Praise for Samba-3 by Example “Samba-3 by Example provides useful, thoroughly documented explanations for all aspects of a Samba deployment They’re the same kind of patient answers I got when my dad taught me how to ride a bike without training wheels Now, if only dad knew active Directory ” —Will Enestvedt, UNIX System Administrator, Johnson & Wales University “When my colleague and I were first reading John Terpstra’s Samba-3 by Example, we were impressed by how easy it was to find the chapter we wanted to implement, and the ease of following his step-by-step approach We always felt Terpstra was there with us, for every configuration line It was like having our own personal tutor I always take his book to every client that uses Samba Additionally, Terpstra does something most authors don’t, he keeps his documentation up to date When we were doing our first implementation, he just released the update that morning; we downloaded it, printed it, and implemented it Now, to me, that is cuttingedge technology at its best.” —Steven C Henry “A cook learns to follow a recipe until he has mastered the art This is your cookbook to successful Windows networks I followed this recipe to migrate our NT4 domain to Samba-3, and the recipe just worked great I could not have completed this project without the Samba-3 by Example book—it brings dry, lifeless man-pages down to the reality IT support people face.” —Geoff Scott, IT Systems Administrator, Guests Furniture Hire Pty Ltd “I used the book Samba-3 by Example to get started at 8:30 last night I finished my complete PDC and it was up and running in six hours with Windows 2000 and XP Pro clients ready for work in the morning That’s from someone who is brand new to Linux This book is awesome!” —Jesse Knudsen, Windows Systems Administrator Samba-3 by Example Second Edition perens_series_7x9.25.fm Page Tuesday, March 29, 2005 4:29 PM BRUCE PERENS’ OPEN SOURCE SERIES http://www.phptr.com/perens ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ ◆ Java™ Application Development on Linux® Carl Albing and Michael Schwarz C++ GUI Programming with Qt Jasmin Blanchette and Mark Summerfield Managing Linux Systems with Webmin: System Administration and Module Development Jamie Cameron The Linux Book David Elboth Understanding the Linux Virtual Memory Manager Mel Gorman PHP Power Programming Andi Gutmans, Stig Bakken, and Derick Rethans Linux® Quick Fix Notebook Peter Harrison Linux Desk Reference, Second Edition Scott Hawkins Implementing CIFS: The Common Internet File System Christopher Hertel Open Source Security Tools: A Practical Guide to Security Applications Tony Howlett Apache Jakarta CommonsReusable Java™ Components Will Iverson Embedded Software Development with eCos Anthony Massa Rapid Application Development with Mozilla Nigel McFarlane Subversion Version Control: Using the Subversion Version Control System in Development Projects William Nagel Linux Assembly Language Programming Bob Neveln Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID Rafeeq Ur Rehman Cross-Platform GUI Programming with wxWidgets Julian Smart and Kevin Hock with Stefan Csomor Samba-3 by Example: Practical Exercises to Successful Deployment John H Terpstra The Official Samba-3 HOWTO and Reference Guide John H Terpstra and Jelmer R Vernooij, Editors Real World Linux Security, Second Edition Bob Toxen Samba-3 by Example Practical Exercises to Successful Deployment Second Edition John H Terpstra Prentice Hall Professional Technical Reference Upper Saddle River, NJ • Boston • Indianapolis • San Francisco New York • Toronto • Montreal • London • Munich • Paris • Madrid Capetown • Sydney • Tokyo • Singapore • Mexico City Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals The author and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales, which may include electronic versions and/or custom covers and content particular to your business, training goals, marketing focus, and branding interests For more information, please contact: U.S Corporate and Government Sales (800) 382-3419 corpsales@pearsontechgroup.com For sales outside the U.S., please contact: International Sales international@pearsoned.com Visit us on the Web: www.phptr.com Library of Congress Control Number: 2005928103 Copyright © 2006 John H Terpstra This material may be distributed only subject to the terms and conditions set forth in the Open Publication License, v1.0 or later (the latest version is presently available at https://www.opencontent.org/openpub/) Printed in the United States of America ISBN 0-13-188221-X Text printed in the United States on recycled paper at Courier in Stoughton, Massachusetts First printing, August 2005 ABOUT THE COVER ARTWORK The cover artwork of this book continues the freedom theme of the first edition of “Samba-3 by Example.” The history of civilization demonstrates the fragile nature of freedom It can be lost in a moment, and once lost, the cost of recovering liberty can be incredible The previous edition cover featured Alfred the Great who liberated England from the constant assault of Vikings and Norsemen Events in England that finally liberated the common people came about in small steps, but the result should not be under-estimated Today, as always, freedom and liberty are seldom appreciated until they are lost If we can not quantify what is the value of freedom, we shall be little motivated to protect it Samba-3 by Example Cover Artwork: The British houses of parliament are a symbol of the Westminster system of government This form of government permits the people to govern themselves at the lowest level, yet it provides for courts of appeal that are designed to protect freedom and to hold back all forces of tyranny The clock is a pertinent symbol of the importance of time and place The information technology industry is being challenged by the imposition of new laws, hostile litigation, and the imposition of significant constraint of practice that threatens to remove the freedom to develop and deploy open source software solutions Samba is a software solution that epitomizes freedom of choice in network interoperability for Microsoft Windows clients I hope you will take the time needed to deploy it well, and that you may realize the greatest benefits that may be obtained You are free to use it in ways never considered, but in doing so there may be some obstacles Every obstacle that is overcome adds to the freedom you can enjoy Use Samba well, and it will serve you well vii ACKNOWLEDGMENTS Samba-3 by Example would not have been written except as a result of feedback provided by reviewers and readers of the book The Official Samba-3 HOWTO and Reference Guide This second edition was made possible by generous feedback from Samba users I hope this book more than answers the challenge and needs of many more networks that are languishing for a better networking solution I am deeply indebted to a large group of diligent people Space prevents me from listing all of them, but a few stand out as worthy of mention Jelmer Vernooij made the notable contribution of building the XML production environment and thereby made possible the typesetting of this book Samba would not have come into existence if Andrew Tridgell had not taken the first steps He continues to lead the project Under the shadow of his mantle are some great folks who never give up and are always ready to help Thank you to: Jeremy Allison, Jerry Carter, Andrew Bartlett, Jelmer Vernooij, Alexander Bokovoy, Volker Lendecke, and other team members who answered my continuous stream of questions — all of which resulted in improved content in this book My heartfelt thanks go out also to a small set of reviewers (alphabetically listed) who gave substantial feedback and significant suggestions for improvement: Tony Earnshaw, William Enestvedt, Eric Hines, Roland Gruber, Gavin Henry, Steven Henry, Luke Howard, Tarjei Huse, Jon Johnston, Alan Munter, Mike MacIsaac, Scott Mann, Ed Riddle, Geoff Scott, Santos Soler, Misty Stanley-Jones, Mark Taylor, and J´erˆome Tournier My appreciation is extended to a team of more than 30 additional reviewers who helped me to find my way around dark corners Particular mention is due to Lyndell, Amos, and Melissa who gave me the latitude necessary to spend nearly an entire year writing Samba documentation, and then gave more so this second edition could be created viii CONTENTS LIST OF EXAMPLES LIST OF FIGURES LIST OF TABLES FOREWORD PREFACE Part I xvii xxi xxiii xxv xxvii Example Network Configurations EXAMPLE NETWORK CONFIGURATIONS Chapter NO-FRILLS SAMBA SERVERS 1.1 Introduction 1.2 Assignment Tasks 1.2.1 Drafting Office 1.2.1.1 Dissection and Discussion 1.2.1.2 Implementation 1.2.1.3 Validation 1.2.2 Charity Administration Office 1.2.2.1 Dissection and Discussion 1.2.2.2 Implementation 1.2.2.3 Validation 1.2.3 Accounting Office 1.2.3.1 Dissection and Discussion 1.2.3.2 Implementation 1.3 Questions and Answers 3 4 15 15 16 16 20 Chapter SMALL OFFICE NETWORKING 2.1 Introduction 2.1.1 Assignment Tasks 2.2 Dissection and Discussion 2.2.1 Technical Issues 2.2.2 Political Issues 25 26 26 26 27 28 ix x Contents 2.3 2.4 Implementation 2.3.1 Validation 2.3.2 Notebook Computers: A Special Case 2.3.3 Key Points Learned Questions and Answers 28 33 37 37 37 Chapter SECURE OFFICE NETWORKING 3.1 Introduction 3.1.1 Assignment Tasks 3.2 Dissection and Discussion 3.2.1 Technical Issues 3.2.1.1 Hardware Requirements 3.2.2 Political Issues 3.3 Implementation 3.3.1 Basic System Configuration 3.3.2 Samba Configuration 3.3.3 Configuration of DHCP and DNS Servers 3.3.4 Printer Configuration 3.3.5 Process Startup Configuration 3.3.6 Validation 3.3.7 Application Share Configuration 3.3.7.1 Comments Regarding Software Terms of Use 3.3.8 Windows Client Configuration 3.3.9 Key Points Learned 3.4 Questions and Answers 43 43 44 45 46 47 48 49 51 53 56 58 59 60 67 68 69 71 71 Chapter THE 500-USER OFFICE 4.1 Introduction 4.1.1 Assignment Tasks 4.2 Dissection and Discussion 4.2.1 Technical Issues 4.2.2 Political Issues 4.3 Implementation 4.3.1 Installation of DHCP, DNS, and Samba Control Files 4.3.2 Server Preparation: All Servers 4.3.3 Server-Specific Preparation 4.3.3.1 Configuration for Server: MASSIVE 4.3.3.2 Configuration Specific to Domain Member Servers: BLDG1, BLDG2 4.3.4 Process Startup Configuration 4.3.5 Windows Client Configuration 4.3.6 Key Points Learned 4.4 Questions and Answers 85 86 86 87 87 88 89 89 89 93 93 96 97 99 104 105 Chapter MAKING HAPPY USERS 5.1 Regarding LDAP Directories and Windows Computer Accounts 5.2 Introduction 115 117 118 safari_7x9.25 4/17/03 4:08 PM Page Wouldn’t it be great if the world’s leading technical publishers joined forces to deliver their best tech books in a common digital reference platform? They have Introducing InformIT Online Books powered by Safari Specific answers to specific questions InformIT Online Books’ powerful search engine gives you relevance-ranked results in a matter of seconds ■ Immediate results With InformIT Online Books, you can select the book you want and view the chapter or section you need immediately Cut, paste and annotate Paste code to save time and eliminate typographical errors Make notes on the material you find useful and choose whether or not to share them with your work group ■ Customized for your enterprise Customize a library for you, your department or your entire organization You only pay for what you need Get your first 14 days FREE! For a limited time, InformIT Online Books is offering its members a 10 book subscription risk-free for 14 days Visit http://www.informit.com/onlinebooks for details Online Books ■ informit.com/onlinebooks ■ IITad_7x9.25 4/17/03 3:49 PM Page www.informit.com YOUR GUIDE TO IT REFERENCE Articles Keep your edge with thousands of free articles, indepth features, interviews, and IT reference recommendations – all written by experts you know and trust Online Books Answers in an instant from InformIT Online Book’s 600+ fully searchable on line books For a limited time, you can get your first 14 days free Catalog Review online sample chapters, author biographies and customer rankings and choose exactly the right book from a selection of over 5,000 titles PHPTR_Online_7x9_25.qxd 11/23/04 2:12 PM Page CD_warranty_page_PHPTR.fm Page Thursday, July 14, 2005 12:36 AM CD-ROM Warranty Prentice Hall PTR warrants the enclosed CD-ROM to be free of defects in materials and faulty workmanship under normal use for a period of ninety days after purchase (when purchased new) If a defect is discovered in the CD-ROM during this warranty period, a replacement CD-ROM can be obtained at no charge by sending the defective CD-ROM, postage prepaid, with proof of purchase to: Disc Exchange Prentice Hall PTR Pearson Technology Group 75 Arlington Street, Suite 300 Boston, MA 02116 Email: AWPro@aw.com Prentice Hall PTR makes no warranty or representation, either expressed or implied, with respect to this software, its quality, performance, merchantability, or fitness for a particular purpose In no event will Prentice Hall PTR, its distributors, or dealers be liable for direct, indirect, special, incidental, or consequential damages arising out of the use or inability to use the software The exclusion of implied warranties is not permitted in some states Therefore, the above exclusion may not apply to you This warranty provides you with specific legal rights There may be other rights that you may have that vary from state to state The contents of this CD-ROM are intended for personal use only More information and updates are available at: http://www.phptr.com/ ... second edition John Terpstra has worked with government bodies and with large organizations that have deployed Samba-3 since it was released He also worked to ensure that this book gained community... as you are mastering its deployment I am proud and excited to be associated in a small way with such a useful tool This book has reached maturity that is demonstrated by reiteration that every... systems, and that you can use a basic system editor to edit and configure files It has been written with the assumption that you have experience with Samba, have read The Official Samba-3 HOWTO and