Ignore:
Timestamp:
Nov 12, 2012, 7:37:04 PM (13 years ago)
Author:
Silvan Scherrer
Message:

Samba Server 3.5: update branche to 3.5.19

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/samba-3.5.x/docs/htmldocs/Samba3-ByExample/Big500users.html

    r599 r739  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 4. The 500-User Office</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.75.2"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="ExNetworks.html" title="Part I. Example Network Configurations"><link rel="prev" href="secure.html" title="Chapter 3. Secure Office Networking"><link rel="next" href="happy.html" title="Chapter 5. Making Happy Users"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 4. The 500-User Office</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="secure.html">Prev</a> </td><th width="60%" align="center">Part I. Example Network Configurations</th><td width="20%" align="right"> <a accesskey="n" href="happy.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 4. The 500-User Office"><div class="titlepage"><div><div><h2 class="title"><a name="Big500users"></a>Chapter 4. The 500-User Office</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="Big500users.html#id336007">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#id336038">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id336113">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#id336141">Technical Issues</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id336318">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id336338">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#ch5-dnshcp-setup">Installation of DHCP, DNS, and Samba Control Files</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id337052">Server Preparation: All Servers</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id337568">Server-Specific Preparation</a></span></dt><dt><span class="sect2"><a href="Big500users.html#ch5-procstart">Process Startup Configuration</a></span></dt><dt><span class="sect2"><a href="Big500users.html#ch5wincfg">Windows Client Configuration</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id340544">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id340597">Questions and Answers</a></span></dt></dl></div><p>
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 4. The 500-User Office</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.75.2"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="ExNetworks.html" title="Part I. Example Network Configurations"><link rel="prev" href="secure.html" title="Chapter 3. Secure Office Networking"><link rel="next" href="happy.html" title="Chapter 5. Making Happy Users"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 4. The 500-User Office</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="secure.html">Prev</a> </td><th width="60%" align="center">Part I. Example Network Configurations</th><td width="20%" align="right"> <a accesskey="n" href="happy.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 4. The 500-User Office"><div class="titlepage"><div><div><h2 class="title"><a name="Big500users"></a>Chapter 4. The 500-User Office</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="Big500users.html#id334536">Introduction</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#id334566">Assignment Tasks</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id334641">Dissection and Discussion</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#id334670">Technical Issues</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id334846">Political Issues</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id334866">Implementation</a></span></dt><dd><dl><dt><span class="sect2"><a href="Big500users.html#ch5-dnshcp-setup">Installation of DHCP, DNS, and Samba Control Files</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id335580">Server Preparation: All Servers</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id336096">Server-Specific Preparation</a></span></dt><dt><span class="sect2"><a href="Big500users.html#ch5-procstart">Process Startup Configuration</a></span></dt><dt><span class="sect2"><a href="Big500users.html#ch5wincfg">Windows Client Configuration</a></span></dt><dt><span class="sect2"><a href="Big500users.html#id339071">Key Points Learned</a></span></dt></dl></dd><dt><span class="sect1"><a href="Big500users.html#id339124">Questions and Answers</a></span></dt></dl></div><p>
    22        The Samba-3 networking you explored in <a class="link" href="secure.html" title="Chapter 3. Secure Office Networking">&#8220;Secure Office Networking&#8221;</a> covers the finer points of
    33        configuration of peripheral services such as DHCP and DNS, and WINS. You experienced
     
    1818        to make printing more complex for the administrator while making it easier for the user.
    1919        </p><p>
    20         <a class="indexterm" name="id335954"></a>
    21         <a class="indexterm" name="id335961"></a>
    22         <a class="indexterm" name="id335967"></a>
     20        <a class="indexterm" name="id334482"></a>
     21        <a class="indexterm" name="id334489"></a>
     22        <a class="indexterm" name="id334496"></a>
    2323        <a class="link" href="secure.html" title="Chapter 3. Secure Office Networking">&#8220;Secure Office Networking&#8221;</a> demonstrates operation of a DHCP server and a DNS server
    2424        as well as a central WINS server. You validated the operation of these services and
     
    4242        You should take the opportunity to innovate and expand on the methods presented
    4343        here and explore them to the fullest.
    44         </p><div class="sect1" title="Introduction"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id336007"></a>Introduction</h2></div></div></div><p>
     44        </p><div class="sect1" title="Introduction"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id334536"></a>Introduction</h2></div></div></div><p>
    4545        Business continues to go well for Abmas. Mr. Meany is driving your success and the
    4646        network continues to grow thanks to the hard work Christine has done. You recently
     
    6767        it is rolled out. Your strategy is to complete the new network so that it
    6868        is ready for operation when the old office moves into the new premises.
    69         </p><div class="sect2" title="Assignment Tasks"><div class="titlepage"><div><div><h3 class="title"><a name="id336038"></a>Assignment Tasks</h3></div></div></div><p>
     69        </p><div class="sect2" title="Assignment Tasks"><div class="titlepage"><div><div><h3 class="title"><a name="id334566"></a>Assignment Tasks</h3></div></div></div><p>
    7070                The acquired business had 280 network users. The old Abmas building housed
    7171                220 network users in unbelievably cramped conditions. The network that
     
    108108                every four months. They automatically roll that out to each desktop system.
    109109                You must keep DirectPointe informed of all changes.
    110                 </p><p><a class="indexterm" name="id336088"></a>
     110                </p><p><a class="indexterm" name="id334616"></a>
    111111                The new network has a single Samba Primary Domain Controller (PDC) located in the
    112112                Network Operation Center (NOC). Buildings 1 and 2 each have a local server
     
    116116                Printing is based on raw pass-through facilities just as it has been used so far.
    117117                All printer drivers are installed on the desktop and notebook computers.
    118                 </p></div></div><div class="sect1" title="Dissection and Discussion"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id336113"></a>Dissection and Discussion</h2></div></div></div><p>
    119         <a class="indexterm" name="id336121"></a>
     118                </p></div></div><div class="sect1" title="Dissection and Discussion"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id334641"></a>Dissection and Discussion</h2></div></div></div><p>
     119        <a class="indexterm" name="id334649"></a>
    120120        The example you are building in this chapter is of a network design that works, but this
    121121        does not make it a design that is recommended. As a general rule, there should be at least
     
    128128        controller. This is not a good omen for user satisfaction. You, of course, address this
    129129        very soon (see <a class="link" href="happy.html" title="Chapter 5. Making Happy Users">&#8220;Making Happy Users&#8221;</a>).
    130         </p><div class="sect2" title="Technical Issues"><div class="titlepage"><div><div><h3 class="title"><a name="id336141"></a>Technical Issues</h3></div></div></div><p>
     130        </p><div class="sect2" title="Technical Issues"><div class="titlepage"><div><div><h3 class="title"><a name="id334670"></a>Technical Issues</h3></div></div></div><p>
    131131                Stan has talked you into a horrible compromise, but it is addressed. Just make
    132132                certain that the performance of this network is well validated before going live.
     
    134134                Design decisions made in this design include the following:
    135135                </p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>
    136                         <a class="indexterm" name="id336161"></a>
    137                         <a class="indexterm" name="id336168"></a>
    138                         <a class="indexterm" name="id336174"></a>
     136                        <a class="indexterm" name="id334689"></a>
     137                        <a class="indexterm" name="id334696"></a>
     138                        <a class="indexterm" name="id334702"></a>
    139139                        A single PDC is being implemented. This limitation is based on the choice not to
    140140                        use LDAP. Many network administrators fear using LDAP because of the perceived
     
    142142                        identity management as well as to store network access credentials.
    143143                        </p></li><li class="listitem"><p>
    144                         <a class="indexterm" name="id336188"></a>
    145                         <a class="indexterm" name="id336195"></a>
     144                        <a class="indexterm" name="id334716"></a>
     145                        <a class="indexterm" name="id334723"></a>
    146146                        Because of the refusal to use an LDAP (ldapsam) passdb backend at this time, the
    147147                        only choice that makes sense with 500 users is to use the tdbsam passwd backend.
     
    157157                        integrity of operations considerations.
    158158                        </p></li><li class="listitem"><p>
    159                         <a class="indexterm" name="id336229"></a>
     159                        <a class="indexterm" name="id334757"></a>
    160160                        A single central WINS server is being used. The PDC is also the WINS server.
    161161                        Any attempt to operate a routed network without a WINS server while using NetBIOS
     
    168168                        why a single WINS server is being implemented. This should work without a problem.
    169169                        </p></li><li class="listitem"><p>
    170                         <a class="indexterm" name="id336261"></a>
     170                        <a class="indexterm" name="id334789"></a>
    171171                        BDCs make use of <code class="literal">winbindd</code> to provide
    172172                        access to domain security credentials for file system access and object storage.
    173173                        </p></li><li class="listitem"><p>
    174                         <a class="indexterm" name="id336279"></a>
    175                         <a class="indexterm" name="id336288"></a>
     174                        <a class="indexterm" name="id334807"></a>
     175                        <a class="indexterm" name="id334816"></a>
    176176                        Configuration of Windows XP Professional clients is achieved using DHCP. Each
    177177                        subnet has its own DHCP server. Backup DHCP serving is provided by one
     
    189189                        each subnet. If in the future more addresses are required, it would make sense
    190190                        to add further subnets rather than change addressing.
    191                         </p></li></ul></div></div><div class="sect2" title="Political Issues"><div class="titlepage"><div><div><h3 class="title"><a name="id336318"></a>Political Issues</h3></div></div></div><p>
     191                        </p></li></ul></div></div><div class="sect2" title="Political Issues"><div class="titlepage"><div><div><h3 class="title"><a name="id334846"></a>Political Issues</h3></div></div></div><p>
    192192                This case gets close to the real world. You and I know the right way to implement
    193193                domain control. Politically, we have to navigate a minefield. In this case, the need is to
     
    195195                by having the real solution ready before it is needed. That real solution is presented in
    196196                <a class="link" href="happy.html" title="Chapter 5. Making Happy Users">&#8220;Making Happy Users&#8221;</a>.
    197                 </p></div></div><div class="sect1" title="Implementation"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id336338"></a>Implementation</h2></div></div></div><p>
     197                </p></div></div><div class="sect1" title="Implementation"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id334866"></a>Implementation</h2></div></div></div><p>
    198198        The following configuration process begins following installation of Red Hat Fedora Core2 on the
    199199        three servers shown in the network topology diagram in <a class="link" href="Big500users.html#chap05net" title="Figure 4.1. Network Topology 500 User Network Using tdbsam passdb backend.">&#8220;Network Topology  500 User Network Using tdbsam passdb backend.&#8221;</a>. You have
     
    206206        The abbreviation shown in this table as <code class="constant">{VLN}</code> refers to
    207207        the directory location beginning with <code class="filename">/var/lib/named</code>.
    208         </p><div class="table"><a name="ch5-filelocations"></a><p class="title"><b>Table 4.1. Domain: <code class="constant">MEGANET</code>, File Locations for Servers</b></p><div class="table-contents"><table summary="Domain: MEGANET, File Locations for Servers" border="1"><colgroup><col align="left"><col align="left"><col align="center"><col align="center"><col align="center"></colgroup><thead><tr><th colspan="2" align="center">File Information</th><th colspan="3" align="center">Server Name</th></tr><tr><th align="center">Source</th><th align="center">Target Location</th><th align="center">MASSIVE</th><th align="center">BLDG1</th><th align="center">BLDG2</th></tr></thead><tbody><tr><td align="left"><a class="link" href="Big500users.html#ch5-massivesmb" title="Example 4.1. Server: MASSIVE (PDC), File: /etc/samba/smb.conf">&#8220;Server: MASSIVE (PDC), File: /etc/samba/smb.conf&#8221;</a></td><td align="left"><code class="filename">/etc/samba/smb.conf</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-dc-common" title="Example 4.2. Server: MASSIVE (PDC), File: /etc/samba/dc-common.conf">&#8220;Server: MASSIVE (PDC), File: /etc/samba/dc-common.conf&#8221;</a></td><td align="left"><code class="filename">/etc/samba/dc-common.conf</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-commonsmb" title="Example 4.3. Common Samba Configuration File: /etc/samba/common.conf">&#8220;Common Samba Configuration File: /etc/samba/common.conf&#8221;</a></td><td align="left"><code class="filename">/etc/samba/common.conf</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-bldg1-smb" title="Example 4.4. Server: BLDG1 (Member), File: smb.conf">&#8220;Server: BLDG1 (Member), File: smb.conf&#8221;</a></td><td align="left"><code class="filename">/etc/samba/smb.conf</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-bldg2-smb" title="Example 4.5. Server: BLDG2 (Member), File: smb.conf">&#8220;Server: BLDG2 (Member), File: smb.conf&#8221;</a></td><td align="left"><code class="filename">/etc/samba/smb.conf</code></td><td align="center">No</td><td align="center">No</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-dommem-smb" title="Example 4.6. Common Domain Member Include File: dom-mem.conf">&#8220;Common Domain Member Include File: dom-mem.conf&#8221;</a></td><td align="left"><code class="filename">/etc/samba/dommem.conf</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-dhcp" title="Example 4.7. Server: MASSIVE, File: dhcpd.conf">&#8220;Server: MASSIVE, File: dhcpd.conf&#8221;</a></td><td align="left"><code class="filename">/etc/dhcpd.conf</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg1dhcp" title="Example 4.8. Server: BLDG1, File: dhcpd.conf">&#8220;Server: BLDG1, File: dhcpd.conf&#8221;</a></td><td align="left"><code class="filename">/etc/dhcpd.conf</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg2dhcp" title="Example 4.9. Server: BLDG2, File: dhcpd.conf">&#8220;Server: BLDG2, File: dhcpd.conf&#8221;</a></td><td align="left"><code class="filename">/etc/dhcpd.conf</code></td><td align="center">No</td><td align="center">No</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-nameda" title="Example 4.10. Server: MASSIVE, File: named.conf, Part: A">&#8220;Server: MASSIVE, File: named.conf, Part: A&#8221;</a></td><td align="left"><code class="filename">/etc/named.conf (part A)</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-namedb" title="Example 4.11. Server: MASSIVE, File: named.conf, Part: B">&#8220;Server: MASSIVE, File: named.conf, Part: B&#8221;</a></td><td align="left"><code class="filename">/etc/named.conf (part B)</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-namedc" title="Example 4.12. Server: MASSIVE, File: named.conf, Part: C">&#8220;Server: MASSIVE, File: named.conf, Part: C&#8221;</a></td><td align="left"><code class="filename">/etc/named.conf (part C)</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#abmasbizdns" title="Example 4.13. Forward Zone File: abmas.biz.hosts">&#8220;Forward Zone File: abmas.biz.hosts&#8221;</a></td><td align="left"><code class="filename">{VLN}/master/abmas.biz.hosts</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#abmasusdns" title="Example 4.14. Forward Zone File: abmas.biz.hosts">&#8220;Forward Zone File: abmas.biz.hosts&#8221;</a></td><td align="left"><code class="filename">{VLN}/master/abmas.us.hosts</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg12nameda" title="Example 4.15. Servers: BLDG1/BLDG2, File: named.conf, Part: A">&#8220;Servers: BLDG1/BLDG2, File: named.conf, Part: A&#8221;</a></td><td align="left"><code class="filename">/etc/named.conf (part A)</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg12namedb" title="Example 4.16. Servers: BLDG1/BLDG2, File: named.conf, Part: B">&#8220;Servers: BLDG1/BLDG2, File: named.conf, Part: B&#8221;</a></td><td align="left"><code class="filename">/etc/named.conf (part B)</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="appendix.html#loopback" title="Example 15.3. DNS Localhost Forward Zone File: /var/lib/named/localhost.zone">&#8220;DNS Localhost Forward Zone File: /var/lib/named/localhost.zone&#8221;</a></td><td align="left"><code class="filename">{VLN}/localhost.zone</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="appendix.html#dnsloopy" title="Example 15.4. DNS Localhost Reverse Zone File: /var/lib/named/127.0.0.zone">&#8220;DNS Localhost Reverse Zone File: /var/lib/named/127.0.0.zone&#8221;</a></td><td align="left"><code class="filename">{VLN}/127.0.0.zone</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="appendix.html#roothint" title="Example 15.5. DNS Root Name Server Hint File: /var/lib/named/root.hint">&#8220;DNS Root Name Server Hint File: /var/lib/named/root.hint&#8221;</a></td><td align="left"><code class="filename">{VLN}/root.hint</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr></tbody></table></div></div><br class="table-break"></div><div class="sect2" title="Server Preparation: All Servers"><div class="titlepage"><div><div><h3 class="title"><a name="id337052"></a>Server Preparation: All Servers</h3></div></div></div><p>
     208        </p><div class="table"><a name="ch5-filelocations"></a><p class="title"><b>Table 4.1. Domain: <code class="constant">MEGANET</code>, File Locations for Servers</b></p><div class="table-contents"><table summary="Domain: MEGANET, File Locations for Servers" border="1"><colgroup><col align="left"><col align="left"><col align="center"><col align="center"><col align="center"></colgroup><thead><tr><th colspan="2" align="center">File Information</th><th colspan="3" align="center">Server Name</th></tr><tr><th align="center">Source</th><th align="center">Target Location</th><th align="center">MASSIVE</th><th align="center">BLDG1</th><th align="center">BLDG2</th></tr></thead><tbody><tr><td align="left"><a class="link" href="Big500users.html#ch5-massivesmb" title="Example 4.1. Server: MASSIVE (PDC), File: /etc/samba/smb.conf">&#8220;Server: MASSIVE (PDC), File: /etc/samba/smb.conf&#8221;</a></td><td align="left"><code class="filename">/etc/samba/smb.conf</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-dc-common" title="Example 4.2. Server: MASSIVE (PDC), File: /etc/samba/dc-common.conf">&#8220;Server: MASSIVE (PDC), File: /etc/samba/dc-common.conf&#8221;</a></td><td align="left"><code class="filename">/etc/samba/dc-common.conf</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-commonsmb" title="Example 4.3. Common Samba Configuration File: /etc/samba/common.conf">&#8220;Common Samba Configuration File: /etc/samba/common.conf&#8221;</a></td><td align="left"><code class="filename">/etc/samba/common.conf</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-bldg1-smb" title="Example 4.4. Server: BLDG1 (Member), File: smb.conf">&#8220;Server: BLDG1 (Member), File: smb.conf&#8221;</a></td><td align="left"><code class="filename">/etc/samba/smb.conf</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-bldg2-smb" title="Example 4.5. Server: BLDG2 (Member), File: smb.conf">&#8220;Server: BLDG2 (Member), File: smb.conf&#8221;</a></td><td align="left"><code class="filename">/etc/samba/smb.conf</code></td><td align="center">No</td><td align="center">No</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#ch5-dommem-smb" title="Example 4.6. Common Domain Member Include File: dom-mem.conf">&#8220;Common Domain Member Include File: dom-mem.conf&#8221;</a></td><td align="left"><code class="filename">/etc/samba/dommem.conf</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-dhcp" title="Example 4.7. Server: MASSIVE, File: dhcpd.conf">&#8220;Server: MASSIVE, File: dhcpd.conf&#8221;</a></td><td align="left"><code class="filename">/etc/dhcpd.conf</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg1dhcp" title="Example 4.8. Server: BLDG1, File: dhcpd.conf">&#8220;Server: BLDG1, File: dhcpd.conf&#8221;</a></td><td align="left"><code class="filename">/etc/dhcpd.conf</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg2dhcp" title="Example 4.9. Server: BLDG2, File: dhcpd.conf">&#8220;Server: BLDG2, File: dhcpd.conf&#8221;</a></td><td align="left"><code class="filename">/etc/dhcpd.conf</code></td><td align="center">No</td><td align="center">No</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-nameda" title="Example 4.10. Server: MASSIVE, File: named.conf, Part: A">&#8220;Server: MASSIVE, File: named.conf, Part: A&#8221;</a></td><td align="left"><code class="filename">/etc/named.conf (part A)</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-namedb" title="Example 4.11. Server: MASSIVE, File: named.conf, Part: B">&#8220;Server: MASSIVE, File: named.conf, Part: B&#8221;</a></td><td align="left"><code class="filename">/etc/named.conf (part B)</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#massive-namedc" title="Example 4.12. Server: MASSIVE, File: named.conf, Part: C">&#8220;Server: MASSIVE, File: named.conf, Part: C&#8221;</a></td><td align="left"><code class="filename">/etc/named.conf (part C)</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#abmasbizdns" title="Example 4.13. Forward Zone File: abmas.biz.hosts">&#8220;Forward Zone File: abmas.biz.hosts&#8221;</a></td><td align="left"><code class="filename">{VLN}/master/abmas.biz.hosts</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#abmasusdns" title="Example 4.14. Forward Zone File: abmas.biz.hosts">&#8220;Forward Zone File: abmas.biz.hosts&#8221;</a></td><td align="left"><code class="filename">{VLN}/master/abmas.us.hosts</code></td><td align="center">Yes</td><td align="center">No</td><td align="center">No</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg12nameda" title="Example 4.15. Servers: BLDG1/BLDG2, File: named.conf, Part: A">&#8220;Servers: BLDG1/BLDG2, File: named.conf, Part: A&#8221;</a></td><td align="left"><code class="filename">/etc/named.conf (part A)</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="Big500users.html#bldg12namedb" title="Example 4.16. Servers: BLDG1/BLDG2, File: named.conf, Part: B">&#8220;Servers: BLDG1/BLDG2, File: named.conf, Part: B&#8221;</a></td><td align="left"><code class="filename">/etc/named.conf (part B)</code></td><td align="center">No</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="appendix.html#loopback" title="Example 15.3. DNS Localhost Forward Zone File: /var/lib/named/localhost.zone">&#8220;DNS Localhost Forward Zone File: /var/lib/named/localhost.zone&#8221;</a></td><td align="left"><code class="filename">{VLN}/localhost.zone</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="appendix.html#dnsloopy" title="Example 15.4. DNS Localhost Reverse Zone File: /var/lib/named/127.0.0.zone">&#8220;DNS Localhost Reverse Zone File: /var/lib/named/127.0.0.zone&#8221;</a></td><td align="left"><code class="filename">{VLN}/127.0.0.zone</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr><tr><td align="left"><a class="link" href="appendix.html#roothint" title="Example 15.5. DNS Root Name Server Hint File: /var/lib/named/root.hint">&#8220;DNS Root Name Server Hint File: /var/lib/named/root.hint&#8221;</a></td><td align="left"><code class="filename">{VLN}/root.hint</code></td><td align="center">Yes</td><td align="center">Yes</td><td align="center">Yes</td></tr></tbody></table></div></div><br class="table-break"></div><div class="sect2" title="Server Preparation: All Servers"><div class="titlepage"><div><div><h3 class="title"><a name="id335580"></a>Server Preparation: All Servers</h3></div></div></div><p>
    209209        The following steps apply to all servers. Follow each step carefully.
    210         </p><div class="procedure" title="Procedure 4.1. Server Preparation Steps"><a name="id337062"></a><p class="title"><b>Procedure 4.1. Server Preparation Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>
     210        </p><div class="procedure" title="Procedure 4.1. Server Preparation Steps"><a name="id335590"></a><p class="title"><b>Procedure 4.1. Server Preparation Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>
    211211                        Using the UNIX/Linux system tools, set the name of the server as shown in the network
    212212                        topology diagram in <a class="link" href="Big500users.html#chap05net" title="Figure 4.1. Network Topology 500 User Network Using tdbsam passdb backend.">&#8220;Network Topology  500 User Network Using tdbsam passdb backend.&#8221;</a>. For SUSE Linux products, the tool
     
    222222</pre><p>
    223223                        </p></li><li class="step" title="Step 2"><p>
    224                         <a class="indexterm" name="id337123"></a>
    225                         <a class="indexterm" name="id337130"></a>
     224                        <a class="indexterm" name="id335651"></a>
     225                        <a class="indexterm" name="id335658"></a>
    226226                        Edit your <code class="filename">/etc/hosts</code> file to include the primary names and addresses
    227227                        of all network interfaces that are on the host server. This is necessary so that during
     
    231231                        should also include an entry for the printers in the <code class="filename">/etc/hosts</code> file.
    232232                        </p></li><li class="step" title="Step 3"><p>
    233                         <a class="indexterm" name="id337165"></a>
     233                        <a class="indexterm" name="id335693"></a>
    234234                        All DNS name resolution should be handled locally. To ensure that the server is configured
    235235                        correctly to handle this, edit <code class="filename">/etc/resolv.conf</code> so it has the following
     
    242242                        that is running locally to resolve names to addresses.
    243243                        </p></li><li class="step" title="Step 4"><p>
    244                         <a class="indexterm" name="id337193"></a>
    245                         <a class="indexterm" name="id337200"></a>
     244                        <a class="indexterm" name="id335721"></a>
     245                        <a class="indexterm" name="id335728"></a>
    246246                        Add the <code class="constant">root</code> user to the password backend:
    247247</p><pre class="screen">
     
    256256                        without considerable trouble.
    257257                        </p></li><li class="step" title="Step 5"><p>
    258                         <a class="indexterm" name="id337241"></a>
    259                         <a class="indexterm" name="id337248"></a>
     258                        <a class="indexterm" name="id335770"></a>
     259                        <a class="indexterm" name="id335776"></a>
    260260                        Create the username map file to permit the <code class="constant">root</code> account to be called
    261261                        <code class="constant">Administrator</code> from the Windows network environment. To do this, create
     
    295295                        to port 9100.  Use any other port the manufacturer specifies for direct mode,
    296296                        raw printing.  This allows the CUPS spooler to print using raw mode protocols.
    297                         <a class="indexterm" name="id337328"></a>
    298                         <a class="indexterm" name="id337335"></a>
     297                        <a class="indexterm" name="id335856"></a>
     298                        <a class="indexterm" name="id335863"></a>
    299299                        </p></li><li class="step" title="Step 9"><p>
    300                         <a class="indexterm" name="id337348"></a>
     300                        <a class="indexterm" name="id335876"></a>
    301301                        Only on the server to which the printer is attached configure the CUPS Print
    302302                        Queues as follows:
     
    304304<code class="prompt">root# </code> lpadmin -p <em class="parameter"><code>printque</code></em> -v socket://<em class="parameter"><code>printer-name</code></em>.abmas.biz:9100 -E
    305305</pre><p>
    306                         <a class="indexterm" name="id337382"></a>
     306                        <a class="indexterm" name="id335910"></a>
    307307                        This step creates the necessary print queue to use no assigned print filter. This
    308308                        is ideal for raw printing, that is, printing without use of filters.
     
    324324</pre><p>
    325325                        </p></li><li class="step" title="Step 12"><p>
    326                         <a class="indexterm" name="id337455"></a>
    327                         <a class="indexterm" name="id337461"></a>
    328                         <a class="indexterm" name="id337468"></a>
     326                        <a class="indexterm" name="id335983"></a>
     327                        <a class="indexterm" name="id335990"></a>
     328                        <a class="indexterm" name="id335996"></a>
    329329                        This step, as well as the next one, may be omitted where CUPS version 1.1.18
    330330                        or later is in use.  Although it does no harm to follow it anyway, and may
     
    337337</pre><p>
    338338                        </p></li><li class="step" title="Step 13"><p>
    339                         <a class="indexterm" name="id337500"></a>
     339                        <a class="indexterm" name="id336029"></a>
    340340                        Edit the file <code class="filename">/etc/cups/mime.types</code> to uncomment the line:
    341341</p><pre class="screen">
     
    360360        is considerably more difficult when a single PDC is used on a routed network. It can be done, but not
    361361        as elegantly as you see in the next chapter.
    362         </p></div></div><div class="sect2" title="Server-Specific Preparation"><div class="titlepage"><div><div><h3 class="title"><a name="id337568"></a>Server-Specific Preparation</h3></div></div></div><p>
     362        </p></div></div><div class="sect2" title="Server-Specific Preparation"><div class="titlepage"><div><div><h3 class="title"><a name="id336096"></a>Server-Specific Preparation</h3></div></div></div><p>
    363363        There are some steps that apply to particular server functionality only. Each step is critical
    364364        to correct server operation. The following step-by-step installation guidance will assist you
    365365        in working through the process of configuring the PDC and then both BDC's.
    366         </p><div class="sect3" title="Configuration for Server: MASSIVE"><div class="titlepage"><div><div><h4 class="title"><a name="id337579"></a>Configuration for Server: <code class="constant">MASSIVE</code></h4></div></div></div><p>
     366        </p><div class="sect3" title="Configuration for Server: MASSIVE"><div class="titlepage"><div><div><h4 class="title"><a name="id336107"></a>Configuration for Server: <code class="constant">MASSIVE</code></h4></div></div></div><p>
    367367                The steps presented here attempt to implement Samba installation in a generic manner. While
    368368                some steps are clearly specific to Linux, it should not be too difficult to apply them to
    369369                your platform of choice.
    370                 </p><div class="procedure" title="Procedure 4.2. Primary Domain Controller Preparation"><a name="id337592"></a><p class="title"><b>Procedure 4.2. Primary Domain Controller Preparation</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>
    371                         <a class="indexterm" name="id337603"></a>
    372                         <a class="indexterm" name="id337610"></a>
     370                </p><div class="procedure" title="Procedure 4.2. Primary Domain Controller Preparation"><a name="id336120"></a><p class="title"><b>Procedure 4.2. Primary Domain Controller Preparation</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>
     371                        <a class="indexterm" name="id336132"></a>
     372                        <a class="indexterm" name="id336138"></a>
    373373                        The host server acts as a router between the two internal network segments as well
    374374                        as for all Internet access. This necessitates that IP forwarding be enabled. This can be
     
    398398                        <code class="filename">/etc/rc.d/init.d/rc.local</code>.
    399399                        </p></li><li class="step" title="Step 3"><p>
    400                         <a class="indexterm" name="id337688"></a>
     400                        <a class="indexterm" name="id336216"></a>
    401401                        The final step that must be completed is to edit the <code class="filename">/etc/nsswitch.conf</code> file.
    402402                        This file controls the operation of the various resolver libraries that are part of the Linux
     
    406406</pre><p>
    407407                        </p></li><li class="step" title="Step 4"><p>
    408                         <a class="indexterm" name="id337715"></a>
     408                        <a class="indexterm" name="id336244"></a>
    409409                        Create and map Windows domain groups to UNIX groups. A sample script is provided in
    410410                        <a class="link" href="Big500users.html#ch5-initgrps" title="Example 4.17. Initialize Groups Script, File: /etc/samba/initGrps.sh">&#8220;Initialize Groups Script, File: /etc/samba/initGrps.sh&#8221;</a>. Create a file containing this script. You called yours
     
    413413                        validation are shown in Section 4.3.2, Step 5.
    414414                        </p></li><li class="step" title="Step 5"><p>
    415                         <a class="indexterm" name="id337743"></a>
    416                         <a class="indexterm" name="id337750"></a>
    417                         <a class="indexterm" name="id337759"></a>
     415                        <a class="indexterm" name="id336272"></a>
     416                        <a class="indexterm" name="id336279"></a>
     417                        <a class="indexterm" name="id336288"></a>
    418418                        For each user who needs to be given a Windows domain account, make an entry in the
    419419                        <code class="filename">/etc/passwd</code> file as well as in the Samba password backend.
     
    421421                        <code class="literal">smbpasswd</code> to create a domain user account.
    422422                        </p><p>
    423                         <a class="indexterm" name="id337784"></a>
    424                         <a class="indexterm" name="id337790"></a>
    425                         <a class="indexterm" name="id337797"></a>
     423                        <a class="indexterm" name="id336312"></a>
     424                        <a class="indexterm" name="id336319"></a>
     425                        <a class="indexterm" name="id336326"></a>
    426426                        There are a number of tools for user management under UNIX, such as
    427427                        <code class="literal">useradd</code>, <code class="literal">adduser</code>, as well as a plethora of custom
     
    436436                        file system partition using appropriate system tools.
    437437                        </p></li><li class="step" title="Step 8"><p>
    438                 <a class="indexterm" name="id337856"></a>
     438                <a class="indexterm" name="id336384"></a>
    439439                        Create the top-level file storage directories for data and applications as follows:
    440440</p><pre class="screen">
     
    476476</pre><p>
    477477                        </p></li><li class="step" title="Step 10"><p>
    478                         <a class="indexterm" name="id338048"></a>
    479                         <a class="indexterm" name="id338055"></a>
     478                        <a class="indexterm" name="id336577"></a>
     479                        <a class="indexterm" name="id336584"></a>
    480480                        Create a logon script. It is important that each line is correctly terminated with
    481481                        a carriage return and line-feed combination (i.e., DOS encoding). The following procedure
     
    519519                isolated network segments. Remember that if the target installation platform is not Linux, it may
    520520                be necessary to adapt some commands to the equivalent on the target platform.
    521                 </p><div class="procedure" title="Procedure 4.3. Backup Domain Controller Configuration Steps"><a name="id338227"></a><p class="title"><b>Procedure 4.3. Backup Domain Controller Configuration Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>
    522                         <a class="indexterm" name="id338238"></a>
     521                </p><div class="procedure" title="Procedure 4.3. Backup Domain Controller Configuration Steps"><a name="id336754"></a><p class="title"><b>Procedure 4.3. Backup Domain Controller Configuration Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>
     522                        <a class="indexterm" name="id336766"></a>
    523523                        The final step that must be completed is to edit the <code class="filename">/etc/nsswitch.conf</code> file.
    524524                        This file controls the operation of the various resolver libraries that are part of the Linux
     
    533533                        start Samba at this time. Samba is controlled by the process called <code class="literal">smb</code>.
    534534                        </p></li><li class="step" title="Step 3"><p>
    535                         <a class="indexterm" name="id338286"></a>
     535                        <a class="indexterm" name="id336813"></a>
    536536                        You must now attempt to join the domain member servers to the domain. The following
    537537                        instructions should be executed to effect this:
     
    540540</pre><p>
    541541                        </p></li><li class="step" title="Step 4"><p>
    542                         <a class="indexterm" name="id338316"></a>
     542                        <a class="indexterm" name="id336843"></a>
    543543                        You now start the Samba services by executing:
    544544</p><pre class="screen">
     
    549549                        <a class="link" href="Big500users.html#ch5-domsvrspec" title="Configuration Specific to Domain Member Servers: BLDG1, BLDG2">&#8220;Configuration Specific to Domain Member Servers: BLDG1, BLDG2&#8221;</a> until after the operation of the server has been
    550550                        validated following the same methods as outlined in <a class="link" href="secure.html#ch4valid" title="Validation">&#8220;Validation&#8221;</a>.
    551                         </p></li></ol></div></div></div><div class="example"><a name="ch5-massivesmb"></a><p class="title"><b>Example 4.1. Server: MASSIVE (PDC), File: <code class="filename">/etc/samba/smb.conf</code></b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id338398"></a><em class="parameter"><code>workgroup = MEGANET</code></em></td></tr><tr><td><a class="indexterm" name="id338409"></a><em class="parameter"><code>netbios name = MASSIVE</code></em></td></tr><tr><td><a class="indexterm" name="id338421"></a><em class="parameter"><code>interfaces = eth1, lo</code></em></td></tr><tr><td><a class="indexterm" name="id338432"></a><em class="parameter"><code>bind interfaces only = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338444"></a><em class="parameter"><code>passdb backend = tdbsam</code></em></td></tr><tr><td><a class="indexterm" name="id338455"></a><em class="parameter"><code>smb ports = 139</code></em></td></tr><tr><td><a class="indexterm" name="id338467"></a><em class="parameter"><code>add user script = /usr/sbin/useradd -m '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id338478"></a><em class="parameter"><code>delete user script = /usr/sbin/userdel -r '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id338490"></a><em class="parameter"><code>add group script = /usr/sbin/groupadd '%g'</code></em></td></tr><tr><td><a class="indexterm" name="id338502"></a><em class="parameter"><code>delete group script = /usr/sbin/groupdel '%g'</code></em></td></tr><tr><td><a class="indexterm" name="id338514"></a><em class="parameter"><code>add user to group script = /usr/sbin/usermod -G '%g' '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id338526"></a><em class="parameter"><code>add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id338538"></a><em class="parameter"><code>preferred master = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338549"></a><em class="parameter"><code>wins support = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338560"></a><em class="parameter"><code>include = /etc/samba/dc-common.conf</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[accounts]</code></em></td></tr><tr><td><a class="indexterm" name="id338581"></a><em class="parameter"><code>comment = Accounting Files</code></em></td></tr><tr><td><a class="indexterm" name="id338593"></a><em class="parameter"><code>path = /data/accounts</code></em></td></tr><tr><td><a class="indexterm" name="id338604"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[service]</code></em></td></tr><tr><td><a class="indexterm" name="id338624"></a><em class="parameter"><code>comment = Financial Services Files</code></em></td></tr><tr><td><a class="indexterm" name="id338636"></a><em class="parameter"><code>path = /data/service</code></em></td></tr><tr><td><a class="indexterm" name="id338648"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[pidata]</code></em></td></tr><tr><td><a class="indexterm" name="id338668"></a><em class="parameter"><code>comment = Property Insurance Files</code></em></td></tr><tr><td><a class="indexterm" name="id338680"></a><em class="parameter"><code>path = /data/pidata</code></em></td></tr><tr><td><a class="indexterm" name="id338691"></a><em class="parameter"><code>read only = No</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-dc-common"></a><p class="title"><b>Example 4.2. Server: MASSIVE (PDC), File: <code class="filename">/etc/samba/dc-common.conf</code></b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id338738"></a><em class="parameter"><code>shutdown script = /var/lib/samba/scripts/shutdown.sh</code></em></td></tr><tr><td><a class="indexterm" name="id338749"></a><em class="parameter"><code>abort shutdown script = /sbin/shutdown -c</code></em></td></tr><tr><td><a class="indexterm" name="id338761"></a><em class="parameter"><code>logon script = scripts\logon.bat</code></em></td></tr><tr><td><a class="indexterm" name="id338773"></a><em class="parameter"><code>logon path = \%L\profiles\%U</code></em></td></tr><tr><td><a class="indexterm" name="id338784"></a><em class="parameter"><code>logon drive = X:</code></em></td></tr><tr><td><a class="indexterm" name="id338796"></a><em class="parameter"><code>logon home = \%L\%U</code></em></td></tr><tr><td><a class="indexterm" name="id338807"></a><em class="parameter"><code>domain logons = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338819"></a><em class="parameter"><code>preferred master = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338830"></a><em class="parameter"><code>include = /etc/samba/common.conf</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[homes]</code></em></td></tr><tr><td><a class="indexterm" name="id338851"></a><em class="parameter"><code>comment = Home Directories</code></em></td></tr><tr><td><a class="indexterm" name="id338862"></a><em class="parameter"><code>valid users = %S</code></em></td></tr><tr><td><a class="indexterm" name="id338874"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td><a class="indexterm" name="id338885"></a><em class="parameter"><code>browseable = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[netlogon]</code></em></td></tr><tr><td><a class="indexterm" name="id338906"></a><em class="parameter"><code>comment = Network Logon Service</code></em></td></tr><tr><td><a class="indexterm" name="id338917"></a><em class="parameter"><code>path = /var/lib/samba/netlogon</code></em></td></tr><tr><td><a class="indexterm" name="id338929"></a><em class="parameter"><code>guest ok = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338940"></a><em class="parameter"><code>locking = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[profiles]</code></em></td></tr><tr><td><a class="indexterm" name="id338961"></a><em class="parameter"><code>comment = Profile Share</code></em></td></tr><tr><td><a class="indexterm" name="id338972"></a><em class="parameter"><code>path = /var/lib/samba/profiles</code></em></td></tr><tr><td><a class="indexterm" name="id338984"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td><a class="indexterm" name="id338995"></a><em class="parameter"><code>profile acls = Yes</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-commonsmb"></a><p class="title"><b>Example 4.3. Common Samba Configuration File: <code class="filename">/etc/samba/common.conf</code></b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id339038"></a><em class="parameter"><code>username map = /etc/samba/smbusers</code></em></td></tr><tr><td><a class="indexterm" name="id339050"></a><em class="parameter"><code>log level = 1</code></em></td></tr><tr><td><a class="indexterm" name="id339061"></a><em class="parameter"><code>syslog = 0</code></em></td></tr><tr><td><a class="indexterm" name="id339073"></a><em class="parameter"><code>log file = /var/log/samba/%m</code></em></td></tr><tr><td><a class="indexterm" name="id339084"></a><em class="parameter"><code>max log size = 50</code></em></td></tr><tr><td><a class="indexterm" name="id339096"></a><em class="parameter"><code>smb ports = 139</code></em></td></tr><tr><td><a class="indexterm" name="id339107"></a><em class="parameter"><code>name resolve order = wins bcast hosts</code></em></td></tr><tr><td><a class="indexterm" name="id339119"></a><em class="parameter"><code>time server = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339130"></a><em class="parameter"><code>printcap name = CUPS</code></em></td></tr><tr><td><a class="indexterm" name="id339142"></a><em class="parameter"><code>show add printer wizard = No</code></em></td></tr><tr><td><a class="indexterm" name="id339154"></a><em class="parameter"><code>shutdown script = /var/lib/samba/scripts/shutdown.sh</code></em></td></tr><tr><td><a class="indexterm" name="id339165"></a><em class="parameter"><code>abort shutdown script = /sbin/shutdown -c</code></em></td></tr><tr><td><a class="indexterm" name="id339177"></a><em class="parameter"><code>utmp = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339188"></a><em class="parameter"><code>map acl inherit = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339200"></a><em class="parameter"><code>printing = cups</code></em></td></tr><tr><td><a class="indexterm" name="id339211"></a><em class="parameter"><code>veto files = /*.eml/*.nws/*.{*}/</code></em></td></tr><tr><td><a class="indexterm" name="id339223"></a><em class="parameter"><code>veto oplock files = /*.doc/*.xls/*.mdb/</code></em></td></tr><tr><td><a class="indexterm" name="id339235"></a><em class="parameter"><code>include =  </code></em></td></tr><tr><td># Share and Service Definitions are common to all servers</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[printers]</code></em></td></tr><tr><td><a class="indexterm" name="id339259"></a><em class="parameter"><code>comment = SMB Print Spool</code></em></td></tr><tr><td><a class="indexterm" name="id339270"></a><em class="parameter"><code>path = /var/spool/samba</code></em></td></tr><tr><td><a class="indexterm" name="id339282"></a><em class="parameter"><code>guest ok = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339293"></a><em class="parameter"><code>printable = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339305"></a><em class="parameter"><code>use client driver = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339316"></a><em class="parameter"><code>default devmode = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339328"></a><em class="parameter"><code>browseable = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[apps]</code></em></td></tr><tr><td><a class="indexterm" name="id339348"></a><em class="parameter"><code>comment = Application Files</code></em></td></tr><tr><td><a class="indexterm" name="id339360"></a><em class="parameter"><code>path = /apps</code></em></td></tr><tr><td><a class="indexterm" name="id339371"></a><em class="parameter"><code>admin users = bjordan</code></em></td></tr><tr><td><a class="indexterm" name="id339383"></a><em class="parameter"><code>read only = No</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-bldg1-smb"></a><p class="title"><b>Example 4.4. Server: BLDG1 (Member), File: smb.conf</b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id339425"></a><em class="parameter"><code>workgroup = MEGANET</code></em></td></tr><tr><td><a class="indexterm" name="id339436"></a><em class="parameter"><code>netbios name = BLDG1</code></em></td></tr><tr><td><a class="indexterm" name="id339448"></a><em class="parameter"><code>include = /etc/samba/dom-mem.conf</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-bldg2-smb"></a><p class="title"><b>Example 4.5. Server: BLDG2 (Member), File: smb.conf</b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id339490"></a><em class="parameter"><code>workgroup = MEGANET</code></em></td></tr><tr><td><a class="indexterm" name="id339501"></a><em class="parameter"><code>netbios name = BLDG2</code></em></td></tr><tr><td><a class="indexterm" name="id339512"></a><em class="parameter"><code>include = /etc/samba/dom-mem.conf</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-dommem-smb"></a><p class="title"><b>Example 4.6. Common Domain Member Include File: dom-mem.conf</b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id339555"></a><em class="parameter"><code>shutdown script = /var/lib/samba/scripts/shutdown.sh</code></em></td></tr><tr><td><a class="indexterm" name="id339566"></a><em class="parameter"><code>abort shutdown script = /sbin/shutdown -c</code></em></td></tr><tr><td><a class="indexterm" name="id339578"></a><em class="parameter"><code>preferred master = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id339590"></a><em class="parameter"><code>wins server = 172.16.0.1</code></em></td></tr><tr><td><a class="indexterm" name="id339601"></a><em class="parameter"><code>idmap uid = 15000-20000</code></em></td></tr><tr><td><a class="indexterm" name="id339613"></a><em class="parameter"><code>idmap gid = 15000-20000</code></em></td></tr><tr><td><a class="indexterm" name="id339624"></a><em class="parameter"><code>include = /etc/samba/common.conf</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="massive-dhcp"></a><p class="title"><b>Example 4.7. Server: MASSIVE, File: dhcpd.conf</b></p><div class="example-contents"><pre class="screen">
     551                        </p></li></ol></div></div></div><div class="example"><a name="ch5-massivesmb"></a><p class="title"><b>Example 4.1. Server: MASSIVE (PDC), File: <code class="filename">/etc/samba/smb.conf</code></b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id336925"></a><em class="parameter"><code>workgroup = MEGANET</code></em></td></tr><tr><td><a class="indexterm" name="id336936"></a><em class="parameter"><code>netbios name = MASSIVE</code></em></td></tr><tr><td><a class="indexterm" name="id336948"></a><em class="parameter"><code>interfaces = eth1, lo</code></em></td></tr><tr><td><a class="indexterm" name="id336959"></a><em class="parameter"><code>bind interfaces only = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id336971"></a><em class="parameter"><code>passdb backend = tdbsam</code></em></td></tr><tr><td><a class="indexterm" name="id336982"></a><em class="parameter"><code>smb ports = 139</code></em></td></tr><tr><td><a class="indexterm" name="id336994"></a><em class="parameter"><code>add user script = /usr/sbin/useradd -m '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id337006"></a><em class="parameter"><code>delete user script = /usr/sbin/userdel -r '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id337017"></a><em class="parameter"><code>add group script = /usr/sbin/groupadd '%g'</code></em></td></tr><tr><td><a class="indexterm" name="id337029"></a><em class="parameter"><code>delete group script = /usr/sbin/groupdel '%g'</code></em></td></tr><tr><td><a class="indexterm" name="id337041"></a><em class="parameter"><code>add user to group script = /usr/sbin/usermod -G '%g' '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id337053"></a><em class="parameter"><code>add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody '%u'</code></em></td></tr><tr><td><a class="indexterm" name="id337065"></a><em class="parameter"><code>preferred master = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337076"></a><em class="parameter"><code>wins support = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337088"></a><em class="parameter"><code>include = /etc/samba/dc-common.conf</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[accounts]</code></em></td></tr><tr><td><a class="indexterm" name="id337108"></a><em class="parameter"><code>comment = Accounting Files</code></em></td></tr><tr><td><a class="indexterm" name="id337120"></a><em class="parameter"><code>path = /data/accounts</code></em></td></tr><tr><td><a class="indexterm" name="id337131"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[service]</code></em></td></tr><tr><td><a class="indexterm" name="id337152"></a><em class="parameter"><code>comment = Financial Services Files</code></em></td></tr><tr><td><a class="indexterm" name="id337163"></a><em class="parameter"><code>path = /data/service</code></em></td></tr><tr><td><a class="indexterm" name="id337175"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[pidata]</code></em></td></tr><tr><td><a class="indexterm" name="id337195"></a><em class="parameter"><code>comment = Property Insurance Files</code></em></td></tr><tr><td><a class="indexterm" name="id337207"></a><em class="parameter"><code>path = /data/pidata</code></em></td></tr><tr><td><a class="indexterm" name="id337218"></a><em class="parameter"><code>read only = No</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-dc-common"></a><p class="title"><b>Example 4.2. Server: MASSIVE (PDC), File: <code class="filename">/etc/samba/dc-common.conf</code></b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id337265"></a><em class="parameter"><code>shutdown script = /var/lib/samba/scripts/shutdown.sh</code></em></td></tr><tr><td><a class="indexterm" name="id337277"></a><em class="parameter"><code>abort shutdown script = /sbin/shutdown -c</code></em></td></tr><tr><td><a class="indexterm" name="id337288"></a><em class="parameter"><code>logon script = scripts\logon.bat</code></em></td></tr><tr><td><a class="indexterm" name="id337300"></a><em class="parameter"><code>logon path = \%L\profiles\%U</code></em></td></tr><tr><td><a class="indexterm" name="id337312"></a><em class="parameter"><code>logon drive = X:</code></em></td></tr><tr><td><a class="indexterm" name="id337323"></a><em class="parameter"><code>logon home = \%L\%U</code></em></td></tr><tr><td><a class="indexterm" name="id337335"></a><em class="parameter"><code>domain logons = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337346"></a><em class="parameter"><code>preferred master = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337358"></a><em class="parameter"><code>include = /etc/samba/common.conf</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[homes]</code></em></td></tr><tr><td><a class="indexterm" name="id337378"></a><em class="parameter"><code>comment = Home Directories</code></em></td></tr><tr><td><a class="indexterm" name="id337390"></a><em class="parameter"><code>valid users = %S</code></em></td></tr><tr><td><a class="indexterm" name="id337401"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td><a class="indexterm" name="id337413"></a><em class="parameter"><code>browseable = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[netlogon]</code></em></td></tr><tr><td><a class="indexterm" name="id337433"></a><em class="parameter"><code>comment = Network Logon Service</code></em></td></tr><tr><td><a class="indexterm" name="id337445"></a><em class="parameter"><code>path = /var/lib/samba/netlogon</code></em></td></tr><tr><td><a class="indexterm" name="id337456"></a><em class="parameter"><code>guest ok = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337468"></a><em class="parameter"><code>locking = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[profiles]</code></em></td></tr><tr><td><a class="indexterm" name="id337488"></a><em class="parameter"><code>comment = Profile Share</code></em></td></tr><tr><td><a class="indexterm" name="id337500"></a><em class="parameter"><code>path = /var/lib/samba/profiles</code></em></td></tr><tr><td><a class="indexterm" name="id337511"></a><em class="parameter"><code>read only = No</code></em></td></tr><tr><td><a class="indexterm" name="id337523"></a><em class="parameter"><code>profile acls = Yes</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-commonsmb"></a><p class="title"><b>Example 4.3. Common Samba Configuration File: <code class="filename">/etc/samba/common.conf</code></b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id337566"></a><em class="parameter"><code>username map = /etc/samba/smbusers</code></em></td></tr><tr><td><a class="indexterm" name="id337577"></a><em class="parameter"><code>log level = 1</code></em></td></tr><tr><td><a class="indexterm" name="id337589"></a><em class="parameter"><code>syslog = 0</code></em></td></tr><tr><td><a class="indexterm" name="id337600"></a><em class="parameter"><code>log file = /var/log/samba/%m</code></em></td></tr><tr><td><a class="indexterm" name="id337612"></a><em class="parameter"><code>max log size = 50</code></em></td></tr><tr><td><a class="indexterm" name="id337623"></a><em class="parameter"><code>smb ports = 139</code></em></td></tr><tr><td><a class="indexterm" name="id337635"></a><em class="parameter"><code>name resolve order = wins bcast hosts</code></em></td></tr><tr><td><a class="indexterm" name="id337646"></a><em class="parameter"><code>time server = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337658"></a><em class="parameter"><code>printcap name = CUPS</code></em></td></tr><tr><td><a class="indexterm" name="id337669"></a><em class="parameter"><code>show add printer wizard = No</code></em></td></tr><tr><td><a class="indexterm" name="id337681"></a><em class="parameter"><code>shutdown script = /var/lib/samba/scripts/shutdown.sh</code></em></td></tr><tr><td><a class="indexterm" name="id337693"></a><em class="parameter"><code>abort shutdown script = /sbin/shutdown -c</code></em></td></tr><tr><td><a class="indexterm" name="id337704"></a><em class="parameter"><code>utmp = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337716"></a><em class="parameter"><code>map acl inherit = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337727"></a><em class="parameter"><code>printing = cups</code></em></td></tr><tr><td><a class="indexterm" name="id337739"></a><em class="parameter"><code>veto files = /*.eml/*.nws/*.{*}/</code></em></td></tr><tr><td><a class="indexterm" name="id337750"></a><em class="parameter"><code>veto oplock files = /*.doc/*.xls/*.mdb/</code></em></td></tr><tr><td><a class="indexterm" name="id337762"></a><em class="parameter"><code>include =  </code></em></td></tr><tr><td># Share and Service Definitions are common to all servers</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[printers]</code></em></td></tr><tr><td><a class="indexterm" name="id337786"></a><em class="parameter"><code>comment = SMB Print Spool</code></em></td></tr><tr><td><a class="indexterm" name="id337798"></a><em class="parameter"><code>path = /var/spool/samba</code></em></td></tr><tr><td><a class="indexterm" name="id337809"></a><em class="parameter"><code>guest ok = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337821"></a><em class="parameter"><code>printable = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337832"></a><em class="parameter"><code>use client driver = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337844"></a><em class="parameter"><code>default devmode = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id337855"></a><em class="parameter"><code>browseable = No</code></em></td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[apps]</code></em></td></tr><tr><td><a class="indexterm" name="id337876"></a><em class="parameter"><code>comment = Application Files</code></em></td></tr><tr><td><a class="indexterm" name="id337887"></a><em class="parameter"><code>path = /apps</code></em></td></tr><tr><td><a class="indexterm" name="id337899"></a><em class="parameter"><code>admin users = bjordan</code></em></td></tr><tr><td><a class="indexterm" name="id337910"></a><em class="parameter"><code>read only = No</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-bldg1-smb"></a><p class="title"><b>Example 4.4. Server: BLDG1 (Member), File: smb.conf</b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id337952"></a><em class="parameter"><code>workgroup = MEGANET</code></em></td></tr><tr><td><a class="indexterm" name="id337963"></a><em class="parameter"><code>netbios name = BLDG1</code></em></td></tr><tr><td><a class="indexterm" name="id337975"></a><em class="parameter"><code>include = /etc/samba/dom-mem.conf</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-bldg2-smb"></a><p class="title"><b>Example 4.5. Server: BLDG2 (Member), File: smb.conf</b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id338017"></a><em class="parameter"><code>workgroup = MEGANET</code></em></td></tr><tr><td><a class="indexterm" name="id338029"></a><em class="parameter"><code>netbios name = BLDG2</code></em></td></tr><tr><td><a class="indexterm" name="id338040"></a><em class="parameter"><code>include = /etc/samba/dom-mem.conf</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="ch5-dommem-smb"></a><p class="title"><b>Example 4.6. Common Domain Member Include File: dom-mem.conf</b></p><div class="example-contents"><table border="0" summary="Simple list" class="simplelist"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><em class="parameter"><code>[global]</code></em></td></tr><tr><td><a class="indexterm" name="id338082"></a><em class="parameter"><code>shutdown script = /var/lib/samba/scripts/shutdown.sh</code></em></td></tr><tr><td><a class="indexterm" name="id338094"></a><em class="parameter"><code>abort shutdown script = /sbin/shutdown -c</code></em></td></tr><tr><td><a class="indexterm" name="id338106"></a><em class="parameter"><code>preferred master = Yes</code></em></td></tr><tr><td><a class="indexterm" name="id338117"></a><em class="parameter"><code>wins server = 172.16.0.1</code></em></td></tr><tr><td><a class="indexterm" name="id338129"></a><em class="parameter"><code>idmap uid = 15000-20000</code></em></td></tr><tr><td><a class="indexterm" name="id338140"></a><em class="parameter"><code>idmap gid = 15000-20000</code></em></td></tr><tr><td><a class="indexterm" name="id338152"></a><em class="parameter"><code>include = /etc/samba/common.conf</code></em></td></tr></table></div></div><br class="example-break"><div class="example"><a name="massive-dhcp"></a><p class="title"><b>Example 4.7. Server: MASSIVE, File: dhcpd.conf</b></p><div class="example-contents"><pre class="screen">
    552552# Abmas Accounting Inc.
    553553
     
    899899net groupmap add ntgroup="Insurance Group"     unixgroup=piops type=d
    900900</pre></div></div><br class="example-break"><div class="sect2" title="Process Startup Configuration"><div class="titlepage"><div><div><h3 class="title"><a name="ch5-procstart"></a>Process Startup Configuration</h3></div></div></div><p>
    901                 <a class="indexterm" name="id339909"></a>
    902                 <a class="indexterm" name="id339916"></a>
     901                <a class="indexterm" name="id338437"></a>
     902                <a class="indexterm" name="id338443"></a>
    903903        There are two essential steps to process startup configuration. A process
    904904        must be configured so that it is automatically restarted each time the server
     
    909909        necessary start or kill script is run.
    910910        </p><p>
    911         <a class="indexterm" name="id339948"></a>
     911        <a class="indexterm" name="id338475"></a>
    912912        In the event that a service is provided not as a daemon but via the internetworking
    913913        super daemon (<code class="literal">inetd</code> or <code class="literal">xinetd</code>), then the <code class="literal">chkconfig</code>
     
    919919                are for a Red Hat Linux system, please adapt them to suit the target OS platform on which you
    920920                are installing Samba.
    921         </p><div class="procedure" title="Procedure 4.4. Process Startup Configuration Steps"><a name="id339987"></a><p class="title"><b>Procedure 4.4. Process Startup Configuration Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>
     921        </p><div class="procedure" title="Procedure 4.4. Process Startup Configuration Steps"><a name="id338515"></a><p class="title"><b>Procedure 4.4. Process Startup Configuration Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>
    922922                Use the standard system tool to configure each service to restart
    923923                automatically at every system reboot. For example,
    924                 <a class="indexterm" name="id340000"></a>
     924                <a class="indexterm" name="id338527"></a>
    925925</p><pre class="screen">
    926926<code class="prompt">root# </code> chkconfig dhpc on
     
    931931</pre><p>
    932932                </p></li><li class="step" title="Step 2"><p>
    933                 <a class="indexterm" name="id340049"></a>
    934                 <a class="indexterm" name="id340056"></a>
    935                 <a class="indexterm" name="id340062"></a>
     933                <a class="indexterm" name="id338576"></a>
     934                <a class="indexterm" name="id338583"></a>
     935                <a class="indexterm" name="id338590"></a>
    936936                Now start each service to permit the system to be validated.
    937937                Execute each of the following in the sequence shown:
     
    947947        The procedure for desktop client configuration for the network in this chapter is similar to
    948948        that used for the previous one. There are a few subtle changes that should be noted.
    949         </p><div class="procedure" title="Procedure 4.5. Windows Client Configuration Steps"><a name="id340124"></a><p class="title"><b>Procedure 4.5. Windows Client Configuration Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>
     949        </p><div class="procedure" title="Procedure 4.5. Windows Client Configuration Steps"><a name="id338651"></a><p class="title"><b>Procedure 4.5. Windows Client Configuration Steps</b></p><ol class="procedure" type="1"><li class="step" title="Step 1"><p>
    950950                Install MS Windows XP Professional. During installation, configure the client to use DHCP for
    951951                TCP/IP protocol configuration.
    952                 <a class="indexterm" name="id340136"></a>
    953                 <a class="indexterm" name="id340142"></a>
     952                <a class="indexterm" name="id338663"></a>
     953                <a class="indexterm" name="id338670"></a>
    954954                DHCP configures all Windows clients to use the WINS Server address that has been defined
    955955                for the local subnet.
     
    985985                also configure use of the identical printers that are located in the financial services department.
    986986                Install printers on each machine using the following steps:
    987         </p><div class="procedure" title="Procedure 4.6. Steps to Install Printer Drivers on Windows Clients"><a name="id340259"></a><p class="title"><b>Procedure 4.6. Steps to Install Printer Drivers on Windows Clients</b></p><ol class="procedure" type="1"><li class="step" title="Step 7.1"><p>
     987        </p><div class="procedure" title="Procedure 4.6. Steps to Install Printer Drivers on Windows Clients"><a name="id338786"></a><p class="title"><b>Procedure 4.6. Steps to Install Printer Drivers on Windows Clients</b></p><ol class="procedure" type="1"><li class="step" title="Step 7.1"><p>
    988988                                Click <span class="guimenu">Start</span> &#8594; <span class="guimenuitem">Settings</span> &#8594; <span class="guimenuitem">Printers</span>+<span class="guiicon">Add Printer</span>+<span class="guibutton">Next</span>. Do not click <span class="guimenuitem">Network printer</span>.
    989989                                        Ensure that <span class="guimenuitem">Local printer</span> is selected.
     
    10371037                </p></li><li class="step" title="Step 12"><p>
    10381038                Instruct all users to log onto the workstation using their assigned username and password.
    1039                 </p></li></ol></div></div><div class="sect2" title="Key Points Learned"><div class="titlepage"><div><div><h3 class="title"><a name="id340544"></a>Key Points Learned</h3></div></div></div><p>
     1039                </p></li></ol></div></div><div class="sect2" title="Key Points Learned"><div class="titlepage"><div><div><h3 class="title"><a name="id339071"></a>Key Points Learned</h3></div></div></div><p>
    10401040                The network you have just deployed has been a valuable exercise in forced constraint.
    10411041                You have deployed a network that works well, although you may soon start to see
     
    10531053                        </p></li><li class="listitem"><p>
    10541054                        The introduction of roaming profiles
    1055                         </p></li></ul></div></div></div><div class="sect1" title="Questions and Answers"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id340597"></a>Questions and Answers</h2></div></div></div><p>
    1056         </p><div class="qandaset" title="Frequently Asked Questions"><a name="id340606"></a><dl><dt> <a href="Big500users.html#id340612">
     1055                        </p></li></ul></div></div></div><div class="sect1" title="Questions and Answers"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id339124"></a>Questions and Answers</h2></div></div></div><p>
     1056        </p><div class="qandaset" title="Frequently Asked Questions"><a name="id339133"></a><dl><dt> <a href="Big500users.html#id339140">
    10571057                The example smb.conf files in this chapter make use of the include facility.
    10581058                How may I get to see what the actual working smb.conf settings are?
    1059                 </a></dt><dt> <a href="Big500users.html#id340660">
     1059                </a></dt><dt> <a href="Big500users.html#id339187">
    10601060                Why does the include file common.conf have an empty include statement?
    1061                 </a></dt><dt> <a href="Big500users.html#id340716">
     1061                </a></dt><dt> <a href="Big500users.html#id339244">
    10621062                I accept that the simplest configuration necessary to do the job is the best. The use of tdbsam
    10631063                passdb backend is much simpler than having to manage an LDAP-based ldapsam passdb backend.
    10641064                I tried using rsync to replicate the passdb.tdb, and it seems to work fine!
    10651065                So what is the problem?
    1066                 </a></dt><dt> <a href="Big500users.html#id340766">
     1066                </a></dt><dt> <a href="Big500users.html#id339294">
    10671067                You are using DHCP Relay enabled on the routers as well as a local DHCP server. Will this cause a clash?
    1068                 </a></dt><dt> <a href="Big500users.html#id340791">
     1068                </a></dt><dt> <a href="Big500users.html#id339319">
    10691069                How does the Windows client find the PDC?
    1070                 </a></dt><dt> <a href="Big500users.html#id340811">
     1070                </a></dt><dt> <a href="Big500users.html#id339338">
    10711071                Why did you enable IP forwarding (routing) only on the server called MASSIVE?
    1072                 </a></dt><dt> <a href="Big500users.html#id340838">
     1072                </a></dt><dt> <a href="Big500users.html#id339365">
    10731073                You did nothing special to implement roaming profiles. Why?
    1074                 </a></dt><dt> <a href="Big500users.html#id340856">
     1074                </a></dt><dt> <a href="Big500users.html#id339383">
    10751075                On the domain member computers, you configured winbind in the /etc/nsswitch.conf file.
    10761076                You did not configure any PAM settings. Is this an omission?
    1077                 </a></dt><dt> <a href="Big500users.html#id340883">
     1077                </a></dt><dt> <a href="Big500users.html#id339410">
    10781078                You are starting SWAT up on this example but have not discussed that anywhere. Why did you do this?
    1079                 </a></dt><dt> <a href="Big500users.html#id340920">
     1079                </a></dt><dt> <a href="Big500users.html#id339447">
    10801080                The domain controller has an auto-shutdown script. Isn't that dangerous?
    1081                 </a></dt></dl><table border="0" width="100%" summary="Q and A Set"><col align="left" width="1%"><col><tbody><tr class="question"><td align="left" valign="top"><a name="id340612"></a><a name="id340615"></a></td><td align="left" valign="top"><p>
     1081                </a></dt></dl><table border="0" width="100%" summary="Q and A Set"><col align="left" width="1%"><col><tbody><tr class="question"><td align="left" valign="top"><a name="id339140"></a><a name="id339142"></a></td><td align="left" valign="top"><p>
    10821082                The example <code class="filename">smb.conf</code> files in this chapter make use of the <em class="parameter"><code>include</code></em> facility.
    10831083                How may I get to see what the actual working <code class="filename">smb.conf</code> settings are?
     
    10871087<code class="prompt">root# </code> testparm -s | less
    10881088</pre><p>
    1089                 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id340660"></a><a name="id340662"></a></td><td align="left" valign="top"><p>
     1089                </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339187"></a><a name="id339189"></a></td><td align="left" valign="top"><p>
    10901090                Why does the include file <code class="filename">common.conf</code> have an empty include statement?
    10911091                </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p>
     
    11001100                the include in place, even though the file it points to has already been included. This is a bug
    11011101                that will be fixed at a future date.
    1102                 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id340716"></a><a name="id340718"></a></td><td align="left" valign="top"><p>
     1102                </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339244"></a><a name="id339246"></a></td><td align="left" valign="top"><p>
    11031103                I accept that the simplest configuration necessary to do the job is the best. The use of <em class="parameter"><code>tdbsam</code></em>
    11041104                passdb backend is much simpler than having to manage an LDAP-based <em class="parameter"><code>ldapsam</code></em> passdb backend.
     
    11101110                to log onto the network following a reboot and may have to rejoin the domain to recover network
    11111111                access capability.
    1112                 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id340766"></a><a name="id340769"></a></td><td align="left" valign="top"><p>
     1112                </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339294"></a><a name="id339296"></a></td><td align="left" valign="top"><p>
    11131113                You are using DHCP Relay enabled on the routers as well as a local DHCP server. Will this cause a clash?
    11141114                </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p>
     
    11191119                The only exception to this rule is when the client makes a directed request from a specific DHCP server
    11201120                for renewal of the lease it has. This means that under normal circumstances there is no risk of a clash.
    1121                 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id340791"></a><a name="id340794"></a></td><td align="left" valign="top"><p>
     1121                </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339319"></a><a name="id339321"></a></td><td align="left" valign="top"><p>
    11221122                How does the Windows client find the PDC?
    11231123                </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p>
     
    11261126                to register itself with the WINS server and to obtain enumeration of vital network information to
    11271127                enable it to operate successfully.
    1128                 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id340811"></a><a name="id340813"></a></td><td align="left" valign="top"><p>
     1128                </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339338"></a><a name="id339340"></a></td><td align="left" valign="top"><p>
    11291129                Why did you enable IP forwarding (routing) only on the server called <code class="constant">MASSIVE</code>?
    11301130                </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p>
     
    11331133                Route table entries are needed to direct MASSIVE to send all traffic intended for the remote network
    11341134                segments to the router that is its gateway to them.
    1135                 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id340838"></a><a name="id340840"></a></td><td align="left" valign="top"><p>
     1135                </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339365"></a><a name="id339367"></a></td><td align="left" valign="top"><p>
    11361136                You did nothing special to implement roaming profiles. Why?
    11371137                </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p>
    11381138                Unless configured to do otherwise, the default behavior with Samba-3 and Windows XP Professional
    11391139                clients is to use roaming profiles.
    1140                 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id340856"></a><a name="id340858"></a></td><td align="left" valign="top"><p>
     1140                </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339383"></a><a name="id339385"></a></td><td align="left" valign="top"><p>
    11411141                On the domain member computers, you configured winbind in the <code class="filename">/etc/nsswitch.conf</code> file.
    11421142                You did not configure any PAM settings. Is this an omission?
     
    11471147                to enable the use of winbind. Samba makes use only of the identity resolution facilities of the name
    11481148                service switch (NSS).
    1149                 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id340883"></a><a name="id340885"></a></td><td align="left" valign="top"><p>
     1149                </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339410"></a><a name="id339412"></a></td><td align="left" valign="top"><p>
    11501150                You are starting SWAT up on this example but have not discussed that anywhere. Why did you do this?
    11511151                </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p>
     
    11561156                file but leaves in place a broken reference to the top-layer include file. SWAT was not designed to
    11571157                handle this functionality gracefully.
    1158                 </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id340920"></a><a name="id340922"></a></td><td align="left" valign="top"><p>
     1158                </p></td></tr><tr class="question"><td align="left" valign="top"><a name="id339447"></a><a name="id339449"></a></td><td align="left" valign="top"><p>
    11591159                The domain controller has an auto-shutdown script. Isn't that dangerous?
    11601160                </p></td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><p>
Note: See TracChangeset for help on using the changeset viewer.