| [217] | 1 | <?xml version="1.0" encoding="iso-8859-1"?>
|
|---|
| 2 | <!DOCTYPE glossary PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
|
|---|
| 3 | <glossary>
|
|---|
| 4 | <title>Glossary</title>
|
|---|
| 5 |
|
|---|
| 6 | <glossentry>
|
|---|
| 7 | <glossterm>Access Control List</glossterm>
|
|---|
| 8 | <acronym>ACL</acronym>
|
|---|
| 9 | <glossdef><para>
|
|---|
| 10 | A detailed list of permissions granted to users or groups with respect to file and network
|
|---|
| 11 | resource access.
|
|---|
| 12 | </para></glossdef>
|
|---|
| 13 | </glossentry>
|
|---|
| 14 |
|
|---|
| 15 | <glossentry>
|
|---|
| 16 | <glossterm>Active Directory Service</glossterm>
|
|---|
| 17 | <acronym>ADS</acronym>
|
|---|
| 18 | <glossdef><para>
|
|---|
| 19 | A service unique to Microsoft Windows 200x servers that provides a centrally managed
|
|---|
| 20 | directory for management of user identities and computer objects, as well as the
|
|---|
| 21 | permissions each user or computer may be granted to access distributed network resources.
|
|---|
| 22 | ADS uses Kerberos-based authentication and LDAP over Kerberos for directory access.
|
|---|
| 23 | </para></glossdef>
|
|---|
| 24 | </glossentry>
|
|---|
| 25 |
|
|---|
| 26 | <glossentry>
|
|---|
| 27 | <glossterm>Common Internet File System</glossterm>
|
|---|
| 28 | <acronym>CIFS</acronym>
|
|---|
| 29 | <glossdef><para>
|
|---|
| 30 | The new name for SMB. Microsoft renamed the SMB protocol to CIFS during
|
|---|
| 31 | the Internet hype in the 1990s. At about the time that the SMB protocol was renamed
|
|---|
| 32 | to CIFS, an additional dialect of the SMB protocol was in development. The need for the
|
|---|
| 33 | deployment of the NetBIOS layer was also removed, thus paving the way for use of the SMB
|
|---|
| 34 | protocol natively over TCP/IP (known as NetBIOS-less SMB or <quote>naked</quote> TCP
|
|---|
| 35 | transport).
|
|---|
| 36 | </para></glossdef>
|
|---|
| 37 | </glossentry>
|
|---|
| 38 |
|
|---|
| 39 | <glossentry>
|
|---|
| 40 | <glossterm>Common UNIX Printing System</glossterm>
|
|---|
| 41 | <acronym>CUPS</acronym>
|
|---|
| 42 | <glossdef><para>
|
|---|
| 43 | A recent implementation of a high-capability printing system for UNIX developed by
|
|---|
| 44 | <ulink url="http://www.easysw.com/">Easy Software Inc.</ulink>. The design objective
|
|---|
| 45 | of CUPS was to provide a rich print processing system that has built-in intelligence
|
|---|
| 46 | that is capable of correctly rendering (processing) a file that is submitted for
|
|---|
| 47 | printing even if it was formatted for an entirely different printer.
|
|---|
| 48 | </para>
|
|---|
| 49 | </glossdef>
|
|---|
| 50 | </glossentry>
|
|---|
| 51 |
|
|---|
| 52 | <glossentry>
|
|---|
| 53 | <glossterm>Domain Master Browser</glossterm>
|
|---|
| 54 | <acronym>DMB</acronym>
|
|---|
| 55 | <glossdef><para>
|
|---|
| 56 | The Domain Master Browser maintains a list of all the servers that
|
|---|
| 57 | have announced their services within a given workgroup or NT domain.
|
|---|
| 58 | </para></glossdef>
|
|---|
| 59 | </glossentry>
|
|---|
| 60 |
|
|---|
| 61 | <glossentry>
|
|---|
| 62 | <glossterm>Domain Name Service</glossterm>
|
|---|
| 63 | <acronym>DNS</acronym>
|
|---|
| 64 | <glossdef><para>
|
|---|
| 65 | A protocol by which computer hostnames may be resolved to the matching IP address/es.
|
|---|
| 66 | DNS is implemented by the Berkeley Internet Name Daemon. There exists a recent version
|
|---|
| 67 | of DNS that allows dynamic name registration by network clients or by a DHCP server.
|
|---|
| 68 | This recent protocol is known as dynamic DNS (DDNS).
|
|---|
| 69 | </para></glossdef>
|
|---|
| 70 | </glossentry>
|
|---|
| 71 |
|
|---|
| 72 | <glossentry>
|
|---|
| 73 | <glossterm>Dynamic Host Configuration Protocol</glossterm>
|
|---|
| 74 | <acronym>DHCP</acronym>
|
|---|
| 75 | <glossdef><para>
|
|---|
| 76 | A protocol that was based on the BOOTP protocol that may be used to dynamically assign
|
|---|
| 77 | an IP address, from a reserved pool of addresses, to a network client or device.
|
|---|
| 78 | Additionally, DHCP may assign all network configuration settings and may be used to
|
|---|
| 79 | register a computer name and its address with a dynamic DNS server.
|
|---|
| 80 | </para></glossdef>
|
|---|
| 81 | </glossentry>
|
|---|
| 82 |
|
|---|
| 83 | <glossentry>
|
|---|
| 84 | <glossterm>Group IDentifier</glossterm>
|
|---|
| 85 | <acronym>GID</acronym>
|
|---|
| 86 | <glossdef><para>
|
|---|
| 87 | The UNIX system group identifier; on older systems, a 32-bit unsigned integer, and on
|
|---|
| 88 | newer systems, an unsigned 64-bit integer. The GID is used in UNIX-like operating systems
|
|---|
| 89 | for all group-level access control.
|
|---|
| 90 | </para></glossdef>
|
|---|
| 91 | </glossentry>
|
|---|
| 92 |
|
|---|
| 93 | <glossentry>
|
|---|
| 94 | <glossterm>Key Distribution Center</glossterm>
|
|---|
| 95 | <acronym>KDC</acronym>
|
|---|
| 96 | <glossdef><para>
|
|---|
| 97 | The Kerberos authentication protocol makes use of security keys (also called a ticket)
|
|---|
| 98 | by which access to network resources is controlled. The issuing of Kerberos tickets
|
|---|
| 99 | is effected by a KDC.
|
|---|
| 100 | </para></glossdef>
|
|---|
| 101 | </glossentry>
|
|---|
| 102 |
|
|---|
| 103 | <glossentry>
|
|---|
| 104 | <glossterm>Lightweight Directory Access Protocol</glossterm>
|
|---|
| 105 | <acronym>LDAP</acronym>
|
|---|
| 106 | <glossdef>
|
|---|
| 107 | <para>
|
|---|
| 108 | The Lightweight Directory Access Protocol is a technology that
|
|---|
| 109 | originated from the development of X.500 protocol specifications and
|
|---|
| 110 | implementations. LDAP was designed as a means of rapidly searching
|
|---|
| 111 | through X.500 information. Later LDAP was adapted as an engine that
|
|---|
| 112 | could drive its own directory database. LDAP is not a database per
|
|---|
| 113 | se; rather it is a technology that enables high-volume search and
|
|---|
| 114 | locate activity from clients that wish to obtain simply defined
|
|---|
| 115 | information about a subset of records that are stored in a
|
|---|
| 116 | database. LDAP does not have a particularly efficient mechanism for
|
|---|
| 117 | storing records in the database, and it has no concept of transaction
|
|---|
| 118 | processing nor of mechanisms for preserving data consistency. LDAP is
|
|---|
| 119 | premised around the notion that the search and read activity far
|
|---|
| 120 | outweigh any need to add, delete, or modify records. LDAP does
|
|---|
| 121 | provide a means for replication of the database to keep slave
|
|---|
| 122 | servers up to date with a master. It also has built-in capability to
|
|---|
| 123 | handle external references and deferral.
|
|---|
| 124 | </para></glossdef>
|
|---|
| 125 | </glossentry>
|
|---|
| 126 |
|
|---|
| 127 | <glossentry>
|
|---|
| 128 | <glossterm>Local Master Browser</glossterm>
|
|---|
| 129 | <acronym>LMB</acronym>
|
|---|
| 130 | <glossdef><para>
|
|---|
| 131 | The Local Master Browser maintains a list of all servers that have announced themselves
|
|---|
| 132 | within a given workgroup or NT domain on a particular broadcast isolated subnet.
|
|---|
| 133 | </para></glossdef>
|
|---|
| 134 | </glossentry>
|
|---|
| 135 |
|
|---|
| 136 | <glossentry>
|
|---|
| 137 | <glossterm>Media Access Control</glossterm>
|
|---|
| 138 | <acronym>MAC</acronym>
|
|---|
| 139 | <glossdef><para>
|
|---|
| 140 | The hard-coded address of the physical-layer device that is attached to the network.
|
|---|
| 141 | All network interface controllers must have a hard-coded and unique MAC address. The
|
|---|
| 142 | MAC address is 48 bits long.
|
|---|
| 143 | </para></glossdef>
|
|---|
| 144 | </glossentry>
|
|---|
| 145 |
|
|---|
| 146 | <glossentry>
|
|---|
| 147 | <glossterm>NetBIOS Extended User Interface</glossterm>
|
|---|
| 148 | <acronym>NetBEUI</acronym>
|
|---|
| 149 | <glossdef><para>
|
|---|
| 150 | Very simple network protocol invented by IBM and Microsoft. It is used to do NetBIOS
|
|---|
| 151 | over Ethernet with low overhead. NetBEUI is a non-routable protocol.
|
|---|
| 152 | </para></glossdef>
|
|---|
| 153 | </glossentry>
|
|---|
| 154 |
|
|---|
| 155 | <glossentry>
|
|---|
| 156 | <glossterm>Network Address Translation</glossterm>
|
|---|
| 157 | <acronym>NAT</acronym>
|
|---|
| 158 | <glossdef><para>
|
|---|
| 159 | Network address translation is a form of IP address masquerading. It ensures that internal
|
|---|
| 160 | private (RFC1918) network addresses from packets inside the network are rewritten so
|
|---|
| 161 | that TCP/IP packets that leave the server over a public connection are seen to come only
|
|---|
| 162 | from the external network address.
|
|---|
| 163 | </para></glossdef>
|
|---|
| 164 | </glossentry>
|
|---|
| 165 |
|
|---|
| 166 | <glossentry>
|
|---|
| 167 | <glossterm>Network Basic Input/Output System</glossterm>
|
|---|
| 168 | <acronym>NetBIOS</acronym>
|
|---|
| 169 | <glossdef><para>
|
|---|
| 170 | NetBIOS is a simple application programming interface (API) invented in the 1980s
|
|---|
| 171 | that allows programs to send data to certain network names. NetBIOS is always run over
|
|---|
| 172 | another network protocol such as IPX/SPX, TCP/IP, or Logical Link Control (LLC).
|
|---|
| 173 | NetBIOS run over LLC is best known as NetBEUI (the NetBIOS Extended User Interface
|
|---|
| 174 | &smbmdash; a complete misnomer!).
|
|---|
| 175 | </para></glossdef>
|
|---|
| 176 | </glossentry>
|
|---|
| 177 |
|
|---|
| 178 | <glossentry>
|
|---|
| 179 | <glossterm>NetBT</glossterm>
|
|---|
| 180 | <acronym>NBT</acronym>
|
|---|
| 181 | <glossdef><para>
|
|---|
| 182 | Protocol for transporting NetBIOS frames over TCP/IP. Uses ports 137, 138, and 139.
|
|---|
| 183 | NetBT is a fully routable protocol.
|
|---|
| 184 | </para></glossdef>
|
|---|
| 185 | </glossentry>
|
|---|
| 186 |
|
|---|
| 187 | <glossentry>
|
|---|
| 188 | <glossterm>NT/LanManager Security Support Provider</glossterm>
|
|---|
| 189 | <acronym>NTLMSSP</acronym>
|
|---|
| 190 | <glossdef><para>
|
|---|
| 191 | The NTLM Security Support Provider (NTLMSSP) service in Windows NT4/200x/XP is responsible for
|
|---|
| 192 | handling all NTLM authentication requests. It is the front end for protocols such as SPNEGO,
|
|---|
| 193 | Schannel, and other technologies. The generic protocol family supported by NTLMSSP is known as
|
|---|
| 194 | GSSAPI, the Generic Security Service Application Program Interface specified in RFC2078.
|
|---|
| 195 | </para></glossdef>
|
|---|
| 196 | </glossentry>
|
|---|
| 197 |
|
|---|
| 198 | <glossentry>
|
|---|
| 199 | <glossterm>Server Message Block</glossterm>
|
|---|
| 200 | <acronym>SMB</acronym>
|
|---|
| 201 | <glossdef><para>
|
|---|
| 202 | SMB was the original name of the protocol spoken by Samba. It was invented in the 1980s
|
|---|
| 203 | by IBM and adopted and extended further by Microsoft. Microsoft renamed the protocol to
|
|---|
| 204 | CIFS during the Internet hype in the 1990s.
|
|---|
| 205 | </para></glossdef>
|
|---|
| 206 | </glossentry>
|
|---|
| 207 |
|
|---|
| 208 | <glossentry>
|
|---|
| 209 | <glossterm>The Simple and Protected GSS-API Negotiation</glossterm>
|
|---|
| 210 | <acronym>SPNEGO</acronym>
|
|---|
| 211 | <glossdef><para>
|
|---|
| 212 | The purpose of SPNEGO is to allow a client and server to negotiate a security mechanism for
|
|---|
| 213 | authentication. The protocol is specified in RFC2478 and uses tokens as built via ASN.1 DER.
|
|---|
| 214 | DER refers to Distinguished Encoding Rules. These are a set of common rules for creating
|
|---|
| 215 | binary encodings in a platform-independent manner. Samba has support for SPNEGO.
|
|---|
| 216 | </para></glossdef>
|
|---|
| 217 | </glossentry>
|
|---|
| 218 |
|
|---|
| 219 | <glossentry>
|
|---|
| 220 | <glossterm>The Official Samba-3 HOWTO and Reference Guide, Second Edition</glossterm>
|
|---|
| 221 | <acronym>TOSHARG2</acronym>
|
|---|
| 222 | <glossdef><para>
|
|---|
| 223 | This book makes repeated reference to <quote>The Official Samba-3 HOWTO and Reference Guide, Second
|
|---|
| 224 | Edition</quote> by John H. Terpstra and Jelmer R. Vernooij. This publication is available from
|
|---|
| 225 | Amazon.com. Publisher: Prentice Hall PTR (August 2005),
|
|---|
| 226 | ISBN: 013122282.
|
|---|
| 227 | </para></glossdef>
|
|---|
| 228 | </glossentry>
|
|---|
| 229 |
|
|---|
| 230 | <glossentry>
|
|---|
| 231 | <glossterm>User IDentifier</glossterm>
|
|---|
| 232 | <acronym>UID</acronym>
|
|---|
| 233 | <glossdef><para>
|
|---|
| 234 | The UNIX system user identifier; on older systems, a 32-bit unsigned integer, and on newer systems,
|
|---|
| 235 | an unsigned 64-bit integer. The UID is used in UNIX-like operating systems for all user-level access
|
|---|
| 236 | control.
|
|---|
| 237 | </para></glossdef>
|
|---|
| 238 | </glossentry>
|
|---|
| 239 |
|
|---|
| 240 | <glossentry>
|
|---|
| 241 | <glossterm>Universal Naming Convention</glossterm>
|
|---|
| 242 | <acronym>UNC</acronym>
|
|---|
| 243 | <glossdef><para>A syntax for specifying the location of network resources (such as file shares).
|
|---|
| 244 | The UNC syntax was developed in the early days of MS DOS 3.x and is used internally by the SMB protocol.
|
|---|
| 245 | </para></glossdef>
|
|---|
| 246 | </glossentry>
|
|---|
| 247 |
|
|---|
| 248 | <glossentry>
|
|---|
| 249 | <glossterm>Wireshark</glossterm>
|
|---|
| 250 | <acronym>wireshark</acronym>
|
|---|
| 251 | <glossdef><para>
|
|---|
| 252 | A network analyzer, also known as a network sniffer or a protocol analyzer. Formerly known as Ethereal, Wireshark is
|
|---|
| 253 | freely available for UNIX/Linux and Microsoft Windows systems from
|
|---|
| 254 | <ulink url="http://www.wireshark.org">the Wireshark Web site</ulink>.
|
|---|
| 255 | </para></glossdef>
|
|---|
| 256 | </glossentry>
|
|---|
| 257 |
|
|---|
| 258 | </glossary>
|
|---|
