Changeset 988 for vendor/current/docs-xml/Samba3-ByExample

vendor/current/docs-xml/Samba3-ByExample/SBE-2000UserNetwork.xml

-              r414
+              r988
         <indexterm><primary>LDAP</primary><secondary>backend</secondary></indexterm>
         <indexterm><primary>SID</primary></indexterm>
         When Samba-3 is configured to use an LDAP backend, it stores the domain
+        When Samba is configured to use an LDAP backend, it stores the domain
         account information in a directory entry. This account entry contains the
         domain SID. An unintended but exploitable side effect is that this makes it
 …
         <indexterm><primary>UID</primary></indexterm>
         <indexterm><primary>GID</primary></indexterm>
         Samba-3 has the ability to use multiple password (authentication and
+        Samba has the ability to use multiple password (authentication and
         identity resolution) backends. The diagram in <link linkend="chap7idres"/>
         demonstrates how Samba uses winbind, LDAP, and NIS, the traditional system
 …
         <indexterm><primary>LDAP</primary></indexterm>
         <indexterm><primary>distributed</primary></indexterm>
+        Samba is capable of using the <constant>smbpasswd</constant>,
+        <constant>tdbsam</constant>, <constant>xmlsam</constant>,
+        and <constant>mysqlsam</constant> authentication databases. The SMB
+        Samba is capable of using the <constant>smbpasswd</constant> and
+        <constant>tdbsam</constant>. The SMB
         passwords can, of course, also be stored in an LDAP ldapsam
         backend. LDAP is the preferred passdb backend for distributed network
 …
         <para>
         <indexterm><primary>passdb backend</primary></indexterm>
+        Additionally, it is possible to use multiple passdb backends
+        concurrently as well as have multiple LDAP backends. As a result, you
+        can specify a failover LDAP backend. The syntax for specifying a
+        You can specify a failover LDAP backend. The syntax for specifying a
         single LDAP backend in &smb.conf; is:
 <screen>
 …
         </figure>
         </para>
-        <para>
-        Some folks have tried to implement this without the use of double quotes. This is the type of entry they
-        created:
-<screen>
-...
-passdb backend = ldapsam:ldap://master.abmas.biz \
-                 ldapsam:ldap://slave.abmas.biz
-...
-</screen>
-        <indexterm><primary>contiguous directory</primary></indexterm>
-        The effect of this style of entry is that Samba lists the users
-        that are in both LDAP databases. If both contain the same information,
-        it results in each record being shown twice. This is, of course, not the
-        solution desired for a failover implementation. The net effect of this
-        configuration is shown in <link linkend="ch7dualadd"/>
-        </para>
-        <figure id="ch7dualadd">
-                <title>Samba Configuration to Use Dual LDAP Databases - Broken - Do Not Use!</title>
-                <imagefile scale="55">ch7-dual-additive-LDAP</imagefile>
-        </figure>
-        <para>
-        If, however, each LDAP database contains unique information, this may
-        well be an advantageous way to effectively integrate multiple LDAP databases
-        into one seemingly contiguous directory. Only the first database will be updated.
-        An example of this configuration is shown in <link linkend="ch7dualok"/>.
-        </para>
-        <figure id="ch7dualok">
-                <title>Samba Configuration to Use Two LDAP Databases - The result is additive.</title>
-                <imagefile scale="55">ch7-dual-additive-LDAP-Ok</imagefile>
-        </figure>
-        <note><para>
-        When the use of ldapsam is specified twice, as shown here, it is imperative
-        that the two LDAP directories must be disjoint. If the entries are for a
-        master LDAP server as well as its own slave server, updates to the LDAP
-        database may end up being lost or corrupted. You may safely use multiple
-        LDAP backends only if both are entirely separate from each other.
-        </para></note>
     <para>
 …
 <smbconfoption name="idmap uid">10000-20000</smbconfoption>
 <smbconfoption name="idmap gid">10000-20000</smbconfoption>
-<smbconfoption name="printer admin">root</smbconfoption>
 <smbconfoption name="printing">cups</smbconfoption>
 </smbconfblock>
 …
                         <listitem><para>
                         <indexterm><primary>LDAP</primary></indexterm><indexterm><primary>BDC</primary></indexterm>
                         Where Samba-3 is used as a domain controller, the use of LDAP is an
+                        Where Samba is used as a domain controller, the use of LDAP is an
                         essential component to permit the use of BDCs.
                         </para></listitem>

vendor/current/docs-xml/Samba3-ByExample/SBE-500UserNetwork.xml

-              r414
+              r988
         <para>
         The Samba-3 networking you explored in <link linkend="secure"/> covers the finer points of
+        The Samba networking you explored in <link linkend="secure"/> covers the finer points of
         configuration of peripheral services such as DHCP and DNS, and WINS. You experienced
         implementation of a simple configuration of the services that are important adjuncts
 …
                         <listitem><para>
                         Joining a Samba-3 domain member server to a Samba-3 domain
+                        Joining a Samba domain member server to a Samba-3 domain
                         </para></listitem>
 …
                 <para>
                 Unless configured to do otherwise, the default behavior with Samba-3 and Windows XP Professional
+                Unless configured to do otherwise, the default behavior with Samba and Windows XP Professional
                 clients is to use roaming profiles.
                 </para>

vendor/current/docs-xml/Samba3-ByExample/SBE-AddingUNIXClients.xml

-              r414
+              r988
         <indexterm><primary>Domain Controller</primary></indexterm>
         The domain member server and the domain member client are at the center of focus in this chapter.
         Configuration of Samba-3 domain controller is covered in earlier chapters, so if your
+        Configuration of Samba domain controller is covered in earlier chapters, so if your
         interest is in domain controller configuration, you will not find that here. You will find good
         oil that helps you to add domain member servers and clients.
 …
 <smbconfoption name="idmap gid">10000-20000</smbconfoption>
 <smbconfoption name="winbind trusted domains only">Yes</smbconfoption>
-<smbconfoption name="printer admin">root</smbconfoption>
 <smbconfoption name="printing">cups</smbconfoption>
 …
 <smbconfoption name="template shell">/bin/bash</smbconfoption>
 <smbconfoption name="winbind separator">+</smbconfoption>
-<smbconfoption name="printer admin">root</smbconfoption>
 <smbconfoption name="hosts allow">192.168.2., 192.168.3., 127.</smbconfoption>
 <smbconfoption name="printing">cups</smbconfoption>
 …
 <smbconfoption name="printcap name">CUPS</smbconfoption>
 <smbconfoption name="wins server">192.168.2.1</smbconfoption>
-<smbconfoption name="printer admin">root</smbconfoption>
 <smbconfoption name="hosts allow">192.168.2., 192.168.3., 127.</smbconfoption>
 <smbconfoption name="printing">cups</smbconfoption>
 …
         <indexterm><primary>Kerberos</primary></indexterm>
         <indexterm><primary>Domain Member</primary><secondary>server</secondary></indexterm>
         One of the much-sought-after features new to Samba-3 is the ability to join an Active Directory
+        One of the much-sought-after features new to Samba is the ability to join an Active Directory
         domain using Kerberos protocols. This makes it possible to operate an entire Windows network
         without the need to run NetBIOS over TCP/IP and permits more secure networking in general. An
         exhaustively complete discussion of the protocols is not possible in this book; perhaps a
         later book may explore the intricacies of the NetBIOS-less operation that Samba-3 can participate
         in. For now, we simply focus on how a Samba-3 server can be made a domain member server.
+        later book may explore the intricacies of the NetBIOS-less operation that Samba can participate
+        in. For now, we simply focus on how a Samba server can be made a domain member server.
         </para>
 …
         <indexterm><primary>Identity resolution</primary></indexterm>
         <indexterm><primary>Kerberos</primary></indexterm>
         The diagram in <link linkend="ch9-adsdc"/> demonstrates how Samba-3 interfaces with
+        The diagram in <link linkend="ch9-adsdc"/> demonstrates how Samba interfaces with
         Microsoft Active Directory components. It should be noted that if Microsoft Windows Services
         for UNIX (SFU) has been installed and correctly configured, it is possible to use client LDAP
         for identity resolution just as can be done with Samba-3 when using an LDAP passdb backend.
+        for identity resolution just as can be done with Samba when using an LDAP passdb backend.
         The UNIX tool that you need for this, as in the case of LDAP on UNIX/Linux, is the PADL
         Software nss_ldap tool-set. Compared with use of winbind and Kerberos, the use of
         LDAP-based identity resolution is a little less secure. In view of the fact that this solution
         requires additional software to be installed on the Windows 200x ADS domain controllers,
         and that means more management overhead, it is likely that most Samba-3 ADS client sites
+        and that means more management overhead, it is likely that most Samba ADS client sites
         may elect to use winbind.
         </para>
         <para>
         Do not attempt to use this procedure if you are not 100 percent certain that the build of Samba-3
+        Do not attempt to use this procedure if you are not 100 percent certain that the build of Samba
         you are using has been compiled and linked with all the tools necessary for this to work.
         Given the importance of this step, you must first validate that the Samba-3 message block
+        Given the importance of this step, you must first validate that the Samba message block
         daemon (<command>smbd</command>) has the necessary features.
         </para>
 …
                 <step><para>
                 <indexterm><primary>smbd</primary></indexterm>
                 Before you try to use Samba-3, you want to know for certain that your executables have
+                Before you try to use Samba, you want to know for certain that your executables have
                 support for Kerberos and for LDAP. Execute the following to identify whether or
                 not this build is perhaps suitable for use:
 …
                 <indexterm><primary>validated</primary></indexterm>
                 The next step is to identify which version of the Kerberos libraries have been used.
                 In order to permit Samba-3 to interoperate with Windows 2003 Active Directory, it is
+                In order to permit Samba to interoperate with Windows 2003 Active Directory, it is
                 essential that it has been linked with either MIT Kerberos version 1.3.1 or later,
                 or that it has been linked with Heimdal Kerberos 0.6 plus specific patches. You may
 …
                 <para>
                 From this point on, you are certain that the Samba-3 build you are using has the
                 necessary capabilities. You can now configure Samba-3 and the NSS.
+                From this point on, you are certain that the Samba build you are using has the
+                necessary capabilities. You can now configure Samba and the NSS.
                 </para></step>
 …
 Joined 'FRAN' to realm 'LONDON.ABMAS.BIZ'
 </screen>
                 You have successfully made your Samba-3 server a member of the ADS domain
+                You have successfully made your Samba server a member of the ADS domain
                 using Kerberos protocols.
                 </para>
 …
                 <indexterm><primary>Active Directory</primary><secondary>server</secondary></indexterm>
                 <indexterm><primary>Kerberos</primary></indexterm>
                 You may now perform final verification that communications between Samba-3 winbind and
+                You may now perform final verification that communications between Samba winbind and
                 the Active Directory server is using Kerberos protocols. Execute the following:
 <screen>
 …
 -------------- End Of Security Descriptor
 </programlisting>
                 And now you have conclusive proof that your Samba-3 ADS domain member server
+                And now you have conclusive proof that your Samba ADS domain member server
                 called <constant>FRAN</constant> is able to communicate fully with the ADS
                 domain controllers.
 …
         <para>
         Your Samba-3 ADS domain member server is ready for use. During training sessions,
+        Your Samba ADS domain member server is ready for use. During training sessions,
         you may be asked what is inside the <filename>winbindd_cache.tdb and winbindd_idmap.tdb</filename>
         files. Since curiosity just took hold of you, execute the following:
 …
 <smbconfoption name="winbind enum groups">No</smbconfoption>
 <smbconfoption name="winbind nested groups">Yes</smbconfoption>
-<smbconfoption name="printer admin">"KPAK\Domain Admins"</smbconfoption>
 </smbconfblock>
 </example>
 …
         <indexterm><primary>ADAM</primary></indexterm>
         <indexterm><primary>ADS</primary></indexterm>
         The storage of IDMAP information in LDAP can be used with both NT4/Samba-3-style domains as well as
+        The storage of IDMAP information in LDAP can be used with both NT4/Samba-style domains as well as
         with ADS domains. OpenLDAP is a commonly used LDAP server for this purpose, although any standards-compliant
         LDAP server can be used. It is therefore possible to deploy this IDMAP configuration using
 …
         <para>
         <indexterm><primary>realm</primary></indexterm>
         In the case of an NT4 or Samba-3-style domain the <parameter>realm</parameter> is not used, and the
+        In the case of an NT4 or Samba-style domain the <parameter>realm</parameter> is not used, and the
         command used to join the domain is <command>net rpc join</command>. The above example also demonstrates
         advanced error reporting techniques that are documented in the chapter called "Reporting Bugs" in
         <quote>The Official Samba-3 HOWTO and Reference Guide, Second Edition</quote> (TOSHARG2).
+        <quote>The Official Samba HOWTO and Reference Guide, Second Edition</quote> (TOSHARG2).
         </para>
 …
         systems logons (SSO), providing user and group accounts are stored in an LDAP directory. This
         provides logon services for UNIX/Linux users, while Windows users obtain their sign-on
         support via Samba-3.
+        support via Samba.
         </para>
 …
                 <para>
                 The following steps provide a Linux system that users can log onto using
                 Windows NT4 (or Samba-3) domain network credentials:
+                Windows NT4 (or Samba) domain network credentials:
                 </para>
 …
                 <para>
                 Is proper DNS operation necessary for Samba-3 plus LDAP? If so, what must I put into
+                Is proper DNS operation necessary for Samba plus LDAP? If so, what must I put into
                 my DNS configuration?
                 </para>
 …
                 <para>
                 Our Windows 2003 Server Active Directory domain runs with NetBIOS disabled. Can we
                 use Samba-3 with that configuration?
+                use Samba with that configuration?
                 </para>
 …
                 <primary>authentication</primary>
               </indexterm>
                 No. This is not okay. It means that your Samba-3 client has joined the ADS domain as
                 a Windows NT4 client, and Samba-3 will not be using Kerberos-based authentication.
+                No. This is not okay. It means that your Samba client has joined the ADS domain as
+                a Windows NT4 client, and Samba will not be using Kerberos-based authentication.
                 </para>

vendor/current/docs-xml/Samba3-ByExample/SBE-Appendix1.xml

-              r414
+              r988
                 <para>
                 Clicking the <guimenu>Network ID</guimenu> button launches the configuration wizard. Do not use this with
                 Samba-3. If you wish to change the computer name, or join or leave the domain, click the <guimenu>Change</guimenu> button.
+                Samba. If you wish to change the computer name, or join or leave the domain, click the <guimenu>Change</guimenu> button.
                 See <link linkend="swxpp004"></link>.
                 <figure id="swxpp004"><title>The Computer Name Panel.</title><imagefile>wxpp004</imagefile></figure>
 …
                 <para>
                 Enter the name <quote>root</quote> and the root password from your Samba-3 server. See <link linkend="swxpp008"></link>.
+                Enter the name <quote>root</quote> and the root password from your Samba server. See <link linkend="swxpp008"></link>.
                 <figure id="swxpp008"><title>Computer Name Changes &smbmdash; User name and Password Panel</title><imagefile>wxpp008</imagefile></figure>
                 </para></step>

vendor/current/docs-xml/Samba3-ByExample/SBE-Appendix2.xml

-              r414
+              r988
         as well as two Microsoft Windows XP Professional Workstations, each equipped with an Ethernet
         card connected using a hub. Also required is one additional server (either Windows
         NT4 Server, Windows 2000 Server, or a Samba-3 on UNIX/Linux server) running a network
+        NT4 Server, Windows 2000 Server, or a Samba on UNIX/Linux server) running a network
         sniffer and analysis application (Wireshark is a good choice). All work should be undertaken
         on a quiet network where there is no other traffic. It is best to use a dedicated hub
 …
         <para>
         Recommended preparatory reading: <emphasis>The Official Samba-3 HOWTO and Reference Guide, Second
+        Recommended preparatory reading: <emphasis>The Official Samba HOWTO and Reference Guide, Second
         Edition</emphasis> (TOSHARG2) Chapter 9, <quote>Network Browsing,</quote> and Chapter 3,
         <quote>Server Types and Security Modes.</quote>
 …
         <sect2>
         <title>Windows 200x/XP Client Interaction with Samba-3</title>
+        <title>Windows 200x/XP Client Interaction with Samba</title>
         <para>
 …
                 database and thus must be stored elsewhere on the UNIX system in a manner that Samba can
                 use. Samba-2.x permitted such encrypted passwords to be stored in the <constant>smbpasswd</constant>
                 file or in an LDAP database. Samba-3 permits use of multiple <parameter>passdb backend</parameter>
+                file or in an LDAP database. Samba permits use of multiple <parameter>passdb backend</parameter>
                 databases in concurrent deployment. Refer to <emphasis>TOSHARG2</emphasis>, Chapter 10, <quote>Account Information Databases.</quote>
                 </para></listitem>
 …
                 <para>
                 Is it possible to reduce network broadcast activity with Samba-3?
+                Is it possible to reduce network broadcast activity with Samba?
                 </para>
 …
                 <note><para>
                 Use of SMB without NetBIOS is possible only on Windows 200x/XP Professional clients and servers, as
                 well as with Samba-3.
+                well as with Samba.
                 </para></note>
 …
                 <para>
                 Samba-3 supports Microsoft encrypted passwords. Be advised not to reintroduce plain-text password handling.
+                Samba supports Microsoft encrypted passwords. Be advised not to reintroduce plain-text password handling.
                 Just create user accounts by running <command>smbpasswd -a 'username'</command>
                 </para>
 …
                 <para>
                 The parameter in the &smb.conf; file that controls this behavior is known as <parameter>encrypt
                 passwords</parameter>. The default setting for this in Samba-3 is <constant>Yes (Enabled)</constant>.
+                passwords</parameter>. The default setting for this in Samba is <constant>Yes (Enabled)</constant>.
                 </para>
 …
                 <para>
                 Is it necessary to specify <smbconfoption name="encrypt passwords">Yes</smbconfoption>
                 when Samba-3 is configured as a domain member?
+                when Samba is configured as a domain member?
                 </para>
 …
                 <para>
                 Is it necessary to specify a <parameter>guest account</parameter> when Samba-3 is configured
+                Is it necessary to specify a <parameter>guest account</parameter> when Samba is configured
                 as a domain member server?
                 </para>

vendor/current/docs-xml/Samba3-ByExample/SBE-DomainAppsSupport.xml

-              r414
+              r988
         <indexterm><primary>ldapsam</primary></indexterm>
         <indexterm><primary>Active Directory</primary></indexterm>
         You've come a long way now. You have pretty much mastered Samba-3 for
         most uses it can be put to. Up until now, you have cast Samba-3 in the leading
+        You've come a long way now. You have pretty much mastered Samba for
+        most uses it can be put to. Up until now, you have cast Samba in the leading
         role, and where authentication was required, you have used one or another of
         Samba's many authentication backends (from flat text files with smbpasswd
 …
         <para>
         You have decided to set the ball rolling by introducing Samba-3 into the network
+        You have decided to set the ball rolling by introducing Samba into the network
         gradually, taking over key services and easing the way to a full migration and,
         therefore, integration into Abmas's existing business later.
 …
                 Functionally, the user's Internet Explorer requests a browsing session with the
                 Squid proxy, for which it offers its AD authentication token. Squid hands off
                 the authentication request to the Samba-3 authentication helper application
+                the authentication request to the Samba authentication helper application
                 called <command>ntlm_auth</command>. This helper is a hook into winbind, the
                 Samba-3 NTLM authentication daemon. Winbind enables UNIX services to authenticate
+                Samba NTLM authentication daemon. Winbind enables UNIX services to authenticate
                 against Microsoft Windows domains, including Active Directory domains. As Active
                 Directory authentication is a modified Kerberos authentication, winbind is assisted
 …
                         <listitem><para>
                         Configuring, compiling, and then installing the supporting Samba-3 components
+                        Configuring, compiling, and then installing the supporting Samba components
                         </para></listitem>
 …
         First, your system needs to be prepared and in a known good state to proceed. This consists
         of making sure that everything the system depends on is present and that everything that could
         interfere or conflict with the system is removed. You will be configuring the Squid and Samba-3
+        interfere or conflict with the system is removed. You will be configuring the Squid and Samba
         packages and updating them if necessary. If conflicting packages of these programs are installed,
         they must be removed.
 …
         <para>
         <indexterm><primary>Active Directory</primary></indexterm>
         Samba must be configured to correctly use Active Directory. Samba-3 must be used, since it
+        Samba must be configured to correctly use Active Directory. Samba must be used, since it
         has the necessary components to interface with Active Directory.
         </para>
         <procedure>
         <title>Securing Samba-3 With ADS Support Steps</title>
+        <title>Securing Samba With ADS Support Steps</title>
                 <step><para>
 …
                 <indexterm><primary>MIT KRB5</primary></indexterm>
                 <indexterm><primary>ntlm_auth</primary></indexterm>
                 Download the latest stable Samba-3 for Red Hat Linux from the official Samba Team
+                Download the latest stable Samba for Red Hat Linux from the official Samba Team
                 <ulink url="http://ftp.samba.org">FTP site.</ulink> The official Samba Team
                 RPMs for Red Hat Fedora Linux contain the <command>ntlm_auth</command> tool
 …
                 <indexterm><primary>Squid</primary></indexterm>
                 <indexterm><primary>ntlm_auth</primary></indexterm>
                 Squid uses the <command>ntlm_auth</command> helper build with Samba-3.
+                Squid uses the <command>ntlm_auth</command> helper build with Samba.
                 You may test <command>ntlm_auth</command> with the command:
 <screen>
 …
         <indexterm><primary>winbind</primary></indexterm>
         <indexterm><primary>authentication</primary></indexterm>
         For Squid to benefit from Samba-3, NSS must be updated to allow winbind as a valid route to user authentication.
+        For Squid to benefit from Samba, NSS must be updated to allow winbind as a valid route to user authentication.
         </para>
 …
         <indexterm><primary>Squid</primary></indexterm>
         <indexterm><primary>Active Directory</primary><secondary>authentication</secondary></indexterm>
         Squid must be configured correctly to interact with the Samba-3
+        Squid must be configured correctly to interact with the Samba
         components that handle Active Directory authentication.
         </para>
 …
                 <indexterm><primary>smbd</primary></indexterm>
                 <indexterm><primary>file and print server</primary></indexterm>
                 Samba-3 is a file and print server. The core components that provide this functionality are <command>smbd</command>,
+                Samba is a file and print server. The core components that provide this functionality are <command>smbd</command>,
                 <command>nmbd</command>, and the identity resolver daemon, <command>winbindd</command>.
                 </para>
 …
                 <indexterm><primary>SMB/CIFS</primary></indexterm>
                 <indexterm><primary>smbclient</primary></indexterm>
                 Samba-3 is an SMB/CIFS client. The core component that provides this is called <command>smbclient</command>.
+                Samba is an SMB/CIFS client. The core component that provides this is called <command>smbclient</command>.
                 </para>
 …
                 <indexterm><primary>inter-operability</primary></indexterm>
                 <indexterm><primary>authentication</primary></indexterm>
                 Samba-3 includes a number of helper tools, plug-in modules, utilities, and test and validation facilities.
                 Samba-3 includes glue modules that help provide interoperability between MS Windows clients and UNIX/Linux
+                Samba includes a number of helper tools, plug-in modules, utilities, and test and validation facilities.
+                Samba includes glue modules that help provide interoperability between MS Windows clients and UNIX/Linux
                 servers and clients. It includes Winbind agents that make it possible to authenticate UNIX/Linux access attempts
                 as well as logins to an SMB/CIFS authentication server backend. Samba-3 includes name service switch (NSS) modules
+                as well as logins to an SMB/CIFS authentication server backend. Samba includes name service switch (NSS) modules
                 to permit identity resolution via SMB/CIFS servers (Windows NT4/200x, Samba, and a host of other commercial
                 server products).

vendor/current/docs-xml/Samba3-ByExample/SBE-HighAvailability.xml

-              r414
+              r988
         to wrap up the theme and contents of a book in what is generally regarded as the
         chapter that should draw conclusions. This book is a suspense thriller, and since
         the plot of the stories told mostly lead you to bigger, better Samba-3 networking
+        the plot of the stories told mostly lead you to bigger, better Samba networking
         solutions, it is perhaps appropriate to close this book with a few pertinent comments
         regarding some of the things everyone can do to deliver a reliable Samba-3 network.
+        regarding some of the things everyone can do to deliver a reliable Samba network.
         </para>

vendor/current/docs-xml/Samba3-ByExample/SBE-MakingHappyUsers.xml

-              r746
+              r988
         The implementation of Samba BDCs necessitates the installation and configuration of LDAP.
         For this site, you use OpenLDAP, the open source software LDAP server platform. Commercial
         LDAP servers in current use with Samba-3 include:
+        LDAP servers in current use with Samba include:
         </para>
 …
         offerings, it requires that you manually edit the server configuration files and manually
         initialize the LDAP directory database. OpenLDAP itself has only command-line tools to
         help you to get OpenLDAP and Samba-3 running as required, albeit with some learning curve challenges.
+        help you to get OpenLDAP and Samba running as required, albeit with some learning curve challenges.
         </para>
 …
         tools and the creation of shell and Perl scripts a bit
         challenging. OpenLDAP can be easily customized, though it includes
         many ready-to-use schemas. Samba-3 provides an OpenLDAP schema file
+        many ready-to-use schemas. Samba provides an OpenLDAP schema file
         that is required for use as a passdb backend.
         </para>
 …
         <para>
         <indexterm><primary>interoperability</primary></indexterm>
         For those who are willing to brave the process of installing and configuring LDAP and Samba-3 interoperability,
+        For those who are willing to brave the process of installing and configuring LDAP and Samba interoperability,
         there are a few nice Web-based tools that may help you to manage your users and groups more effectively.
         The Web-based tools you might like to consider include the
 …
         server for UNIX system accounts as well as for Samba. From the OpenLDAP perspective, UNIX system
         accounts are stored POSIX schema extensions. Samba provides its own schema to permit storage of account
         attributes Samba needs. Samba-3 can use the LDAP backend to store:
+        attributes Samba needs. Samba can use the LDAP backend to store:
         </para>
 …
         <indexterm><primary>UID</primary></indexterm>
         <indexterm><primary>nss_ldap</primary></indexterm>
         The use of LDAP with Samba-3 makes it necessary to store UNIX accounts as well as Windows Networking
+        The use of LDAP with Samba makes it necessary to store UNIX accounts as well as Windows Networking
         accounts in the LDAP backend. This implies the need to use the
         <ulink url="http://www.padl.com/Contents/OpenSourceSoftware.html">PADL LDAP tools</ulink>. The resolution
 …
                 <para>
                 This book is about Samba-3, so you can confine the printing style to just the smart
+                This book is about Samba, so you can confine the printing style to just the smart
                 style of installation. Those interested in further information regarding intelligent
                 printing should review documentation on the Easy Software Products Web site.
 …
         <itemizedlist>
                 <listitem><para>Samba-3 PDC Server Configuration</para>
+                <listitem><para>Samba PDC Server Configuration</para>
                         <orderedlist>
                                 <listitem><para>DHCP and DNS servers</para></listitem>
                                 <listitem><para>OpenLDAP server</para></listitem>
                                 <listitem><para>PAM and NSS client tools</para></listitem>
                                 <listitem><para>Samba-3 PDC</para></listitem>
+                                <listitem><para>Samba PDC</para></listitem>
                                 <listitem><para>Idealx smbldap scripts</para></listitem>
                                 <listitem><para>LDAP initialization</para></listitem>
 …
                         </orderedlist>
                 </listitem>
                 <listitem><para>Samba-3 BDC Server Configuration</para>
+                <listitem><para>Samba BDC Server Configuration</para>
                         <orderedlist>
                                 <listitem><para>DHCP and DNS servers</para></listitem>
 …
         <para>
         Samba-3 and OpenLDAP will have a degree of interdependence that is unavoidable. The method
         for bootstrapping the LDAP and Samba-3 configuration is relatively straightforward. If you
+        Samba and OpenLDAP will have a degree of interdependence that is unavoidable. The method
+        for bootstrapping the LDAP and Samba configuration is relatively straightforward. If you
         follow these guidelines, the resulting system should work fine.
         </para>
 …
                 <indexterm><primary>secrets.tdb</primary></indexterm>
                 <indexterm><primary>smbpasswd</primary></indexterm>
                 Samba-3 communicates with the LDAP server. The password that it uses to
+                Samba communicates with the LDAP server. The password that it uses to
                 authenticate to the LDAP server must be stored in the <filename>secrets.tdb</filename>
                 file. Execute the following to create the new <filename>secrets.tdb</filename> files
 …
                 <indexterm><primary>smbd</primary></indexterm>
                 <indexterm><primary>net</primary><secondary>getlocalsid</secondary></indexterm>
                 Samba-3 generates a Windows Security Identifier (SID) only when <command>smbd</command>
+                Samba generates a Windows Security Identifier (SID) only when <command>smbd</command>
                 has been started. For this reason, you start Samba. After a few seconds delay,
                 execute:
 …
         <para>
         Your Samba-3 PDC is now ready to communicate with the LDAP password backend. Let's get on with
+        Your Samba PDC is now ready to communicate with the LDAP password backend. Let's get on with
         configuration of the LDAP server.
         </para>
 …
         <para>
         <indexterm><primary>Idealx</primary><secondary>smbldap-tools</secondary></indexterm>
         The Idealx scripts, or equivalent, are necessary to permit Samba-3 to manage accounts
+        The Idealx scripts, or equivalent, are necessary to permit Samba to manage accounts
         on the LDAP server. You have chosen the Idealx scripts because they are the best-known
         LDAP configuration scripts. The use of these scripts will help avoid the necessity
 …
         <para>
         At this time, Samba-3 requires that on a PDC all UNIX (POSIX) group accounts that are
+        At this time, Samba requires that on a PDC all UNIX (POSIX) group accounts that are
         mapped (linked) to Windows domain group accounts must be in the LDAP database. It does not
         hurt to have UNIX user and group accounts in both the system files as well as in the LDAP
 …
         <indexterm><primary>directory</primary><secondary>Computers container</secondary></indexterm>
         In the following examples, as the LDAP database is initialized, we do create a container
         for Computer (machine) accounts. In the Samba-3 &smb.conf; files, specific use is made
+        for Computer (machine) accounts. In the Samba &smb.conf; files, specific use is made
         of the People container, not the Computers container, for domain member accounts. This is not a
         mistake; it is a deliberate action that is necessitated by the fact that the resolution of
 …
                 <indexterm><primary>ldapsam</primary></indexterm>
                 <indexterm><primary>pdbedit</primary></indexterm>
                 The final validation step involves making certain that Samba-3 can obtain the user
+                The final validation step involves making certain that Samba can obtain the user
                 accounts from the LDAP ldapsam passwd backend. Execute the following command as shown:
 <screen>
 …
                 <step><para>
                 The server you have so carefully built is now ready for another important step. You
                 start the Samba-3 server and validate its operation. Execute the following to render all
+                start the Samba server and validate its operation. Execute the following to render all
                 the processes needed fully operative so that, on system reboot, they are automatically
                 started:
 …
                 <step><para>
                 <indexterm><primary>smbclient</primary></indexterm>
                 You may now check Samba-3 operation as follows:
+                You may now check Samba operation as follows:
 <screen>
 &rootprompt; smbclient -L massive -U%
 …
         <para>
         <indexterm><primary>CUPS</primary></indexterm>
         The configuration for Samba-3 to enable CUPS raw-print-through printing has already been
+        The configuration for Samba to enable CUPS raw-print-through printing has already been
         taken care of in the &smb.conf; file. The only preparation needed for <constant>smart</constant>
         printing to be possible involves creation of the directories in which Samba-3 stores
+        printing to be possible involves creation of the directories in which Samba stores
         Windows printing driver files.
         </para>
 …
 <sect1 id="sbehap-bldg1">
         <title>Samba-3 BDC Configuration</title>
+        <title>Samba BDC Configuration</title>
         <procedure>
 …
                 <step><para>
                 <indexterm><primary>smbpasswd</primary></indexterm>
                 You must now set the LDAP administrative password into the Samba-3 <filename>secrets.tdb</filename>
+                You must now set the LDAP administrative password into the Samba <filename>secrets.tdb</filename>
                 file by executing this command:
 <screen>
 …
                 Now you must obtain the domain SID from the PDC and store it into the
                 <filename>secrets.tdb</filename> file also. This step is not necessary with an LDAP
                 passdb backend because Samba-3 obtains the domain SID from the
+                passdb backend because Samba obtains the domain SID from the
                 sambaDomain object it automatically stores in the LDAP backend. It does not hurt to
                 add the SID to the <filename>secrets.tdb</filename>, and if you wish to do so, this
 …
                            for Domain MEGANET2 in secrets.tdb
 </screen>
                 When configuring a Samba-3 BDC that has an LDAP backend, there is no need to take
+                When configuring a Samba BDC that has an LDAP backend, there is no need to take
                 any special action to join it to the domain. However, winbind communicates with the
                 domain controller that is running on the localhost and must be able to authenticate,
 …
                         <primary>pdbedit</primary>
                 </indexterm>
                 Verify that user and group account resolution works via Samba-3 tools as follows:
+                Verify that user and group account resolution works via Samba tools as follows:
 <screen>
 &rootprompt; pdbedit -L
 …
                 <step><para>
                 The server you have so carefully built is now ready for another important step. Now
                 start the Samba-3 server and validate its operation. Execute the following to render all
+                start the Samba server and validate its operation. Execute the following to render all
                 the processes needed fully operative so that, upon system reboot, they are automatically
                 started:
 …
 &rootprompt; rcwinbind start
 </screen>
                 Samba-3 should now be running and is ready for a quick test. But not quite yet!
+                Samba should now be running and is ready for a quick test. But not quite yet!
                 </para></step>

vendor/current/docs-xml/Samba3-ByExample/SBE-MigrateNT4Samba3.xml

-              r414
+              r988
 <!DOCTYPE chapter PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
 <chapter id="ntmigration">
   <title>Migrating NT4 Domain to Samba-3</title>
+  <title>Migrating NT4 Domain to Samba</title>
         <para>
         Ever since Microsoft announced that it was discontinuing support for Windows
         NT4, Samba users started to ask for detailed instructions on how to migrate
         from NT4 to Samba-3. This chapter provides background information that should
+        from NT4 to Samba. This chapter provides background information that should
         meet these needs.
         </para>
 …
         <indexterm><primary>accounts</primary><secondary>group</secondary></indexterm>
         <indexterm><primary>accounts</primary><secondary>machine</secondary></indexterm>
         The migration from NT4 to Samba-3 can involve a number of factors, including
+        The migration from NT4 to Samba can involve a number of factors, including
         migration of data to another server, migration of network environment controls
         such as group policies, and migration of the users, groups, and machine
 …
         <indexterm><primary>accounts</primary><secondary>Domain</secondary></indexterm>
         It should be pointed out now that it is possible to migrate some systems from
         a Windows NT4 domain environment to a Samba-3 domain environment. This is certainly
+        a Windows NT4 domain environment to a Samba domain environment. This is certainly
         not possible in every case. It is possible to just migrate the domain accounts
         to Samba-3 and then to switch machines, but as a hands-off transition, this is more
+        to Samba and then to switch machines, but as a hands-off transition, this is more
         the exception than the rule. Most systems require some tweaking after
         migration before an environment that is acceptable for immediate use
 …
         <indexterm><primary>passdb backend</primary></indexterm>
         You are about to migrate an MS Windows NT4 domain accounts database to
         a Samba-3 server. The Samba-3 server is using a
+        a Samba server. The Samba-3 server is using a
         <parameter>passdb backend</parameter> based on LDAP. The
         <constant>ldapsam</constant> is ideal because an LDAP backend can be distributed
 …
         <para>
         Your objective is to document the process of migrating user and group accounts
         from several NT4 domains into a single Samba-3 LDAP backend database.
+        from several NT4 domains into a single Samba LDAP backend database.
         </para>
 …
         <indexterm><primary>migration</primary><secondary>objectives</secondary></indexterm>
         <indexterm><primary>disruptive</primary></indexterm>
         Before commencing an NT4 to Samba-3 migration, you should consider what your objectives are.
         While in some cases it is possible simply to migrate an NT4 domain to a single Samba-3 server,
+        Before commencing an NT4 to Samba migration, you should consider what your objectives are.
+        While in some cases it is possible simply to migrate an NT4 domain to a single Samba server,
         that may not be a good idea from an administration perspective. Since the process involves going
         through a certain amount of disruptive activity anyhow, why not take this opportunity to
 …
         particularly Windows XP Professional. The migration provides opportunity to revise and update
         roaming profile deployment as well as folder redirection. Given that you must port the
         greater network configuration of this from the old NT4 server to the new Samba-3 server.
+        greater network configuration of this from the old NT4 server to the new Samba server.
         Do not forget to validate the security descriptors in the profiles share as well as network logon
         scripts. Feedback from sites that are migrating to Samba-3 suggests that many are using this
+        scripts. Feedback from sites that are migrating to Samba suggests that many are using this
         as a good time to update desktop systems also. In all, the extra effort should constitute no
         real disruption to users, but rather, with due diligence and care, should make their network experience
 …
         <indexterm><primary>strategic</primary></indexterm>
         <indexterm><primary>active directory</primary></indexterm>
         Migration of an NT4 domain user and group database to Samba-3 involves a certain strategic
+        Migration of an NT4 domain user and group database to Samba involves a certain strategic
         element. Many sites have asked for instructions regarding merging of multiple NT4
         domains into one Samba-3 LDAP database. It seems that this is viewed as a significant
+        domains into one Samba LDAP database. It seems that this is viewed as a significant
         added value compared with the alternative of migration to Windows Server 200x and Active
         Directory. The diagram in <link linkend="ch8-migration"/> illustrates the effect of migration
 …
         <para>
         The merging of multiple Windows NT4-style domains into a single LDAP-backend-based Samba-3
+        The merging of multiple Windows NT4-style domains into a single LDAP-backend-based Samba
         domain may be seen by those who had power over them as a loss of prestige or a loss of
         power. The imposition of a single domain may even be seen as a threat. So in migrating and
 …
         <para>
         The best advice that can be given to those who set out to merge NT4 domains into a single
         Samba-3 domain is to promote (sell) the action as one that reduces costs and delivers
+        Samba domain is to promote (sell) the action as one that reduces costs and delivers
         greater network interoperability and manageability.
         </para>
 …
         <para>
         From feedback on the Samba mailing lists, it seems that most Windows NT4 migrations
         to Samba-3 are being performed using a new server or a new installation of a Linux or UNIX
+        to Samba are being performed using a new server or a new installation of a Linux or UNIX
         server. If you contemplate doing this, please note that the steps that follow in this
         chapter assume familiarity with the information that has been previously covered in this
 …
         <para>
         We present here the steps and example output for two NT4 to Samba-3 domain migrations. The
+        We present here the steps and example output for two NT4 to Samba domain migrations. The
         first uses an LDAP-based backend, and the second uses a tdbsam backend. In each case the
         scripts you specify in the &smb.conf; file for the <parameter>add user script</parameter>
 …
         <itemizedlist>
                 <listitem><para>
                 Prepare the target Samba-3 server. This involves configuring Samba-3 for
+                Prepare the target Samba server. This involves configuring Samba-3 for
                 migration to either a tdbsam or an ldapsam backend.
                 </para></listitem>
 …
                 <listitem><para>
                 Upgrade the Samba-3 server from a BDC to a PDC, and validate all account
+                Upgrade the Samba server from a BDC to a PDC, and validate all account
                 information.
                 </para></listitem>
 …
         <para>
         In this example, the migration is of an NT4 PDC to a Samba-3 PDC with an LDAP backend. The accounts about
+        In this example, the migration is of an NT4 PDC to a Samba PDC with an LDAP backend. The accounts about
         to be migrated are shown in <link linkend="NT4DUM"/>. In this example use is made of the
         smbldap-tools scripts to add the accounts that are migrated into the ldapsam passdb backend.
 …
 <example id="sbent4smb">
 <title>NT4 Migration Samba-3 Server <filename>smb.conf</filename> &smbmdash; Part: A</title>
+<title>NT4 Migration Samba Server <filename>smb.conf</filename> &smbmdash; Part: A</title>
 <smbconfblock>
 <smbconfsection name="[global]"/>
 …
 <example id="sbent4smb2">
 <title>NT4 Migration Samba-3 Server <filename>smb.conf</filename> &smbmdash; Part: B</title>
+<title>NT4 Migration Samba Server <filename>smb.conf</filename> &smbmdash; Part: B</title>
 <smbconfblock>
 <smbconfsection name="[apps]"/>
 …
                 <para>
                 Another way to obtain the domain SID from the target NT4 domain that is being
                 migrated to Samba-3 is by executing the following:
+                migrated to Samba is by executing the following:
 <screen>
 &rootprompt; net rpc info -S TRANSGRESSION
 …
                 <step><para>
                 Now it is time to join the Samba BDC to the target NT4 domain that is being
                 migrated to Samba-3 by executing the following:
+                migrated to Samba by executing the following:
 <screen>
 &rootprompt; net rpc join -S TRANSGRESSION -U Administrator%not24get
 …
                 <step><para>
                 The final responsibility in the migration process is to create identical
                 shares and printing resources on the new Samba-3 server, copy all data
+                shares and printing resources on the new Samba server, copy all data
                 across, set up privileges, and set share and file/directory access controls.
                 </para></step>
 …
                 <step><para>
                 Now shut down the old NT4 PDC. Only when the old NT4 PDC and all
                 NT4 BDCs have been shut down can the Samba-3 PDC be started.
+                NT4 BDCs have been shut down can the Samba PDC be started.
                 </para></step>
 …
                 <step><para>
                 The configuration of Samba-3 BDC servers can be accomplished now or at any
+                The configuration of Samba BDC servers can be accomplished now or at any
                 convenient time in the future. Please refer to the carefully detailed process
                 for doing so is outlined in <link linkend="sbehap-bldg1"/>.
 …
                 <step><para>
                 Prepare a Samba-3 server precisely per the instructions shown in <link linkend="Big500users"/>.
+                Prepare a Samba server precisely per the instructions shown in <link linkend="Big500users"/>.
                 Set the workgroup name to <constant>MEGANET</constant>.
                 </para></step>
 …
                 <para>
                 Migration of an NT4 PDC database to a Samba-3 PDC is possible.
+                Migration of an NT4 PDC database to a Samba PDC is possible.
                 </para>
 …
                         <listitem><para>
                         Multiple NT4 domains can be merged into a single Samba-3
+                        Multiple NT4 domains can be merged into a single Samba
                         domain.
                         </para></listitem>
                         <listitem><para>
                         The net Samba-3 domain most likely requires some
+                        The net Samba domain most likely requires some
                         administration and updating before going live.
                         </para></listitem>
 …
                 <primary>LDAP database</primary>
               </indexterm>
                 Samba-3 must be able to tie all user and group account SIDs to a UNIX UID or GID. Samba
+                Samba must be able to tie all user and group account SIDs to a UNIX UID or GID. Samba
                 does not fabricate the UNIX IDs from thin air, but rather requires them to be located
                 in a suitable place.
 …
               </indexterm>
                 I want to change my domain name after I migrate all accounts from an NT4 domain to a
                 Samba-3 domain. Does it make any sense to migrate the machine accounts in that case?
+                Samba domain. Does it make any sense to migrate the machine accounts in that case?
                 </para>
 …
                 I would recommend not to migrate the machine account. The machine accounts should still work, but there are registry entries
                 on each Windows NT4 and upward client that have a tattoo of the old domain name. If you
                 unjoin the domain and then rejoin the newly renamed Samba-3 domain, you can be certain to avoid
+                unjoin the domain and then rejoin the newly renamed Samba domain, you can be certain to avoid
                 this tattooing effect.
                 </para>
 …
                 <primary>multiple group mappings</primary>
               </indexterm>
                 After merging multiple NT4 domains into a Samba-3 domain, I lost all multiple group mappings. Why?
+                After merging multiple NT4 domains into a Samba domain, I lost all multiple group mappings. Why?
                 </para>
 …
                 <primary>/etc/group</primary>
               </indexterm>
                 Samba-3 currently does not implement multiple group membership internally. If you use the Windows
+                Samba currently does not implement multiple group membership internally. If you use the Windows
                 NT4 Domain User Manager to manage accounts and you have an LDAP backend, the multiple group
                 membership is stored in the POSIX groups area. If you use either tdbsam or smbpasswd backend,
 …
                 <primary>vampire</primary>
               </indexterm>
                 My Windows NT4 PDC has 323,000 user accounts. How long will it take to migrate them to a Samba-3
+                My Windows NT4 PDC has 323,000 user accounts. How long will it take to migrate them to a Samba
                 LDAP backend system using the vampire process?
                 </para>

vendor/current/docs-xml/Samba3-ByExample/SBE-MigrateNW4Samba3.xml

-              r414
+              r988
 <!DOCTYPE chapter PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
 <chapter id="nw4migration">
   <title>Migrating NetWare Server to Samba-3</title>
+  <title>Migrating NetWare Server to Samba</title>
         <para>
 …
         the information presented in this chapter is provided to demonstrate
         how Misty dealt with a particular NetWare migration requirement, and
         it provides an overall approach to the implementation of a Samba-3
+        it provides an overall approach to the implementation of a Samba
         environment that is significantly divergent from that presented in
         <link linkend="happy"/>.

vendor/current/docs-xml/Samba3-ByExample/SBE-SecureOfficeServer.xml

-              r414
+              r988
         and dependability. It was enough for the basic needs each was designed to fulfill. In
         this chapter you address a more complex set of needs. The solution you explore
         introduces you to basic features that are specific to Samba-3.
+        introduces you to basic features that are specific to Samba.
         </para>
         <para>
         You should note that a working and secure solution could be implemented using Samba-2.2.x.
         In the exercises presented here, you are gradually using more Samba-3-specific features,
+        In the exercises presented here, you are gradually using more Samba-specific features,
         so caution is advised for anyone who tries to use Samba-2.2.x with the guidance here given.
         To avoid confusion, this book is all about Samba-3. Let's get the exercises in this
+        To avoid confusion, this book is all about Samba. Let's get the exercises in this
         chapter underway.
         </para>
 …
         <para>
         Many of the conclusions you draw here are obvious. Some requirements are not very clear
         or may simply be your means of drawing the most out of Samba-3. Much can be done more simply
+        or may simply be your means of drawing the most out of Samba. Much can be done more simply
         than you will demonstrate here, but keep in mind that the network must scale to at least 500
         users. This means that some functionality will be overdesigned for the current 130-user
 …
                 The configuration of Web serving, Web proxy services, electronic mail, and the details of
                 generic antivirus handling are beyond the scope of this book and therefore are not
                 covered except insofar as this affects Samba-3.
+                covered except insofar as this affects Samba.
                 </para>
 …
                 <step><para>
                 Install the Samba-3 binary RPM from the Samba-Team FTP site. Assuming that the binary
+                Install the Samba binary RPM from the Samba-Team FTP site. Assuming that the binary
                 RPM file is called <filename>samba-3.0.20-1.i386.rpm</filename>, one way to install this
                 file is as follows:
 …
                         <para>
                         <indexterm><primary>GPL</primary></indexterm>
+                        Samba is provided under the terms of the GNU GPL Version 2, a copy of which is provided
+                        Samba is provided under the terms of the GNU
+                        GPL Version 3, a copy of which is provided
                         with the source code.
                         </para>
 …
                 The guideline provided in <emphasis>TOSHARG2</emphasis>, Chapter 10, Section 10.1.2,
                 is to limit the number of accounts in the tdbsam backend to 250. This is the point
                 at which most networks tend to want backup domain controllers (BDCs). Samba-3 does
+                at which most networks tend to want backup domain controllers (BDCs). Samba does
                 not provide a mechanism for replicating tdbsam data so it can be used by a BDC. The
                 limitation of 250 users per tdbsam is predicated only on the need for replication,
 …
                 <para>
                 The default order by which Samba-3 attempts to communicate with MS Windows clients is via port 445 (the TCP port
+                The default order by which Samba attempts to communicate with MS Windows clients is via port 445 (the TCP port
                 used by Windows clients when NetBIOS-less SMB over TCP/IP is in use). TCP port 139 is the primary port used for NetBIOS
                 over TCP/IP. In this configuration Windows network operations are predicated around NetBIOS over TCP/IP. By
                 specifying the use of only port 139, the intent is to reduce unsuccessful service connection attempts.
                 The result of this is improved network performance. Where Samba-3 is installed as an Active Directory Domain
+                The result of this is improved network performance. Where Samba is installed as an Active Directory Domain
                 member, the default behavior is highly beneficial and should not be changed.
                 </para>

vendor/current/docs-xml/Samba3-ByExample/SBE-SimpleOfficeServer.xml

-              r414
+              r988
         Instead of a bland technical discussion, each principle is demonstrated by way of a
         real-world scenario for which a working solution<footnote><para>The examples given mirror those documented
         in The Official Samba-3 HOWTO and Reference Guide, Second Edition (TOSHARG2) Chapter 2, Section 2.3.1. You may gain additional
+        in The Official Samba HOWTO and Reference Guide, Second Edition (TOSHARG2) Chapter 2, Section 2.3.1. You may gain additional
         insight from the standalone server configurations covered in TOSHARG2, sections 2.3.1.2 through 2.3.1.4.
         </para></footnote> is fully described.
 …
                         <step><para>
                         Download the Samba-3 RPM packages for Red Hat Fedora Core2 from the Samba
+                        Download the Samba RPM packages for Red Hat Fedora Core2 from the Samba
                         <ulink url="http://www.samba.org">FTP servers.</ulink>
                         </para></step>
 …
                                 created. Any new directories created still have the same owner, group, and permissions as the
                                 directory they are in. This should eliminate all permissions-based file access problems.  For
                                 more information on this subject, refer to TOSHARG2<footnote><para>The Official Samba-3 HOWTO and
+                                more information on this subject, refer to TOSHARG2<footnote><para>The Official Samba HOWTO and
                                                 Reference Guide, Chapter 15, File, Directory and Share Access Controls.</para></footnote> or refer
                                 to the UNIX man page for the <command>chmod</command> and the <command>chown</command> commands.
 …
                                 Install the &smb.conf; file shown in <link linkend="charity-smbconfnew"/> in the
                                 <filename>/etc/samba</filename> directory. This newer &smb.conf; file uses user-mode security
                                 and is more suited to the mode of operation of Samba-3 than the older share-mode security
+                                and is more suited to the mode of operation of Samba than the older share-mode security
                                 configuration that was shown in the first edition of this book.
                                 </para>
 …
                 <procedure>
                 <title>Migration from Windows NT4 Workstation System to Samba-3</title>
+                <title>Migration from Windows NT4 Workstation System to Samba</title>
             <step><para><indexterm>
 …
                         <step><para>
                         Install the latest Samba-3 binary Red Hat Linux RPM that is available from the
+                        Install the latest Samba binary Red Hat Linux RPM that is available from the
                         Samba FTP site.
                         </para></step>
 …
                         <step><para>
                         Verify that the files are being copied correctly from the Windows NT4 machine to the Samba-3 server.
                         This is best done on the Samba-3 server. Check the contents of the directory tree under
+                        Verify that the files are being copied correctly from the Windows NT4 machine to the Samba server.
+                        This is best done on the Samba server. Check the contents of the directory tree under
                         <filename>/data</filename> by executing the following command:
 <screen>

vendor/current/docs-xml/Samba3-ByExample/SBE-Support.xml

r414	r988
77	77	url="https://lists.samba.org/mailman/">web</ulink> site. The public mailing list that can be used to obtain
78	78	free, user contributed, support is called the <literal>samba</literal> list. The email address for this list
79		is at <literal>mail:samba@samba.org</literal>. Information regarding the Samba IRC channels may be found on
	79	is at <literal>mail:samba@lists.samba.org</literal>. Information regarding the Samba IRC channels may be found on
80	80	the Samba <ulink url="http://www.samba.org/samba.irc.html">IRC</ulink> web page.
81	81	</para>

vendor/current/docs-xml/Samba3-ByExample/SBE-TheSmallOffice.xml

-              r414
+              r988
                 with Samba-2.2.x series releases. This is deliberate so that in the next chapter it is
                 possible to start with the installation that you have created here, migrate it
                 to a Samba-3 configuration, and then secure the system further. Configurations following
+                to a Samba configuration, and then secure the system further. Configurations following
                 this one utilize features that may not be supported in Samba-2.2.x releases.
                 However, you should note that the examples in each chapter start with the assumption
 …
                 <step><para>
                 Install the Samba-3 binary RPM from the Samba-Team FTP site.
+                Install the Samba binary RPM from the Samba-Team FTP site.
                 </para></step>
 …
                 <para>
                 Samba-3 does not permit a Domain Group to become visible to Domain network clients unless the account
+                Samba does not permit a Domain Group to become visible to Domain network clients unless the account
                 has a UNIX group account equivalent. The Domain groups that should be given UNIX equivalents are
                 <guimenu>Domain Guests</guimenu>, <guimenu>Domain Users</guimenu>, and <guimenu>Domain Admins</guimenu>.
 …
                 <para>
                 If it becomes necessary to change either the server name or the Domain name, be sure to back up the respective
                 SID before the change is made. You can back up the SID using the <command>net getlocalsid</command> (Samba-3)
+                SID before the change is made. You can back up the SID using the <command>net getlocalsid</command> (Samba)
                 or the <command>smbpasswd</command> (Samba-2.2.x). To change the SID, you use the same tool. Be sure
                 to check the man page for this command for detailed instructions regarding the steps involved.
 …
                 <para>
                 Samba-3 implements a Windows NT4-style security domain architecture. This type of Domain cannot
+                Samba implements a Windows NT4-style security domain architecture. This type of Domain cannot
                 be managed using tools present on a Windows XP Professional installation. You may download from the
                 Microsoft Web site the SRVTOOLS.EXE package. Extract it into the directory from which you wish to use
                 it. This package extracts the tools: <command>User Manager for Domains</command>, <command>Server Manager</command>, and <command>Event
                 Viewer</command>. You may use the <guimenu>User Manager for Domains</guimenu> to manage your Samba-3
+                Viewer</command>. You may use the <guimenu>User Manager for Domains</guimenu> to manage your Samba
                 Domain user and group accounts. Of course, you do need to be logged on as the <constant>Administrator</constant>
                 for the Samba-3 Domain. It may help to log on as the <constant>root</constant> account.
+                for the Samba Domain. It may help to log on as the <constant>root</constant> account.
                 </para>

vendor/current/docs-xml/Samba3-ByExample/SBE-UpgradingSamba.xml

-              r414
+              r988
 <!DOCTYPE chapter PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
 <chapter id="upgrades">
 <title>Updating Samba-3</title>
+<title>Updating Samba</title>
 <para>
 …
 <indexterm><primary>smbpasswd</primary></indexterm>
 <indexterm><primary>passdb backend</primary></indexterm>
 There has also been much talk about migration of Samba-3 from an smbpasswd
+There has also been much talk about migration of Samba from an smbpasswd
 passdb backend to the use of the tdbsam or ldapsam facilities that are new
 to Samba-3.
+to Samba.
 </para>
 …
         <indexterm><primary>SAS</primary></indexterm>
         <indexterm><primary>SID</primary></indexterm>
         In Samba-3 on a domain controller (PDC or BDC), the domain name controls the domain
+        In Samba on a domain controller (PDC or BDC), the domain name controls the domain
         SID. On all prior versions the hostname (computer name, or NetBIOS name) controlled
         the SID. On a standalone server the hostname still controls the SID.
 …
         <indexterm><primary>net</primary><secondary>getlocalsid</secondary></indexterm>
         <indexterm><primary>net</primary><secondary>setlocalsid</secondary></indexterm>
         The local machine SID can be backed up using this procedure (Samba-3):
+        The local machine SID can be backed up using this procedure (Samba):
 <screen>
 &rootprompt; net getlocalsid > /etc/samba/my-local-SID
 …
         <para>
         Where the <filename>secrets.tdb</filename> file exists and a version of Samba 2.x or later
         has been used, there is no specific need to go through this update process. Samba-3 has the
+        has been used, there is no specific need to go through this update process. Samba has the
         ability to read the older tdb file and to perform an in-situ update to the latest tdb format.
         This is not a reversible process &smbmdash; it is a one-way upgrade.
 …
 &rootprompt; rpcclient hostname lsaquery -Uroot%password
 </screen>
         This can also be done with Samba-3 by executing:
+        This can also be done with Samba by executing:
 <screen>
 &rootprompt; net rpc info -Uroot%password
 …
         <para>
         <indexterm><primary>compile-time</primary></indexterm>
         Samba-3 provides a neat new way to track the location of all control files as well as to
+        Samba provides a neat new way to track the location of all control files as well as to
         find the compile-time options used as the Samba package was built. Here  is how the dark
         secrets of the internals of the location of control files within Samba executables can
 …
         <indexterm><primary>internationalization</primary></indexterm>
         Samba-2.x had no support for Unicode; instead, all national language character-set support in file names
         was done using particular locale codepage mapping techniques. Samba-3 supports Unicode in file names, thus
+        was done using particular locale codepage mapping techniques. Samba supports Unicode in file names, thus
         providing true internationalization support.
         </para>
 …
         <para>
         <indexterm><primary>UTF-8</primary></indexterm>
         Files that are created with Samba-3 will use UTF-8 encoding. Should the file system ever end up with a
+        Files that are created with Samba will use UTF-8 encoding. Should the file system ever end up with a
         mix of codepage (unix charset)-encoded file names and UTF-8-encoded file names, the mess will take some
         effort to set straight.
 …
         <para>
         <indexterm><primary>parameters</primary></indexterm>
         The following parameters are new to Samba-3 and should be correctly configured.
+        The following parameters are new to Samba and should be correctly configured.
         Please refer to <link linkend="secure"/> through <link linkend="net2000users"/>
         in this book for examples of use of the new parameters shown here:
 …
         <indexterm><primary>add user script</primary></indexterm>
         The <parameter>add machine script</parameter> functionality was previously
         handled by the <parameter>add user script</parameter>, which in Samba-3 is
+        handled by the <parameter>add user script</parameter>, which in Samba is
         used exclusively to add user accounts.
         </para>
 …
         Samba version 2.x could be compiled for use either with or without LDAP.
         The LDAP control settings in the &smb.conf; file in this old version are
         completely different (and less complete) than they are with Samba-3. This
+        completely different (and less complete) than they are with Samba. This
         means that after migrating the control files, it is necessary to reconfigure
         the LDAP settings entirely.
 …
   * ldapsam - attribute rich account storage and retrieval
     backend utilizing an LDAP directory.
-  * ldapsam_compat - a 2.2 backward compatible LDAP account
-    backend
 Certain functions of the smbpasswd(8) tool have been split between the
 new smbpasswd(8) utility, the net(8) tool, and the new pdbedit(8)
 utility.  See the respective man pages for details.
-######################################################################
-LDAP
-####
-This section outlines the new features affecting Samba / LDAP
-integration.
-New Schema
-----------
-A new object class (sambaSamAccount) has been introduced to replace
-the old sambaAccount.  This change aids us in the renaming of
-attributes to prevent clashes with attributes from other vendors.
-There is a conversion script (examples/LDAP/convertSambaAccount) to
-modify and LDIF file to the new schema.
-Example:
-  $ ldapsearch .... -b "ou=people,dc=..." &gt; sambaAcct.ldif
-  $ convertSambaAccount --sid=&lt;Domain SID&gt; \
-    --input=sambaAcct.ldif --output=sambaSamAcct.ldif \
-    --changetype=[modify|add]
-The &lt;DOM SID&gt; can be obtained by running 'net getlocalsid
-&lt;DOMAINNAME&gt;' on the Samba PDC as root.  The changetype determines
-the format of the generated LDIF output--either create new entries
-or modify existing entries.
-The old sambaAccount schema may still be used by specifying the
-"ldapsam_compat" passdb backend.  However, the sambaAccount and
-associated attributes have been moved to the historical section of
-the schema file and must be uncommented before use if needed.
-The 2.2 object class declaration for a sambaAccount has not changed
-in the 3.0 samba.schema file.
-Other new object classes and their uses include:
-  * sambaDomain - domain information used to allocate rids
-    for users and groups as necessary.  The attributes are added
-    in 'ldap suffix' directory entry automatically if
-    an idmap uid/gid range has been set and the 'ldapsam'
-    passdb backend has been selected.
-  * sambaGroupMapping - an object representing the
-    relationship between a posixGroup and a Windows
-    group/SID.  These entries are stored in the 'ldap
-    group suffix' and managed by the 'net groupmap' command.
-  * sambaUnixIdPool - created in the 'ldap idmap suffix' entry
-    automatically and contains the next available 'idmap uid' and
-    'idmap gid'
-  * sambaIdmapEntry - object storing a mapping between a
-    SID and a UNIX uid/gid.  These objects are created by the
-    idmap_ldap module as needed.
-  * sambaSidEntry - object representing a SID alone, as a Structural
-    class on which to build the sambaIdmapEntry.
 New Suffix for Searching
 …
         <sect2>
         <title>Samba-3 to Samba-3 Updates on the Same Server</title>
+        <title>Samba to Samba-3 Updates on the Same Server</title>
         <para>
         The guidance in this section deals with updates to an existing
         Samba-3 server installation.
+        Samba server installation.
         </para>
 …
         <para>
         With the provision that the binary Samba-3 package has been built
         with the same path and feature settings as the existing Samba-3
         package that is being updated, an update of Samba-3 versions 3.0.0
+        With the provision that the binary Samba package has been built
+        with the same path and feature settings as the existing Samba
+        package that is being updated, an update of Samba versions 3.0.0
         through 3.0.4 can be updated to 3.0.5 without loss of functionality
         and without need to change either the &smb.conf; file or, where
 …
         <indexterm><primary>schema</primary></indexterm>
         <indexterm><primary>LDAP</primary><secondary>schema</secondary></indexterm>
         When updating versions of Samba-3 prior to 3.0.6 to 3.0.6 through 3.0.10,
+        When updating versions of Samba prior to 3.0.6 to 3.0.6 through 3.0.10,
         it is necessary only to update the LDAP schema (where LDAP is used).
         Always use the LDAP schema file that is shipped with the latest Samba-3
+        Always use the LDAP schema file that is shipped with the latest Samba
         update.
         </para>
 …
         <sect2>
         <title>Migrating Samba-3 to a New Server</title>
+        <title>Migrating Samba to a New Server</title>
         <para>

vendor/current/docs-xml/Samba3-ByExample/SBE-preface.xml

-              r414
+              r988
         This book is your means to the straight path. It provides step-by-step,
         proven, working examples of Samba deployments.  If you want to deploy
         Samba-3 with the least effort, or if you want to become an expert at deploying
         Samba-3 without having to search through lots of documentation, this
+        Samba with the least effort, or if you want to become an expert at deploying
+        Samba without having to search through lots of documentation, this
         book is the ticket to your destination.
         </para>
 …
         <para>
         The focus of attention in this book is Samba-3. Specific notes are made in
+        The focus of attention in this book is Samba. Specific notes are made in
         respect of how Samba may be made secure. This book does not attempt to provide
         detailed information regarding secure operation and configuration of peripheral
 …
         All example case configuration files, scripts, and other tools are provided
         on the CD-ROM. This book is descriptive, provides detailed diagrams, and
         makes deployment of Samba-3 a breeze.
+        makes deployment of Samba a breeze.
         </para>
 …
         necessitate this documentation update. This update has the specific intent to
         refocus this book so that its guidance can be followed for samba-3.0.20
         and beyond. Further changes are expected as Samba-3 matures further and will
+        and beyond. Further changes are expected as Samba matures further and will
         be reflected in future updates.
         </para>
 …
                 </para>
                 <para><emphasis>TechInfo</emphasis> &smbmdash; Slave LDAP servers are introduced. Samba is
                 configured to use multiple LDAP backends. This is a brief chapter; it assumes that the
+                <para><emphasis>TechInfo</emphasis> &smbmdash; Slave
+                LDAP servers are introduced. This is a brief chapter; it assumes that the
                 technology has been mastered and gets right down to concepts and how to deploy them.
                 </para>
 …
                 <varlistentry>
                 <term>Chapter 8 &smbmdash; Updating Samba-3.</term><listitem>
+                <term>Chapter 8 &smbmdash; Updating Samba.</term><listitem>
                 <para>
                 This chapter is the result of repeated requests for better documentation of the steps
 …
                 <varlistentry>
                 <term>Chapter 9 &smbmdash; Migrating NT4 Domain to Samba-3.</term><listitem>
+                <term>Chapter 9 &smbmdash; Migrating NT4 Domain to Samba.</term><listitem>
                 <para>
                 Another six months have passed. Abmas has acquired yet another company. You will find a
 …
                 <para>
                 Misty Stanley-Jones has contributed information that summarizes her experience at migration
                 from a NetWare server to Samba-3.
+                from a NetWare server to Samba.
                 </para>
 …
                 <term>Chapter 12 &smbmdash; Integrating Additional Services.</term><listitem>
                 <para>
                 The battle is almost over, Samba-3 has won the day. Your team are delighted and now you
+                The battle is almost over, Samba has won the day. Your team are delighted and now you
                 find yourself at yet another cross-roads. Abmas have acquired a snack food business, you
                 made promises you must keep. IT costs must be reduced, you have new resistance, but you
 …
                 <para><emphasis>TechInfo</emphasis> &smbmdash; Samba provides the <command>ntlm_auth</command>
                 module that makes it possible for MS Windows Internet Explorer to connect via the Squid Web
                 and FTP proxy server. You will configure Samba-3 as well as Squid to deliver authenticated
+                and FTP proxy server. You will configure Samba as well as Squid to deliver authenticated
                 access control using the Active Directory Domain user security credentials.
                 </para>

vendor/current/docs-xml/Samba3-ByExample/index.xml

-              r414
+              r988
 Samba Domain Member Servers and Samba Domain Member Clients to a Samba domain, the other
 subject is that of how to migrate from and NT4 Domain, a NetWare server, or from an earlier
 Samba version to environments that use the most recent Samba-3 release.
+Samba version to environments that use the most recent Samba release.
 </para>
 …
         <?latex \cleardoublepage ?>
-        <xi:include href="SBE-KerberosFastStart.xml"/>
-        <?latex \cleardoublepage ?>
         <xi:include href="SBE-DomainAppsSupport.xml"/>
         <?latex \cleardoublepage ?>

Context Navigation

Legend:

vendor/current/docs-xml/Samba3-ByExample/SBE-2000UserNetwork.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-500UserNetwork.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-AddingUNIXClients.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-Appendix1.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-Appendix2.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-DomainAppsSupport.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-HighAvailability.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-MakingHappyUsers.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-MigrateNT4Samba3.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-MigrateNW4Samba3.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-SecureOfficeServer.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-SimpleOfficeServer.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-Support.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-TheSmallOffice.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-UpgradingSamba.xml

vendor/current/docs-xml/Samba3-ByExample/SBE-preface.xml

vendor/current/docs-xml/Samba3-ByExample/index.xml

Download in other formats: