Changeset 158 for branches/samba-3.0/docs/htmldocs/Samba3-HOWTO/msdfs.html

Timestamp:

Sep 30, 2008, 7:14:08 AM (17 years ago)

Author:

Paul Smedley

Message:

Update source to 3.0.32

File:

• branches/samba-3.0/docs/htmldocs/Samba3-HOWTO/msdfs.html (modified) (1 diff)

branches/samba-3.0/docs/htmldocs/Samba3-HOWTO/msdfs.html

@@ -1 @@
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 20. Hosting a Microsoft Distributed File System Tree</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.73.2"><link rel="start" href="index.html" title="The Official Samba 3.2.x HOWTO and Reference Guide"><link rel="up" href="optional.html" title="Part III. Advanced Configuration"><link rel="prev" href="InterdomainTrusts.html" title="Chapter 19. Interdomain Trust Relationships"><link rel="next" href="classicalprinting.html" title="Chapter 21. Classical Printing Support"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 20. Hosting a Microsoft Distributed File System Tree</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="InterdomainTrusts.html">Prev</a> </td><th width="60%" align="center">Part III. Advanced Configuration</th><td width="20%" align="right"> <a accesskey="n" href="classicalprinting.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="msdfs"></a>Chapter 20. Hosting a Microsoft Distributed File System Tree</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Shirish</span> <span class="surname">Kalele</span></h3><div class="affiliation"><span class="orgname">Samba Team &amp; Veritas Software<br></span><div class="address"><p><br>
-                                <code class="email">&lt;<a class="email" href="mailto:samba@samba.org">samba@samba.org</a>&gt;</code><br>
-                        </p></div></div></div></div><div><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="othername">H.</span> <span class="surname">Terpstra</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><code class="email">&lt;<a class="email" href="mailto:jht@samba.org">jht@samba.org</a>&gt;</code></p></div></div></div></div><div><p class="pubdate">12 Jul 2000</p></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="msdfs.html#id405843">Features and Benefits</a></span></dt><dt><span class="sect1"><a href="msdfs.html#id406232">Common Errors</a></span></dt><dd><dl><dt><span class="sect2"><a href="msdfs.html#id406261">MSDFS UNIX Path Is Case-Critical</a></span></dt></dl></dd></dl></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id405843"></a>Features and Benefits</h2></div></div></div><p>
-<a class="indexterm" name="id405851"></a>
-<a class="indexterm" name="id405860"></a>
-<a class="indexterm" name="id405867"></a>
-<a class="indexterm" name="id405874"></a>
-<a class="indexterm" name="id405881"></a>
-        The distributed file system (DFS) provides a means of separating the logical
-        view of files and directories that users see from the actual physical locations
-        of these resources on the network. It allows for higher availability, smoother
-        storage expansion, load balancing, and so on.
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 41. Managing TDB Files</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.73.2"><link rel="start" href="index.html" title="The Official Samba 3.2.x HOWTO and Reference Guide"><link rel="up" href="troubleshooting.html" title="Part V. Troubleshooting"><link rel="prev" href="bugreport.html" title="Chapter 40. Reporting Bugs"><link rel="next" href="Appendix.html" title="Part VI. Reference Section"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 41. Managing TDB Files</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="bugreport.html">Prev</a> </td><th width="60%" align="center">Part V. Troubleshooting</th><td width="20%" align="right"> <a accesskey="n" href="Appendix.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="msdfs"></a>Chapter 41. Managing TDB Files</h2></div><div><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="othername">H.</span> <span class="surname">Terpstra</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><code class="email">&lt;<a class="email" href="mailto:jht@samba.org">jht@samba.org</a>&gt;</code></p></div></div></div></div><div><p class="pubdate">May 28, 2008</p></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="msdfs.html#id440386">Features and Benefits</a></span></dt><dt><span class="sect1"><a href="msdfs.html#id440822">Managing TDB Files</a></span></dt></dl></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id440386"></a>Features and Benefits</h2></div></div></div><p>
+<a class="indexterm" name="id440394"></a>
+<a class="indexterm" name="id440401"></a>
+        Samba uses a lightweight database called Trivial Database (tdb) in which it stores persistent and transient data.
+        Some tdb files can be disposed of before restarting Samba, but others are used to store information that is vital
+        to Samba configuration and behavior. The following information is provided to help administrators who are seeking
+        to better manage their Samba installations.
         </p><p>
-<a class="indexterm" name="id405893"></a>
-<a class="indexterm" name="id405900"></a>
-<a class="indexterm" name="id405906"></a>
-        For information about DFS, refer to the <a class="ulink" href="http://www.microsoft.com/NTServer/nts/downloads/winfeatures/NTSDistrFile/AdminGuide.asp" target="_top">Microsoft
-        documentation</a>.  This document explains how to host a DFS tree on a UNIX machine (for DFS-aware clients
-        to browse) using Samba.
+<a class="indexterm" name="id440414"></a>
+<a class="indexterm" name="id440421"></a>
+<a class="indexterm" name="id440428"></a>
+<a class="indexterm" name="id440434"></a>
+        Those who package Samba for commercial distribution with operating systems and appliances would do well to take
+        note that tdb files can get corrupted, and for this reason ought to be backed up regularly.  An appropriate time
+        is at system shutdown (backup) and startup (restore from backup).
+        </p><div class="table"><a name="TOSH-TDB"></a><p class="title"><b>Table 41.1. Samba's Trivial Database Files</b></p><div class="table-contents"><table summary="Samba's Trivial Database Files" border="1"><colgroup><col><col></colgroup><thead><tr><th align="center">File name</th><th align="center">Preserve</th><th align="center">Description</th></tr></thead><tbody><tr><td align="center">account_policy.tdb</td><td align="center">Y</td><td align="center"><p>NT account policy settings such as pw expiration, etc...</p></td></tr><tr><td align="center">brlock.tdb</td><td align="center">N</td><td align="center"><p>Byte range locks.</p></td></tr><tr><td align="center">browse.dat</td><td align="center">N</td><td align="center"><p>Browse lists - gets rebuilt automatically.</p></td></tr><tr><td align="center">connections.tdb</td><td align="center">N</td><td align="center"><p>Share connections. Used to enforce max connections, etc.</p></td></tr><tr><td align="center">gencache.tdb</td><td align="center">N</td><td align="center"><p>Generic caching database.</p></td></tr><tr><td align="center">group_mapping.tdb</td><td align="center">Y</td><td align="center"><p>Stores group mapping information. Not used when using LDAP backend.</p></td></tr><tr><td align="center">  lang_en.tdb</td><td align="center">Y</td><td align="center"><p>Stores language encoding information.</p></td></tr><tr><td align="center">locking.tdb</td><td align="center">N</td><td align="center"><p>Stores share mode and oplock information.</p></td></tr><tr><td align="center">login_cache.tdb</td><td align="center">N</td><td align="center"><p>Keeps a log of bad pw attempts.</p></td></tr><tr><td align="center">messages.tdb</td><td align="center">N</td><td align="center"><p>Used to keep track of Samba internal messaging.</p></td></tr><tr><td align="center">netsamlogon_cache.tdb</td><td align="center">Y</td><td align="center"><p>
+                                        Cache of user net_info_3 struct from <span class="emphasis"><em>net_samlogon()</em></span>
+                                        requests from domain member machines.
+                                </p></td></tr><tr><td align="center">ntdrivers.tdb</td><td align="center">Y</td><td align="center"><p>Stores installed printer driver information.</p></td></tr><tr><td align="center">ntforms.tdb</td><td align="center">Y</td><td align="center"><p>Stores installed printer forms information.</p></td></tr><tr><td align="center">ntprinters.tdb</td><td align="center">Y</td><td align="center"><p>Stores installed printers information.</p></td></tr><tr><td align="center">printing directory</td><td align="center">Y</td><td align="center"><p>Directory containing tdb per print queue of cached lpq output.</p></td></tr><tr><td align="center">registry.tdb</td><td align="center">Y</td><td align="center"><p>Windows registry skeleton (connect via regedit.exe).</p></td></tr><tr><td align="center">sessionid.tdb</td><td align="center">N</td><td align="center"><p>Session information to support <code class="literal">utmp = yes</code> capabilities.</p></td></tr><tr><td align="center">share_info.tdb</td><td align="center">Y</td><td align="center"><p>Stores share-level ACL configuration settings.
+                                        Default ACL is <span class="emphasis"><em>Everyone - Full Control</em></span>.
+                                </p></td></tr><tr><td align="center">unexpected.tdb</td><td align="center">N</td><td align="center"><p>
+                                        Unexpected packet queue needed to support windows clients that respond on a 
+                                        different port that the originating reques.
+                                </p></td></tr><tr><td align="center">winbindd_cache.tdb</td><td align="center">N</td><td align="center"><p>Winbind's cache of user lists.</p></td></tr><tr><td align="center">winbindd_idmap.tdb</td><td align="center">Y</td><td align="center"><p>Winbind's local IDMAP database.</p></td></tr><tr><td align="center">wins.dat</td><td align="center">N</td><td align="center"><p>
+                                WINS database iused only when <em class="parameter"><code>wins support = yes</code></em>
+                                has been set. This gets rebuilt or updated at every restart.
+                                </p></td></tr><tr><td align="center">wins.tdb</td><td align="center">Y</td><td align="center"><p>
+                                The working permanent storage for all WINS data. This database is used only
+                                when <em class="parameter"><code>wins support = yes</code></em> has been set in the <code class="filename">smb.conf</code> file.
+                                Note: This retains all manually configured WINS entries. Manual setting can be done use the net utility.
+                                </p></td></tr><tr><td align="center">secrets.tdb</td><td align="center">Y</td><td align="center"><p>
+                                This tdb file stores internal settings such as the machine and the domain SID, secret passwords
+                                that are used with LDAP, the machine secret token, etc. This is an essential file that is stored
+                                in a secure area. Vendors locate this in various folders. Check <code class="literal">smbd -b</code> to
+                                find its location on your system.
+                                </p></td></tr><tr><td align="center">schannel_store.tdb</td><td align="center">Y</td><td align="center"><p>
+                                This stores secure channel access token information used with SMB signing.
+                                </p></td></tr><tr><td align="center">passdb.tdb</td><td align="center">Y</td><td align="center"><p>
+                                This stores the Samba SAM account information when using a tdbsam password backend.
+                                </p></td></tr></tbody></table></div></div><br class="table-break"></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id440822"></a>Managing TDB Files</h2></div></div></div><p>
+        The <code class="literal">tdbbackup</code> utility is a tool that may be used to backup samba tdb files.
+        This tool may also be used to verify the integrity of the tdb files prior to Samba startup or
+        during normal operation. If it finds file damage it will search for a prior backup the backup
+        file from which the damaged tdb file will be restored. The <code class="literal">tdbbackup</code>
+        utility can safely be run at any time. It was designed so that it can be used at any time to
+        validate the integrity of tdb files, even during Samba operation.
         </p><p>
-<a class="indexterm" name="id405924"></a>
-<a class="indexterm" name="id405931"></a>
-<a class="indexterm" name="id405938"></a>
-<a class="indexterm" name="id405945"></a>
-        A Samba server can be made a DFS server by setting the global Boolean <a class="link" href="smb.conf.5.html#HOSTMSDFS">host msdfs</a>
-        parameter in the <code class="filename">smb.conf</code> file. You designate a share as a DFS root using the share-level Boolean
-        <a class="link" href="smb.conf.5.html#MSDFSROOT">msdfs root</a> parameter. A DFS root directory on Samba hosts DFS links in the form of
-        symbolic links that point to other servers. For example, a symbolic link
-        <code class="filename">junction-&gt;msdfs:storage1\share1</code> in the share directory acts as the DFS junction. When
-        DFS-aware clients attempt to access the junction link, they are redirected to the storage location (in this
-        case, <em class="parameter"><code>\\storage1\share1</code></em>).
-        </p><p>
-<a class="indexterm" name="id406000"></a>
-<a class="indexterm" name="id406007"></a>
-<a class="indexterm" name="id406014"></a>
-<a class="indexterm" name="id406020"></a>
-        DFS trees on Samba work with all DFS-aware clients ranging from Windows 95 to 200x.
-        <a class="link" href="msdfs.html#dfscfg" title="Example 20.1. smb.conf with DFS Configured">The following sample configuration</a> shows how to setup a DFS tree on a Samba server.
-        In the <code class="filename">/export/dfsroot</code> directory, you set up your DFS links to 
-        other servers on the network.
-</p><pre class="screen">
-<code class="prompt">root# </code><strong class="userinput"><code>cd /export/dfsroot</code></strong>
-<code class="prompt">root# </code><strong class="userinput"><code>chown root /export/dfsroot</code></strong>
-<code class="prompt">root# </code><strong class="userinput"><code>chmod 755 /export/dfsroot</code></strong>
-<code class="prompt">root# </code><strong class="userinput"><code>ln -s msdfs:storageA\\shareA linka</code></strong>
-<code class="prompt">root# </code><strong class="userinput"><code>ln -s msdfs:serverB\\share,serverC\\share linkb</code></strong>
+        It is recommended to backup all tdb files as part of the Samba start-up scripts on a Samba
+        server. The following command syntax can be used:
+        </p><pre class="screen">
+myserver# &gt; cd /var/lib/samba
+myserver@ &gt; tdbbackup *.tdb
 </pre><p>
-</p><div class="example"><a name="dfscfg"></a><p class="title"><b>Example 20.1. smb.conf with DFS Configured</b></p><div class="example-contents"><table class="simplelist" border="0" summary="Simple list"><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id406126"></a><em class="parameter"><code>netbios name = GANDALF</code></em></td></tr><tr><td><a class="indexterm" name="id406137"></a><em class="parameter"><code>host msdfs   = yes</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[dfs]</code></em></td></tr><tr><td><a class="indexterm" name="id406158"></a><em class="parameter"><code>path = /export/dfsroot</code></em></td></tr><tr><td><a class="indexterm" name="id406169"></a><em class="parameter"><code>msdfs root = yes</code></em></td></tr></table></div></div><br class="example-break"><p>
-<a class="indexterm" name="id406184"></a>
-<a class="indexterm" name="id406191"></a>
-<a class="indexterm" name="id406197"></a>
-        You should set up the permissions and ownership of the directory acting as the DFS root so that only
-        designated users can create, delete, or modify the msdfs links. Also note that symlink names should be all
-        lowercase. This limitation exists to have Samba avoid trying all the case combinations to get at the link
-        name. Finally, set up the symbolic links to point to the network shares you want and start Samba.
-        </p><p>
-<a class="indexterm" name="id406211"></a>
-<a class="indexterm" name="id406218"></a>
-        Users on DFS-aware clients can now browse the DFS tree on the Samba server at
-        <code class="constant">\\samba\dfs</code>. Accessing links linka or linkb (which appear as directories to the client)
-        takes users directly to the appropriate shares on the network.
-        </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id406232"></a>Common Errors</h2></div></div></div><div class="itemizedlist"><ul type="disc"><li><p>Windows clients need to be rebooted 
-                if a previously mounted non-DFS share is made a DFS 
-                root, or vice versa. A better way is to introduce a 
-                new share and make it the DFS root.</p></li><li><p>Currently, there's a restriction that msdfs 
-                symlink names should all be lowercase.</p></li><li><p>For security purposes, the directory 
-                acting as the root of the DFS tree should have ownership 
-                and permissions set so only designated users can 
-                modify the symbolic links in the directory.</p></li></ul></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id406261"></a>MSDFS UNIX Path Is Case-Critical</h3></div></div></div><p>
-                A network administrator sent advice to the Samba mailing list
-                after long sessions trying to determine why DFS was not working.
-                His advice is worth noting.
-                </p><p>&#8220;<span class="quote">
-                I spent some time trying to figure out why my particular
-                DFS root wasn't working. I noted in the documentation that
-                the symlink should be in all lowercase. It should be
-                amended that the entire path to the symlink should all be
-                in lowercase as well.
-                </span>&#8221;</p><p>
-                &#8220;<span class="quote">For example, I had a share defined as such:</span>&#8221;
-                </p><table class="simplelist" border="0" summary="Simple list"><tr><td> </td></tr><tr><td><em class="parameter"><code>[pub]</code></em></td></tr><tr><td><a class="indexterm" name="id406299"></a><em class="parameter"><code>path = /export/home/Shares/public_share</code></em></td></tr><tr><td><a class="indexterm" name="id406310"></a><em class="parameter"><code>msdfs root = yes</code></em></td></tr></table><p>
-                &#8220;<span class="quote">and I could not make my Windows 9x/Me (with the dfs client installed) follow this symlink:</span>&#8221;
-                </p><pre class="screen">
-                damage1 -&gt; msdfs:damage\test-share
-                </pre><p>
-                </p><p>
-                &#8220;<span class="quote">Running a debug level of 10 reveals:</span>&#8221;
-                </p><pre class="programlisting">
-                [2003/08/20 11:40:33, 5] msdfs/msdfs.c:is_msdfs_link(176)
-                  is_msdfs_link: /export/home/shares/public_share/* does not exist.
-                </pre><p>
-                &#8220;<span class="quote">Curious. So I changed the directory name from <code class="constant">.../Shares/...</code> to
-                <code class="constant">.../shares/...</code> (along with my service definition) and it worked!</span>&#8221;
-                </p></div></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="InterdomainTrusts.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="optional.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="classicalprinting.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 19. Interdomain Trust Relationships </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 21. Classical Printing Support</td></tr></table></div></body></html>
+        The default extension is <code class="filename">.bak</code>. Any alternate extension can be specified
+        by executing <code class="literal">tdbbackup -s 'new_extension' *.tdb</code> as part of your startup script.
+        </p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="bugreport.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="troubleshooting.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="Appendix.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 40. Reporting Bugs </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Part VI. Reference Section</td></tr></table></div></body></html>