summaryrefslogtreecommitdiff
path: root/docs/htmldocs/StandAloneServer.html
diff options
context:
space:
mode:
Diffstat (limited to 'docs/htmldocs/StandAloneServer.html')
-rw-r--r--docs/htmldocs/StandAloneServer.html76
1 files changed, 22 insertions, 54 deletions
diff --git a/docs/htmldocs/StandAloneServer.html b/docs/htmldocs/StandAloneServer.html
index 272df7a27b5..f85fdfe3fce 100644
--- a/docs/htmldocs/StandAloneServer.html
+++ b/docs/htmldocs/StandAloneServer.html
@@ -1,10 +1,9 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 8. Stand-Alone Servers</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.60.1"><link rel="home" href="index.html" title="SAMBA Project Documentation"><link rel="up" href="type.html" title="Part II. Server Configuration Basics"><link rel="previous" href="domain-member.html" title="Chapter 7. Domain Membership"><link rel="next" href="ClientConfig.html" title="Chapter 9. MS Windows Network Configuration Guide"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 8. Stand-Alone Servers</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="domain-member.html">Prev</a> </td><th width="60%" align="center">Part II. Server Configuration Basics</th><td width="20%" align="right"> <a accesskey="n" href="ClientConfig.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="StandAloneServer"></a>Chapter 8. Stand-Alone Servers</h2></div><div><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="othername">H.</span> <span class="surname">Terpstra</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><tt class="email">&lt;<a href="mailto:jht@samba.org">jht@samba.org</a>&gt;</tt></p></div></div></div></div></div><div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><a href="StandAloneServer.html#id2901965">Features and Benefits</a></dt><dt><a href="StandAloneServer.html#id2902003">Background</a></dt><dt><a href="StandAloneServer.html#id2902071">Example Configuration</a></dt><dd><dl><dt><a href="StandAloneServer.html#id2900673">Reference Documentation Server</a></dt><dt><a href="StandAloneServer.html#id2900721">Central Print Serving</a></dt></dl></dd><dt><a href="StandAloneServer.html#id2900933">Common Errors</a></dt></dl></div><p>
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 8. Stand-Alone Servers</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.60.1"><link rel="home" href="samba-doc.html" title="SAMBA Project Documentation"><link rel="up" href="type.html" title="Part II. Server Configuration Basics"><link rel="previous" href="domain-member.html" title="Chapter 7. Domain Membership"><link rel="next" href="ClientConfig.html" title="Chapter 9. MS Windows Network Configuration Guide"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 8. Stand-Alone Servers</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="domain-member.html">Prev</a> </td><th width="60%" align="center">Part II. Server Configuration Basics</th><td width="20%" align="right"> <a accesskey="n" href="ClientConfig.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="StandAloneServer"></a>Chapter 8. Stand-Alone Servers</h2></div><div><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="othername">H.</span> <span class="surname">Terpstra</span></h3><div class="affiliation"><span class="orgname">Samba Team<br></span><div class="address"><p><tt class="email">&lt;<a href="mailto:jht@samba.org">jht@samba.org</a>&gt;</tt></p></div></div></div></div></div><div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><a href="StandAloneServer.html#id2893079">Features and Benefits</a></dt><dt><a href="StandAloneServer.html#id2893117">Background</a></dt><dt><a href="StandAloneServer.html#id2893191">Example Configuration</a></dt><dd><dl><dt><a href="StandAloneServer.html#RefDocServer">Reference Documentation Server</a></dt><dt><a href="StandAloneServer.html#SimplePrintServer">Central Print Serving</a></dt></dl></dd><dt><a href="StandAloneServer.html#id2893714">Common Errors</a></dt></dl></div><p>
Stand-Alone servers are independent of Domain Controllers on the network.
They are NOT domain members and function more like workgroup servers. In many
cases a stand-alone server is configured with a minimum of security control
with the intent that all data served will be readily accessible to all users.
-</p><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2901965"></a>Features and Benefits</h2></div></div><div></div></div><p>
+</p><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2893079"></a>Features and Benefits</h2></div></div><div></div></div><p>
Stand-Alone servers can be as secure or as insecure as needs dictate. They can
have simple or complex configurations. Above all, despite the hoopla about
Domain security they remain a very common installation.
@@ -21,7 +20,7 @@ that are queued off a single central server. Everyone needs to be able to print
to the printers, there is no need to affect any access controls and no files will
be served from the print server. Again a share mode stand-alone server makes
a great solution.
-</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2902003"></a>Background</h2></div></div><div></div></div><p>
+</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2893117"></a>Background</h2></div></div><div></div></div><p>
The term <span class="emphasis"><em>stand-alone server</em></span> means that the server
will provide local authentication and access control for all resources
that are available from it. In general this means that there will be a
@@ -43,50 +42,37 @@ local or on a remote server, even if from the Samba protocol perspective
the Samba server is NOT a member of a domain security context.
</p><p>
Through the use of PAM (Pluggable Authentication Modules) and nsswitch
-(the name service switcher) the source of authentication may reside on
+(the name service switcher, which maintains the unix user database) the source of authentication may reside on
another server. We would be inclined to call this the authentication server.
-This means that the Samba server may use the local Unix/Linux system password database
+This means that the Samba server may use the local UNIX/Linux system password database
(<tt class="filename">/etc/passwd</tt> or <tt class="filename">/etc/shadow</tt>), may use a
local smbpasswd file, or may use
an LDAP back end, or even via PAM and Winbind another CIFS/SMB server
for authentication.
-</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2902071"></a>Example Configuration</h2></div></div><div></div></div><p>
+</p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2893191"></a>Example Configuration</h2></div></div><div></div></div><p>
The following examples are designed to inspire simplicity. It is too easy to
attempt a high level of creativity and to introduce too much complexity in
server and network design.
-</p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2900673"></a>Reference Documentation Server</h3></div></div><div></div></div><p>
+</p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="RefDocServer"></a>Reference Documentation Server</h3></div></div><div></div></div><p>
Configuration of a read-only data server that EVERYONE can access is very simple.
Here is the smb.conf file that will do this. Assume that all the reference documents
are stored in the directory /export, that the documents are owned by a user other than
nobody. No home directories are shared, that are no users in the <tt class="filename">/etc/passwd</tt>
-Unix system database. This is a very simple system to administer.
-</p><pre class="programlisting">
- # Global parameters
- [global]
- workgroup = MYGROUP
- netbios name = REFDOCS
- security = SHARE
- passdb backend = guest
- wins server = 192.168.1.1
-
- [data]
- comment = Data
- path = /export
- guest only = Yes
-</pre><p>
+UNIX system database. This is a very simple system to administer.
+</p><div class="example"><a name="id2893237"></a><p class="title"><b>Example 8.1. smb.conf for Reference Documentation Server</b></p><table class="simplelist" border="0" summary="Simple list"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><i class="parameter"><tt>[global]</tt></i></td></tr><tr><td><i class="parameter"><tt>workgroup = MIDEARTH</tt></i></td></tr><tr><td><i class="parameter"><tt>netbios name = GANDALF</tt></i></td></tr><tr><td><i class="parameter"><tt>security = SHARE</tt></i></td></tr><tr><td><i class="parameter"><tt>passdb backend = guest</tt></i></td></tr><tr><td><i class="parameter"><tt>wins server = 192.168.1.1</tt></i></td></tr><tr><td> </td></tr><tr><td><i class="parameter"><tt>[data]</tt></i></td></tr><tr><td><i class="parameter"><tt>comment = Data</tt></i></td></tr><tr><td><i class="parameter"><tt>path = /export</tt></i></td></tr><tr><td><i class="parameter"><tt>guest only = Yes</tt></i></td></tr></table></div><p>
In the above example the machine name is set to REFDOCS, the workgroup is set to the name
of the local workgroup so that the machine will appear in with systems users are familiar
with. The only password backend required is the &quot;guest&quot; backend so as to allow default
unprivileged account names to be used. Given that there is a WINS server on this network
we do use it.
-</p></div><div xmlns:ns13="" class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2900721"></a>Central Print Serving</h3></div></div><div></div></div><p>
+</p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="SimplePrintServer"></a>Central Print Serving</h3></div></div><div></div></div><p>
Configuration of a simple print server is very simple if you have all the right tools
on your system.
</p><div class="orderedlist"><p class="title"><b> Assumptions:</b></p><ol type="1"><li><p>
The print server must require no administration
</p></li><li><p>
The print spooling and processing system on our print server will be CUPS.
- (Please refer to the <a href="CUPS-printing.html" title="Chapter 19. CUPS Printing Support in Samba 3.0">CUPS Printing</a> chapter for more information).
+ (Please refer to <a href="CUPS-printing.html" title="Chapter 19. CUPS Printing Support in Samba 3.0">the chapter about CUPS</a> for more information).
</p></li><li><p>
All printers that the print server will service will be network
printers. They will be correctly configured, by the administrator,
@@ -99,46 +85,28 @@ In this example our print server will spool all incoming print jobs to
<tt class="filename">/var/spool/samba</tt> until the job is ready to be submitted by
Samba to the CUPS print processor. Since all incoming connections will be as
the anonymous (guest) user, two things will be required:
-</p><div class="itemizedlist"><p class="title"><b>Enabling Anonymous Printing</b></p><ul type="disc"><li xmlns:ns11=""><ns11:p>
- The Unix/Linux system must have a <b class="command">guest</b> account.
+</p><div class="itemizedlist"><p class="title"><b>Enabling Anonymous Printing</b></p><ul type="disc"><li><p>
+ The UNIX/Linux system must have a <b class="command">guest</b> account.
The default for this is usually the account <b class="command">nobody</b>.
To find the correct name to use for your version of Samba do the
following:
- </ns11:p><pre class="screen">
+</p><pre class="screen">
<tt class="prompt">$ </tt><b class="userinput"><tt>testparm -s -v | grep &quot;guest account&quot;</tt></b>
- </pre><ns11:p>
+</pre><p>
Then make sure that this account exists in your system password
database (<tt class="filename">/etc/passwd</tt>).
- </ns11:p></li><li xmlns:ns12=""><ns12:p>
+ </p></li><li><p>
The directory into which Samba will spool the file must have write
access for the guest account. The following commands will ensure that
this directory is available for use:
- </ns12:p><pre class="screen">
+</p><pre class="screen">
<tt class="prompt">root# </tt><b class="userinput"><tt>mkdir /var/spool/samba</tt></b>
<tt class="prompt">root# </tt><b class="userinput"><tt>chown nobody.nobody /var/spool/samba</tt></b>
<tt class="prompt">root# </tt><b class="userinput"><tt>chmod a+rwt /var/spool/samba</tt></b>
- </pre><ns12:p>
- </ns12:p></li></ul></div><ns13:p>
-</ns13:p><pre class="programlisting">
- # Global parameters
- [global]
- workgroup = MYGROUP
- netbios name = PTRSVR1
- security = SHARE
- passdb backend = guest
- wins server = 192.168.1.1
-
- [printers]
- comment = All Printers
- path = /var/spool/samba
- printer admin = root
- guest ok = Yes
- printable = Yes
- printing = cups
- use client driver = Yes
- browseable = No
-</pre><ns13:p>
-</ns13:p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2900933"></a>Common Errors</h2></div></div><div></div></div><p>
+</pre><p>
+ </p></li></ul></div><p>
+ </p><div class="example"><a name="id2893557"></a><p class="title"><b>Example 8.2. smb.conf for anonymous printing</b></p><table class="simplelist" border="0" summary="Simple list"><tr><td># Global parameters</td></tr><tr><td> </td></tr><tr><td><i class="parameter"><tt>[global]</tt></i></td></tr><tr><td><i class="parameter"><tt>workgroup = MIDEARTH</tt></i></td></tr><tr><td><i class="parameter"><tt>netbios name = GANDALF</tt></i></td></tr><tr><td><i class="parameter"><tt>security = SHARE</tt></i></td></tr><tr><td><i class="parameter"><tt>passdb backend = guest</tt></i></td></tr><tr><td><i class="parameter"><tt>wins server = noldor</tt></i></td></tr><tr><td><i class="parameter"><tt>printing = cups</tt></i></td></tr><tr><td><i class="parameter"><tt>printcap name = cups</tt></i></td></tr><tr><td> </td></tr><tr><td><i class="parameter"><tt>[printers]</tt></i></td></tr><tr><td><i class="parameter"><tt>comment = All Printers</tt></i></td></tr><tr><td><i class="parameter"><tt>path = /var/spool/samba</tt></i></td></tr><tr><td><i class="parameter"><tt>printer admin = root</tt></i></td></tr><tr><td><i class="parameter"><tt>guest ok = Yes</tt></i></td></tr><tr><td><i class="parameter"><tt>printable = Yes</tt></i></td></tr><tr><td><i class="parameter"><tt>use client driver = Yes</tt></i></td></tr><tr><td><i class="parameter"><tt>browseable = No</tt></i></td></tr></table></div><p>
+</p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2893714"></a>Common Errors</h2></div></div><div></div></div><p>
The greatest mistake so often made is to make a network configuration too complex.
It pays to use the simplest solution that will meet the needs of the moment.
-</p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="domain-member.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="type.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="ClientConfig.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 7. Domain Membership </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 9. MS Windows Network Configuration Guide</td></tr></table></div></body></html>
+</p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="domain-member.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="type.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="ClientConfig.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 7. Domain Membership </td><td width="20%" align="center"><a accesskey="h" href="samba-doc.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 9. MS Windows Network Configuration Guide</td></tr></table></div></body></html>
View Lorry Controller Status