summaryrefslogtreecommitdiff
path: root/docs/htmldocs/Samba3-HOWTO/msdfs.html
diff options
context:
space:
mode:
Diffstat (limited to 'docs/htmldocs/Samba3-HOWTO/msdfs.html')
-rw-r--r--docs/htmldocs/Samba3-HOWTO/msdfs.html144
1 files changed, 53 insertions, 91 deletions
diff --git a/docs/htmldocs/Samba3-HOWTO/msdfs.html b/docs/htmldocs/Samba3-HOWTO/msdfs.html
index aa34e1c8fa..8b18d6627b 100644
--- a/docs/htmldocs/Samba3-HOWTO/msdfs.html
+++ b/docs/htmldocs/Samba3-HOWTO/msdfs.html
@@ -1,94 +1,56 @@
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 20. Hosting a Microsoft Distributed File System Tree</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.73.2"><link rel="start" href="index.html" title="The Official Samba 3.2.x HOWTO and Reference Guide"><link rel="up" href="optional.html" title="Part III. Advanced Configuration"><link rel="prev" href="InterdomainTrusts.html" title="Chapter 19. Interdomain Trust Relationships"><link rel="next" href="classicalprinting.html" title="Chapter 21. Classical Printing Support"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 20. Hosting a Microsoft Distributed File System Tree</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="InterdomainTrusts.html">Prev</a> </td><th width="60%" align="center">Part III. Advanced Configuration</th><td width="20%" align="right"> <a accesskey="n" href="classicalprinting.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="msdfs"></a>Chapter 20. Hosting a Microsoft Distributed File System Tree</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Shirish</span> <span class="surname">Kalele</span></h3><div class="affiliation"><span class="orgname">Samba Team &amp; Veritas Software<br></span><div class="address"><p><br>
- <code class="email">&lt;<a class="email" href="mailto:samba@samba.org">samba@samba.org</a>&gt;</code><br>
- </p></div></div></div></div><div><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="othername">H.</span> <span class="surname">Terpstra</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><code class="email">&lt;<a class="email" href="mailto:jht@samba.org">jht@samba.org</a>&gt;</code></p></div></div></div></div><div><p class="pubdate">12 Jul 2000</p></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="msdfs.html#id405843">Features and Benefits</a></span></dt><dt><span class="sect1"><a href="msdfs.html#id406232">Common Errors</a></span></dt><dd><dl><dt><span class="sect2"><a href="msdfs.html#id406261">MSDFS UNIX Path Is Case-Critical</a></span></dt></dl></dd></dl></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id405843"></a>Features and Benefits</h2></div></div></div><p>
-<a class="indexterm" name="id405851"></a>
-<a class="indexterm" name="id405860"></a>
-<a class="indexterm" name="id405867"></a>
-<a class="indexterm" name="id405874"></a>
-<a class="indexterm" name="id405881"></a>
- The distributed file system (DFS) provides a means of separating the logical
- view of files and directories that users see from the actual physical locations
- of these resources on the network. It allows for higher availability, smoother
- storage expansion, load balancing, and so on.
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 41. Managing TDB Files</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.73.2"><link rel="start" href="index.html" title="The Official Samba 3.2.x HOWTO and Reference Guide"><link rel="up" href="troubleshooting.html" title="Part V. Troubleshooting"><link rel="prev" href="bugreport.html" title="Chapter 40. Reporting Bugs"><link rel="next" href="Appendix.html" title="Part VI. Reference Section"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 41. Managing TDB Files</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="bugreport.html">Prev</a> </td><th width="60%" align="center">Part V. Troubleshooting</th><td width="20%" align="right"> <a accesskey="n" href="Appendix.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="msdfs"></a>Chapter 41. Managing TDB Files</h2></div><div><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="othername">H.</span> <span class="surname">Terpstra</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><code class="email">&lt;<a class="email" href="mailto:jht@samba.org">jht@samba.org</a>&gt;</code></p></div></div></div></div><div><p class="pubdate">May 28, 2008</p></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="msdfs.html#id465953">Features and Benefits</a></span></dt><dt><span class="sect1"><a href="msdfs.html#id466389">Managing TDB Files</a></span></dt></dl></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id465953"></a>Features and Benefits</h2></div></div></div><p>
+<a class="indexterm" name="id465961"></a>
+<a class="indexterm" name="id465968"></a>
+ Samba uses a lightweight database called Trivial Database (tdb) in which it stores persistent and transient data.
+ Some tdb files can be disposed of before restarting Samba, but others are used to store information that is vital
+ to Samba configuration and behavior. The following information is provided to help administrators who are seeking
+ to better manage their Samba installations.
</p><p>
-<a class="indexterm" name="id405893"></a>
-<a class="indexterm" name="id405900"></a>
-<a class="indexterm" name="id405906"></a>
- For information about DFS, refer to the <a class="ulink" href="http://www.microsoft.com/NTServer/nts/downloads/winfeatures/NTSDistrFile/AdminGuide.asp" target="_top">Microsoft
- documentation</a>. This document explains how to host a DFS tree on a UNIX machine (for DFS-aware clients
- to browse) using Samba.
+<a class="indexterm" name="id465981"></a>
+<a class="indexterm" name="id465988"></a>
+<a class="indexterm" name="id465994"></a>
+<a class="indexterm" name="id466001"></a>
+ Those who package Samba for commercial distribution with operating systems and appliances would do well to take
+ note that tdb files can get corrupted, and for this reason ought to be backed up regularly. An appropriate time
+ is at system shutdown (backup) and startup (restore from backup).
+ </p><div class="table"><a name="TOSH-TDB"></a><p class="title"><b>Table 41.1. Samba's Trivial Database Files</b></p><div class="table-contents"><table summary="Samba's Trivial Database Files" border="1"><colgroup><col><col></colgroup><thead><tr><th align="center">File name</th><th align="center">Preserve</th><th align="center">Description</th></tr></thead><tbody><tr><td align="center">account_policy.tdb</td><td align="center">Y</td><td align="center"><p>NT account policy settings such as pw expiration, etc...</p></td></tr><tr><td align="center">brlock.tdb</td><td align="center">N</td><td align="center"><p>Byte range locks.</p></td></tr><tr><td align="center">browse.dat</td><td align="center">N</td><td align="center"><p>Browse lists - gets rebuilt automatically.</p></td></tr><tr><td align="center">connections.tdb</td><td align="center">N</td><td align="center"><p>Share connections. Used to enforce max connections, etc.</p></td></tr><tr><td align="center">gencache.tdb</td><td align="center">N</td><td align="center"><p>Generic caching database.</p></td></tr><tr><td align="center">group_mapping.tdb</td><td align="center">Y</td><td align="center"><p>Stores group mapping information. Not used when using LDAP backend.</p></td></tr><tr><td align="center"> lang_en.tdb</td><td align="center">Y</td><td align="center"><p>Stores language encoding information.</p></td></tr><tr><td align="center">locking.tdb</td><td align="center">N</td><td align="center"><p>Stores share mode and oplock information.</p></td></tr><tr><td align="center">login_cache.tdb</td><td align="center">N</td><td align="center"><p>Keeps a log of bad pw attempts.</p></td></tr><tr><td align="center">messages.tdb</td><td align="center">N</td><td align="center"><p>Used to keep track of Samba internal messaging.</p></td></tr><tr><td align="center">netsamlogon_cache.tdb</td><td align="center">Y</td><td align="center"><p>
+ Cache of user net_info_3 struct from <span class="emphasis"><em>net_samlogon()</em></span>
+ requests from domain member machines.
+ </p></td></tr><tr><td align="center">ntdrivers.tdb</td><td align="center">Y</td><td align="center"><p>Stores installed printer driver information.</p></td></tr><tr><td align="center">ntforms.tdb</td><td align="center">Y</td><td align="center"><p>Stores installed printer forms information.</p></td></tr><tr><td align="center">ntprinters.tdb</td><td align="center">Y</td><td align="center"><p>Stores installed printers information.</p></td></tr><tr><td align="center">printing directory</td><td align="center">Y</td><td align="center"><p>Directory containing tdb per print queue of cached lpq output.</p></td></tr><tr><td align="center">registry.tdb</td><td align="center">Y</td><td align="center"><p>Windows registry skeleton (connect via regedit.exe).</p></td></tr><tr><td align="center">sessionid.tdb</td><td align="center">N</td><td align="center"><p>Session information to support <code class="literal">utmp = yes</code> capabilities.</p></td></tr><tr><td align="center">share_info.tdb</td><td align="center">Y</td><td align="center"><p>Stores share-level ACL configuration settings.
+ Default ACL is <span class="emphasis"><em>Everyone - Full Control</em></span>.
+ </p></td></tr><tr><td align="center">unexpected.tdb</td><td align="center">N</td><td align="center"><p>
+ Unexpected packet queue needed to support windows clients that respond on a
+ different port that the originating reques.
+ </p></td></tr><tr><td align="center">winbindd_cache.tdb</td><td align="center">N</td><td align="center"><p>Winbind's cache of user lists.</p></td></tr><tr><td align="center">winbindd_idmap.tdb</td><td align="center">Y</td><td align="center"><p>Winbind's local IDMAP database.</p></td></tr><tr><td align="center">wins.dat</td><td align="center">N</td><td align="center"><p>
+ WINS database iused only when <em class="parameter"><code>wins support = yes</code></em>
+ has been set. This gets rebuilt or updated at every restart.
+ </p></td></tr><tr><td align="center">wins.tdb</td><td align="center">Y</td><td align="center"><p>
+ The working permanent storage for all WINS data. This database is used only
+ when <em class="parameter"><code>wins support = yes</code></em> has been set in the <code class="filename">smb.conf</code> file.
+ Note: This retains all manually configured WINS entries. Manual setting can be done use the net utility.
+ </p></td></tr><tr><td align="center">secrets.tdb</td><td align="center">Y</td><td align="center"><p>
+ This tdb file stores internal settings such as the machine and the domain SID, secret passwords
+ that are used with LDAP, the machine secret token, etc. This is an essential file that is stored
+ in a secure area. Vendors locate this in various folders. Check <code class="literal">smbd -b</code> to
+ find its location on your system.
+ </p></td></tr><tr><td align="center">schannel_store.tdb</td><td align="center">Y</td><td align="center"><p>
+ This stores secure channel access token information used with SMB signing.
+ </p></td></tr><tr><td align="center">passdb.tdb</td><td align="center">Y</td><td align="center"><p>
+ This stores the Samba SAM account information when using a tdbsam password backend.
+ </p></td></tr></tbody></table></div></div><br class="table-break"></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id466389"></a>Managing TDB Files</h2></div></div></div><p>
+ The <code class="literal">tdbbackup</code> utility is a tool that may be used to backup samba tdb files.
+ This tool may also be used to verify the integrity of the tdb files prior to Samba startup or
+ during normal operation. If it finds file damage it will search for a prior backup the backup
+ file from which the damaged tdb file will be restored. The <code class="literal">tdbbackup</code>
+ utility can safely be run at any time. It was designed so that it can be used at any time to
+ validate the integrity of tdb files, even during Samba operation.
</p><p>
-<a class="indexterm" name="id405924"></a>
-<a class="indexterm" name="id405931"></a>
-<a class="indexterm" name="id405938"></a>
-<a class="indexterm" name="id405945"></a>
- A Samba server can be made a DFS server by setting the global Boolean <a class="link" href="smb.conf.5.html#HOSTMSDFS">host msdfs</a>
- parameter in the <code class="filename">smb.conf</code> file. You designate a share as a DFS root using the share-level Boolean
- <a class="link" href="smb.conf.5.html#MSDFSROOT">msdfs root</a> parameter. A DFS root directory on Samba hosts DFS links in the form of
- symbolic links that point to other servers. For example, a symbolic link
- <code class="filename">junction-&gt;msdfs:storage1\share1</code> in the share directory acts as the DFS junction. When
- DFS-aware clients attempt to access the junction link, they are redirected to the storage location (in this
- case, <em class="parameter"><code>\\storage1\share1</code></em>).
- </p><p>
-<a class="indexterm" name="id406000"></a>
-<a class="indexterm" name="id406007"></a>
-<a class="indexterm" name="id406014"></a>
-<a class="indexterm" name="id406020"></a>
- DFS trees on Samba work with all DFS-aware clients ranging from Windows 95 to 200x.
- <a class="link" href="msdfs.html#dfscfg" title="Example 20.1. smb.conf with DFS Configured">The following sample configuration</a> shows how to setup a DFS tree on a Samba server.
- In the <code class="filename">/export/dfsroot</code> directory, you set up your DFS links to
- other servers on the network.
-</p><pre class="screen">
-<code class="prompt">root# </code><strong class="userinput"><code>cd /export/dfsroot</code></strong>
-<code class="prompt">root# </code><strong class="userinput"><code>chown root /export/dfsroot</code></strong>
-<code class="prompt">root# </code><strong class="userinput"><code>chmod 755 /export/dfsroot</code></strong>
-<code class="prompt">root# </code><strong class="userinput"><code>ln -s msdfs:storageA\\shareA linka</code></strong>
-<code class="prompt">root# </code><strong class="userinput"><code>ln -s msdfs:serverB\\share,serverC\\share linkb</code></strong>
+ It is recommended to backup all tdb files as part of the Samba start-up scripts on a Samba
+ server. The following command syntax can be used:
+ </p><pre class="screen">
+myserver# &gt; cd /var/lib/samba
+myserver@ &gt; tdbbackup *.tdb
</pre><p>
-</p><div class="example"><a name="dfscfg"></a><p class="title"><b>Example 20.1. smb.conf with DFS Configured</b></p><div class="example-contents"><table class="simplelist" border="0" summary="Simple list"><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id406126"></a><em class="parameter"><code>netbios name = GANDALF</code></em></td></tr><tr><td><a class="indexterm" name="id406137"></a><em class="parameter"><code>host msdfs = yes</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[dfs]</code></em></td></tr><tr><td><a class="indexterm" name="id406158"></a><em class="parameter"><code>path = /export/dfsroot</code></em></td></tr><tr><td><a class="indexterm" name="id406169"></a><em class="parameter"><code>msdfs root = yes</code></em></td></tr></table></div></div><br class="example-break"><p>
-<a class="indexterm" name="id406184"></a>
-<a class="indexterm" name="id406191"></a>
-<a class="indexterm" name="id406197"></a>
- You should set up the permissions and ownership of the directory acting as the DFS root so that only
- designated users can create, delete, or modify the msdfs links. Also note that symlink names should be all
- lowercase. This limitation exists to have Samba avoid trying all the case combinations to get at the link
- name. Finally, set up the symbolic links to point to the network shares you want and start Samba.
- </p><p>
-<a class="indexterm" name="id406211"></a>
-<a class="indexterm" name="id406218"></a>
- Users on DFS-aware clients can now browse the DFS tree on the Samba server at
- <code class="constant">\\samba\dfs</code>. Accessing links linka or linkb (which appear as directories to the client)
- takes users directly to the appropriate shares on the network.
- </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id406232"></a>Common Errors</h2></div></div></div><div class="itemizedlist"><ul type="disc"><li><p>Windows clients need to be rebooted
- if a previously mounted non-DFS share is made a DFS
- root, or vice versa. A better way is to introduce a
- new share and make it the DFS root.</p></li><li><p>Currently, there's a restriction that msdfs
- symlink names should all be lowercase.</p></li><li><p>For security purposes, the directory
- acting as the root of the DFS tree should have ownership
- and permissions set so only designated users can
- modify the symbolic links in the directory.</p></li></ul></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id406261"></a>MSDFS UNIX Path Is Case-Critical</h3></div></div></div><p>
- A network administrator sent advice to the Samba mailing list
- after long sessions trying to determine why DFS was not working.
- His advice is worth noting.
- </p><p>&#8220;<span class="quote">
- I spent some time trying to figure out why my particular
- DFS root wasn't working. I noted in the documentation that
- the symlink should be in all lowercase. It should be
- amended that the entire path to the symlink should all be
- in lowercase as well.
- </span>&#8221;</p><p>
- &#8220;<span class="quote">For example, I had a share defined as such:</span>&#8221;
- </p><table class="simplelist" border="0" summary="Simple list"><tr><td> </td></tr><tr><td><em class="parameter"><code>[pub]</code></em></td></tr><tr><td><a class="indexterm" name="id406299"></a><em class="parameter"><code>path = /export/home/Shares/public_share</code></em></td></tr><tr><td><a class="indexterm" name="id406310"></a><em class="parameter"><code>msdfs root = yes</code></em></td></tr></table><p>
- &#8220;<span class="quote">and I could not make my Windows 9x/Me (with the dfs client installed) follow this symlink:</span>&#8221;
- </p><pre class="screen">
- damage1 -&gt; msdfs:damage\test-share
- </pre><p>
- </p><p>
- &#8220;<span class="quote">Running a debug level of 10 reveals:</span>&#8221;
- </p><pre class="programlisting">
- [2003/08/20 11:40:33, 5] msdfs/msdfs.c:is_msdfs_link(176)
- is_msdfs_link: /export/home/shares/public_share/* does not exist.
- </pre><p>
- &#8220;<span class="quote">Curious. So I changed the directory name from <code class="constant">.../Shares/...</code> to
- <code class="constant">.../shares/...</code> (along with my service definition) and it worked!</span>&#8221;
- </p></div></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="InterdomainTrusts.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="optional.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="classicalprinting.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 19. Interdomain Trust Relationships </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 21. Classical Printing Support</td></tr></table></div></body></html>
+ The default extension is <code class="filename">.bak</code>. Any alternate extension can be specified
+ by executing <code class="literal">tdbbackup -s 'new_extension' *.tdb</code> as part of your startup script.
+ </p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="bugreport.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="troubleshooting.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="Appendix.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 40. Reporting Bugs </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Part VI. Reference Section</td></tr></table></div></body></html>
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-26 18:56:38 +0000