- Timestamp:
- Nov 12, 2012, 7:37:04 PM (13 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/samba-3.5.x/docs/htmldocs/Samba3-ByExample/Big500users.html
r599 r739 1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 4. The 500-User Office</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.75.2"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="ExNetworks.html" title="Part I. Example Network Configurations"><link rel="prev" href="secure.html" title="Chapter 3. Secure Office Networking"><link rel="next" href="happy.html" title="Chapter 5. Making Happy Users"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 4. The 500-User Office</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="secure.html">Prev</a> </td><th width="60%" align="center">Part I. Example Network Configurations</th><td width="20%" align="right"> <a accesskey="n" href="happy.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 4. The 500-User Office"><div class="titlepage"><div><div><h2 class="title"><a name="Big500users"></a>Chapter 4. The 500-User Office</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="Big500users.html#id33 6007">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#id336038">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id336113">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#id336141">Technical Issues</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id336318">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id336338">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#ch5-dnshcp-setup">Installation of DHCP, DNS, and Samba Control Files</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id337052">Server Preparation: All Servers</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id337568">Server-Specific Preparation</a></span></dt><dt><span class="sect2"><a href="Big500users.html#ch5-procstart">Process Startup Configuration</a></span></dt><dt><span class="sect2"><a href="Big500users.html#ch5wincfg">Windows Client Configuration</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id340544">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id340597">Questions and Answers</a></span></dt></dl></div><p>1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 4. The 500-User Office</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.75.2"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="ExNetworks.html" title="Part I. Example Network Configurations"><link rel="prev" href="secure.html" title="Chapter 3. Secure Office Networking"><link rel="next" href="happy.html" title="Chapter 5. Making Happy Users"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 4. The 500-User Office</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="secure.html">Prev</a> </td><th width="60%" align="center">Part I. Example Network Configurations</th><td width="20%" align="right"> <a accesskey="n" href="happy.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 4. The 500-User Office"><div class="titlepage"><div><div><h2 class="title"><a name="Big500users"></a>Chapter 4. The 500-User Office</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="Big500users.html#id334536">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#id334566">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id334641">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#id334670">Technical Issues</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id334846">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id334866">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#ch5-dnshcp-setup">Installation of DHCP, DNS, and Samba Control Files</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id335580">Server Preparation: All Servers</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id336096">Server-Specific Preparation</a></span></dt><dt><span class="sect2"><a href="Big500users.html#ch5-procstart">Process Startup Configuration</a></span></dt><dt><span class="sect2"><a href="Big500users.html#ch5wincfg">Windows Client Configuration</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id339071">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id339124">Questions and Answers</a></span></dt></dl></div><p> 2 2 The Samba-3 networking you explored in <a class="link" href="secure.html" title="Chapter 3. Secure Office Networking">“Secure Office Networking”</a> covers the finer points of 3 3 configuration of peripheral services such as DHCP and DNS, and WINS. You experienced … … 18 18 to make printing more complex for the administrator while making it easier for the user. 19 19 </p><p> 20 <a class="indexterm" name="id33 5954"></a>21 <a class="indexterm" name="id33 5961"></a>22 <a class="indexterm" name="id33 5967"></a>20 <a class="indexterm" name="id334482"></a> 21 <a class="indexterm" name="id334489"></a> 22 <a class="indexterm" name="id334496"></a> 23 23 <a class="link" href="secure.html" title="Chapter 3. Secure Office Networking">“Secure Office Networking”</a> demonstrates operation of a DHCP server and a DNS server 24 24 as well as a central WINS server. You validated the operation of these services and … … 42 42 You should take the opportunity to innovate and expand on the methods presented 43 43 here and explore them to the fullest. 44 </p><div class="sect1" title="Introduction"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id33 6007"></a>Introduction</h2></div></div></div><p>44 </p><div class="sect1" title="Introduction"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id334536"></a>Introduction</h2></div></div></div><p> 45 45 Business continues to go well for Abmas. Mr. Meany is driving your success and the 46 46 network continues to grow thanks to the hard work Christine has done. You recently … … 67 67 it is rolled out. Your strategy is to complete the new network so that it 68 68 is ready for operation when the old office moves into the new premises. 69 </p><div class="sect2" title="Assignment Tasks"><div class="titlepage"><div><div><h3 class="title"><a name="id33 6038"></a>Assignment Tasks</h3></div></div></div><p>69 </p><div class="sect2" title="Assignment Tasks"><div class="titlepage"><div><div><h3 class="title"><a name="id334566"></a>Assignment Tasks</h3></div></div></div><p> 70 70 The acquired business had 280 network users. The old Abmas building housed 71 71 220 network users in unbelievably cramped conditions. The network that … … 108 108 every four months. They automatically roll that out to each desktop system. 109 109 You must keep DirectPointe informed of all changes. 110 </p><p><a class="indexterm" name="id33 6088"></a>110 </p><p><a class="indexterm" name="id334616"></a> 111 111 The new network has a single Samba Primary Domain Controller (PDC) located in the 112 112 Network Operation Center (NOC). Buildings 1 and 2 each have a local server … … 116 116 Printing is based on raw pass-through facilities just as it has been used so far. 117 117 All printer drivers are installed on the desktop and notebook computers. 118 </p></div></div><div class="sect1" title="Dissection and Discussion"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id33 6113"></a>Dissection and Discussion</h2></div></div></div><p>119 <a class="indexterm" name="id33 6121"></a>118 </p></div></div><div class="sect1" title="Dissection and Discussion"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id334641"></a>Dissection and Discussion</h2></div></div></div><p> 119 <a class="indexterm" name="id334649"></a> 120 120 The example you are building in this chapter is of a network design that works, but this 121 121 does not make it a design that is recommended. As a general rule, there should be at least … … 128 128 controller. This is not a good omen for user satisfaction. You, of course, address this 129 129 very soon (see <a class="link" href="happy.html" title="Chapter 5. Making Happy Users">“Making Happy Users”</a>). 130 </p><div class="sect2" title="Technical Issues"><div class="titlepage"><div><div><h3 class="title"><a name="id33 6141"></a>Technical Issues</h3></div></div></div><p>130 </p><div class="sect2" title="Technical Issues"><div class="titlepage"><div><div><h3 class="title"><a name="id334670"></a>Technical Issues</h3></div></div></div><p> 131 131 Stan has talked you into a horrible compromise, but it is addressed. Just make 132 132 certain that the performance of this network is well validated before going live. … … 134 134 Design decisions made in this design include the following: 135 135 </p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p> 136 <a class="indexterm" name="id33 6161"></a>137 <a class="indexterm" name="id33 6168"></a>138 <a class="indexterm" name="id33 6174"></a>136 <a class="indexterm" name="id334689"></a> 137 <a class="indexterm" name="id334696"></a> 138 <a class="indexterm" name="id334702"></a> 139 139 A single PDC is being implemented. This limitation is based on the choice not to 140 140 use LDAP. Many network administrators fear using LDAP because of the perceived … … 142 142 identity management as well as to store network access credentials. 143 143 </p></li><li class="listitem"><p> 144 <a class="indexterm" name="id33 6188"></a>145 <a class="indexterm" name="id33 6195"></a>144 <a class="indexterm" name="id334716"></a> 145 <a class="indexterm" name="id334723"></a> 146 146 Because of the refusal to use an LDAP (ldapsam) passdb backend at this time, the 147 147 only choice that makes sense with 500 users is to use the tdbsam passwd backend. … … 157 157 integrity of operations considerations. 158 158 </p></li><li class="listitem"><p> 159 <a class="indexterm" name="id33 6229"></a>159 <a class="indexterm" name="id334757"></a> 160 160 A single central WINS server is being used. The PDC is also the WINS server. 161 161 Any attempt to operate a routed network without a WINS server while using NetBIOS … … 168 168 why a single WINS server is being implemented. This should work without a problem. 169 169 </p></li><li class="listitem"><p> 170 <a class="indexterm" name="id33 6261"></a>170 <a class="indexterm" name="id334789"></a> 171 171 BDCs make use of <code class="literal">winbindd</code> to provide 172 172 access to domain security credentials for file system access and object storage. 173 173 </p></li><li class="listitem"><p> 174 <a class="indexterm" name="id33 6279"></a>175 <a class="indexterm" name="id33 6288"></a>174 <a class="indexterm" name="id334807"></a> 175 <a class="indexterm" name="id334816"></a> 176 176 Configuration of Windows XP Professional clients is achieved using DHCP. Each 177 177 subnet has its own DHCP server. Backup DHCP serving is provided by one … … 189 189 each subnet. If in the future more addresses are required, it would make sense 190 190 to add further subnets rather than change addressing. 191 </p></li></ul></div></div><div class="sect2" title="Political Issues"><div class="titlepage"><div><div><h3 class="title"><a name="id33 6318"></a>Political Issues</h3></div></div></div><p>191 </p></li></ul></div></div><div class="sect2" title="Political Issues"><div class="titlepage"><div><div><h3 class="title"><a name="id334846"></a>Political Issues</h3></div></div></div><p> 192 192 This case gets close to the real world. You and I know the right way to implement 193 193 domain control. Politically, we have to navigate a minefield. In this case, the need is to … … 195 195 by having the real solution ready before it is needed. That real solution is presented in 196 196 <a class="link" href="happy.html" title="Chapter 5. Making Happy Users">“Making Happy Users”</a>. 197 </p></div></div><div class="sect1" title="Implementation"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id33 6338"></a>Implementation</h2></div></div></div><p>197 </p></div></div><div class="sect1" title="Implementation"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id334866"></a>Implementation</h2></div></div></div><p> 198 198 The following configuration process begins following installation of Red Hat Fedora Core2 on the 199 199 three servers shown in the network topology diagram in <a class="link" href="Big500users.html#chap05net" title="Figure 4.1. Network Topology 500 User Network Using tdbsam passdb backend.">“Network Topology 500 User Network Using tdbsam passdb backend.”</a>. You have … … 206 206 The abbreviation shown in this table as <code class="constant">{VLN}</code> refers to 207 207 the directory location beginning with <code class="filename">/var/lib/named</code>. 208 </p><div class="table"><a name="ch5-filelocations"></a><p class="title"><b>Table 4.1. Domain: <code class="constant">MEGANET</code>, File Locations for Servers</b></p><div class="table-contents"><table summary="Domain: MEGANET, File Locations for Servers" border="1"><colgroup><col align="left"><col align="left"><col align="center"><col align="center"><col align="center"></colgroup><thead><tr><th colspan="2" align="center">File Information</th><th colspan="3" align="center">Server Name</th></tr><tr><th align="center">Source</th><th align="center">Target Location</th><th align="center">MASSIVE</th><th align="center">BLDG1</th><th align="center">BLDG2</th></tr></thead><tbody><tr><td align="left"><a class="link" href="Big500users.html#ch5-massivesmb" title="Example 4.1. Server: MASSIVE (PDC), File: /etc/samba/smb.conf">“Server: MASSIVE (PDC), File: /etc/samba/smb.conf”</a></td><td align="left"><code class="filename">/etc/samba/smb.conf</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-dc-common" title="Example 4.2. Server: MASSIVE (PDC), File: /etc/samba/dc-common.conf">“Server: MASSIVE (PDC), File: /etc/samba/dc-common.conf”</a></td><td align="left"><code class="filename">/etc/samba/dc-common.conf</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-commonsmb" title="Example 4.3. Common Samba Configuration File: /etc/samba/common.conf">“Common Samba Configuration File: /etc/samba/common.conf”</a></td><td align="left"><code class="filename">/etc/samba/common.conf</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-bldg1-smb" title="Example 4.4. Server: BLDG1 (Member), File: smb.conf">“Server: BLDG1 (Member), File: smb.conf”</a></td><td align="left"><code class="filename">/etc/samba/smb.conf</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-bldg2-smb" title="Example 4.5. Server: BLDG2 (Member), File: smb.conf">“Server: BLDG2 (Member), File: smb.conf”</a></td><td align="left"><code class="filename">/etc/samba/smb.conf</code></td><td align="center">No</td><td align="center">No</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-dommem-smb" title="Example 4.6. Common Domain Member Include File: dom-mem.conf">“Common Domain Member Include File: dom-mem.conf”</a></td><td align="left"><code class="filename">/etc/samba/dommem.conf</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-dhcp" title="Example 4.7. Server: MASSIVE, File: dhcpd.conf">“Server: MASSIVE, File: dhcpd.conf”</a></td><td align="left"><code class="filename">/etc/dhcpd.conf</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg1dhcp" title="Example 4.8. Server: BLDG1, File: dhcpd.conf">“Server: BLDG1, File: dhcpd.conf”</a></td><td align="left"><code class="filename">/etc/dhcpd.conf</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg2dhcp" title="Example 4.9. Server: BLDG2, File: dhcpd.conf">“Server: BLDG2, File: dhcpd.conf”</a></td><td align="left"><code class="filename">/etc/dhcpd.conf</code></td><td align="center">No</td><td align="center">No</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-nameda" title="Example 4.10. Server: MASSIVE, File: named.conf, Part: A">“Server: MASSIVE, File: named.conf, Part: A”</a></td><td align="left"><code class="filename">/etc/named.conf (part A)</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-namedb" title="Example 4.11. Server: MASSIVE, File: named.conf, Part: B">“Server: MASSIVE, File: named.conf, Part: B”</a></td><td align="left"><code class="filename">/etc/named.conf (part B)</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-namedc" title="Example 4.12. Server: MASSIVE, File: named.conf, Part: C">“Server: MASSIVE, File: named.conf, Part: C”</a></td><td align="left"><code class="filename">/etc/named.conf (part C)</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#abmasbizdns" title="Example 4.13. Forward Zone File: abmas.biz.hosts">“Forward Zone File: abmas.biz.hosts”</a></td><td align="left"><code class="filename">{VLN}/master/abmas.biz.hosts</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#abmasusdns" title="Example 4.14. Forward Zone File: abmas.biz.hosts">“Forward Zone File: abmas.biz.hosts”</a></td><td align="left"><code class="filename">{VLN}/master/abmas.us.hosts</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg12nameda" title="Example 4.15. Servers: BLDG1/BLDG2, File: named.conf, Part: A">“Servers: BLDG1/BLDG2, File: named.conf, Part: A”</a></td><td align="left"><code class="filename">/etc/named.conf (part A)</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg12namedb" title="Example 4.16. Servers: BLDG1/BLDG2, File: named.conf, Part: B">“Servers: BLDG1/BLDG2, File: named.conf, Part: B”</a></td><td align="left"><code class="filename">/etc/named.conf (part B)</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="appendix.html#loopback" title="Example 15.3. DNS Localhost Forward Zone File: /var/lib/named/localhost.zone">“DNS Localhost Forward Zone File: /var/lib/named/localhost.zone”</a></td><td align="left"><code class="filename">{VLN}/localhost.zone</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="appendix.html#dnsloopy" title="Example 15.4. DNS Localhost Reverse Zone File: /var/lib/named/127.0.0.zone">“DNS Localhost Reverse Zone File: /var/lib/named/127.0.0.zone”</a></td><td align="left"><code class="filename">{VLN}/127.0.0.zone</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="appendix.html#roothint" title="Example 15.5. DNS Root Name Server Hint File: /var/lib/named/root.hint">“DNS Root Name Server Hint File: /var/lib/named/root.hint”</a></td><td align="left"><code class="filename">{VLN}/root.hint</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr></tbody></table></div></div><br class="table-break"></div><div class="sect2" title="Server Preparation: All Servers"><div class="titlepage"><div><div><h3 class="title"><a name="id33 7052"></a>Server Preparation: All Servers</h3></div></div></div><p>208 </p><div class="table"><a name="ch5-filelocations"></a><p class="title"><b>Table 4.1. Domain: <code class="constant">MEGANET</code>, File Locations for Servers</b></p><div class="table-contents"><table summary="Domain: MEGANET, File Locations for Servers" border="1"><colgroup><col align="left"><col align="left"><col align="center"><col align="center"><col align="center"></colgroup><thead><tr><th colspan="2" align="center">File Information</th><th colspan="3" align="center">Server Name</th></tr><tr><th align="center">Source</th><th align="center">Target Location</th><th align="center">MASSIVE</th><th align="center">BLDG1</th><th align="center">BLDG2</th></tr></thead><tbody><tr><td align="left"><a class="link" href="Big500users.html#ch5-massivesmb" title="Example 4.1. Server: MASSIVE (PDC), File: /etc/samba/smb.conf">“Server: MASSIVE (PDC), File: /etc/samba/smb.conf”</a></td><td align="left"><code class="filename">/etc/samba/smb.conf</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-dc-common" title="Example 4.2. Server: MASSIVE (PDC), File: /etc/samba/dc-common.conf">“Server: MASSIVE (PDC), File: /etc/samba/dc-common.conf”</a></td><td align="left"><code class="filename">/etc/samba/dc-common.conf</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-commonsmb" title="Example 4.3. Common Samba Configuration File: /etc/samba/common.conf">“Common Samba Configuration File: /etc/samba/common.conf”</a></td><td align="left"><code class="filename">/etc/samba/common.conf</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-bldg1-smb" title="Example 4.4. Server: BLDG1 (Member), File: smb.conf">“Server: BLDG1 (Member), File: smb.conf”</a></td><td align="left"><code class="filename">/etc/samba/smb.conf</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-bldg2-smb" title="Example 4.5. Server: BLDG2 (Member), File: smb.conf">“Server: BLDG2 (Member), File: smb.conf”</a></td><td align="left"><code class="filename">/etc/samba/smb.conf</code></td><td align="center">No</td><td align="center">No</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-dommem-smb" title="Example 4.6. Common Domain Member Include File: dom-mem.conf">“Common Domain Member Include File: dom-mem.conf”</a></td><td align="left"><code class="filename">/etc/samba/dommem.conf</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-dhcp" title="Example 4.7. Server: MASSIVE, File: dhcpd.conf">“Server: MASSIVE, File: dhcpd.conf”</a></td><td align="left"><code class="filename">/etc/dhcpd.conf</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg1dhcp" title="Example 4.8. Server: BLDG1, File: dhcpd.conf">“Server: BLDG1, File: dhcpd.conf”</a></td><td align="left"><code class="filename">/etc/dhcpd.conf</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg2dhcp" title="Example 4.9. Server: BLDG2, File: dhcpd.conf">“Server: BLDG2, File: dhcpd.conf”</a></td><td align="left"><code class="filename">/etc/dhcpd.conf</code></td><td align="center">No</td><td align="center">No</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-nameda" title="Example 4.10. Server: MASSIVE, File: named.conf, Part: A">“Server: MASSIVE, File: named.conf, Part: A”</a></td><td align="left"><code class="filename">/etc/named.conf (part A)</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-namedb" title="Example 4.11. Server: MASSIVE, File: named.conf, Part: B">“Server: MASSIVE, File: named.conf, Part: B”</a></td><td align="left"><code class="filename">/etc/named.conf (part B)</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-namedc" title="Example 4.12. Server: MASSIVE, File: named.conf, Part: C">“Server: MASSIVE, File: named.conf, Part: C”</a></td><td align="left"><code class="filename">/etc/named.conf (part C)</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#abmasbizdns" title="Example 4.13. Forward Zone File: abmas.biz.hosts">“Forward Zone File: abmas.biz.hosts”</a></td><td align="left"><code class="filename">{VLN}/master/abmas.biz.hosts</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#abmasusdns" title="Example 4.14. Forward Zone File: abmas.biz.hosts">“Forward Zone File: abmas.biz.hosts”</a></td><td align="left"><code class="filename">{VLN}/master/abmas.us.hosts</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg12nameda" title="Example 4.15. Servers: BLDG1/BLDG2, File: named.conf, Part: A">“Servers: BLDG1/BLDG2, File: named.conf, Part: A”</a></td><td align="left"><code class="filename">/etc/named.conf (part A)</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg12namedb" title="Example 4.16. Servers: BLDG1/BLDG2, File: named.conf, Part: B">“Servers: BLDG1/BLDG2, File: named.conf, Part: B”</a></td><td align="left"><code class="filename">/etc/named.conf (part B)</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="appendix.html#loopback" title="Example 15.3. DNS Localhost Forward Zone File: /var/lib/named/localhost.zone">“DNS Localhost Forward Zone File: /var/lib/named/localhost.zone”</a></td><td align="left"><code class="filename">{VLN}/localhost.zone</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="appendix.html#dnsloopy" title="Example 15.4. DNS Localhost Reverse Zone File: /var/lib/named/127.0.0.zone">“DNS Localhost Reverse Zone File: /var/lib/named/127.0.0.zone”</a></td><td align="left"><code class="filename">{VLN}/127.0.0.zone</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="appendix.html#roothint" title="Example 15.5. DNS Root Name Server Hint File: /var/lib/named/root.hint">“DNS Root Name Server Hint File: /var/lib/named/root.hint”</a></td><td align="left"><code class="filename">{VLN}/root.hint</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr></tbody></table></div></div><br class="table-break"></div><div class="sect2" title="Server Preparation: All Servers"><div class="titlepage"><div><div><h3 class="title"><a name="id335580"></a>Server Preparation: All Servers</h3></div></div></div><p> 209 209 The following steps apply to all servers. Follow each step carefully. 210 </p><div class="procedure" title="Procedure 4.1. Server Preparation Steps"><a name="id33 7062"></a><p class="title"><b>Procedure 4.1. Server Preparation Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>210 </p><div class="procedure" title="Procedure 4.1. Server Preparation Steps"><a name="id335590"></a><p class="title"><b>Procedure 4.1. Server Preparation Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p> 211 211 Using the UNIX/Linux system tools, set the name of the server as shown in the network 212 212 topology diagram in <a class="link" href="Big500users.html#chap05net" title="Figure 4.1. Network Topology 500 User Network Using tdbsam passdb backend.">“Network Topology 500 User Network Using tdbsam passdb backend.”</a>. For SUSE Linux products, the tool … … 222 222 </pre><p> 223 223 </p></li><li class="step" title="Step 2"><p> 224 <a class="indexterm" name="id33 7123"></a>225 <a class="indexterm" name="id33 7130"></a>224 <a class="indexterm" name="id335651"></a> 225 <a class="indexterm" name="id335658"></a> 226 226 Edit your <code class="filename">/etc/hosts</code> file to include the primary names and addresses 227 227 of all network interfaces that are on the host server. This is necessary so that during … … 231 231 should also include an entry for the printers in the <code class="filename">/etc/hosts</code> file. 232 232 </p></li><li class="step" title="Step 3"><p> 233 <a class="indexterm" name="id33 7165"></a>233 <a class="indexterm" name="id335693"></a> 234 234 All DNS name resolution should be handled locally. To ensure that the server is configured 235 235 correctly to handle this, edit <code class="filename">/etc/resolv.conf</code> so it has the following … … 242 242 that is running locally to resolve names to addresses. 243 243 </p></li><li class="step" title="Step 4"><p> 244 <a class="indexterm" name="id33 7193"></a>245 <a class="indexterm" name="id33 7200"></a>244 <a class="indexterm" name="id335721"></a> 245 <a class="indexterm" name="id335728"></a> 246 246 Add the <code class="constant">root</code> user to the password backend: 247 247 </p><pre class="screen"> … … 256 256 without considerable trouble. 257 257 </p></li><li class="step" title="Step 5"><p> 258 <a class="indexterm" name="id33 7241"></a>259 <a class="indexterm" name="id33 7248"></a>258 <a class="indexterm" name="id335770"></a> 259 <a class="indexterm" name="id335776"></a> 260 260 Create the username map file to permit the <code class="constant">root</code> account to be called 261 261 <code class="constant">Administrator</code> from the Windows network environment. To do this, create … … 295 295 to port 9100. Use any other port the manufacturer specifies for direct mode, 296 296 raw printing. This allows the CUPS spooler to print using raw mode protocols. 297 <a class="indexterm" name="id33 7328"></a>298 <a class="indexterm" name="id33 7335"></a>297 <a class="indexterm" name="id335856"></a> 298 <a class="indexterm" name="id335863"></a> 299 299 </p></li><li class="step" title="Step 9"><p> 300 <a class="indexterm" name="id33 7348"></a>300 <a class="indexterm" name="id335876"></a> 301 301 Only on the server to which the printer is attached configure the CUPS Print 302 302 Queues as follows: … … 304 304 <code class="prompt">root# </code> lpadmin -p <em class="parameter"><code>printque</code></em> -v socket://<em class="parameter"><code>printer-name</code></em>.abmas.biz:9100 -E 305 305 </pre><p> 306 <a class="indexterm" name="id33 7382"></a>306 <a class="indexterm" name="id335910"></a> 307 307 This step creates the necessary print queue to use no assigned print filter. This 308 308 is ideal for raw printing, that is, printing without use of filters. … … 324 324 </pre><p> 325 325 </p></li><li class="step" title="Step 12"><p> 326 <a class="indexterm" name="id33 7455"></a>327 <a class="indexterm" name="id33 7461"></a>328 <a class="indexterm" name="id33 7468"></a>326 <a class="indexterm" name="id335983"></a> 327 <a class="indexterm" name="id335990"></a> 328 <a class="indexterm" name="id335996"></a> 329 329 This step, as well as the next one, may be omitted where CUPS version 1.1.18 330 330 or later is in use. Although it does no harm to follow it anyway, and may … … 337 337 </pre><p> 338 338 </p></li><li class="step" title="Step 13"><p> 339 <a class="indexterm" name="id33 7500"></a>339 <a class="indexterm" name="id336029"></a> 340 340 Edit the file <code class="filename">/etc/cups/mime.types</code> to uncomment the line: 341 341 </p><pre class="screen"> … … 360 360 is considerably more difficult when a single PDC is used on a routed network. It can be done, but not 361 361 as elegantly as you see in the next chapter. 362 </p></div></div><div class="sect2" title="Server-Specific Preparation"><div class="titlepage"><div><div><h3 class="title"><a name="id33 7568"></a>Server-Specific Preparation</h3></div></div></div><p>362 </p></div></div><div class="sect2" title="Server-Specific Preparation"><div class="titlepage"><div><div><h3 class="title"><a name="id336096"></a>Server-Specific Preparation</h3></div></div></div><p> 363 363 There are some steps that apply to particular server functionality only. Each step is critical 364 364 to correct server operation. The following step-by-step installation guidance will assist you 365 365 in working through the process of configuring the PDC and then both BDC's. 366 </p><div class="sect3" title="Configuration for Server: MASSIVE"><div class="titlepage"><div><div><h4 class="title"><a name="id33 7579"></a>Configuration for Server: <code class="constant">MASSIVE</code></h4></div></div></div><p>366 </p><div class="sect3" title="Configuration for Server: MASSIVE"><div class="titlepage"><div><div><h4 class="title"><a name="id336107"></a>Configuration for Server: <code class="constant">MASSIVE</code></h4></div></div></div><p> 367 367 The steps presented here attempt to implement Samba installation in a generic manner. While 368 368 some steps are clearly specific to Linux, it should not be too difficult to apply them to 369 369 your platform of choice. 370 </p><div class="procedure" title="Procedure 4.2. Primary Domain Controller Preparation"><a name="id33 7592"></a><p class="title"><b>Procedure 4.2. Primary Domain Controller Preparation</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>371 <a class="indexterm" name="id33 7603"></a>372 <a class="indexterm" name="id33 7610"></a>370 </p><div class="procedure" title="Procedure 4.2. Primary Domain Controller Preparation"><a name="id336120"></a><p class="title"><b>Procedure 4.2. Primary Domain Controller Preparation</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p> 371 <a class="indexterm" name="id336132"></a> 372 <a class="indexterm" name="id336138"></a> 373 373 The host server acts as a router between the two internal network segments as well 374 374 as for all Internet access. This necessitates that IP forwarding be enabled. This can be … … 398 398 <code class="filename">/etc/rc.d/init.d/rc.local</code>. 399 399 </p></li><li class="step" title="Step 3"><p> 400 <a class="indexterm" name="id33 7688"></a>400 <a class="indexterm" name="id336216"></a> 401 401 The final step that must be completed is to edit the <code class="filename">/etc/nsswitch.conf</code> file. 402 402 This file controls the operation of the various resolver libraries that are part of the Linux … … 406 406 </pre><p> 407 407 </p></li><li class="step" title="Step 4"><p> 408 <a class="indexterm" name="id33 7715"></a>408 <a class="indexterm" name="id336244"></a> 409 409 Create and map Windows domain groups to UNIX groups. A sample script is provided in 410 410 <a class="link" href="Big500users.html#ch5-initgrps" title="Example 4.17. Initialize Groups Script, File: /etc/samba/initGrps.sh">“Initialize Groups Script, File: /etc/samba/initGrps.sh”</a>. Create a file containing this script. You called yours … … 413 413 validation are shown in Section 4.3.2, Step 5. 414 414 </p></li><li class="step" title="Step 5"><p> 415 <a class="indexterm" name="id33 7743"></a>416 <a class="indexterm" name="id33 7750"></a>417 <a class="indexterm" name="id33 7759"></a>415 <a class="indexterm" name="id336272"></a> 416 <a class="indexterm" name="id336279"></a> 417 <a class="indexterm" name="id336288"></a> 418 418 For each user who needs to be given a Windows domain account, make an entry in the 419 419 <code class="filename">/etc/passwd</code> file as well as in the Samba password backend. … … 421 421 <code class="literal">smbpasswd</code> to create a domain user account. 422 422 </p><p> 423 <a class="indexterm" name="id33 7784"></a>424 <a class="indexterm" name="id33 7790"></a>425 <a class="indexterm" name="id33 7797"></a>423 <a class="indexterm" name="id336312"></a> 424 <a class="indexterm" name="id336319"></a> 425 <a class="indexterm" name="id336326"></a> 426 426 There are a number of tools for user management under UNIX, such as 427 427 <code class="literal">useradd</code>, <code class="literal">adduser</code>, as well as a plethora of custom … … 436 436 file system partition using appropriate system tools. 437 437 </p></li><li class="step" title="Step 8"><p> 438 <a class="indexterm" name="id33 7856"></a>438 <a class="indexterm" name="id336384"></a> 439 439 Create the top-level file storage directories for data and applications as follows: 440 440 </p><pre class="screen"> … … 476 476 </pre><p> 477 477 </p></li><li class="step" title="Step 10"><p> 478 <a class="indexterm" name="id33 8048"></a>479 <a class="indexterm" name="id33 8055"></a>478 <a class="indexterm" name="id336577"></a> 479 <a class="indexterm" name="id336584"></a> 480 480 Create a logon script. It is important that each line is correctly terminated with 481 481 a carriage return and line-feed combination (i.e., DOS encoding). The following procedure … … 519 519 isolated network segments. Remember that if the target installation platform is not Linux, it may 520 520 be necessary to adapt some commands to the equivalent on the target platform. 521 </p><div class="procedure" title="Procedure 4.3. Backup Domain Controller Configuration Steps"><a name="id33 8227"></a><p class="title"><b>Procedure 4.3. Backup Domain Controller Configuration Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>522 <a class="indexterm" name="id33 8238"></a>521 </p><div class="procedure" title="Procedure 4.3. Backup Domain Controller Configuration Steps"><a name="id336754"></a><p class="title"><b>Procedure 4.3. Backup Domain Controller Configuration Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p> 522 <a class="indexterm" name="id336766"></a> 523 523 The final step that must be completed is to edit the <code class="filename">/etc/nsswitch.conf</code> file. 524 524 This file controls the operation of the various resolver libraries that are part of the Linux … … 533 533 start Samba at this time. Samba is controlled by the process called <code class="literal">smb</code>. 534 534 </p></li><li class="step" title="Step 3"><p> 535 <a class="indexterm" name="id33 8286"></a>535 <a class="indexterm" name="id336813"></a> 536 536 You must now attempt to join the domain member servers to the domain. The following 537 537 instructions should be executed to effect this: … … 540 540 </pre><p> 541 541 </p></li><li class="step" title="Step 4"><p> 542 <a class="indexterm" name="id33 8316"></a>542 <a class="indexterm" name="id336843"></a> 543 543 You now start the Samba services by executing: 544 544 </p><pre class="screen"> … … 549 549 <a class="link" href="Big500users.html#ch5-domsvrspec" title="Configuration Specific to Domain Member Servers: BLDG1, BLDG2">“Configuration Specific to Domain Member Servers: BLDG1, BLDG2”</a> until after the operation of the server has been 550 550 validated following the same methods as outlined in <a class="link" href="secure.html#ch4valid" title="Validation">“Validation”</a>. 551 </p></li></ol></div></div></div><div class="example"><a name="ch5-massivesmb"></a><p class="title"><b>Example 4.1. Server: MASSIVE (PDC), File: <code class="filename">/etc/samba/smb.conf</code></b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id33 8398"></a><em class="parameter"><code>workgroup = MEGANET</code></em></td></tr><tr><td><a class="indexterm" name="id338409"></a><em class="parameter"><code>netbios name = MASSIVE</code></em></td></tr><tr><td><a class="indexterm" name="id338421"></a><em class="parameter"><code>interfaces = eth1, lo</code></em></td></tr><tr><td><a class="indexterm" name="id338432"></a><em class="parameter"><code>bind interfaces only = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338444"></a><em class="parameter"><code>passdb backend = tdbsam</code></em></td></tr><tr><td><a class="indexterm" name="id338455"></a><em class="parameter"><code>smb ports = 139</code></em></td></tr><tr><td><a class="indexterm" name="id338467"></a><em class="parameter"><code>add user script = /usr/sbin/useradd -m '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id338478"></a><em class="parameter"><code>delete user script = /usr/sbin/userdel -r '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id338490"></a><em class="parameter"><code>add group script = /usr/sbin/groupadd '%g'</code></em></td></tr><tr><td><a class="indexterm" name="id338502"></a><em class="parameter"><code>delete group script = /usr/sbin/groupdel '%g'</code></em></td></tr><tr><td><a class="indexterm" name="id338514"></a><em class="parameter"><code>add user to group script = /usr/sbin/usermod -G '%g' '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id338526"></a><em class="parameter"><code>add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id338538"></a><em class="parameter"><code>preferred master = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338549"></a><em class="parameter"><code>wins support = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338560"></a><em class="parameter"><code>include = /etc/samba/dc-common.conf</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[accounts]</code></em></td></tr><tr><td><a class="indexterm" name="id338581"></a><em class="parameter"><code>comment = Accounting Files</code></em></td></tr><tr><td><a class="indexterm" name="id338593"></a><em class="parameter"><code>path = /data/accounts</code></em></td></tr><tr><td><a class="indexterm" name="id338604"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[service]</code></em></td></tr><tr><td><a class="indexterm" name="id338624"></a><em class="parameter"><code>comment = Financial Services Files</code></em></td></tr><tr><td><a class="indexterm" name="id338636"></a><em class="parameter"><code>path = /data/service</code></em></td></tr><tr><td><a class="indexterm" name="id338648"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[pidata]</code></em></td></tr><tr><td><a class="indexterm" name="id338668"></a><em class="parameter"><code>comment = Property Insurance Files</code></em></td></tr><tr><td><a class="indexterm" name="id338680"></a><em class="parameter"><code>path = /data/pidata</code></em></td></tr><tr><td><a class="indexterm" name="id338691"></a><em class="parameter"><code>read only = No</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-dc-common"></a><p class="title"><b>Example 4.2. Server: MASSIVE (PDC), File: <code class="filename">/etc/samba/dc-common.conf</code></b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id338738"></a><em class="parameter"><code>shutdown script = /var/lib/samba/scripts/shutdown.sh</code></em></td></tr><tr><td><a class="indexterm" name="id338749"></a><em class="parameter"><code>abort shutdown script = /sbin/shutdown -c</code></em></td></tr><tr><td><a class="indexterm" name="id338761"></a><em class="parameter"><code>logon script = scripts\logon.bat</code></em></td></tr><tr><td><a class="indexterm" name="id338773"></a><em class="parameter"><code>logon path = \%L\profiles\%U</code></em></td></tr><tr><td><a class="indexterm" name="id338784"></a><em class="parameter"><code>logon drive = X:</code></em></td></tr><tr><td><a class="indexterm" name="id338796"></a><em class="parameter"><code>logon home = \%L\%U</code></em></td></tr><tr><td><a class="indexterm" name="id338807"></a><em class="parameter"><code>domain logons = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338819"></a><em class="parameter"><code>preferred master = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338830"></a><em class="parameter"><code>include = /etc/samba/common.conf</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[homes]</code></em></td></tr><tr><td><a class="indexterm" name="id338851"></a><em class="parameter"><code>comment = Home Directories</code></em></td></tr><tr><td><a class="indexterm" name="id338862"></a><em class="parameter"><code>valid users = %S</code></em></td></tr><tr><td><a class="indexterm" name="id338874"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td><a class="indexterm" name="id338885"></a><em class="parameter"><code>browseable = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[netlogon]</code></em></td></tr><tr><td><a class="indexterm" name="id338906"></a><em class="parameter"><code>comment = Network Logon Service</code></em></td></tr><tr><td><a class="indexterm" name="id338917"></a><em class="parameter"><code>path = /var/lib/samba/netlogon</code></em></td></tr><tr><td><a class="indexterm" name="id338929"></a><em class="parameter"><code>guest ok = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338940"></a><em class="parameter"><code>locking = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[profiles]</code></em></td></tr><tr><td><a class="indexterm" name="id338961"></a><em class="parameter"><code>comment = Profile Share</code></em></td></tr><tr><td><a class="indexterm" name="id338972"></a><em class="parameter"><code>path = /var/lib/samba/profiles</code></em></td></tr><tr><td><a class="indexterm" name="id338984"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td><a class="indexterm" name="id338995"></a><em class="parameter"><code>profile acls = Yes</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-commonsmb"></a><p class="title"><b>Example 4.3. Common Samba Configuration File: <code class="filename">/etc/samba/common.conf</code></b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id339038"></a><em class="parameter"><code>username map = /etc/samba/smbusers</code></em></td></tr><tr><td><a class="indexterm" name="id339050"></a><em class="parameter"><code>log level = 1</code></em></td></tr><tr><td><a class="indexterm" name="id339061"></a><em class="parameter"><code>syslog = 0</code></em></td></tr><tr><td><a class="indexterm" name="id339073"></a><em class="parameter"><code>log file = /var/log/samba/%m</code></em></td></tr><tr><td><a class="indexterm" name="id339084"></a><em class="parameter"><code>max log size = 50</code></em></td></tr><tr><td><a class="indexterm" name="id339096"></a><em class="parameter"><code>smb ports = 139</code></em></td></tr><tr><td><a class="indexterm" name="id339107"></a><em class="parameter"><code>name resolve order = wins bcast hosts</code></em></td></tr><tr><td><a class="indexterm" name="id339119"></a><em class="parameter"><code>time server = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339130"></a><em class="parameter"><code>printcap name = CUPS</code></em></td></tr><tr><td><a class="indexterm" name="id339142"></a><em class="parameter"><code>show add printer wizard = No</code></em></td></tr><tr><td><a class="indexterm" name="id339154"></a><em class="parameter"><code>shutdown script = /var/lib/samba/scripts/shutdown.sh</code></em></td></tr><tr><td><a class="indexterm" name="id339165"></a><em class="parameter"><code>abort shutdown script = /sbin/shutdown -c</code></em></td></tr><tr><td><a class="indexterm" name="id339177"></a><em class="parameter"><code>utmp = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339188"></a><em class="parameter"><code>map acl inherit = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339200"></a><em class="parameter"><code>printing = cups</code></em></td></tr><tr><td><a class="indexterm" name="id339211"></a><em class="parameter"><code>veto files = /*.eml/*.nws/*.{*}/</code></em></td></tr><tr><td><a class="indexterm" name="id339223"></a><em class="parameter"><code>veto oplock files = /*.doc/*.xls/*.mdb/</code></em></td></tr><tr><td><a class="indexterm" name="id339235"></a><em class="parameter"><code>include = </code></em></td></tr><tr><td># Share and Service Definitions are common to all servers</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[printers]</code></em></td></tr><tr><td><a class="indexterm" name="id339259"></a><em class="parameter"><code>comment = SMB Print Spool</code></em></td></tr><tr><td><a class="indexterm" name="id339270"></a><em class="parameter"><code>path = /var/spool/samba</code></em></td></tr><tr><td><a class="indexterm" name="id339282"></a><em class="parameter"><code>guest ok = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339293"></a><em class="parameter"><code>printable = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339305"></a><em class="parameter"><code>use client driver = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339316"></a><em class="parameter"><code>default devmode = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339328"></a><em class="parameter"><code>browseable = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[apps]</code></em></td></tr><tr><td><a class="indexterm" name="id339348"></a><em class="parameter"><code>comment = Application Files</code></em></td></tr><tr><td><a class="indexterm" name="id339360"></a><em class="parameter"><code>path = /apps</code></em></td></tr><tr><td><a class="indexterm" name="id339371"></a><em class="parameter"><code>admin users = bjordan</code></em></td></tr><tr><td><a class="indexterm" name="id339383"></a><em class="parameter"><code>read only = No</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-bldg1-smb"></a><p class="title"><b>Example 4.4. Server: BLDG1 (Member), File: smb.conf</b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id339425"></a><em class="parameter"><code>workgroup = MEGANET</code></em></td></tr><tr><td><a class="indexterm" name="id339436"></a><em class="parameter"><code>netbios name = BLDG1</code></em></td></tr><tr><td><a class="indexterm" name="id339448"></a><em class="parameter"><code>include = /etc/samba/dom-mem.conf</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-bldg2-smb"></a><p class="title"><b>Example 4.5. Server: BLDG2 (Member), File: smb.conf</b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id339490"></a><em class="parameter"><code>workgroup = MEGANET</code></em></td></tr><tr><td><a class="indexterm" name="id339501"></a><em class="parameter"><code>netbios name = BLDG2</code></em></td></tr><tr><td><a class="indexterm" name="id339512"></a><em class="parameter"><code>include = /etc/samba/dom-mem.conf</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-dommem-smb"></a><p class="title"><b>Example 4.6. Common Domain Member Include File: dom-mem.conf</b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id339555"></a><em class="parameter"><code>shutdown script = /var/lib/samba/scripts/shutdown.sh</code></em></td></tr><tr><td><a class="indexterm" name="id339566"></a><em class="parameter"><code>abort shutdown script = /sbin/shutdown -c</code></em></td></tr><tr><td><a class="indexterm" name="id339578"></a><em class="parameter"><code>preferred master = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339590"></a><em class="parameter"><code>wins server = 172.16.0.1</code></em></td></tr><tr><td><a class="indexterm" name="id339601"></a><em class="parameter"><code>idmap uid = 15000-20000</code></em></td></tr><tr><td><a class="indexterm" name="id339613"></a><em class="parameter"><code>idmap gid = 15000-20000</code></em></td></tr><tr><td><a class="indexterm" name="id339624"></a><em class="parameter"><code>include = /etc/samba/common.conf</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="massive-dhcp"></a><p class="title"><b>Example 4.7. Server: MASSIVE, File: dhcpd.conf</b></p><div class="example-contents"><pre class="screen">551 </p></li></ol></div></div></div><div class="example"><a name="ch5-massivesmb"></a><p class="title"><b>Example 4.1. Server: MASSIVE (PDC), File: <code class="filename">/etc/samba/smb.conf</code></b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id336925"></a><em class="parameter"><code>workgroup = MEGANET</code></em></td></tr><tr><td><a class="indexterm" name="id336936"></a><em class="parameter"><code>netbios name = MASSIVE</code></em></td></tr><tr><td><a class="indexterm" name="id336948"></a><em class="parameter"><code>interfaces = eth1, lo</code></em></td></tr><tr><td><a class="indexterm" name="id336959"></a><em class="parameter"><code>bind interfaces only = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id336971"></a><em class="parameter"><code>passdb backend = tdbsam</code></em></td></tr><tr><td><a class="indexterm" name="id336982"></a><em class="parameter"><code>smb ports = 139</code></em></td></tr><tr><td><a class="indexterm" name="id336994"></a><em class="parameter"><code>add user script = /usr/sbin/useradd -m '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id337006"></a><em class="parameter"><code>delete user script = /usr/sbin/userdel -r '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id337017"></a><em class="parameter"><code>add group script = /usr/sbin/groupadd '%g'</code></em></td></tr><tr><td><a class="indexterm" name="id337029"></a><em class="parameter"><code>delete group script = /usr/sbin/groupdel '%g'</code></em></td></tr><tr><td><a class="indexterm" name="id337041"></a><em class="parameter"><code>add user to group script = /usr/sbin/usermod -G '%g' '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id337053"></a><em class="parameter"><code>add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id337065"></a><em class="parameter"><code>preferred master = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337076"></a><em class="parameter"><code>wins support = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337088"></a><em class="parameter"><code>include = /etc/samba/dc-common.conf</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[accounts]</code></em></td></tr><tr><td><a class="indexterm" name="id337108"></a><em class="parameter"><code>comment = Accounting Files</code></em></td></tr><tr><td><a class="indexterm" name="id337120"></a><em class="parameter"><code>path = /data/accounts</code></em></td></tr><tr><td><a class="indexterm" name="id337131"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[service]</code></em></td></tr><tr><td><a class="indexterm" name="id337152"></a><em class="parameter"><code>comment = Financial Services Files</code></em></td></tr><tr><td><a class="indexterm" name="id337163"></a><em class="parameter"><code>path = /data/service</code></em></td></tr><tr><td><a class="indexterm" name="id337175"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[pidata]</code></em></td></tr><tr><td><a class="indexterm" name="id337195"></a><em class="parameter"><code>comment = Property Insurance Files</code></em></td></tr><tr><td><a class="indexterm" name="id337207"></a><em class="parameter"><code>path = /data/pidata</code></em></td></tr><tr><td><a class="indexterm" name="id337218"></a><em class="parameter"><code>read only = No</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-dc-common"></a><p class="title"><b>Example 4.2. Server: MASSIVE (PDC), File: <code class="filename">/etc/samba/dc-common.conf</code></b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id337265"></a><em class="parameter"><code>shutdown script = /var/lib/samba/scripts/shutdown.sh</code></em></td></tr><tr><td><a class="indexterm" name="id337277"></a><em class="parameter"><code>abort shutdown script = /sbin/shutdown -c</code></em></td></tr><tr><td><a class="indexterm" name="id337288"></a><em class="parameter"><code>logon script = scripts\logon.bat</code></em></td></tr><tr><td><a class="indexterm" name="id337300"></a><em class="parameter"><code>logon path = \%L\profiles\%U</code></em></td></tr><tr><td><a class="indexterm" name="id337312"></a><em class="parameter"><code>logon drive = X:</code></em></td></tr><tr><td><a class="indexterm" name="id337323"></a><em class="parameter"><code>logon home = \%L\%U</code></em></td></tr><tr><td><a class="indexterm" name="id337335"></a><em class="parameter"><code>domain logons = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337346"></a><em class="parameter"><code>preferred master = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337358"></a><em class="parameter"><code>include = /etc/samba/common.conf</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[homes]</code></em></td></tr><tr><td><a class="indexterm" name="id337378"></a><em class="parameter"><code>comment = Home Directories</code></em></td></tr><tr><td><a class="indexterm" name="id337390"></a><em class="parameter"><code>valid users = %S</code></em></td></tr><tr><td><a class="indexterm" name="id337401"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td><a class="indexterm" name="id337413"></a><em class="parameter"><code>browseable = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[netlogon]</code></em></td></tr><tr><td><a class="indexterm" name="id337433"></a><em class="parameter"><code>comment = Network Logon Service</code></em></td></tr><tr><td><a class="indexterm" name="id337445"></a><em class="parameter"><code>path = /var/lib/samba/netlogon</code></em></td></tr><tr><td><a class="indexterm" name="id337456"></a><em class="parameter"><code>guest ok = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337468"></a><em class="parameter"><code>locking = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[profiles]</code></em></td></tr><tr><td><a class="indexterm" name="id337488"></a><em class="parameter"><code>comment = Profile Share</code></em></td></tr><tr><td><a class="indexterm" name="id337500"></a><em class="parameter"><code>path = /var/lib/samba/profiles</code></em></td></tr><tr><td><a class="indexterm" name="id337511"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td><a class="indexterm" name="id337523"></a><em class="parameter"><code>profile acls = Yes</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-commonsmb"></a><p class="title"><b>Example 4.3. Common Samba Configuration File: <code class="filename">/etc/samba/common.conf</code></b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id337566"></a><em class="parameter"><code>username map = /etc/samba/smbusers</code></em></td></tr><tr><td><a class="indexterm" name="id337577"></a><em class="parameter"><code>log level = 1</code></em></td></tr><tr><td><a class="indexterm" name="id337589"></a><em class="parameter"><code>syslog = 0</code></em></td></tr><tr><td><a class="indexterm" name="id337600"></a><em class="parameter"><code>log file = /var/log/samba/%m</code></em></td></tr><tr><td><a class="indexterm" name="id337612"></a><em class="parameter"><code>max log size = 50</code></em></td></tr><tr><td><a class="indexterm" name="id337623"></a><em class="parameter"><code>smb ports = 139</code></em></td></tr><tr><td><a class="indexterm" name="id337635"></a><em class="parameter"><code>name resolve order = wins bcast hosts</code></em></td></tr><tr><td><a class="indexterm" name="id337646"></a><em class="parameter"><code>time server = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337658"></a><em class="parameter"><code>printcap name = CUPS</code></em></td></tr><tr><td><a class="indexterm" name="id337669"></a><em class="parameter"><code>show add printer wizard = No</code></em></td></tr><tr><td><a class="indexterm" name="id337681"></a><em class="parameter"><code>shutdown script = /var/lib/samba/scripts/shutdown.sh</code></em></td></tr><tr><td><a class="indexterm" name="id337693"></a><em class="parameter"><code>abort shutdown script = /sbin/shutdown -c</code></em></td></tr><tr><td><a class="indexterm" name="id337704"></a><em class="parameter"><code>utmp = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337716"></a><em class="parameter"><code>map acl inherit = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337727"></a><em class="parameter"><code>printing = cups</code></em></td></tr><tr><td><a class="indexterm" name="id337739"></a><em class="parameter"><code>veto files = /*.eml/*.nws/*.{*}/</code></em></td></tr><tr><td><a class="indexterm" name="id337750"></a><em class="parameter"><code>veto oplock files = /*.doc/*.xls/*.mdb/</code></em></td></tr><tr><td><a class="indexterm" name="id337762"></a><em class="parameter"><code>include = </code></em></td></tr><tr><td># Share and Service Definitions are common to all servers</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[printers]</code></em></td></tr><tr><td><a class="indexterm" name="id337786"></a><em class="parameter"><code>comment = SMB Print Spool</code></em></td></tr><tr><td><a class="indexterm" name="id337798"></a><em class="parameter"><code>path = /var/spool/samba</code></em></td></tr><tr><td><a class="indexterm" name="id337809"></a><em class="parameter"><code>guest ok = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337821"></a><em class="parameter"><code>printable = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337832"></a><em class="parameter"><code>use client driver = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337844"></a><em class="parameter"><code>default devmode = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337855"></a><em class="parameter"><code>browseable = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[apps]</code></em></td></tr><tr><td><a class="indexterm" name="id337876"></a><em class="parameter"><code>comment = Application Files</code></em></td></tr><tr><td><a class="indexterm" name="id337887"></a><em class="parameter"><code>path = /apps</code></em></td></tr><tr><td><a class="indexterm" name="id337899"></a><em class="parameter"><code>admin users = bjordan</code></em></td></tr><tr><td><a class="indexterm" name="id337910"></a><em class="parameter"><code>read only = No</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-bldg1-smb"></a><p class="title"><b>Example 4.4. Server: BLDG1 (Member), File: smb.conf</b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id337952"></a><em class="parameter"><code>workgroup = MEGANET</code></em></td></tr><tr><td><a class="indexterm" name="id337963"></a><em class="parameter"><code>netbios name = BLDG1</code></em></td></tr><tr><td><a class="indexterm" name="id337975"></a><em class="parameter"><code>include = /etc/samba/dom-mem.conf</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-bldg2-smb"></a><p class="title"><b>Example 4.5. Server: BLDG2 (Member), File: smb.conf</b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id338017"></a><em class="parameter"><code>workgroup = MEGANET</code></em></td></tr><tr><td><a class="indexterm" name="id338029"></a><em class="parameter"><code>netbios name = BLDG2</code></em></td></tr><tr><td><a class="indexterm" name="id338040"></a><em class="parameter"><code>include = /etc/samba/dom-mem.conf</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-dommem-smb"></a><p class="title"><b>Example 4.6. Common Domain Member Include File: dom-mem.conf</b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id338082"></a><em class="parameter"><code>shutdown script = /var/lib/samba/scripts/shutdown.sh</code></em></td></tr><tr><td><a class="indexterm" name="id338094"></a><em class="parameter"><code>abort shutdown script = /sbin/shutdown -c</code></em></td></tr><tr><td><a class="indexterm" name="id338106"></a><em class="parameter"><code>preferred master = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338117"></a><em class="parameter"><code>wins server = 172.16.0.1</code></em></td></tr><tr><td><a class="indexterm" name="id338129"></a><em class="parameter"><code>idmap uid = 15000-20000</code></em></td></tr><tr><td><a class="indexterm" name="id338140"></a><em class="parameter"><code>idmap gid = 15000-20000</code></em></td></tr><tr><td><a class="indexterm" name="id338152"></a><em class="parameter"><code>include = /etc/samba/common.conf</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="massive-dhcp"></a><p class="title"><b>Example 4.7. Server: MASSIVE, File: dhcpd.conf</b></p><div class="example-contents"><pre class="screen"> 552 552 # Abmas Accounting Inc. 553 553 … … 899 899 net groupmap add ntgroup="Insurance Group" unixgroup=piops type=d 900 900 </pre></div></div><br class="example-break"><div class="sect2" title="Process Startup Configuration"><div class="titlepage"><div><div><h3 class="title"><a name="ch5-procstart"></a>Process Startup Configuration</h3></div></div></div><p> 901 <a class="indexterm" name="id33 9909"></a>902 <a class="indexterm" name="id33 9916"></a>901 <a class="indexterm" name="id338437"></a> 902 <a class="indexterm" name="id338443"></a> 903 903 There are two essential steps to process startup configuration. A process 904 904 must be configured so that it is automatically restarted each time the server … … 909 909 necessary start or kill script is run. 910 910 </p><p> 911 <a class="indexterm" name="id33 9948"></a>911 <a class="indexterm" name="id338475"></a> 912 912 In the event that a service is provided not as a daemon but via the internetworking 913 913 super daemon (<code class="literal">inetd</code> or <code class="literal">xinetd</code>), then the <code class="literal">chkconfig</code> … … 919 919 are for a Red Hat Linux system, please adapt them to suit the target OS platform on which you 920 920 are installing Samba. 921 </p><div class="procedure" title="Procedure 4.4. Process Startup Configuration Steps"><a name="id33 9987"></a><p class="title"><b>Procedure 4.4. Process Startup Configuration Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>921 </p><div class="procedure" title="Procedure 4.4. Process Startup Configuration Steps"><a name="id338515"></a><p class="title"><b>Procedure 4.4. Process Startup Configuration Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p> 922 922 Use the standard system tool to configure each service to restart 923 923 automatically at every system reboot. For example, 924 <a class="indexterm" name="id3 40000"></a>924 <a class="indexterm" name="id338527"></a> 925 925 </p><pre class="screen"> 926 926 <code class="prompt">root# </code> chkconfig dhpc on … … 931 931 </pre><p> 932 932 </p></li><li class="step" title="Step 2"><p> 933 <a class="indexterm" name="id3 40049"></a>934 <a class="indexterm" name="id3 40056"></a>935 <a class="indexterm" name="id3 40062"></a>933 <a class="indexterm" name="id338576"></a> 934 <a class="indexterm" name="id338583"></a> 935 <a class="indexterm" name="id338590"></a> 936 936 Now start each service to permit the system to be validated. 937 937 Execute each of the following in the sequence shown: … … 947 947 The procedure for desktop client configuration for the network in this chapter is similar to 948 948 that used for the previous one. There are a few subtle changes that should be noted. 949 </p><div class="procedure" title="Procedure 4.5. Windows Client Configuration Steps"><a name="id3 40124"></a><p class="title"><b>Procedure 4.5. Windows Client Configuration Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>949 </p><div class="procedure" title="Procedure 4.5. Windows Client Configuration Steps"><a name="id338651"></a><p class="title"><b>Procedure 4.5. Windows Client Configuration Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p> 950 950 Install MS Windows XP Professional. During installation, configure the client to use DHCP for 951 951 TCP/IP protocol configuration. 952 <a class="indexterm" name="id3 40136"></a>953 <a class="indexterm" name="id3 40142"></a>952 <a class="indexterm" name="id338663"></a> 953 <a class="indexterm" name="id338670"></a> 954 954 DHCP configures all Windows clients to use the WINS Server address that has been defined 955 955 for the local subnet. … … 985 985 also configure use of the identical printers that are located in the financial services department. 986 986 Install printers on each machine using the following steps: 987 </p><div class="procedure" title="Procedure 4.6. Steps to Install Printer Drivers on Windows Clients"><a name="id3 40259"></a><p class="title"><b>Procedure 4.6. Steps to Install Printer Drivers on Windows Clients</b></p><ol class="procedure" type="1"><li class="step" title="Step 7.1"><p>987 </p><div class="procedure" title="Procedure 4.6. Steps to Install Printer Drivers on Windows Clients"><a name="id338786"></a><p class="title"><b>Procedure 4.6. Steps to Install Printer Drivers on Windows Clients</b></p><ol class="procedure" type="1"><li class="step" title="Step 7.1"><p> 988 988 Click <span class="guimenu">Start</span> → <span class="guimenuitem">Settings</span> → <span class="guimenuitem">Printers</span>+<span class="guiicon">Add Printer</span>+<span class="guibutton">Next</span>. Do not click <span class="guimenuitem">Network printer</span>. 989 989 Ensure that <span class="guimenuitem">Local printer</span> is selected. … … 1037 1037 </p></li><li class="step" title="Step 12"><p> 1038 1038 Instruct all users to log onto the workstation using their assigned username and password. 1039 </p></li></ol></div></div><div class="sect2" title="Key Points Learned"><div class="titlepage"><div><div><h3 class="title"><a name="id3 40544"></a>Key Points Learned</h3></div></div></div><p>1039 </p></li></ol></div></div><div class="sect2" title="Key Points Learned"><div class="titlepage"><div><div><h3 class="title"><a name="id339071"></a>Key Points Learned</h3></div></div></div><p> 1040 1040 The network you have just deployed has been a valuable exercise in forced constraint. 1041 1041 You have deployed a network that works well, although you may soon start to see … … 1053 1053 </p></li><li class="listitem"><p> 1054 1054 The introduction of roaming profiles 1055 </p></li></ul></div></div></div><div class="sect1" title="Questions and Answers"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id3 40597"></a>Questions and Answers</h2></div></div></div><p>1056 </p><div class="qandaset" title="Frequently Asked Questions"><a name="id3 40606"></a><dl><dt> <a href="Big500users.html#id340612">1055 </p></li></ul></div></div></div><div class="sect1" title="Questions and Answers"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id339124"></a>Questions and Answers</h2></div></div></div><p> 1056 </p><div class="qandaset" title="Frequently Asked Questions"><a name="id339133"></a><dl><dt> <a href="Big500users.html#id339140"> 1057 1057 The example smb.conf files in this chapter make use of the include facility. 1058 1058 How may I get to see what the actual working smb.conf settings are? 1059 </a></dt><dt> <a href="Big500users.html#id3 40660">1059 </a></dt><dt> <a href="Big500users.html#id339187"> 1060 1060 Why does the include file common.conf have an empty include statement? 1061 </a></dt><dt> <a href="Big500users.html#id3 40716">1061 </a></dt><dt> <a href="Big500users.html#id339244"> 1062 1062 I accept that the simplest configuration necessary to do the job is the best. The use of tdbsam 1063 1063 passdb backend is much simpler than having to manage an LDAP-based ldapsam passdb backend. 1064 1064 I tried using rsync to replicate the passdb.tdb, and it seems to work fine! 1065 1065 So what is the problem? 1066 </a></dt><dt> <a href="Big500users.html#id3 40766">1066 </a></dt><dt> <a href="Big500users.html#id339294"> 1067 1067 You are using DHCP Relay enabled on the routers as well as a local DHCP server. Will this cause a clash? 1068 </a></dt><dt> <a href="Big500users.html#id3 40791">1068 </a></dt><dt> <a href="Big500users.html#id339319"> 1069 1069 How does the Windows client find the PDC? 1070 </a></dt><dt> <a href="Big500users.html#id3 40811">1070 </a></dt><dt> <a href="Big500users.html#id339338"> 1071 1071 Why did you enable IP forwarding (routing) only on the server called MASSIVE? 1072 </a></dt><dt> <a href="Big500users.html#id3 40838">1072 </a></dt><dt> <a href="Big500users.html#id339365"> 1073 1073 You did nothing special to implement roaming profiles. Why? 1074 </a></dt><dt> <a href="Big500users.html#id3 40856">1074 </a></dt><dt> <a href="Big500users.html#id339383"> 1075 1075 On the domain member computers, you configured winbind in the /etc/nsswitch.conf file. 1076 1076 You did not configure any PAM settings. Is this an omission? 1077 </a></dt><dt> <a href="Big500users.html#id3 40883">1077 </a></dt><dt> <a href="Big500users.html#id339410"> 1078 1078 You are starting SWAT up on this example but have not discussed that anywhere. Why did you do this? 1079 </a></dt><dt> <a href="Big500users.html#id3 40920">1079 </a></dt><dt> <a href="Big500users.html#id339447"> 1080 1080 The domain controller has an auto-shutdown script. Isn't that dangerous? 1081 </a></dt></dl><table border="0" width="100%" summary="Q and A Set"><col align="left" width="1%"><col><tbody><tr class="question"><td align="left" valign="top"><a name="id3 40612"></a><a name="id340615"></a></td><td align="left" valign="top"><p>1081 </a></dt></dl><table border="0" width="100%" summary="Q and A Set"><col align="left" width="1%"><col><tbody><tr class="question"><td align="left" valign="top"><a name="id339140"></a><a name="id339142"></a></td><td align="left" valign="top"><p> 1082 1082 The example <code class="filename">smb.conf</code> files in this chapter make use of the <em class="parameter"><code>include</code></em> facility. 1083 1083 How may I get to see what the actual working <code class="filename">smb.conf</code> settings are? … … 1087 1087 <code class="prompt">root# </code> testparm -s | less 1088 1088 </pre><p> 1089 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id3 40660"></a><a name="id340662"></a></td><td align="left" valign="top"><p>1089 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339187"></a><a name="id339189"></a></td><td align="left" valign="top"><p> 1090 1090 Why does the include file <code class="filename">common.conf</code> have an empty include statement? 1091 1091 </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> … … 1100 1100 the include in place, even though the file it points to has already been included. This is a bug 1101 1101 that will be fixed at a future date. 1102 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id3 40716"></a><a name="id340718"></a></td><td align="left" valign="top"><p>1102 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339244"></a><a name="id339246"></a></td><td align="left" valign="top"><p> 1103 1103 I accept that the simplest configuration necessary to do the job is the best. The use of <em class="parameter"><code>tdbsam</code></em> 1104 1104 passdb backend is much simpler than having to manage an LDAP-based <em class="parameter"><code>ldapsam</code></em> passdb backend. … … 1110 1110 to log onto the network following a reboot and may have to rejoin the domain to recover network 1111 1111 access capability. 1112 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id3 40766"></a><a name="id340769"></a></td><td align="left" valign="top"><p>1112 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339294"></a><a name="id339296"></a></td><td align="left" valign="top"><p> 1113 1113 You are using DHCP Relay enabled on the routers as well as a local DHCP server. Will this cause a clash? 1114 1114 </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> … … 1119 1119 The only exception to this rule is when the client makes a directed request from a specific DHCP server 1120 1120 for renewal of the lease it has. This means that under normal circumstances there is no risk of a clash. 1121 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id3 40791"></a><a name="id340794"></a></td><td align="left" valign="top"><p>1121 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339319"></a><a name="id339321"></a></td><td align="left" valign="top"><p> 1122 1122 How does the Windows client find the PDC? 1123 1123 </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> … … 1126 1126 to register itself with the WINS server and to obtain enumeration of vital network information to 1127 1127 enable it to operate successfully. 1128 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id3 40811"></a><a name="id340813"></a></td><td align="left" valign="top"><p>1128 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339338"></a><a name="id339340"></a></td><td align="left" valign="top"><p> 1129 1129 Why did you enable IP forwarding (routing) only on the server called <code class="constant">MASSIVE</code>? 1130 1130 </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> … … 1133 1133 Route table entries are needed to direct MASSIVE to send all traffic intended for the remote network 1134 1134 segments to the router that is its gateway to them. 1135 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id3 40838"></a><a name="id340840"></a></td><td align="left" valign="top"><p>1135 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339365"></a><a name="id339367"></a></td><td align="left" valign="top"><p> 1136 1136 You did nothing special to implement roaming profiles. Why? 1137 1137 </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> 1138 1138 Unless configured to do otherwise, the default behavior with Samba-3 and Windows XP Professional 1139 1139 clients is to use roaming profiles. 1140 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id3 40856"></a><a name="id340858"></a></td><td align="left" valign="top"><p>1140 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339383"></a><a name="id339385"></a></td><td align="left" valign="top"><p> 1141 1141 On the domain member computers, you configured winbind in the <code class="filename">/etc/nsswitch.conf</code> file. 1142 1142 You did not configure any PAM settings. Is this an omission? … … 1147 1147 to enable the use of winbind. Samba makes use only of the identity resolution facilities of the name 1148 1148 service switch (NSS). 1149 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id3 40883"></a><a name="id340885"></a></td><td align="left" valign="top"><p>1149 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339410"></a><a name="id339412"></a></td><td align="left" valign="top"><p> 1150 1150 You are starting SWAT up on this example but have not discussed that anywhere. Why did you do this? 1151 1151 </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p> … … 1156 1156 file but leaves in place a broken reference to the top-layer include file. SWAT was not designed to 1157 1157 handle this functionality gracefully. 1158 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id3 40920"></a><a name="id340922"></a></td><td align="left" valign="top"><p>1158 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339447"></a><a name="id339449"></a></td><td align="left" valign="top"><p> 1159 1159 The domain controller has an auto-shutdown script. Isn't that dangerous? 1160 1160 </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p>
Note:
See TracChangeset
for help on using the changeset viewer.
