexterm" name="id2627824"></a> - <a class="indexterm" name="id2627831"></a> + <a class="indexterm" name="id2627840"></a> + <a class="indexterm" name="id2627847"></a> + <a class="indexterm" name="id2627854"></a> In the dissection (analysis) panel, expand the <code class="constant">SMB, Session Setup AndX Request</code>. Expand the packet decode information, beginning at the <code class="constant">Security Blob:</code> entry. Expand the <code class="constant">GSS-API -> SPNEGO -> netTokenTarg -> responseToken -> NTLMSSP</code> @@ -338,7 +338,7 @@ decoded of the type <code class="constant">Session Setup AndX Request</code>. Click the last such packet that has been decoded as <code class="constant">Session Setup AndX Request, NTLMSSP_AUTH</code>. </p></li><li><p> - <a class="indexterm" name="id2627893"></a> + <a class="indexterm" name="id2627917"></a> In the dissection (analysis) panel, expand the <code class="constant">SMB, Session Setup AndX Request</code>. Expand the packet decode information, beginning at the <code class="constant">Security Blob:</code> entry. Expand the <code class="constant">GSS-API -> SPNEGO -> netTokenTarg -> responseToken -> NTLMSSP</code> @@ -349,18 +349,18 @@ The values of these two parameters are the Microsoft encrypted password hashes: respectively, the LanMan password and then the NT (case-preserving) password hash. </p></li><li><p> - <a class="indexterm" name="id2627955"></a> - <a class="indexterm" name="id2627962"></a> + <a class="indexterm" name="id2627978"></a> + <a class="indexterm" name="id2627985"></a> The passwords are 24-character hexadecimal numbers. This packet confirms that this is a User Mode session setup packet. - </p></li></ol></div><div class="figure"><a name="XPCap01"></a><p class="title"><b>Figure 16.6. Typical Windows XP NULL Session Setup AndX Request</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/WindowsXP-NullConnection.png" width="270" alt="Typical Windows XP NULL Session Setup AndX Request"></div></div></div><br class="figure-break"><div class="figure"><a name="XPCap02"></a><p class="title"><b>Figure 16.7. Typical Windows XP User Session Setup AndX Request</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/WindowsXP-UserConnection.png" width="270" alt="Typical Windows XP User Session Setup AndX Request"></div></div></div><br class="figure-break"><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2628058"></a>Discussion</h4></div></div></div><p><a class="indexterm" name="id2628065"></a> + </p></li></ol></div><div class="figure"><a name="XPCap01"></a><p class="title"><b>Figure 16.6. Typical Windows XP NULL Session Setup AndX Request</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/WindowsXP-NullConnection.png" width="270" alt="Typical Windows XP NULL Session Setup AndX Request"></div></div></div><br class="figure-break"><div class="figure"><a name="XPCap02"></a><p class="title"><b>Figure 16.7. Typical Windows XP User Session Setup AndX Request</b></p><div class="figure-contents"><div class="mediaobject"><img src="images/WindowsXP-UserConnection.png" width="270" alt="Typical Windows XP User Session Setup AndX Request"></div></div></div><br class="figure-break"><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2628081"></a>Discussion</h4></div></div></div><p><a class="indexterm" name="id2628088"></a> This exercise demonstrates that, while the specific protocol for the Session Setup AndX is handled in a more sophisticated manner by recent MS Windows clients, the underlying rules or principles remain the same. Thus it is demonstrated that MS Windows XP Professional clients still use a <code class="constant">NULL-Session</code> connection to query and locate resources on an advanced network technology server (one using Windows NT4/200x or Samba). It also demonstrates that an authenticated connection must be made before resources can be used. - </p></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2628089"></a>Conclusions to Exercises</h3></div></div></div><p> + </p></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2628113"></a>Conclusions to Exercises</h3></div></div></div><p> In summary, the following points have been established in this chapter: </p><div class="itemizedlist"><ul type="disc"><li><p> When NetBIOS over TCP/IP protocols are enabled, MS Windows networking employs broadcast-oriented messaging protocols to provide knowledge of network services. @@ -379,7 +379,7 @@ file or in an LDAP database. Samba-3 permits use of multiple <em class="parameter"><code>passdb backend</code></em> databases in concurrent deployment. Refer to <span class="emphasis"><em>TOSHARG2</em></span>, Chapter 10, “<span class="quote">Account Information Databases.</span>” </p></li></ul></div></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="chap01conc"></a>Dissection and Discussion</h2></div></div></div><p> - <a class="indexterm" name="id2628177"></a> + <a class="indexterm" name="id2628200"></a> The exercises demonstrate the use of the <code class="constant">guest</code> account, the way that MS Windows clients and servers resolve computer names to a TCP/IP address, and how connections between a client and a server are established. @@ -387,8 +387,8 @@ Those wishing background information regarding NetBIOS name types should refer to the Microsoft knowledgebase article <a class="ulink" href="http://support.microsoft.com/support/kb/articles/Q102/78/8.asp" target="_top">Q102878.</a> - </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2628204"></a>Technical Issues</h3></div></div></div><p> - <a class="indexterm" name="id2628212"></a> + </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2628227"></a>Technical Issues</h3></div></div></div><p> + <a class="indexterm" name="id2628235"></a> Network browsing involves SMB broadcast announcements, SMB enumeration requests, connections to the <code class="constant">IPC$</code> share, share enumerations, and SMB connection setup processes. The use of anonymous connections to a Samba server involve the use of @@ -396,44 +396,44 @@ </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="chap01qa"></a>Questions and Answers</h2></div></div></div><p> The questions and answers given in this section are designed to highlight important aspects of Microsoft Windows networking. - </p><div class="qandaset"><dl><dt> <a href="primer.html#id2628258"> + </p><div class="qandaset"><dl><dt> <a href="primer.html#id2628281"> What is the significance of the MIDEARTH<1b> type query? - </a></dt><dt> <a href="primer.html#id2628304"> + </a></dt><dt> <a href="primer.html#id2628328"> What is the significance of the MIDEARTH<1d> type name registration? - </a></dt><dt> <a href="primer.html#id2628378"> + </a></dt><dt> <a href="primer.html#id2628402"> What is the role and significance of the <01><02>__MSBROWSE__<02><01> name registration? - </a></dt><dt> <a href="primer.html#id2628411"> + </a></dt><dt> <a href="primer.html#id2628434"> What is the significance of the MIDEARTH<1e> type name registration? - </a></dt><dt> <a href="primer.html#id2628442"> + </a></dt><dt> <a href="primer.html#id2628465"> What is the significance of the guest account in smb.conf? - </a></dt><dt> <a href="primer.html#id2628520"> + </a></dt><dt> <a href="primer.html#id2628543"> Is it possible to reduce network broadcast activity with Samba-3? - </a></dt><dt> <a href="primer.html#id2628629"> + </a></dt><dt> <a href="primer.html#id2628652"> Can I just use plain-text passwords with Samba? - </a></dt><dt> <a href="primer.html#id2628716"> + </a></dt><dt> <a href="primer.html#id2628739"> What parameter in the smb.conf file is used to enable the use of encrypted passwords? - </a></dt><dt> <a href="primer.html#id2628757"> + </a></dt><dt> <a href="primer.html#id2628780"> Is it necessary to specify encrypt passwords = Yes when Samba-3 is configured as a domain member? - </a></dt><dt> <a href="primer.html#id2628789"> + </a></dt><dt> <a href="primer.html#id2628812"> Is it necessary to specify a guest account when Samba-3 is configured as a domain member server? - </a></dt></dl><table border="0" summary="Q and A Set"><col align="left" width="1%"><tbody><tr class="question"><td align="left" valign="top"><a name="id2628258"></a><a name="id2628260"></a></td><td align="left" valign="top"><p> + </a></dt></dl><table border="0" summary="Q and A Set"><col align="left" width="1%"><tbody><tr class="question"><td align="left" valign="top"><a name="id2628281"></a><a name="id2628283"></a></td><td align="left" valign="top"><p> What is the significance of the MIDEARTH<1b> type query? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> - <a class="indexterm" name="id2628272"></a> - <a class="indexterm" name="id2628282"></a> + <a class="indexterm" name="id2628296"></a> + <a class="indexterm" name="id2628305"></a> This is a broadcast announcement by which the Windows machine is attempting to locate a Domain Master Browser (DMB) in the event that it might exist on the network. Refer to <span class="emphasis"><em>TOSHARG2,</em></span> Chapter 9, Section 9.7, “<span class="quote">Technical Overview of Browsing,</span>” for details regarding the function of the DMB and its role in network browsing. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628304"></a><a name="id2628306"></a></td><td align="left" valign="top"><p> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628328"></a><a name="id2628330"></a></td><td align="left" valign="top"><p> What is the significance of the MIDEARTH<1d> type name registration? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> - <a class="indexterm" name="id2628319"></a> - <a class="indexterm" name="id2628328"></a> + <a class="indexterm" name="id2628342"></a> + <a class="indexterm" name="id2628351"></a> This name registration records the machine IP addresses of the LMBs. Network clients can query this name type to obtain a list of browser servers from the master browser. @@ -451,25 +451,25 @@ The IP address of the DMB (if one exists) </p></li><li><p> The IP address of the LMB on the local segment - </p></li></ul></div></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628378"></a><a name="id2628381"></a></td><td align="left" valign="top"><p> + </p></li></ul></div></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628402"></a><a name="id2628404"></a></td><td align="left" valign="top"><p> What is the role and significance of the <01><02>__MSBROWSE__<02><01> name registration? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> - <a class="indexterm" name="id2628396"></a> + <a class="indexterm" name="id2628419"></a> This name is registered by the browse master to broadcast and receive domain announcements. Its scope is limited to the local network segment, or subnet. By querying this name type, master browsers on networks that have multiple domains can find the names of master browsers for each domain. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628411"></a><a name="id2628413"></a></td><td align="left" valign="top"><p> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628434"></a><a name="id2628436"></a></td><td align="left" valign="top"><p> What is the significance of the MIDEARTH<1e> type name registration? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> - <a class="indexterm" name="id2628425"></a> + <a class="indexterm" name="id2628449"></a> This name is registered by all browse masters in a domain or workgroup. The registration name type is known as the Browser Election Service. Master browsers register themselves with this name type so that DMBs can locate them to perform cross-subnet browse list updates. This name type is also used to initiate elections for Master Browsers. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628442"></a><a name="id2628444"></a></td><td align="left" valign="top"><p> - <a class="indexterm" name="id2628448"></a> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628465"></a><a name="id2628467"></a></td><td align="left" valign="top"><p> + <a class="indexterm" name="id2628471"></a> What is the significance of the <em class="parameter"><code>guest account</code></em> in smb.conf? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> This parameter specifies the default UNIX account to which MS Windows networking @@ -482,19 +482,19 @@ Samba operation. Either the operating system must have an account called <code class="constant">nobody</code> or there must be an entry in the <code class="filename">smb.conf</code> file with a valid UNIX account, such as <a class="link" href="smb.conf.5.html#GUESTACCOUNT" target="_top">guest account = ftp</a>. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628520"></a><a name="id2628522"></a></td><td align="left" valign="top"><p> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628543"></a><a name="id2628545"></a></td><td align="left" valign="top"><p> Is it possible to reduce network broadcast activity with Samba-3? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> - <a class="indexterm" name="id2628534"></a> - <a class="indexterm" name="id2628540"></a> + <a class="indexterm" name="id2628557"></a> + <a class="indexterm" name="id2628564"></a> Yes, there are two ways to do this. The first involves use of WINS (See <span class="emphasis"><em>TOSHARG2</em></span>, Chapter 9, Section 9.5, “<span class="quote">WINS The Windows Inter-networking Name Server</span>”); the alternate method involves disabling the use of NetBIOS over TCP/IP. This second method requires a correctly configured DNS server (see <span class="emphasis"><em>TOSHARG2</em></span>, Chapter 9, Section 9.3, “<span class="quote">Discussion</span>”). </p><p> - <a class="indexterm" name="id2628572"></a> - <a class="indexterm" name="id2628579"></a> - <a class="indexterm" name="id2628588"></a> + <a class="indexterm" name="id2628595"></a> + <a class="indexterm" name="id2628602"></a> + <a class="indexterm" name="id2628611"></a> The use of WINS reduces network broadcast traffic. The reduction is greatest when all network clients are configured to operate in <em class="parameter"><code>Hybrid Mode</code></em>. This can be effected through use of DHCP to set the NetBIOS node type to type 8 for all network clients. Additionally, it is @@ -502,7 +502,7 @@ </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p> Use of SMB without NetBIOS is possible only on Windows 200x/XP Professional clients and servers, as well as with Samba-3. - </p></div></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628629"></a><a name="id2628631"></a></td><td align="left" valign="top"><p> + </p></div></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628652"></a><a name="id2628654"></a></td><td align="left" valign="top"><p> Can I just use plain-text passwords with Samba? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> Yes, you can configure Samba to use plain-text passwords, though this does create a few problems. @@ -525,17 +525,17 @@ a UNIX system account for that user. On systems that run <code class="literal">winbindd</code> to access the Samba PDC/BDC to provide Windows user and group accounts, the <em class="parameter"><code>idmap uid, idmap gid</code></em> ranges set in the <code class="filename">smb.conf</code> file provide the local UID/GIDs needed for local identity management purposes. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628716"></a><a name="id2628718"></a></td><td align="left" valign="top"><p> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628739"></a><a name="id2628741"></a></td><td align="left" valign="top"><p> What parameter in the <code class="filename">smb.conf</code> file is used to enable the use of encrypted passwords? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> The parameter in the <code class="filename">smb.conf</code> file that controls this behavior is known as <em class="parameter"><code>encrypt passwords</code></em>. The default setting for this in Samba-3 is <code class="constant">Yes (Enabled)</code>. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628757"></a><a name="id2628759"></a></td><td align="left" valign="top"><p> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628780"></a><a name="id2628782"></a></td><td align="left" valign="top"><p> Is it necessary to specify <a class="link" href="smb.conf.5.html#ENCRYPTPASSWORDS" target="_top">encrypt passwords = Yes</a> when Samba-3 is configured as a domain member? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> No. This is the default behavior. - </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628789"></a><a name="id2628791"></a></td><td align="left" valign="top"><p> + </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id2628812"></a><a name="id2628814"></a></td><td align="left" valign="top"><p> Is it necessary to specify a <em class="parameter"><code>guest account</code></em> when Samba-3 is configured as a domain member server? </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> @@ -543,6 +543,6 @@ <code class="constant">nobody</code>. If this account does not exist on the UNIX server, then it is necessary to provide a <a class="link" href="smb.conf.5.html#GUESTACCOUNT" target="_top">guest account = an_account</a>, where <code class="constant">an_account</code> is a valid local UNIX user account. - </p></td></tr></tbody></table></div></div><div class="footnotes"><br><hr width="100" align="left"><div class="footnote"><p><sup>[<a name="ftn.id2627276" href="#id2627276" class="para">15</a>] </sup>TOSHARG2, Sect 4.5.1</p></div></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="appendix.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="RefSection.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="apa.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 15. A Collection of Useful Tidbits </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Appendix A. + </p></td></tr></tbody></table></div></div><div class="footnotes"><br><hr width="100" align="left"><div class="footnote"><p><sup>[<a name="ftn.id2627299" href="#id2627299" class="para">15</a>] </sup>TOSHARG2, Sect 4.5.1</p></div></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="appendix.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="RefSection.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="apa.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 15. A Collection of Useful Tidbits </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Appendix A. GNU General Public License version 3 </td></tr></table></div></body></html> |