This book is the comprehensive guide to Samba administration, officially adopted by the Samba Team. Wondering how to integrate Samba's authentication with that of a Windows domain? How to get Samba to serve Microsoft Dfs shares? How to share files on Mac OS X? These and a dozen other issues of interest to system administrators are covered. A whole chapter is dedicated to troubleshooting!The range of this book knows few bounds. Using Samba takes you from basic installation and configuration -- on both the client and server side, for a wide range of systems -- to subtle details of security, cross-platform compatibility, and resource discovery that make the difference between whether users see the folder they expect or a cryptic error message. The current edition covers such advanced 3.x features as:Integration with Active Directory and OpenLDAP Migrating from Windows NT 4.0 domains to Samba Delegating administrative tasks to non-root users Central printer management Advanced file serving features, such as making use of Virtual File System (VFS) plugins.Samba is a cross-platform triumph: robust, flexible and fast, it turns a Unix or Linux system into a file and print server for Microsoft Windows network clients. This book will help you make your file and print sharing as powerful and efficient as possible. The authors delve into the internals of the Windows activities and protocols to an unprecedented degree, explaining the strengths and weaknesses of each feature in Windows domains and in Samba itself.Whether you're playing on your personal computer or an enterprise network, on one note or a full three-octave range, Using Samba will give you an efficient and secure server.
Author(s): Gerald Carter, Jay Ts, Robert Eckstein
Edition: Third Edition
Publisher: O'Reilly Media
Year: 2007
Language: English
Pages: 448
Table of Contents......Page 5
Preface......Page 9
How This Book Is Organized......Page 10
Using Code Examples......Page 12
Gerald Carter......Page 13
Robert Eckstein......Page 14
All......Page 15
An Introduction to Samba......Page 17
What Is Samba?......Page 18
What Can Samba Do for Me?......Page 19
Sharing Files......Page 20
Seeing Things from the Unix Side......Page 23
The Common Internet File System......Page 24
Understanding NetBIOS......Page 25
Getting a Name......Page 26
Node Types......Page 29
Resource names and types......Page 30
Group names and types......Page 31
Datagrams and Sessions......Page 33
Connecting to a CIFS File Share......Page 34
Browsing......Page 36
Browsing Elections......Page 38
Authentication: Peer-to-Peer Versus Domains......Page 39
Active Directory Domain Member Servers......Page 41
Stackable Virtual File System (VFS) Modules......Page 42
Future Research in Samba 4.0......Page 43
What Can Samba Do?......Page 44
An Overview of the Samba Distribution......Page 45
How Can I Get Samba?......Page 47
Binary Packages......Page 48
Compiling from Source......Page 50
Downloading the Source Distribution......Page 51
Configuring Samba......Page 52
Kerberos and LDAP......Page 56
Compiling and Installing Samba......Page 58
Upgrading Your Installation......Page 59
Setting Search Paths......Page 61
Enabling the Samba Web Administration Tool (SWAT)......Page 62
A Basic Samba Configuration File......Page 64
Encrypted Passwords......Page 65
Using SWAT to Create an smb.conf File......Page 66
Firewall Configuration......Page 69
Starting the Samba Daemons......Page 70
System V Unix and most Linux distributions......Page 71
Mac OS X......Page 73
Starting from inetd/xinetd......Page 74
Testing the Samba Daemons......Page 75
Configuring Windows Clients......Page 77
Networking Components......Page 78
IP Address......Page 80
Name Resolution......Page 81
Windows’ LMHOSTS and HOSTS......Page 82
Networking Components......Page 84
Configuring TCP/IP......Page 87
WINS server......Page 88
Computer and Workgroup Names......Page 89
Connecting to the Samba Server......Page 90
Creating Local Users on Window Clients......Page 91
Browsing the Samba Server......Page 94
Basic Syntax and Rules......Page 96
Configuration File Structure......Page 97
Whitespace, delimiters, and capitalization......Page 99
Comments......Page 100
Updating a Live System......Page 101
Variables......Page 102
Special Sections......Page 104
The [global] Section......Page 105
Configuration File Options......Page 106
include......Page 107
copy......Page 108
Basic Server Configuration......Page 109
workgroup......Page 111
Disk Share Configuration......Page 112
Disk Share Configuration Options......Page 113
read only, writable......Page 114
Networking Options with Samba......Page 115
Networking Options......Page 116
hosts allow......Page 117
interfaces......Page 118
Virtual Servers......Page 119
smb ports......Page 121
Logging Configuration Options......Page 122
Using syslog......Page 123
Logging Configuration Options......Page 124
max log size......Page 125
syslog......Page 126
syslog only......Page 127
Security Modes......Page 128
Guest Access with security = user......Page 129
Passwords and Authentication......Page 131
Clear-text passwords......Page 132
Pluggable Authentication Modules (PAM)......Page 134
NTLMv1......Page 135
NTLMv2......Page 136
User Management......Page 137
Security Identifiers......Page 138
Account Storage......Page 139
passdb backend = smbpasswd......Page 140
passdb backend = tdbsam......Page 141
passdb backend = ldapsam......Page 142
Username Maps......Page 146
Account Utilities......Page 148
Synchronizing Passwords......Page 150
Group Mapping......Page 153
User Privilege Management......Page 156
The net Tool......Page 157
Controlling Authorization for File Shares......Page 159
Special Share Names......Page 164
Filesystem Differences......Page 167
Name Mangling and Filename Lengths......Page 168
Case Sensitivity and Preservation......Page 170
Symbolic Links......Page 173
Hiding Files......Page 174
Locks and Leases......Page 176
DOS Attributes......Page 178
DOS attributes and Unix permissions bits......Page 179
DOS attributes and Unix extended attributes......Page 180
Permissions......Page 183
Access Control Lists......Page 187
What’s in a POSIX ACL?......Page 189
The nt acl support Parameter......Page 190
Understanding the Explorer Security Tab......Page 191
Microsoft Distributed File Systems......Page 194
Virtual File Systems......Page 197
Executing Server Scripts......Page 198
Print Shares......Page 201
A Usable Print Share......Page 206
Samba and CUPS......Page 208
The [printers] Service......Page 209
Creating a PDF Printer......Page 212
Point and Print Prerequisites......Page 213
Installing Print Drivers......Page 215
Assigning Print Drivers and Initializing DeviceModes......Page 217
Testing Point and Print......Page 220
Printers and Security......Page 221
Disabling Point and Print......Page 223
Printing, Queue Lists, and tdb Files......Page 224
Adding a Unix Printer......Page 225
BSD printers......Page 227
CUPS printers......Page 228
Printing Parameters......Page 229
Name Resolution and Network Browsing......Page 232
Name Resolution......Page 233
Setting Up Samba As a WINS Server......Page 234
Catching WINS database modifications......Page 235
Configuring a WINS proxy......Page 236
Configuring Name Resolution for the Samba Suite......Page 237
Network Browsing......Page 238
Browsing in a Windows Network......Page 239
Browser Elections......Page 240
Server Announcements......Page 244
Configuring Samba for Browsing......Page 245
Samba As the Domain Master Browser......Page 246
Samba Browsing Enhancements......Page 247
Browsing Options......Page 249
Samba Domains: NT 4.0 or Active Directory?......Page 250
Configuring a Samba PDC......Page 251
Setting Up Domain Joins......Page 252
Domain Admins......Page 253
Required privileges......Page 254
Joining a Windows client......Page 255
Managing Users and Groups......Page 257
User Profiles......Page 262
System Policies......Page 266
Configuring a Samba BDC......Page 268
passdb Recommendations......Page 269
Migrating an NT 4.0 Domain to Samba......Page 270
Domain Trusts......Page 274
File Shares......Page 277
Services......Page 280
Eventlogs......Page 283
Performance Monitor......Page 284
Joining a Domain......Page 287
Domain and ADS Security Modes......Page 289
security = domain......Page 290
Time synchronization......Page 292
Encryption types......Page 294
Realm/domain and KDC lookups......Page 295
Final steps......Page 296
Integrating Kerberized Unix services......Page 298
Locating a Domain Controller......Page 299
Matching Domain Users to Local Accounts......Page 300
Winbind......Page 302
idmap Backends......Page 309
idmap backed = ldap......Page 310
idmap backed = rid......Page 311
idmap backed = ad......Page 312
PAM and Domains......Page 314
Local Nested Groups......Page 317
Unix Clients......Page 320
Installation......Page 321
Mounting a SMB/CIFS File Share......Page 322
CIFS Extensions for Unix Clients......Page 326
FreeBSD’s smbfs......Page 327
smbutil......Page 328
mount_smbfs......Page 329
Mac OS X......Page 331
Listing Shares and Workgroups......Page 333
An Interactive smbclient Session......Page 335
Backups with smbclient......Page 339
Programming with smbclient......Page 341
Remote Administration with net......Page 342
net rpc......Page 343
Shares......Page 345
Services......Page 346
net ads......Page 348
The Tool Box......Page 351
Log Level......Page 352
Logging by Individual Client Systems or Users......Page 354
Tracing System Calls......Page 355
Network Packet Captures......Page 356
Using Wireshark......Page 357
The Fault Tree......Page 358
Testing the networking software with ping......Page 359
Testing the networking hardware with ping......Page 360
Testing connections with ping......Page 361
Tracking daemon startup......Page 364
Looking for daemons bound to ports......Page 365
Testing daemons with testparm......Page 366
A minimal smb.conf file......Page 367
Testing locally with smbclient......Page 368
Testing connections with net use......Page 369
Testing the Server with nmblookup......Page 370
Testing the Client with nmblookup......Page 371
Testing Browsing with smbclient......Page 372
Testing Client Browsing with net view......Page 374
Troubleshooting Name Services......Page 375
Identifying What’s in Use......Page 376
Cannot Look Up Hostnames......Page 377
Long and Short Hostnames......Page 379
Netmasks......Page 380
Broadcast Addresses......Page 381
Finding Your Network Address......Page 382
Troubleshooting NetBIOS Names......Page 383
Samba Mailing Lists, Newsgroups, and IRC......Page 384
Filing a Bug Report......Page 385
SMB URI Syntax......Page 387
Samba Daemons......Page 388
nmbd......Page 389
winbindd......Page 390
General options......Page 391
Authentication options......Page 392
eventlogadm......Page 393
net......Page 394
nmblookup......Page 399
ntlm_auth......Page 400
pdbedit......Page 401
smbcacls......Page 404
smbclient......Page 406
smbcontrol......Page 412
smbcquotas......Page 414
smbpasswd......Page 415
smbget......Page 417
smbstatus......Page 418
smbtar......Page 419
tdbbackup......Page 420
tdbtool......Page 421
testparm......Page 422
wbinfo......Page 423
Downloading Samba with Subversion......Page 425
Configure Options......Page 427
Install Directory and Library Options......Page 429
Developer Options......Page 430
Authentication Options......Page 431
File Serving Features......Page 432
Clients and Libraries......Page 433
Index......Page 435