summaryrefslogtreecommitdiffstats
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/INSTALL.txt338
-rw-r--r--docs/MIRRORS33
-rw-r--r--docs/OS2.txt57
-rw-r--r--docs/README.OS281
-rw-r--r--docs/THANKS22
-rw-r--r--docs/Warp.txt99
-rw-r--r--docs/announce30
-rw-r--r--docs/manpages/nmbd.8420
-rw-r--r--docs/manpages/samba.760
-rw-r--r--docs/manpages/smb.conf.5452
-rw-r--r--docs/manpages/smbclient.1262
-rw-r--r--docs/manpages/smbd.8116
-rw-r--r--docs/manpages/smbrun.126
-rw-r--r--docs/manpages/smbstatus.149
-rw-r--r--docs/manpages/smbtar.199
-rw-r--r--docs/manpages/testparm.127
-rw-r--r--docs/manpages/testprns.137
-rw-r--r--docs/samba.faq770
-rw-r--r--docs/samba.lsm8
-rw-r--r--docs/textdocs/BROWSING.txt69
-rw-r--r--docs/textdocs/BUGS.txt17
-rw-r--r--docs/textdocs/DIAGNOSIS.txt45
-rw-r--r--docs/textdocs/DOMAIN.txt5
-rw-r--r--docs/textdocs/DOMAIN_CONTROL.txt61
-rw-r--r--docs/textdocs/ENCRYPTION.txt56
-rw-r--r--docs/textdocs/Faxing.txt160
-rw-r--r--docs/textdocs/GOTCHAS.txt22
-rw-r--r--docs/textdocs/HINTS.txt2
-rw-r--r--docs/textdocs/PROJECTS39
-rw-r--r--docs/textdocs/Printing.txt86
-rw-r--r--docs/textdocs/README.jis31
-rw-r--r--docs/textdocs/Speed.txt32
-rw-r--r--docs/textdocs/Support.txt179
-rw-r--r--docs/textdocs/Tracing.txt86
-rw-r--r--docs/textdocs/UNIX-SMB.txt3
-rw-r--r--docs/textdocs/security_level.txt79
36 files changed, 2997 insertions, 961 deletions
diff --git a/docs/INSTALL.txt b/docs/INSTALL.txt
new file mode 100644
index 00000000000..68887555251
--- /dev/null
+++ b/docs/INSTALL.txt
@@ -0,0 +1,338 @@
+HOW TO INSTALL AND TEST SAMBA
+=============================
+
+
+STEP 0. Read the man pages. They contain lots of useful info that will
+help to get you started. If you don't know how to read man pages then
+try something like:
+
+ nroff -man smbd.8 | more
+
+Unfortunately, having said this, the man pages are sadly out of date and
+really need more effort to maintain them. Other sources of information
+are pointed to by the Samba web site, http://samba.canberra.edu.au/pub/samba.
+
+STEP 1. Building the binaries
+
+To do this, first edit the file source/Makefile. You will find that
+the Makefile has an entry for most unixes and you need to uncomment
+the one that matches your operating system.
+
+You should also edit the section at the top of the Makefile which
+determines where things will be installed. You need to get this right
+before compilation as Samba needs to find some things at runtime
+(smbrun in particular). There are also settings for where you want
+your log files etc. Make sure you get these right, and that the
+directories exist.
+
+Then type "make". This will create the binaries.
+
+Once it's successfully compiled you can use "make install" to install
+the binaries and manual pages. You can separately install the binaries
+and/or man pages using "make installbin" and "make installman".
+
+Note that if you are upgrading for a previous version of Samba you
+might like to know that the old versions of the binaries will be
+renamed with a ".old" extension. You can go back to the previous
+version with "make revert" if you find this version a disaster!
+
+STEP 2. The all important step
+
+At this stage you must fetch yourself a coffee or other drink you find
+stimulating. Getting the rest of the install right can sometimes be
+tricky, so you will probably need it.
+
+If you have installed samba before then you can skip this step.
+
+STEP 3. Create the smb configuration file.
+
+There are sample configuration files in the examples subdirectory in
+the distribution. I suggest you read them carefully so you can see how
+the options go together in practice. See the man page for all the
+options.
+
+The simplest useful configuration file would be something like this:
+
+ workgroup = MYGROUP
+
+ [homes]
+ guest ok = no
+ read only = no
+
+which would allow connections by anyone with an account on the server,
+using either their login name or "homes" as the service name. (Note
+that I also set the workgroup that Samba is part of. See BROWSING.txt
+for defails)
+
+Note that "make install" will not install a smb.conf file. You need to
+create it yourself. You will also need to create the path you specify
+in the Makefile for the logs etc, such as /usr/local/samba.
+
+Make sure you put the smb.conf file in the same place you specified in
+the Makefile.
+
+STEP 4. Test your config file with testparm
+
+It's important that you test the validity of your smb.conf file using
+the testparm program. If testparm runs OK then it will list the loaded
+services. If not it will give an error message.
+
+Make sure it runs OK and that the services look resonable before
+proceeding.
+
+STEP 5. Starting the smbd and nmbd.
+
+You must choose to start smbd and nmbd either as daemons or from
+inetd. Don't try to do both! Either you can put them in inetd.conf
+and have them started on demand by inetd, or you can start them as
+daemons either from the command line or in /etc/rc.local. See the man
+pages for details on the command line options.
+
+The main advantage of starting smbd and nmbd as a daemon is that they
+will respond slightly more quickly to an initial connection
+request. This is, however, unlilkely to be a problem.
+
+Step 5a. Starting from inetd.conf
+
+NOTE; The following will be different if you use NIS or NIS+ to
+distributed services maps.
+
+Look at your /etc/services. What is defined at port 139/tcp. If
+nothing is defined then add a line like this:
+
+netbios-ssn 139/tcp
+
+similarly for 137/udp you should have an entry like:
+
+netbios-ns 137/udp
+
+Next edit your /etc/inetd.conf and add two lines something like this:
+
+netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd smbd
+netbios-ns dgram udp wait root /usr/local/samba/bin/nmbd nmbd
+
+The exact syntax of /etc/inetd.conf varies between unixes. Look at the
+other entries in inetd.conf for a guide.
+
+NOTE: Some unixes already have entries like netbios_ns (note the
+underscore) in /etc/services. You must either edit /etc/services or
+/etc/inetd.conf to make them consistant.
+
+NOTE: On many systems you may need to use the "interfaces" option in
+smb.conf to specify the IP address and netmask of your interfaces. Run
+ifconfig as root if you don't know what the broadcast is for your
+net. nmbd tries to determine it at run time, but fails on some
+unixes. See the section on "testing nmbd" for a method of finding if
+you need to do this.
+
+!!!WARNING!!! Many unixes only accept around 5 parameters on the
+command line in inetd. This means you shouldn't use spaces between the
+options and arguments, or you should use a script, and start the
+script from inetd.
+
+Restart inetd, perhaps just send it a HUP. If you have installed an
+earlier version of nmbd then you may need to kill nmbd as well.
+
+Step 5b. Alternative: starting it as a daemon
+
+To start the server as a daemon you should create a script something
+like this one, perhaps calling it "startsmb"
+
+#!/bin/sh
+/usr/local/samba/bin/smbd -D
+/usr/local/samba/bin/nmbd -D
+
+then make it executable with "chmod +x startsmb"
+
+You can then run startsmb by hand or execute it from /etc/rc.local
+
+To kill it send a kill signal to the processes nmbd and smbd.
+
+NOTE: If you use the SVR4 style init system then you may like to look
+at the examples/svr4-startup script to make Samba fit into that system.
+
+
+STEP 7. Try listing the shares available on your server
+
+smbclient -L yourhostname
+
+Your should get back a list of shares available on your server. If you
+don't then something is incorrectly setup. Note that this method can
+also be used to see what shares are available on other LanManager
+clients (such as WfWg).
+
+If you choose user level security then you may find that Samba requests
+a password before it will list the shares. See the smbclient docs for
+details. (you can force it to list the shares without a password by
+adding the option -U% to the command line. This will not work with
+non-Samba servers)
+
+STEP 8. try connecting with the unix client. eg:
+
+smbclient '\\yourhostname\aservice'
+
+Typically the "yourhostname" would be the name of the host where you
+installed smbd. The "aservice" is any service you have defined in the
+smb.conf file. Try your user name if you just have a [homes] section
+in smb.conf.
+
+For example if your unix host is bambi and your login name is fred you
+would type:
+
+smbclient '\\bambi\fred'
+
+NOTE: The number of slashes to use depends on the type of shell you
+use. You may need '\\\\bambi\\fred' with some shells.
+
+STEP 9. Try connecting from a dos/WfWg/Win95/NT/os-2 client. Try
+mounting disks. eg:
+
+net use d: \\servername\service
+
+Try printing. eg:
+
+net use lpt1: \\servername\spoolservice
+print filename
+
+Celebrate, or send me a bug report!
+
+WHAT IF IT DOESN'T WORK?
+========================
+
+If nothing works and you start to think "who wrote this pile of trash"
+then I suggest you do step 2 again (and again) till you calm down.
+
+Then you might read the file DIAGNOSIS.txt and the FAQ. If you are
+still stuck then try the mailing list or newsgroup (look in the README
+for details). Samba has been successfully installed at thousands of
+sites worldwide, so maybe someone else has hit your problem and has
+overcome it. You could also use the WWW site to scan back issues of
+the samba-digest.
+
+When you fix the problem PLEASE send me some updates to the
+documentation (or source code) so that the next person will find it
+easier.
+
+DIAGNOSING PROBLEMS
+===================
+
+If you have instalation problems then go to DIAGNOSIS.txt to try to
+find the problem.
+
+SCOPE IDs
+=========
+
+By default Samba uses a blank scope ID. This means all your windows
+boxes must also have a blank scope ID. If you really want to use a
+non-blank scope ID then you will need to use the -i <scope> option to
+nmbd, smbd, and smbclient. All your PCs will need to have the same
+setting for this to work. I do not recommend scope IDs.
+
+
+CHOOSING THE PROTOCOL LEVEL
+===========================
+
+The SMB protocol has many dialects. Currently Samba supports 5, called
+CORE, COREPLUS, LANMAN1, LANMAN2 and NT1.
+
+You can choose what maximum protocol to support in the smb.conf
+file. The default is NT1 and that is the best for the vast majority of
+sites.
+
+In older versions of Samba you may have found it necessary to use
+COREPLUS. The limitations that led to this have mostly been fixed. It
+is now less likely that you will want to use less than LANMAN1. The
+only remaining advantage of COREPLUS is that for some obscure reason
+WfWg preserves the case of passwords in this protocol, whereas under
+LANMAN1, LANMAN2 or NT1 it uppercases all passwords before sending them,
+forcing you to use the "password level=" option in some cases.
+
+The main advantage of LANMAN2 and NT1 is support for long filenames with some
+clients (eg: smbclient, Windows NT or Win95).
+
+See the smb.conf manual page for more details.
+
+Note: To support print queue reporting you may find that you have to
+use TCP/IP as the default protocol under WfWg. For some reason if you
+leave Netbeui as the default it may break the print queue reporting on
+some systems. It is presumably a WfWg bug.
+
+
+PRINTING FROM UNIX TO A CLIENT PC
+=================================
+
+To use a printer that is available via a smb-based server from a unix
+host you will need to compile the smbclient program. You then need to
+install the script "smbprint". Read the instruction in smbprint for
+more details.
+
+There is also a SYSV style script that does much the same thing called
+smbprint.sysv. It contains instructions.
+
+
+LOCKING
+=======
+
+One area which sometimes causes trouble is locking.
+
+There are two types of locking which need to be performed by a SMB
+server. The first is "record locking" which allows a client to lock a
+range of bytes in a open file. The second is the "deny modes" that are
+specified when a file is open.
+
+Samba supports "record locking" using the fcntl() unix system
+call. This is often implemented using rpc calls to a rpc.lockd process
+running on the system that owns the filesystem. Unfortunately many
+rpc.lockd implementations are very buggy, particularly when made to
+talk to versions from other vendors. It is not uncommon for the
+rpc.lockd to crash.
+
+There is also a problem translating the 32 bit lock requests generated
+by PC clients to 31 bit requests supported by most
+unixes. Unfortunately many PC applications (typically OLE2
+applications) use byte ranges with the top bit set as semaphore
+sets. Samba attempts translation to support these types of
+applications, and the translation has proved to be quite successful.
+
+Strictly a SMB server should check for locks before every read and
+write call on a file. Unfortunately with the way fcntl() works this
+can be slow and may overstress the rpc.lockd. It is also almost always
+unnecessary as clients are supposed to independently make locking
+calls before reads and writes anyway if locking is important to
+them. By default Samba only makes locking calls when explicitly asked
+to by a client, but if you set "strict locking = yes" then it will
+make lock checking calls on every read and write.
+
+You can also disable by range locking completely using "locking =
+no". This is useful for those shares that don't support locking or
+don't need it (such as cdroms). In this case Samba fakes the return
+codes of locking calls to tell clients that everything is OK.
+
+The second class of locking is the "deny modes". These are set by an
+application when it opens a file to determine what types of access
+should be allowed simultaneously with it's open. A client may ask for
+DENY_NONE, DENY_READ, DENY_WRITE or DENY_ALL. There are also special
+compatability modes called DENY_FCB and DENY_DOS.
+
+You can disable share modes using "share modes = no". This may be
+useful on a heavily loaded server as the share modes code is very
+slow. See also the FAST_SHARE_MODES option in the Makefile for a way
+to do full share modes very fast using shared memory (if your OS
+supports it).
+
+
+MAPPING USERNAMES
+=================
+
+If you have different usernames on the PCs and the unix server then
+take a look at the "username map" option. See the smb.conf man page
+for details.
+
+
+OTHER CHARACTER SETS
+====================
+
+If you have problems using filenames with accented characters in them
+(like the German, French or Scandinavian character sets) then I
+recommmend you look at the "valid chars" option in smb.conf and also
+take a look at the validchars package in the examples directory.
diff --git a/docs/MIRRORS b/docs/MIRRORS
new file mode 100644
index 00000000000..a055860e999
--- /dev/null
+++ b/docs/MIRRORS
@@ -0,0 +1,33 @@
+The main Samba ftp site is samba.anu.edu.au in pub/samba/. Contact
+samba-bugs@samba.anu.edu.au for help with this site.
+
+Mirror sites include:
+
+ftp://nimbus.anu.edu.au/pub/tridge/samba
+ftp://sunsite.auc.dk/pub/unix/networking/samba/
+ftp://src.doc.ic.ac.uk/packages/samba/
+ftp://choc.satech.net.au/pub/samba/
+ftp://ftp.uni-trier.de/pub/unix/network/samba/
+ftp://sunsite.mff.cuni.cz/Net/Protocols/Samba/
+ftp://ring.aist.go.jp/archives/net/samba/
+ftp://ring.asahi-net.or.jp/archives/net/samba/
+ftp://ftp.cs.ucr.edu/pub/software/samba
+ftp://ftp.ua.pt/pub/misc/samba/
+ftp://sunsite.unc.edu/pub/Linux/system/Network/samba/
+
+There are several others. Give archie a try.
+
+SCO binaries available from:
+ftp://ftp.markv.com/pub/samba (built by lance@fox.com)
+
+AIX and DEC OSF/1 binaries are available from:
+ftp://151.99.220.5/pub/samba (built by davide.migliavacca@inferentia.inet.it)
+
+QNX binaries and source code:
+ftp://quics.qnx.com/usr/free/staging/samba
+
+Http sites include:
+
+http://samba.canberra.edu.au/pub/samba
+http://www.choc.satech.net.au/pub/samba/
+
diff --git a/docs/OS2.txt b/docs/OS2.txt
new file mode 100644
index 00000000000..7d678a4bfb5
--- /dev/null
+++ b/docs/OS2.txt
@@ -0,0 +1,57 @@
+This describes how to use smbclient to connect to an OS/2 server.
+Knowing this allows you to use a OS/2 printer from unix.
+
+Author: riiber@oslonett.no
+
+
+How to login to an OS/2 server
+-------------------------------
+
+Sample setup for OS/2 server running LanMan 2.2:
+
+ OS/2 Server Name : \\OBV11
+ OS/2 User Account : ARNE
+ OS/2 Password : xxx
+ OS/2 shared service 1 : LASER02
+ OS/2 Shared service 2 : PCPROGS
+ Samba NetBIOS name : KLATREMUS
+
+First, the two servers were started with the commands
+smbd and nmbd -n KLATREMUS.
+
+Command to connect to a the shared printer LASER02 on the OS/2 server:
+n
+ smbclient '\\OBV11\LASER02' xxx -n ARNE -U ARNE -P
+
+and to connect to the shared drive 'PCPROGS':
+
+ smbclient '\\OBV11\PCPROGS' xxx -n ARNE -U ARNE
+
+
+If login to the OS/2 server fails:
+----------------------------------
+
+The remarkable OS/2 server requires NetBIOS name to be equal to User name.
+This was the only combination of (NetBIOS name, User name) that allowed login.
+
+Password xxx must be in upper case, case in user name is unimportant.
+
+The OS/2 server responds with "Bad password - name/password pair"
+if the password is illegal (in lowercase, for example).
+
+If correct user name and password, but invalid NetBIOS name is given,
+it responds with "... SMBtcon failed. ERRDOS - 65".
+
+The OS/2 server can disable login from a list of workstations (PCs)
+corresponding to the NetBIOS name (-n option). I set it up to
+allow login from any workstation.
+
+
+
+(I experimented quite a lot with the -U and -n options, printed and browsed
+the MS SMB protocol docs and the RFC's, then read some comp.protocols.smb,
+got some tips, tried some "stupid" command line options,
+and at last I got it working!)
+
+-Arne-
+
diff --git a/docs/README.OS2 b/docs/README.OS2
new file mode 100644
index 00000000000..a464dd9946c
--- /dev/null
+++ b/docs/README.OS2
@@ -0,0 +1,81 @@
+Samba 1.9.15p8 for OS/2 : REQUIRES emx 0.9b.
+
+
+Please read the file README, which contains general information about
+the configuration and use of Samba.
+
+
+Notes specific to OS/2 port:
+============================
+
+Filenames have been shortened to 8.3 in case anyone is using FAT.
+Files affected are:
+smb.conf -> smb.cfg smbclient -> smbclnt.exe
+smbstatus -> smbstat.exe nmblookup -> nmblook.exe
+
+As I only use HPFS, I can't guarantee this will work on FAT systems,
+although I have tried to stick to 8.3 filenames. I have noticed some
+temporary files being created with long filenames by smbd when I tried
+printing (which does not work yet anyway). nmbd will not be able to
+create browse lists on FAT systems, as it uses temporary files with
+long file names.
+
+smb.cfg should be in the directory smbd is started from. The path to
+smb.cfg is a compile time option, so if you are compiling from source
+you can set this to an absolute path to remove this restriction.
+
+User home directories not supported. This doesn't make much sense on
+OS/2. I haven't actually disabled anything, so if you try setting
+this up, behaivour is undefined.
+
+Password support is incomplete (I have found a crypt() routine, but
+lack of passwd file support in the EMX libraries make support difficult
+without major changes).
+
+Printing does not appear to be working. OS/2's lpq gives output in a
+different format than the versions of lpq already supported by samba.
+This will be easy to accomodate, but there is not much point until I can
+get lpr working properly.
+
+
+
+Source is available from the Samba WWW site :
+
+http://samba.canberra.edu.au/pub/samba/
+
+EMX 0.9b is available from hobbes.nmsu.edu, ftp.cdrom.com, ftp.leo.org and
+other OS/2 FTP sites. emxrt.zip contains the required libraries.
+
+Bugs:
+=====
+
+Known problems:
+===============
+
+Printing does not work. I have tried using REXX scripts with path info
+built in, and watched the processes startup properly but nothing comes
+out of the printer (remote via lpr in this case).
+If you can get it going, please let me know how you did it.
+
+The output from OS/2's lpq.exe is not understood by smbd, so all querys
+about the print queue say it is empty. Printing doesn't work anyway,
+so I have not attempted to fix this yet.
+
+Temporary files are created with long filenames (when printing, and updating
+browse list)
+
+Bug reports for the OS/2 port should be sent to Jason Rumney <jasonr@pec.co.nz>.
+
+Change log:
+===========
+
+Changes from release 1 to release 2.
+
+nmblookup (nmblook.exe) is included, and works.
+
+An attempt at password support was made using the gnuufc crypt routines,
+but then I found that a lot of functions in the EMX libraries to do with
+passwd files don't actually do anything.
+
+Browse lists should now work if you use HPFS and set your lock directory
+to an absolute pathname.
diff --git a/docs/THANKS b/docs/THANKS
index 6405da3f9f4..19c11dc432f 100644
--- a/docs/THANKS
+++ b/docs/THANKS
@@ -20,9 +20,11 @@ please contact Andrew.Tridgell@anu.edu.au, or via normal mail at
Lee Fisher (leefi@microsoft.com)
Charles Fox (cfox@microsoft.com)
Dan Perry (danp@exchnge.microsoft.com)
+Paul Leach (paulle@microsoft.com)
+Isaac Heizer (isaache@microsoft.com)
These Microsoft people have been very helpful and supportive of
- the development of Samba.
+ the development of Samba over some years.
Lee very kindly supplied me with a copy of the X/Open SMB
specs. These have been invaluable in getting the details of the
@@ -43,6 +45,11 @@ Dan Perry (danp@exchnge.microsoft.com)
NT browsing spec, which will help a lot in the development of the
Samba browser code.
+ Paul was responsible for Microsoft paying my flight to Seattle for the
+ first CIFS conference (see http://samba.anu.edu.au/cifs) and has been
+ generally helpful and cooperative as the SMB community moves towards
+ an Internet-ready specification. Isaac has regularly provided help on
+ the behaviour of NT networks.
Bruce Perens (bruce@pixar.com)
@@ -93,7 +100,7 @@ Steve Kennedy (steve@gbnet.net)
John Terpstra (jht@aquasoft.com.au)
- Aquasoft are a speciaist consulting company whose Samba using
+ Aquasoft are a specialist consulting company whose Samba-using
customers span the world.
Aquasoft have been avid supporters of the Samba project. As a
@@ -117,3 +124,14 @@ Steve Withers (swithers@vnet.IBM.COM)
OS/2 Warp installed. I hope this will allow me to finally fix
up those annoying OS/2 related Samba bugs that I have been
receiving reports of.
+
+Keith Wilkins (wilki1k@nectech.co.uk)
+
+ Keith from NEC in England very generously supplied a PC to
+ Luke Leighton to help with his nmbd development work. At the
+ same time Keith offered to help me with some new hardware, and
+ he sent me a pentium motherboard with 32MB of ram
+ onboard. This was very helpful as it allowed me to upgrade
+ my aging server to be a very powerful system. Thanks!
+
+
diff --git a/docs/Warp.txt b/docs/Warp.txt
new file mode 100644
index 00000000000..9b8e6782ba5
--- /dev/null
+++ b/docs/Warp.txt
@@ -0,0 +1,99 @@
+Here is some advice from maxfield@ctelcom.uucp.netcom.com (Wade Maxfie
+to use Samba with OS/2 Warp.
+
+Note that you may also find ftp://ftp.cdrom.com/pub/os2/new/os2net.faq
+useful.
+
+
+
+ Can I use Samba with Warp?
+
+ Yes. The MSClient software at ftp.microsoft.com in the Bussys
+(lanman os2 directory) will work, sort of. It is version 2.2c.
+
+ First, uncloack os2ver. (attrib -h -r -s c:\os2ver). It is a
+text file. change netwksta.xxx to 20=netwksta.sys. Also add
+20=setup.exe. Another change will be needed, a .vdd file. I remember
+it came up during the installation as being a wrong version. I wrote
+the name down, changed os2ver to include it, and restarted the
+installation.
+
+ Here is a copy of my os2ver
+
+setup.exe
+netbios.os2
+nwifs.ifs
+netwksta.sys
+nwreq.sys
+netbios.sys
+ipx.sys
+netvdd.sys
+
+Re-cloak os2ver. (attrib +h +r +s c:\os2ver)
+
+Run the installation from an OS/2 Box. Note that your mouse wont work,
+use the TAB key to move around, enter to select hilighted items.
+
+Here is a copy of my Config.sys file regarding the Laman entries.
+Note even though the version is 2.2c, it reports 2.2a in the text.
+
+REM ==== LANMAN 2.2a == DO NOT MODIFY BETWEEN THESE LINES == LANMAN 2.
+DEVICE=C:\LANMAN\DRIVERS\PROTMAN\PROTMAN.OS2 /i:C:\LANMAN
+DEVICE=C:\LANMAN\DRIVERS\ETHERNET\Ns2000\Ns2000.OS2
+RUN=C:\LANMAN\DRIVERS\PROTOCOL\tcpip\starttcp.exe
+RUN=C:\LANMAN\DRIVERS\PROTOCOL\tcpip\startnb.exe
+DEVICE=C:\LANMAN\DRIVERS\PROTOCOL\tcpip\tcpdrv.os2
+DEVICE=C:\LANMAN\DRIVERS\PROTOCOL\tcpip\nbdrv.os2
+DEVICE=C:\LANMAN\DRIVERS\PROTOCOL\tcpip\nmdrv.os2
+DEVICE=C:\LANMAN\arpa\sockdrv.os2
+DEVICE=C:\LANMAN\DRIVERS\PROTOCOL\NETBEUI\NETBEUI.OS2
+DEVICE=C:\LANMAN\NETPROG\RDRHELP.SYS
+IFS=C:\LANMAN\NETPROG\NETWKSTA.SYS /i:C:\LANMAN
+DEVICE=C:\LANMAN\NETPROG\NETVDD.SYS
+REM ==== LANMAN 2.2a == DO NOT MODIFY BETWEEN THESE LINES == LANMAN 2.
+
+
+ If you have an NE2000 card, don't reboot, or you'll be sorry.
+enable the automatic backup mechanism for recovering old config.sys and
+other files in OS/2. It paid for itself during this installation nightm
+before I knew better!)
+
+ Next, (or perhaps before this), if you have an NE2000 adaptor,
+get the ns2000 files from hobbes.nmsu.edu (in ns2000.zip). I manually
+patched protocol.ini to refer to that adaptor, and copied it into my
+c:\lanman directory. Note that I also modified the driver to be loaded
+in the config.sys to the ns2000.os2. It might install as an "other"
+adaptor.
+
+ A command file "startup.cmd" is placed in c:\. This file is
+automatically run when OS/2 Warp starts.
+Here is a copy of my startup file. Note that Warp sometimes fails to
+login properly to the server. I solve this by checking for the
+existance of a file, and rerunning the loing if that file fails to
+exist.
+
+@REM ==== LANMAN 2.2a == DO NOT MODIFY BETWEEN THESE LINES == LANMAN
+NET START WORKSTATION
+:relogin
+NET LOGON maxfield mypassword /y
+rem net use f: \\packard90\d$
+rem net use g: \\linuxone\cdromsdir
+rem net use h: \\linuxone\public
+:doOver
+if not exist f:\wildcat\wildcat.exe goto relogin
+@REM ==== LANMAN 2.2a == DO NOT MODIFY BETWEEN THESE LINES == LANMAN
+exit
+
+ Finally, the system expects to be on a domain with a domain
+server. BTW, TCP/IP and NetBeui allow simultaneous communication with
+Os/2 lanserver 4.0, and Samba. (Note: Lanserver 4.0 won't yet to
+TCP/IP. (Well,it might, but it crashes before I get to that point, so I
+havent' been able to enable it))
+
+I have not yet tried with only a SAMBA server on the domain.
+
+ I would be glad to try to answer any questions at above e-mail
+address, if I can.
+
+wade
+
diff --git a/docs/announce b/docs/announce
index f761320f43e..177286ff8e5 100644
--- a/docs/announce
+++ b/docs/announce
@@ -4,19 +4,21 @@
What is Samba?
--------------
-Samba is a Unix based SMB file server. This allows a Unix host to
-act as a file and print server for SMB clients. This includes
+Samba is a SMB file server that runs on Unix and other operating systems.
+It allows these operating systems (currently Unix, Netware, OS/2 and
+AmigaDOS) to act as a file and print server for SMB clients. There are many
Lan-Manager compatible clients such as LanManager for DOS, Windows for
Workgroups, Windows NT, Windows 95, OS/2, Pathworks and many more.
-The package also includes a Unix SMB client and a netbios nameserver.
+The package also includes a SMB client for accessing other SMB servers
+and a netbios nameserver for browsing support.
What can it do for me?
----------------------
If you have any PCs running SMB clients, such as a PC running Windows
-for Workgroups, then you can mount file space or printers from a unix
-host, so that directories, files and printers on the unix host are
+for Workgroups, then you can mount file space or printers on a Samba
+host, so that directories, files and printers on the host are
available on the PC.
The client part of the package will also allow you to attach to other
@@ -31,7 +33,7 @@ What are it's features?
Samba supports many features that are not supported in other SMB
implementations (all of which are commercial). Some of it's features
-include host as well as username/password security, a unix client,
+include host as well as username/password security, a client,
automatic home directory exporting, automatic printer exporting, dead
connection timeouts, umask support, guest connections, name mangling
and hidden and system attribute mapping. Look at the man pages
@@ -66,7 +68,7 @@ Samba software is free software. It is available under the
GNU Public licence in source code form at no cost. Please read the
file COPYING that comes with the package for more information.
-What flavours of unix does it support?
+What operating systems does it support?
---------------------------------------
The code has been written to be as portable as possible. It has been
@@ -79,7 +81,9 @@ Sequent, HP-UX, SGI, FreeBSD, NeXT, ISC, A/UX, SCO, Intergraph,
Domain/OS and DGUX.
Some of these have received more testing than others. If it doesn't
-work with your unix then it should be easy to fix.
+work with your unix then it should be easy to fix. It has also been ported
+to Netware, OS/2 and the Amiga. A VMS port is underway. See the web site
+for more details.
Who wrote it?
-------------
@@ -93,8 +97,8 @@ on who did what bits.
Where can I get it?
-------------------
-The package is available via anonymous ftp from nimbus.anu.edu.au in
-the directory pub/tridge/samba/.
+The package is available via anonymous ftp from samba.anu.edu.au in
+the directory pub/samba/.
What about SMBServer?
---------------------
@@ -123,7 +127,7 @@ There is also often quite a bit of discussion about Samba on the
newsgroup comp.protocols.smb.
A WWW site with lots of Samba info can be found at
-http://lake.canberra.edu.au/pub/samba/
+http://samba.canberra.edu.au/pub/samba/
-Andrew Tridgell (Contact: samba-bugs@anu.edu.au)
-January 1995
+The Samba Team (Contact: samba-bugs@samba.anu.edu.au)
+June 1996
diff --git a/docs/manpages/nmbd.8 b/docs/manpages/nmbd.8
index e42f194cdee..bb848d0276f 100644
--- a/docs/manpages/nmbd.8
+++ b/docs/manpages/nmbd.8
@@ -1,44 +1,29 @@
-.TH NMBD 8 17/1/1995 nmbd nmbd
+.TH NMBD 8 nmbd nmbd
.SH NAME
nmbd \- provide netbios nameserver support to clients
.SH SYNOPSIS
.B nmbd
[
-.B -B
-.I broadcast address
+.B \-D
] [
-.B -I
-.I IP address
-] [
-.B -D
-] [
-.B -C comment string
-] [
-.B -G
-.I group name
-] [
-.B -H
+.B \-H
.I netbios hosts file
] [
-.B -N
-.I netmask
-] [
-.B -d
+.B \-d
.I debuglevel
] [
-.B -l
+.B \-l
.I log basename
] [
-.B -n
+.B \-n
.I netbios name
] [
-.B -p
+.B \-p
.I port number
] [
-.B -s
-.I config file name
+.B \-s
+.I configuration file
]
-
.SH DESCRIPTION
This program is part of the Samba suite.
@@ -54,41 +39,26 @@ This program simply listens for such requests, and if its own name is specified
it will respond with the IP number of the host it is running on. "Its own name"
is by default the name of the host it is running on, but this can be overriden
with the
-.B -n
+.B \-n
option (see "OPTIONS" below). Using the
-.B -S
-option (see "OPTIONS" below), it can also be instructed to respond with IP
-information about other hosts, provided they are locatable via the
-gethostbyname() call, or they are in a netbios hosts file.
Nmbd can also be used as a WINS (Windows Internet Name Server)
server. It will do this automatically by default. What this basically
means is that it will respond to all name requests that it receives
that are not broadcasts, as long as it can resolve the name.
.SH OPTIONS
-.B -B
+.B \-B
.RS 3
-On some systems, the server is unable to determine the broadcast address to
-use for name registration requests. If your system has this difficulty, this
-parameter may be used to specify an appropriate broadcast address. The
-address should be given in standard "a.b.c.d" notation.
-
-Only use this parameter if you are sure that the server cannot properly
-determine the proper broadcast address.
-
-The default broadcast address is determined by the server at run time. If it
-encounters difficulty doing so, it makes a guess based on the local IP
-number.
+This option is obsolete. Please use the interfaces option in smb.conf
.RE
-.B -I
+.B \-I
.RS 3
-On some systems, the server is unable to determine the correct IP
-address to use. This allows you to override the default choice.
+This option is obsolete. Please use the interfaces option in smb.conf
.RE
-.B -D
+.B \-D
.RS 3
If specified, this parameter causes the server to operate as a daemon. That is,
@@ -98,35 +68,20 @@ appropriate port.
By default, the server will NOT operate as a daemon.
.RE
-.B -C comment string
+.B \-C comment string
.RS 3
-This allows you to set the "comment string" that is shown next to the
-machine name in browse listings.
-
-A %v will be replaced with the Samba version number.
-
-A %h will be replaced with the hostname.
-
-It defaults to "Samba %v".
+This option is obsolete. Please use the "server string" option in smb.conf
.RE
-.B -G
+.B \-G
.RS 3
-This option allows you to specify a netbios group (also known as
-lanmanager domain) that the server should be part of. You may include
-several of these on the command line if you like. Alternatively you
-can use the -H option to load a netbios hosts file containing domain names.
-
-At startup, unless the -R switch has been used, the server will
-attempt to register all group names in the hosts file and on the
-command line (from the -G option).
-
-The server will also respond to queries on this name.
+This option is obsolete. Please use the "workgroup" option in smb.conf
.RE
-.B -H
+.B \-H
+.I netbios hosts file
.RS 3
It may be useful in some situations to be able to specify a list of
@@ -138,35 +93,31 @@ The file contains three columns. Lines beginning with a # are ignored
as comments. The first column is an IP address, or a hostname. If it
is a hostname then it is interpreted as the IP address returned by
gethostbyname() when read. Any IP address of 0.0.0.0 will be
-interpreted as the servers own IP address.
+interpreted as the server's own IP address.
The second column is a netbios name. This is the name that the server
will respond to. It must be less than 20 characters long.
The third column is optional, and is intended for flags. Currently the
-only flags supported are G, S and M. A G indicates that the name is a
-group (also known as domain) name.
-
-At startup all groups known to the server (either from this file or
-from the -G option) are registered on the network (unless the -R
-option has been selected).
+only flag supported is M.
-A S or G means that the specified address is a broadcast address of a
-network that you want people to be able to browse you from. Nmbd will
-search for a master browser in that domain and will send host
-announcements to that machine, informing it that the specifed somain
-is available.
+An M means that this name is the default netbios name for this
+machine. This has the same affect as specifying the
+.B \-n
+option to
+.BR nmbd .
-A M means that this name is the default netbios name for this
-machine. This has the same affect as specifying the -n option to nmbd.
+NOTE: The G and S flags are now obsolete and are replaced by the
+"interfaces" and "remote announce" options in smb.conf.
After startup the server waits for queries, and will answer queries to
any name known to it. This includes all names in the netbios hosts
-file (if any), it's own name, and any names given with the -G option.
+file (if any) and its own name.
-The primary intention of the -H option is to allow a mapping from
-netbios names to internet domain names, and to allow the specification
-of groups that the server should be part of.
+The primary intention of the
+.B \-H
+option is to allow a mapping from
+netbios names to internet domain names.
.B Example:
@@ -177,315 +128,88 @@ of groups that the server should be part of.
# if you want to include a name with a space in it then
# use double quotes.
- # first put ourselves in the group LANGROUP
- 0.0.0.0 LANGROUP G
-
# next add a netbios alias for a faraway host
arvidsjaur.anu.edu.au ARVIDSJAUR
# finally put in an IP for a hard to find host
130.45.3.213 FREDDY
- # now we want another subnet to be able to browse
- # us in the workgroup UNIXSERV
- 192.0.2.255 UNIXSERV G
-
-.RE
-
-.B -M
-.I workgroup name
-
-.RS 3
-If this parameter is given, the server will look for a master browser
-for the specified workgroup name, report success or failure, then
-exit. If successful, the IP address of the name located will be
-reported.
-
-If you use the workgroup name "-" then nmbd will search for a master
-browser for any workgroup by using the name __MSBROWSE__.
-
-This option is meant to be used interactively on the command line, not
-as a daemon or in inetd.
-
.RE
-.B -N
+.B \-N
.RS 3
-On some systems, the server is unable to determine the netmask. If
-your system has this difficulty, this parameter may be used to specify
-an appropriate netmask. The mask should be given in standard
-"a.b.c.d" notation.
-
-Only use this parameter if you are sure that the server cannot properly
-determine the proper netmask.
-
-The default netmask is determined by the server at run time. If it
-encounters difficulty doing so, it makes a guess based on the local IP
-number.
+This option is obsolete. Please use the "interfaces" option in
+smb.conf instead.
.RE
-.B -d
+.B \-d
.I debuglevel
.RS 3
-
-debuglevel is an integer from 0 to 5.
-
-The default value if this parameter is not specified is zero.
-
-The higher this value, the more detail will be logged to the log files about
-the activities of the server. At level 0, only critical errors and serious
-warnings will be logged. Level 1 is a reasonable level for day to day running
-- it generates a small amount of information about operations carried out.
-
-Levels above 1 will generate considerable amounts of log data, and should
-only be used when investigating a problem. Levels above 3 are designed for
-use only by developers and generate HUGE amounts of log data, most of which
-is extremely cryptic.
+This option sets the debug level. See
+.BR smb.conf (5).
.RE
-.B -l
+.B \-l
.I log file
.RS 3
If specified,
-.I logfile
+.I log file
specifies a base filename into which operational data from the running server
will be logged.
The default base name is specified at compile time.
The base name is used to generate actual log file names. For example, if the
-name specified was "log", the following files would be used for log data:
-
-.RS 3
-log.nmb (containing debugging information)
-
-log.nmb.in (containing inbound transaction data)
-
-log.nmb.out (containing outbound transaction data)
+name specified was "log" then the file log.nmb would contain debug
+info.
.RE
-The log files generated are never removed by the server.
-.RE
-.RE
-
-.B -n
+.B \-n
.I netbios name
.RS 3
-This parameter tells the server what netbios name to respond with when
-queried. The same name is also registered on startup unless the -R
-parameter was specified.
-
-The default netbios name used if this parameter is not specified is the
-name of the host on which the server is running.
+This option allows you to override the Netbios name that Samba uses
+for itself.
.RE
-.B -p
+.B \-p
.I port number
.RS 3
port number is a positive integer value.
-The default value if this parameter is not specified is 137.
-
-This number is the port number that will be used when making connections to
-the server from client software. The standard (well-known) port number for the
-server is 137, hence the default. If you wish to run the server as an ordinary
-user rather than as root, most systems will require you to use a port number
-greater than 1024 - ask your system administrator for help if you are in this
-situation.
+Don't use this option unless you are an expert, in which case you
+won't need help!
-Note that the name server uses UDP, not TCP!
-
-This parameter is not normally specified except in the above situation.
-.RE
-.SH FILES
-
-.B /etc/inetd.conf
+.B \-s
+.I configuration file
.RS 3
-If the server is to be run by the inetd meta-daemon, this file must contain
-suitable startup information for the meta-daemon. See the section
-"INSTALLATION" below.
-.RE
+The default configuration file name is determined at compile time.
-.B /etc/rc.d/rc.inet2
-
-.RS 3
-(or whatever initialisation script your system uses)
-
-If running the server as a daemon at startup, this file will need to contain
-an appropriate startup sequence for the server. See the section "Installation"
-below.
-.RE
-
-.B /etc/services
-
-.RS 3
-If running the server via the meta-daemon inetd, this file must contain a
-mapping of service name (eg., netbios-ns) to service port (eg., 137) and
-protocol type (eg., udp). See the section "INSTALLATION" below.
-.RE
-.RE
-
-.SH ENVIRONMENT VARIABLES
-Not applicable.
-
-.SH INSTALLATION
-The location of the server and its support files is a matter for individual
-system administrators. The following are thus suggestions only.
-
-It is recommended that the server software be installed under the /usr/local
-hierarchy, in a directory readable by all, writeable only by root. The server
-program itself should be executable by all, as users may wish to run the
-server themselves (in which case it will of course run with their privileges).
-The server should NOT be setuid or setgid!
-
-The server log files should be put in a directory readable and writable only
-by root, as the log files may contain sensitive information.
-
-The remaining notes will assume the following:
-
-.RS 3
-nmbd (the server program) installed in /usr/local/smb
-
-log files stored in /var/adm/smblogs
-.RE
-
-The server may be run either as a daemon by users or at startup, or it may
-be run from a meta-daemon such as inetd upon request. If run as a daemon, the
-server will always be ready, so starting sessions will be faster. If run from
-a meta-daemon some memory will be saved and utilities such as the tcpd
-TCP-wrapper may be used for extra security.
-
-When you've decided, continue with either "Running the server as a daemon" or
-"Running the server on request".
-.SH RUNNING THE SERVER AS A DAEMON
-To run the server as a daemon from the command line, simply put the "-D" option
-on the command line. There is no need to place an ampersand at the end of the
-command line - the "-D" option causes the server to detach itself from the
-tty anyway.
-
-Any user can run the server as a daemon (execute permissions permitting, of
-course). This is useful for testing purposes.
-
-To ensure that the server is run as a daemon whenever the machine is started,
-you will need to modify the system startup files. Wherever appropriate (for
-example, in /etc/rc.d/rc.inet2), insert the following line, substituting
-values appropriate to your system:
-
-.RS 3
-/usr/local/smb/nmbd -D -l/var/adm/smblogs/log
-.RE
-
-(The above should appear in your initialisation script as a single line.
-Depending on your terminal characteristics, it may not appear that way in
-this man page. If the above appears as more than one line, please treat any
-newlines or indentation as a single space or TAB character.)
-
-If the options used at compile time are appropriate for your system, all
-parameters except the desired debug level and "-D" may be omitted. See the
-section on "Options" above.
-.SH RUNNING THE SERVER ON REQUEST
-If your system uses a meta-daemon such as inetd, you can arrange to have the
-SMB name server started whenever a process attempts to connect to it. This
-requires several changes to the startup files on the host machine. If you are
-experimenting as an ordinary user rather than as root, you will need the
-assistance of your system administrator to modify the system files.
-
-First, ensure that a port is configured in the file /etc/services. The
-well-known port 137 should be used if possible, though any port may be used.
-
-Ensure that a line similar to the following is in /etc/services:
-
-.RS 3
-netbios-ns 137/udp
-.RE
-
-Note for NIS/YP users: You may need to rebuild the NIS service maps rather
-than alter your local /etc/services file.
-
-Next, put a suitable line in the file /etc/inetd.conf (in the unlikely event
-that you are using a meta-daemon other than inetd, you are on your own). Note
-that the first item in this line matches the service name in /etc/services.
-Substitute appropriate values for your system in this line (see
-.B inetd(8)):
-
-.RS 3
-netbios-ns dgram udp wait root /usr/local/smb/nmbd -l/var/adm/smblogs/log
+The file specified contains the configuration details required by the server.
+See
+.BR smb.conf (5)
+for more information.
.RE
-
-(The above should appear in /etc/inetd.conf as a single line. Depending on
-your terminal characteristics, it may not appear that way in this man page.
-If the above appears as more than one line, please treat any newlines or
-indentation as a single space or TAB character.)
-
-Note that there is no need to specify a port number here, even if you are
-using a non-standard port number.
-.SH TESTING THE INSTALLATION
-If running the server as a daemon, execute it before proceeding. If
-using a meta-daemon, either restart the system or kill and restart the
-meta-daemon. Some versions of inetd will reread their configuration tables if
-they receive a HUP signal.
-
-To test whether the name server is running, start up a client
-.I on a different machine
-and see whether the desired name is now present. Alternatively, run
-the nameserver
-.I on a different machine
-specifying "-L netbiosname", where "netbiosname" is the name you have
-configured the test server to respond with. The command should respond
-with success, and the IP number of the machine using the specified netbios
-name. You may need the -B parameter on some systems. See the README
-file for more information on testing nmbd.
-
.SH VERSION
-This man page is (mostly) correct for version 1.9.00 of the Samba suite, plus some
-of the recent patches to it. These notes will necessarily lag behind
-development of the software, so it is possible that your version of
-the server has extensions or parameter semantics that differ from or are not
-covered by this man page. Please notify these to the address below for
-rectification.
+
+This man page is (mostly) correct for version 1.9.16 of the Samba
+suite, plus some of the recent patches to it. These notes will
+necessarily lag behind development of the software, so it is possible
+that your version of the server has extensions or parameter semantics
+that differ from or are not covered by this man page. Please notify
+these to the address below for rectification.
.SH SEE ALSO
-.B inetd(8),
-.B smbd(8),
-.B smb.conf(5),
-.B smbclient(1),
-.B testparm(1),
-.B testprns(1)
-
-.SH DIAGNOSTICS
-[This section under construction]
-
-Most diagnostics issued by the server are logged in the specified log file. The
-log file name is specified at compile time, but may be overridden on the
-command line.
-
-The number and nature of diagnostics available depends on the debug level used
-by the server. If you have problems, set the debug level to 3 and peruse the
-log files.
-
-Most messages are reasonably self-explanatory. Unfortunately, at time of
-creation of this man page the source code is still too fluid to warrant
-describing each and every diagnostic. At this stage your best bet is still
-to grep the source code and inspect the conditions that gave rise to the
-diagnostics you are seeing.
-
-.SH BUGS
-None known.
+.BR inetd (8),
+.BR smbd (8),
+.BR smb.conf (5),
+.BR smbclient (1),
+.BR testparm (1),
+.BR testprns (1)
.SH CREDITS
The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper
+Andrew Tridgell (samba-bugs@samba.anu.edu.au). Andrew is also the Keeper
of the Source for this project.
-This man page written by Karl Auer (Karl.Auer@anu.edu.au)
-
-See
-.B smb.conf(5) for a full list of contributors and details on how to
-submit bug reports, comments etc.
-
-
-
-
-
diff --git a/docs/manpages/samba.7 b/docs/manpages/samba.7
index 0c81f736b6e..7e98c850d41 100644
--- a/docs/manpages/samba.7
+++ b/docs/manpages/samba.7
@@ -1,15 +1,14 @@
-.TH SAMBA 7 29/3/95 Samba Samba
+.TH SAMBA 7 Samba Samba
.SH NAME
-Samba \- a LanManager like fileserver for Unix
+Samba \- a LanManager like fileserver for UNIX
.SH SYNOPSIS
.B Samba
.SH DESCRIPTION
The
.B Samba
software suite is a collection of programs that implements the SMB
-protocol for unix systems. This protocol is sometimes also referred to
+protocol for UNIX systems. This protocol is sometimes also referred to
as the LanManager or Netbios protocol.
-
.SH COMPONENTS
The Samba suite is made up of several components. Each component is
@@ -18,25 +17,37 @@ you read the documentation that comes with Samba and the manual pages
of those components that you use. If the manual pages aren't clear
enough then please send me a patch!
-The smbd(8) daemon provides the file and print services to SMB clents,
+The
+.BR smbd (8)
+daemon provides the file and print services to SMB clients,
such as Windows for Workgroups, Windows NT or LanManager. The
-configuration file for this daemon is described in smb.conf(5).
+configuration file for this daemon is described in
+.BR smb.conf (5).
-The nmbd(8) daemon provides Netbios nameserving and browsing
+The
+.BR nmbd (8)
+daemon provides Netbios nameserving and browsing
support. It can also be run interactively to query other name service
daemons.
-The smbclient(1) program implements a simple ftp-like client. This is
+The
+.BR smbclient (1)
+program implements a simple ftp-like client. This is
useful for accessing SMB shares on other compatible servers (such as
-WfWg), and can also be used to allow a unix box to print to a printer
+WfWg), and can also be used to allow a UNIX box to print to a printer
attached to any SMB server (such as a PC running WfWg).
-The testparm(1) utility allows you to test your smb.conf(5)
+The
+.BR testparm (1)
+utility allows you to test your
+.BR smb.conf (5)
configuration file.
-The smbstatus(1) utility allows you to tell who is currently using the
-smbd(8) server.
-
+The
+.BR smbstatus (1)
+utility allows you to tell who is currently using the
+.BR smbd (8)
+server.
.SH AVAILABILITY
The Samba software suite is licensed under the Gnu Public License. A
@@ -45,7 +56,7 @@ encouraged to distribute copies of the Samba suite, but please keep it
intact.
The latest version of the Samba suite can be obtained via anonymous
-ftp from nimbus.anu.edu.au in the directory pub/tridge/samba/. It is
+ftp from samba.anu.edu.au in the directory pub/samba/. It is
also available on several mirror sites worldwide.
You may also find useful information about Samba on the newsgroup
@@ -54,29 +65,26 @@ the mailing list are given in the README file that comes with Samba.
If you have access to a WWW viewer (such as Netscape or Mosaic) then
you will also find lots of useful information, including back issues
-of the Samba mailing list, at http://lake.canberra.edu.au/pub/samba/
-
+of the Samba mailing list, at http://samba.canberra.edu.au/pub/samba/
.SH AUTHOR
The main author of the Samba suite is Andrew Tridgell. He may be
-contacted via e-mail at samba-bugs@anu.edu.au.
+contacted via e-mail at samba-bugs@samba.anu.edu.au.
-There have also been an enourmous number of contributors to Samba from
+There have also been an enormous number of contributors to Samba from
all over the world. A partial list of these contributors is included
in the CREDITS section below. The list is, however, badly out of
date. More up to date info may be obtained from the change-log that
comes with the Samba source code.
-
.SH CONTRIBUTIONS
If you wish to contribute to the Samba project, then I suggest you
join the Samba mailing list.
If you have patches to submit or bugs to report then you may mail them
-directly to samba-bugs@anu.edu.au. Note, however, that due to the
-enourmous popularity of this package I may take some time to repond to
-mail. I prefer patches in "diff -u" format.
-
+directly to samba-bugs@samba.anu.edu.au. Note, however, that due to the
+enormous popularity of this package I may take some time to repond to
+mail. I prefer patches in "diff \-u" format.
.SH CREDITS
Contributors to the project are (in alphabetical order by email address):
@@ -147,6 +155,8 @@ Contributors to the project are (in alphabetical order by email address):
(kuku@acds.physik.rwth-aachen.de)
???
(lance@fox.com)
+ Leighton, Luke
+ (lkcl@pires.co.uk)
Lendecke, Volker
(lendecke@namu01.gwdg.de)
???
@@ -175,8 +185,10 @@ Contributors to the project are (in alphabetical order by email address):
(joergs@toppoint.de)
S{rkel{, Vesa
(vesku@rankki.kcl.fi)
+ Terpstra, John
+ (jht@aquasoft.com.au)
Tridgell, Andrew
- (samba-bugs@anu.edu.au)
+ (samba-bugs@samba.anu.edu.au)
Troyer, Dean
(troyer@saifr00.ateng.az.honeywell.com)
Wakelin, Ross
diff --git a/docs/manpages/smb.conf.5 b/docs/manpages/smb.conf.5
index 933d71ff0c3..f56ff8ce2c5 100644
--- a/docs/manpages/smb.conf.5
+++ b/docs/manpages/smb.conf.5
@@ -1,4 +1,4 @@
-.TH SMB.CONF 5 11/10/94 smb.conf smb.conf
+.TH SMB.CONF 5 smb.conf smb.conf
.SH NAME
smb.conf \- configuration file for smbd
.SH SYNOPSIS
@@ -15,7 +15,6 @@ program. The
.B smbd
program provides LanManager-like services to clients
using the SMB protocol.
-
.SH FILE FORMAT
The file consists of sections and parameters. A section begins with the
name of the section in square brackets and continues until the next
@@ -35,8 +34,8 @@ within a parameter value is retained verbatim.
Any line beginning with a semicolon is ignored, as are lines containing
only whitespace.
-Any line ending in a \\ is "continued" on the next line in the
-customary unix fashion.
+Any line ending in a \e is "continued" on the next line in the
+customary UNIX fashion.
The values following the equals sign in parameters are all either a string
(no quotes needed) or a boolean, which may be given as yes/no, 0/1 or
@@ -91,7 +90,6 @@ means access will be permitted as the default guest user (specified elsewhere):
read only = true
printable = true
public = true
-
.SH SPECIAL SECTIONS
.SS The [global] section
@@ -124,7 +122,7 @@ If no path was given, the path is set to the user's home directory.
If you decide to use a path= line in your [homes] section then you may
find it useful to use the %S macro. For example path=/data/pchome/%S
would be useful if you have different home directories for your PCs
-than for unix access.
+than for UNIX access.
This is a fast and simple way to give a large number of clients access to
their home directories with a minimum of fuss.
@@ -212,6 +210,7 @@ could be used simply to limit access to a subset of your local printers.
An alias, by the way, is defined as any component of the first entry of a
printcap record. Records are separated by newlines, components (if there are
more than one) are separated by vertical bar symbols ("|").
+.RE
.SH PARAMETERS
Parameters define the specific attributes of services.
@@ -221,7 +220,7 @@ permissible only in normal sections. For the purposes of the following
descriptions the [homes] and [printers] sections will be considered normal.
The letter 'G' in parentheses indicates that a parameter is specific to the
[global] section. The letter 'S' indicates that a parameter can be
-specified in a secvice specific section. Note that all S parameters
+specified in a service specific section. Note that all S parameters
can also be specified in the [global] section - in which case they
will define the default behaviour for all services.
@@ -237,7 +236,7 @@ interpreted as "path = /tmp/john" if the user connected with the
username john.
These substitutions are mostly noted in the descriptions below, but
-there are some general substitions which apply whenever they might be
+there are some general substitutions which apply whenever they might be
relevant. These are:
%S = the name of the current service, if any
@@ -283,7 +282,7 @@ substitutions and other smb.conf options.
.SS NAME MANGLING
-Samba supports "name mangling" so that Dos and Windows clients can use
+Samba supports "name mangling" so that DOS and Windows clients can use
files that don't conform to the 8.3 format. It can also be set to adjust
the case of 8.3 format filenames.
@@ -317,7 +316,7 @@ upper case, or if they are forced to be the "default" case. This option can
be use with "preserve case = yes" to permit long filenames to retain their
case, while short names are lowered. Default no.
-.SS COMPLETE LIST OF GLOBAL PARAMETER
+.SS COMPLETE LIST OF GLOBAL PARAMETERS
Here is a list of all global parameters. See the section of each
parameter for details. Note that some are synonyms.
@@ -400,6 +399,8 @@ read raw
read size
+remote announce
+
root
root dir
@@ -412,6 +413,8 @@ server string
smbrun
+socket address
+
socket options
status
@@ -430,7 +433,7 @@ workgroup
write raw
-.SS COMPLETE LIST OF SERVICE PARAMETER
+.SS COMPLETE LIST OF SERVICE PARAMETERS
Here is a list of all service parameters. See the section of each
parameter for details. Note that some are synonyms.
@@ -459,6 +462,8 @@ comment
default case
+delete readonly
+
deny hosts
directory
@@ -467,6 +472,8 @@ dont descend
exec
+fake oplocks
+
force group
force user
@@ -529,6 +536,8 @@ preserve case
print command
+printer driver
+
print ok
printable
@@ -612,7 +621,6 @@ then the "load printers" option is easier.
.B Example:
auto services = fred lp colorlp
-
.SS allow hosts (S)
A synonym for this parameter is 'hosts allow'.
@@ -626,7 +634,7 @@ You can specify the hosts by name or IP number. For example, you could
restrict access to only the hosts on a Class C subnet with something like
"allow hosts = 150.203.5.". The full syntax of the list is described in
the man page
-.B hosts_access(5).
+.BR hosts_access (5).
You can also specify hosts by network/netmask pairs and by netgroup
names if your system supports netgroups. The EXCEPT keyword can also
@@ -653,11 +661,13 @@ deny access from one particular host
Note that access still requires suitable user-level passwords.
-See testparm(1) for a way of testing your host access to see if it
+See
+.BR testparm (1)
+for a way of testing your host access to see if it
does what you expect.
.B Default:
- none (ie., all hosts permitted access)
+ none (i.e., all hosts permitted access)
.B Example:
allow hosts = 150.203.5. myhost.mynet.edu.au
@@ -665,12 +675,12 @@ does what you expect.
.SS alternate permissions (S)
This option affects the way the "read only" DOS attribute is produced
-for unix files. If this is false then the read only bit is set for
+for UNIX files. If this is false then the read only bit is set for
files on writeable shares which the user cannot write to.
If this is true then it is set for files whos user write bit is not set.
-The latter behaviour of useful for when users copy files from each
+The latter behaviour is useful for when users copy files from each
others directories, and use a file manager that preserves
permissions. Without this option they may get annoyed as all copied
files will have the "read only" bit set.
@@ -726,11 +736,11 @@ file.
This option takes the usual substitutions, which can be very useful.
-If thew config file doesn't exist then it won't be loaded (allowing
+If the config file doesn't exist then it won't be loaded (allowing
you to special case the config files of just a few clients).
.B Example:
- config file = /usr/local/samba/smb.conf.%m
+ config file = /usr/local/samba/lib/smb.conf.%m
.SS copy (S)
This parameter allows you to 'clone' service entries. The specified
@@ -751,7 +761,7 @@ in the configuration file than the service doing the copying.
A synonym for this parameter is 'create mode'.
This parameter is the octal modes which are used when converting DOS modes
-to Unix modes.
+to UNIX modes.
Note that Samba will or this value with 0700 as you must have at least
user read, write and execute for Samba to work properly.
@@ -788,7 +798,9 @@ A deadtime of zero indicates that no auto-disconnection should be performed.
dead time = 15
.SS debug level (G)
The value of the parameter (an integer) allows the debug level
-(logging level) to be specified in the smb.conf file. This is to give
+(logging level) to be specified in the
+.B smb.conf
+file. This is to give
greater flexibility in the configuration of the system.
The default will be the debug level specified on the command line.
@@ -815,7 +827,7 @@ attempting to connect to a nonexistent service results in an error.
Typically the default service would be a public, read-only service.
-Also not that s of 1.9.14 the apparent service name will be changed to
+Also note that as of 1.9.14 the apparent service name will be changed to
equal that of the requested service, this is very useful as it allows
you to use macros like %S to make a wildcard service.
@@ -831,6 +843,19 @@ things.
path = /%S
+.SS delete readonly (S)
+This parameter allows readonly files to be deleted. This is not normal DOS
+semantics, but is allowed by UNIX.
+
+This option may be useful for running applications such as rcs, where UNIX
+file ownership prevents changing file permissions, and DOS semantics prevent
+deletion of a read only file.
+
+.B Default:
+ delete readonly = No
+
+.B Example:
+ delete readonly = Yes
.SS deny hosts (S)
A synonym for this parameter is 'hosts deny'.
@@ -839,7 +864,7 @@ access to services unless the specific services have their own lists to
override this one. Where the lists conflict, the 'allow' list takes precedence.
.B Default:
- none (ie., no hosts specifically excluded)
+ none (i.e., no hosts specifically excluded)
.B Example:
deny hosts = 150.203.4. badhost.mynet.edu.au
@@ -870,18 +895,21 @@ Note: Your script should NOT be setuid or setgid and should be owned by
and remaining space will be used.
.B Example:
- dfree command = /usr/local/smb/dfree
+ dfree command = /usr/local/samba/bin/dfree
Where the script dfree (which must be made executable) could be
- #!/bin/sh
- df $1 | tail -1 | awk '{print $2" "$4}'
+.nf
+ #!/bin/sh
+ df $1 | tail -1 | awk '{print $2" "$4}'
+.fi
or perhaps (on Sys V)
+.nf
#!/bin/sh
/usr/bin/df -k $1 | tail -1 | awk '{print $3" "$5}'
-
+.fi
Note that you may have to replace the command names with full
path names on some systems.
@@ -895,11 +923,11 @@ Linux) that are either not of interest to clients or are infinitely deep
of directories that the server should always show as empty.
Note that Samba can be very fussy about the exact format of the "dont
-descend" entries. For example you ma need "./proc" instead of just
+descend" entries. For example you may need "./proc" instead of just
"/proc". Experimentation is the best policy :-)
.B Default:
- none (ie., all directories are OK to descend)
+ none (i.e., all directories are OK to descend)
.B Example:
dont descend = /proc,/dev
@@ -907,7 +935,7 @@ descend" entries. For example you ma need "./proc" instead of just
.SS encrypt passwords (G)
This boolean controls whether encrypted passwords will be negotiated
-with the cient. Note that this option has no effect if you haven't
+with the client. Note that this option has no effect if you haven't
compiled in the necessary des libraries and encryption code. It
defaults to no.
@@ -953,8 +981,9 @@ the specified username overrides this one.
One some systems the account "nobody" may not be able to print. Use
another account in this case. You should test this by trying to log in
-as your guest user (perhaps by using the "su -" command) and trying to
-print using lpr.
+as your guest user (perhaps by using the "su \-" command) and trying to
+print using
+.BR lpr .
Note that as of version 1.9 of Samba this option may be set
differently for each service.
@@ -1007,7 +1036,7 @@ See
.B deny hosts.
.SS group (S)
-This is an alias for "force group" and is only kept for compatability
+This is an alias for "force group" and is only kept for compatibility
with old versions of Samba. It may be removed in future versions.
.SS hosts equiv (G)
@@ -1033,12 +1062,37 @@ or perhaps on a home network where you trust your wife and kids :-)
.B Example
hosts equiv = /etc/hosts.equiv
+.SS interfaces (G)
+
+This option allows you to setup multiple network interfaces, so that
+Samba can properly handle browsing on all interfaces.
+
+The option takes a list of ip/netmask pairs. The netmask may either be
+a bitmask, or a bitlength.
+
+For example, the following line:
+
+interfaces = 192.168.2.10/24 192.168.3.10/24
+
+would configure two network interfaces with IP addresses 192.168.2.10
+and 192.168.3.10. The netmasks of both interfaces would be set to
+255.255.255.0.
+
+You could produce an equivalent result by using:
+
+interfaces = 192.168.2.10/255.255.255.0 192.168.3.10/255.255.255.0
+
+if you prefer that format.
+
+If this option is not set then Samba will attempt to find a primary
+interface, but won't attempt to configure more than one interface.
+
.SS invalid users (S)
This is a list of users that should not be allowed to login to this
service. This is really a "paranoid" check to absolutely ensure an
improper setting does not breach your security.
-A name starting with @ is interpreted as a unix group.
+A name starting with @ is interpreted as a UNIX group.
The current servicename is substituted for %S. This is useful in the
[homes] section.
@@ -1053,7 +1107,7 @@ See also "valid users"
.SS include (G)
-This allows you to inlcude one config file inside another. the file is
+This allows you to include one config file inside another. the file is
included literally, as though typed in place.
It takes the standard substitutions, except %u, %P and %S
@@ -1092,7 +1146,7 @@ The lock files are used to implement the "max connections" option.
lock directory = /tmp/samba
.B Example:
- lock directory = /usr/local/samba/locks
+ lock directory = /usr/local/samba/var/locks
.SS locking (S)
This controls whether or not locking will be performed by the server in
response to lock requests from the client.
@@ -1123,7 +1177,7 @@ This option takes the standard substitutions, allowing you to have
separate log files for each user or machine.
.B Example:
- log file = /usr/local/samba/log.%m
+ log file = /usr/local/samba/var/log.%m
.SS log level (G)
see "debug level"
@@ -1137,9 +1191,11 @@ job number to pause the print job. Currently I don't know of any print
spooler system that can do this with a simple option, except for the PPR
system from Trinity College (ppr\-dist.trincoll.edu/pub/ppr). One way
of implementing this is by using job priorities, where jobs having a too
-low priority wont be sent to the printer. See also the lppause command.
+low priority won't be sent to the printer. See also the
+.B lppause
+command.
-If a %p is given then the printername is put in it's place. A %j is
+If a %p is given then the printername is put in its place. A %j is
replaced with the job number (an integer).
On HPUX (see printing=hpux), if the -p%p option is added to the lpq
command, the job will show up with the correct status, i.e. if the job
@@ -1187,9 +1243,9 @@ order to obtain "lpq"-style printer status information.
This command should be a program or script which takes a printer name
as its only parameter and outputs printer status information.
-Currently four styles of printer status information are supported;
-BSD, SYSV, AIX and HPUX. This covers most unix systems. You control
-which type is expected using the "printing =" option.
+Currently six styles of printer status information are supported; BSD,
+SYSV, AIX, HPUX, QNX, LPRNG and PLP. This covers most UNIX systems. You
+control which type is expected using the "printing =" option.
Some clients (notably Windows for Workgroups) may not correctly send the
connection number for the printer they are requesting status information
@@ -1197,7 +1253,7 @@ about. To get around this, the server reports on the first printer service
connected to by the client. This only happens if the connection number sent
is invalid.
-If a %p is given then the printername is put in it's place. Otherwise
+If a %p is given then the printername is put in its place. Otherwise
it is placed at the end of the command.
Note that it is good practice to include the absolute path in the lpq
@@ -1216,7 +1272,7 @@ order to restart or continue printing or spooling a specific print job.
This command should be a program or script which takes a printer name and
job number to resume the print job. See also the lppause command.
-If a %p is given then the printername is put in it's place. A %j is
+If a %p is given then the printername is put in its place. A %j is
replaced with the job number (an integer).
Note that it is good practice to include the absolute path in the lpresume
@@ -1235,11 +1291,11 @@ order to delete a print job.
This command should be a program or script which takes a printer name
and job number, and deletes the print job.
-Currently four styles of printer control are supported; BSD, SYSV, AIX
-and HPUX. This covers most unix systems. You control which type is
-expected using the "printing =" option.
+Currently seven styles of printer control are supported; BSD, SYSV, AIX
+HPUX, QNX, LPRNG and PLP. This covers most UNIX systems. You control
+which type is expected using the "printing =" option.
-If a %p is given then the printername is put in it's place. A %j is
+If a %p is given then the printername is put in its place. A %j is
replaced with the job number (an integer).
Note that it is good practice to include the absolute path in the lprm
@@ -1269,7 +1325,7 @@ output file content is undefined.
magic output = myfile.txt
.SS magic script (S)
This parameter specifies the name of a file which, if opened, will be
-executed by the server when the file is closed. This allows a Unix script
+executed by the server when the file is closed. This allows a UNIX script
to be sent to the Samba host and executed on behalf of the connected user.
Scripts executed in this way will be deleted upon completion, permissions
@@ -1286,6 +1342,7 @@ marker. Magic scripts must be executable "as is" on the host, which
for some hosts and some shells will require filtering at the DOS end.
Magic scripts are EXPERIMENTAL and should NOT be relied upon.
+
.B Default:
None. Magic scripts disabled.
@@ -1295,8 +1352,8 @@ Magic scripts are EXPERIMENTAL and should NOT be relied upon.
This is for those who want to directly map UNIX file names which are
not representable on DOS. The mangling of names is not always what is
needed. In particular you may have documents with file extensiosn
-that differ between dos and unix. For example, under unix it is common
-to use .html for HTML files, whereas under dos .htm is more commonly
+that differ between DOS and UNIX. For example, under UNIX it is common
+to use .html for HTML files, whereas under DOS .htm is more commonly
used.
So to map 'html' to 'htm' you put:
@@ -1304,7 +1361,7 @@ So to map 'html' to 'htm' you put:
mangled map = (*.html *.htm)
One very useful case is to remove the annoying ;1 off the ends of
-filenames on some CDROMS (only visible under some unixes). To do this
+filenames on some CDROMS (only visible under some UNIXes). To do this
use a map of (*;1 *)
.B default:
@@ -1318,7 +1375,7 @@ use a map of (*;1 *)
See the section on "NAME MANGLING"
.SS mangled names (S)
-This controls whether non-DOS names under Unix should be mapped to
+This controls whether non-DOS names under UNIX should be mapped to
DOS-compatible names ("mangled") and made visible, or whether non-DOS names
should simply be ignored.
@@ -1346,7 +1403,7 @@ final extension is defined as that part of the original filename after the
rightmost dot. If there are no dots in the filename, the mangled name will
have no extension (except in the case of hidden files - see below).
-- files whose Unix name begins with a dot will be presented as DOS hidden
+- files whose UNIX name begins with a dot will be presented as DOS hidden
files. The mangled name will be created as for other filenames, but with the
leading dot removed and "___" as its extension regardless of actual original
extension (that's three underscores).
@@ -1358,8 +1415,8 @@ This algorithm can cause name collisions only if files in a directory share
the same first five alphanumeric characters. The probability of such a clash
is 1/1300.
-The name mangling (if enabled) allows a file to be copied between Unix
-directories from DOS while retaining the long Unix filename. Unix files can
+The name mangling (if enabled) allows a file to be copied between UNIX
+directories from DOS while retaining the long UNIX filename. UNIX files can
be renamed to a new extension from DOS and will retain the same basename.
Mangled names do not change between sessions.
@@ -1379,6 +1436,28 @@ software. Use this option to set it to whatever you prefer.
.B Example:
mangling char = ^
+.SS max disk size (G)
+This option allows you to put an upper limit on the apparent size of
+disks. If you set this option to 100 then all shares will appear to be
+not larger than 100 MB in size.
+
+Note that this option does not limit the amount of data you can put on
+the disk. In the above case you could still store much more than 100
+MB on the disk, but if a client ever asks for the amount of free disk
+space or the total disk size then the result will be bounded by the
+amount specified in "max disk size".
+
+This option is primarily useful to work around bugs in some pieces of
+software that can't handle very large disks, particularly disks over
+1GB in size.
+
+A "max disk size" of 0 means no limit.
+
+.B Default:
+ max disk size = 0
+
+.B Example:
+ max disk size = 1000
.SS max log size (G)
This option (an integer in kilobytes) specifies the max size the log
@@ -1415,7 +1494,7 @@ maintained if they are longer than 3 characters or contains upper case
characters).
The larger this value, the more likely it is that mangled names can be
-successfully converted to correct long Unix names. However, large stack
+successfully converted to correct long UNIX names. However, large stack
sizes will slow most directory access. Smaller stacks save memory in the
server (each stack element costs 256 bytes).
@@ -1429,7 +1508,7 @@ be prepared for some surprises!
mangled stack = 100
.SS map archive (S)
-This controls whether the DOS archive attribute should be mapped to Unix
+This controls whether the DOS archive attribute should be mapped to UNIX
execute bits. The DOS archive bit is set when a file has been modified
since its last backup. One motivation for this option it to keep Samba/your
PC from making any file it touches from becoming executable under UNIX.
@@ -1442,7 +1521,7 @@ This can be quite annoying for shared source code, documents, etc...
map archive = no
.SS map hidden (S)
-This controls whether DOS style hidden files should be mapped to Unix
+This controls whether DOS style hidden files should be mapped to UNIX
execute bits.
.B Default:
@@ -1451,7 +1530,7 @@ execute bits.
.B Example:
map hidden = yes
.SS map system (S)
-This controls whether DOS style system files should be mapped to Unix
+This controls whether DOS style system files should be mapped to UNIX
execute bits.
.B Default:
@@ -1492,6 +1571,31 @@ of the user.
.B Example:
only user = True
+.SS fake oplocks (S)
+
+Oplocks are the way that SMB clients get permission from a server to
+locally cache file operations. If a server grants an oplock
+(opportunistic lock) then the client is free to assume that it is the
+only one accessing the file and it will agressively cache file
+data. With some oplock types the client may even cache file open/close
+operations. This can give enormous performance benefits.
+
+Samba does not support opportunistic locks because they are very
+difficult to do under Unix. Samba can fake them, however, by granting
+a oplock whenever a client asks for one. This is controlled using the
+smb.conf option "fake oplocks". If you set "fake oplocks = yes" then
+you are telling the client that it may agressively cache the file
+data.
+
+By enabling this option on all read-only shares or shares that you know
+will only be accessed from one client at a time you will see a big
+performance improvement on many operations. If you enable this option
+on shares where multiple clients may be accessing the files read-write
+at the same time you can get data corruption. Use this option
+carefully!
+
+This option is disabled by default.
+
.SS message command (G)
This specifies what command to run when the server receives a WinPopup
@@ -1540,7 +1644,7 @@ If you want to silently delete it then try "message command = rm %s".
For the really adventurous, try something like this:
-message command = csh -c 'csh < %s |& /usr/local/samba/smbclient \\
+message command = csh -c 'csh < %s |& /usr/local/samba/bin/smbclient \e
-M %m; rm %s' &
this would execute the command as a script on the server, then give
@@ -1585,14 +1689,14 @@ longer implemented as of version 1.7.00, and is kept only so old
configuration files do not become invalid.
.SS passwd chat (G)
-This string coontrols the "chat" conversation that takes places
+This string controls the "chat" conversation that takes places
between smbd and the local password changing program to change the
users password. The string describes a sequence of response-receive
pairs that smbd uses to determine what to send to the passwd program
and what to expect back. If the expected output is not received then
the password is not changed.
-This chat sequence is often quite site specific, deppending on what
+This chat sequence is often quite site specific, depending on what
local methods are used for password control (such as NIS+ etc).
The string can contain the macros %o and %n which are substituted for
@@ -1665,7 +1769,7 @@ you probably have a slow crypt() routine. Samba now comes with a fast
sure the PASSWORD_LENGTH option is correct for your system in local.h
and includes.h. On most systems only the first 8 chars of a password
are significant so PASSWORD_LENGTH should be 8, but on some longer
-passwords are significant. The inlcudes.h file tries to select the
+passwords are significant. The includes.h file tries to select the
right length for your system.
.B Default:
@@ -1678,18 +1782,18 @@ right length for your system.
By specifying the name of another SMB server (such as a WinNT box)
with this option, and using "security = server" you can get Samba to
-do all it's username/password validation via a remote server.
+do all its username/password validation via a remote server.
This options sets the name of the password server to use. It must be a
-netbios name, so if the machines netbios name is different from it's
-internet name then you may have to add it's netbios name to
+netbios name, so if the machine's netbios name is different from its
+internet name then you may have to add its netbios name to
/etc/hosts.
The password server much be a machine capable of using the "LM1.2X002"
or the "LM NT 0.12" protocol, and it must be in user level security
mode.
-NOTE: Using a password server means your unix box (running Samba) is
+NOTE: Using a password server means your UNIX box (running Samba) is
only as secure as your password server. DO NOT CHOOSE A PASSWORD
SERVER THAT YOU DON'T COMPLETELY TRUST.
@@ -1772,7 +1876,7 @@ An interesting example is to send the users a welcome message every
time they log in. Maybe a message of the day? Here is an example:
preexec = csh -c 'echo \"Welcome to %S!\" | \
- /usr/local/samba/smbclient -M %m -I %I' &
+ /usr/local/samba/bin/smbclient -M %m -I %I' &
Of course, this could get annoying after a while :-)
@@ -1838,7 +1942,7 @@ If there is neither a specified print command for a printable service nor a
global print command, spool files will be created but not processed and (most
importantly) not removed.
-Note that printing may fail on some unixes from the "nobody"
+Note that printing may fail on some UNIXes from the "nobody"
account. If this happens then create an alternative guest account that
can print and set the "guest account" in the [global] section.
@@ -1853,10 +1957,10 @@ You may have to vary this command considerably depending on how you
normally print files on your system.
.B Default:
- print command = lpr -r -P %p %s
+ print command = lpr -r -P %p %s
.B Example:
- print command = /usr/local/samba/myprintscript %p %s
+ print command = /usr/local/samba/bin/myprintscript %p %s
.SS print ok (S)
See
.B printable.
@@ -1881,8 +1985,9 @@ This parameters controls how printer status information is interpreted
on your system, and also affects the default values for the "print
command", "lpq command" and "lprm command".
-Currently three printing styles are supported. They are "printing =
-bsd", "printing = sysv", "printing = hpux" and "printing = aix".
+Currently six printing styles are supported. They are "printing =
+bsd", "printing = sysv", "printing = hpux", "printing = aix",
+"printing = qnx" and "printing = plp".
To see what the defaults are for the other print commands when using
these three options use the "testparm" program.
@@ -1900,9 +2005,13 @@ minimal file that looks like a printcap and set "printcap name =" in
A minimal printcap file would look something like this:
print1|My Printer 1
+.br
print2|My Printer 2
+.br
print3|My Printer 3
+.br
print4|My Printer 4
+.br
print5|My Printer 5
where the | separates aliases of a printer. The fact that the second
@@ -1931,9 +2040,27 @@ for any printable service that does not have its own printer name specified.
.B Example:
printer name = laserwriter
+
+.SS printer driver (S)
+This option allows you to control the string that clients receive when
+they ask the server for the printer driver associated with a
+printer. If you are using Windows95 or WindowsNT then you can use this
+to automate the setup of printers on your system.
+
+You need to set this parameter to the exact string (case sensitive)
+that describes the appropriate printer driver for your system.
+If you don't know the exact string to use then you should first try
+with no "printer driver" option set and the client will give you a
+list of printer drivers. The appropriate strings are shown in a
+scrollbox after you have chosen the printer manufacturer.
+
+.B Example:
+ printer driver = HP LaserJet 4L
+
.SS printer name (S)
See
.B printer.
+
.SS protocol (G)
The value of the parameter (a string) is the highest protocol level that will
be supported by the server.
@@ -1941,6 +2068,9 @@ be supported by the server.
Possible values are CORE, COREPLUS, LANMAN1, LANMAN2 and NT1. The relative
merits of each are discussed in the README file.
+Normally this option should not be set as the automatic negotiation
+phase in the SMB protocol takes care of choosing the appropriate protocol.
+
.B Default:
protocol = NT1
@@ -2037,6 +2167,31 @@ pointless and will cause you to allocate memory unnecessarily.
.B Example:
read size = 8192
+.SS remote announce (G)
+
+This option allows you to setup nmbd to periodically announce itself
+to arbitrary IP addresses with an arbitrary workgroup name.
+
+This is useful if you want your Samba server to appear in a remote
+workgroup for which the normal browse propogation rules don't
+work. The remote workgroup can be anywhere that you can send IP
+packets to.
+
+For example:
+
+ remote announce = 192.168.2.255/SERVERS 192.168.4.255/STAFF
+
+the above line would cause nmbd to announce itself to the two given IP
+addresses using the given workgroup names. If you leave out the
+workgroup name then the one given in the "workgroup" option is used
+instead.
+
+The IP addresses you choose would normally be the broadcast addresses
+of the remote networks, but can also be the IP addresses of known
+browse masters if your network config is that stable.
+
+This option replaces similar functionality from the nmbd lmhosts file.
+
.SS revalidate (S)
This options controls whether Samba will allow a previously validated
@@ -2085,7 +2240,7 @@ The set of files that must be mirrored is operating system dependent.
.B Example:
root directory = /homes/smb
.SS security (G)
-This option does affects how clients respond to Samba.
+This option affects how clients respond to Samba.
The option sets the "security mode bit" in replies to protocol negotiations
to turn share level security on or off. Clients decide based on this bit
@@ -2097,8 +2252,8 @@ option at one stage.
The alternatives are "security = user" or "security = server".
If your PCs use usernames that are the same as their usernames on the
-unix machine then you will want to use "security = user". If you
-mostly use usernames that don't exist on the unix box then use
+UNIX machine then you will want to use "security = user". If you
+mostly use usernames that don't exist on the UNIX box then use
"security = share".
There is a bug in WfWg that may affect your decision. When in user
@@ -2123,8 +2278,7 @@ This controls what string will show up in the printer comment box in
print manager and next to the IPC connection in "net view". It can be
any string that you wish to show to your users.
-Note that it DOES NOT affect the string that appears in browse
-lists. That is controlled by a nmbd command line option instead.
+It also sets what will appear in browse lists next to the machine name.
A %v will be replaced with the Samba version number.
@@ -2142,7 +2296,8 @@ value in the Makefile.
You must get this path right for many services to work correctly.
-.B Default: taken from Makefile
+.B Default:
+taken from Makefile
.B Example:
smbrun = /usr/local/samba/bin/smbrun
@@ -2175,6 +2330,7 @@ command to change directory.
The setdir comand is only implemented in the Digital Pathworks client. See the
Pathworks documentation for details.
+
.B Default:
set directory = no
@@ -2187,7 +2343,7 @@ This enables or disables the honouring of the "share modes" during a
file open. These modes are used by clients to gain exclusive read or
write access to a file.
-These open modes are not directly supported by unix, so they are
+These open modes are not directly supported by UNIX, so they are
simulated using lock files in the "lock directory". The "lock
directory" specified in smb.conf must be readable by all users.
@@ -2195,7 +2351,7 @@ The share modes that are enabled by this option are DENY_DOS,
DENY_ALL, DENY_READ, DENY_WRITE, DENY_NONE and DENY_FCB.
Enabling this option gives full share compatability but may cost a bit
-of processing time on the unix server. They are enabled by default.
+of processing time on the UNIX server. They are enabled by default.
.B Default:
share modes = yes
@@ -2203,6 +2359,17 @@ of processing time on the unix server. They are enabled by default.
.B Example:
share modes = no
+.SS socket address (G)
+
+This option allows you to control what address Samba will listen for
+connections on. This is used to support multiple virtual interfaces on
+the one server, each with a different configuration.
+
+By default samba will accept connections on any address.
+
+.B Example:
+ socket address = 192.168.2.20
+
.SS socket options (G)
This option (which can also be invoked with the -O command line
option) allows you to set socket options to be used when talking with
@@ -2222,7 +2389,7 @@ You may find that on some systems Samba will say "Unknown socket
option" when you supply an option. This means you either mis-typed it
or you need to add an include file to includes.h for your OS. If the
latter is the case please send the patch to me
-(samba-bugs@anu.edu.au).
+(samba-bugs@samba.anu.edu.au).
Any of the supported socket options may be combined in any way you
like, as long as your OS allows it.
@@ -2284,9 +2451,12 @@ completely. Use these options with caution!
.SS status (G)
This enables or disables logging of connections to a status file that
-smbstatus can read.
+.B smbstatus
+can read.
-With this disabled smbstatus won't be able to tell you what
+With this disabled
+.B smbstatus
+won't be able to tell you what
connections are active.
.B Default:
@@ -2296,7 +2466,7 @@ connections are active.
status = no
.SS strip dot (G)
-This is a boolean that controls whether to strup trailing dots off
+This is a boolean that controls whether to strip trailing dots off
filenames. This helps with some CDROMs that have filenames ending in a
single dot.
@@ -2326,7 +2496,7 @@ so in the vast majority of cases "strict locking = no" is preferable.
This is a boolean parameter that controls whether writes will always
be written to stable storage before the write call returns. If this is
-false then the server will be guided by the clients request in each
+false then the server will be guided by the client's request in each
write call (clients can set a bit indicating that a particular write
should be synchronous). If this is true then every write will be
followed by a fsync() call to ensure the data is written to disk.
@@ -2357,9 +2527,9 @@ A synonym for this parameter is 'user'.
Multiple users may be specified in a comma-delimited list, in which case the
supplied password will be tested against each username in turn (left to right).
-The username= line is needed only when the PC is unable to supply it's own
+The username= line is needed only when the PC is unable to supply its own
username. This is the case for the coreplus protocol or where your
-users have different WfWg usernames to unix usernames. In both these
+users have different WfWg usernames to UNIX usernames. In both these
cases you may also be better using the \\\\server\\share%user syntax
instead.
@@ -2369,7 +2539,7 @@ usernames in the username= line in turn. This is slow and a bad idea for
lots of users in case of duplicate passwords. You may get timeouts or
security breaches using this parameter unwisely.
-Samba relies on the underlying unix security. This parameter does not
+Samba relies on the underlying UNIX security. This parameter does not
restrict who can login, it just offers hints to the Samba server as to
what usernames might correspond to the supplied password. Users can
login as whoever they please and they will be able to do no more
@@ -2399,32 +2569,32 @@ on how this parameter determines access to the services.
This option allows you to to specify a file containing a mapping of
usernames from the clients to the server. This can be used for several
-purposes. The most common is to map usernames that users use on dos or
-windows machines to those that the unix box uses. The other is to map
+purposes. The most common is to map usernames that users use on DOS or
+Windows machines to those that the UNIX box uses. The other is to map
multiple users to a single username so that they can more easily share
files.
The map file is parsed line by line. Each line should contain a single
-unix username on the left then a '=' followed by a list of usernames
+UNIX username on the left then a '=' followed by a list of usernames
on the right. The list of usernames on the right may contain names of
-the form @group in which case they will match any unix username in
+the form @group in which case they will match any UNIX username in
that group. The special client name '*' is a wildcard and matches any
name.
The file is processed on each line by taking the supplied username and
comparing it with each username on the right hand side of the '='
-signs. If the supplied name matrches any of the names on the right
+signs. If the supplied name matches any of the names on the right
hand side then it is replaced with the name on the left. Processing
then continues with the next line.
If any line begins with a '#' or a ';' then it is ignored
-For example to map from he name "admin" or "administrator" to the unix
+For example to map from the name "admin" or "administrator" to the UNIX
name "root" you would use
root = admin administrator
-Or to map anyone in the unix group "system" to the unix name "sys" you
+Or to map anyone in the UNIX group "system" to the UNIX name "sys" you
would use
sys = @system
@@ -2435,7 +2605,7 @@ Note that the remapping is applied to all occurances of
usernames. Thus if you connect to "\\\\server\\fred" and "fred" is
remapped to "mary" then you will actually be connecting to
"\\\\server\\mary" and will need to supply a password suitable for
-"mary" not "fred". The only exception to this is the username passwed
+"mary" not "fred". The only exception to this is the username passed
to the "password server" (if you have one). The password server will
receive whatever username the client supplies without modification.
@@ -2473,11 +2643,13 @@ valid chars = Z
valid chars = z:Z
valid chars = 0132:0172
-The last two examples above actually add two characters, and alters
+The last two examples above actually add two characters, and alter
the uppercase and lowercase mappings appropriately.
.B Default
+.br
Samba defaults to using a reasonable set of valid characters
+.br
for english systems
.B Example
@@ -2486,9 +2658,15 @@ the uppercase and lowercase mappings appropriately.
The above example allows filenames to have the swedish characters in
them.
+NOTE: It is actually quite difficult to correctly produce a "valid
+chars" line for a particular system. To automate the process
+tino@augsburg.net has written a package called "validchars" which will
+automatically produce a complete "valid chars" line for a given client
+system. Look in the examples subdirectory for this package.
+
.SS valid users (S)
This is a list of users that should be allowed to login to this
-service. A name starting with @ is interpreted as a unix group.
+service. A name starting with @ is interpreted as a UNIX group.
If this is empty (the default) then any user can login. If a username
is in both this list and the "invalid users" list then access is
@@ -2507,13 +2685,13 @@ See also "invalid users"
.SS volume (S)
This allows you to override the volume label returned for a
-share. Useful for CDROMs whos installation programs insist on a
+share. Useful for CDROMs with installation programs that insist on a
particular volume label.
The default is the name of the share
.SS wide links (S)
-This parameter controls whether or not links in the Unix file system may be
+This parameter controls whether or not links in the UNIX file system may be
followed by the server. Links that point to areas within the directory tree
exported by the server are always allowed; this parameter controls access
only to areas that are outside the directory tree being exported.
@@ -2524,12 +2702,37 @@ only to areas that are outside the directory tree being exported.
.B Example:
wide links = no
+.SS wins proxy (G)
+
+This is a boolean that controls if nmbd will respond to broadcast name
+queries on behalf of other hosts. You may need to set this to no for
+some older clients.
+
+.B Default:
+ wins proxy = no
+.SS wins support (G)
+
+This boolean controls if Samba will act as a WINS server. You should
+normally set this to true unless you already have another WINS server
+on the network.
+
+.B Default:
+ wins support = yes
+.SS wins server (G)
+
+This specifies the DNS name of the WINS server that Samba should
+register with. If you have a WINS server on your network then you
+should set this to the WINS servers name.
+
+This option only takes effect if Samba is not acting as a WINS server
+itself.
+
+.B Default:
+ wins server =
.SS workgroup (G)
This controls what workgroup your server will appear to be in when
-queried by clients. This can be different to the workgroup specified
-in the nmbd configuration, but it is probably best if you set them to
-the same value.
+queried by clients.
.B Default:
set in the Makefile
@@ -2595,7 +2798,7 @@ the following steps are not checked.
If the service is marked "guest only = yes" then steps 1 to 5 are skipped
Step 1: If the client has passed a username/password pair and that
-username/password pair is validated by the unix systems password
+username/password pair is validated by the UNIX system's password
programs then the connection is made as that username. Note that this
includes the \\\\server\\service%username method of passing a username.
@@ -2603,7 +2806,7 @@ Step 2: If the client has previously registered a username with the
system and now supplies a correct password for that username then the
connection is allowed.
-Step 3: The clients netbios name and any previously used user names
+Step 3: The client's netbios name and any previously used user names
are checked against the supplied password, if they match then the
connection is allowed as the corresponding user.
@@ -2614,7 +2817,7 @@ for this service.
Step 5: If a "user = " field is given in the smb.conf file for the
service and the client has supplied a password, and that password
-matches (according to the unix systems password checking) with one of
+matches (according to the UNIX system's password checking) with one of
the usernames from the user= field then the connection is made as the
username in the "user=" line. If one of the username in the user= list
begins with a @ then that name expands to a list of names in the group
@@ -2623,8 +2826,6 @@ of the same name.
Step 6: If the service is a guest service then a connection is made as
the username given in the "guest account =" for the service,
irrespective of the supplied password.
-
-
.SH WARNINGS
Although the configuration file permits service names to contain spaces,
your client software may not. Spaces will be ignored in comparisons anyway,
@@ -2653,27 +2854,25 @@ radically different (more primitive). If you are using a version earlier than
1.8.05, it is STRONGLY recommended that you upgrade.
.SH OPTIONS
Not applicable.
-
.SH FILES
Not applicable.
-
.SH ENVIRONMENT VARIABLES
Not applicable.
-
.SH SEE ALSO
-.B smbd(8),
-.B smbclient(1),
-.B nmbd(8),
-.B testparm(1),
-.B testprns(1),
-.B lpq(1),
-.B hosts_access(5)
+.BR smbd (8),
+.BR smbclient (1),
+.BR nmbd (8),
+.BR testparm (1),
+.BR testprns (1),
+.BR lpq (1),
+.BR hosts_access (5)
.SH DIAGNOSTICS
[This section under construction]
Most diagnostics issued by the server are logged in a specified log file. The
log file name is specified at compile time, but may be overridden on the
-smbd (see smbd(8)) command line.
+smbd command line (see
+.BR smbd (8)).
The number and nature of diagnostics available depends on the debug level used
by the server. If you have problems, set the debug level to 3 and peruse the
@@ -2684,26 +2883,25 @@ creation of this man page the source code is still too fluid to warrant
describing each and every diagnostic. At this stage your best bet is still
to grep the source code and inspect the conditions that gave rise to the
diagnostics you are seeing.
-
.SH BUGS
None known.
Please send bug reports, comments and so on to:
.RS 3
-.B samba-bugs@anu.edu.au (Andrew Tridgell)
+.B samba-bugs@samba.anu.edu.au (Andrew Tridgell)
.RS 3
-or to the mailing list
+or to the mailing list:
.RE
.B samba@listproc.anu.edu.au
.RE
-You may also like to subscribe to the announcement channel
+You may also like to subscribe to the announcement channel:
.RS 3
-samba-announce@listproc.anu.edu.au
+.B samba-announce@listproc.anu.edu.au
.RE
To subscribe to these lists send a message to
@@ -2714,6 +2912,6 @@ Errors or suggestions for improvements to the Samba man pages should be
mailed to:
.RS 3
-.B samba-bugs@anu.edu.au (Andrew Tridgell)
+.B samba-bugs@samba.anu.edu.au (Andrew Tridgell)
.RE
diff --git a/docs/manpages/smbclient.1 b/docs/manpages/smbclient.1
index 5590e01296e..284213d8142 100644
--- a/docs/manpages/smbclient.1
+++ b/docs/manpages/smbclient.1
@@ -1,4 +1,4 @@
-.TH SMBCLIENT 1 17/1/1995 smbclient smbclient
+.TH SMBCLIENT 1 smbclient smbclient
.SH NAME
smbclient \- ftp-like Lan Manager client program
.SH SYNOPSIS
@@ -7,43 +7,51 @@ smbclient \- ftp-like Lan Manager client program
[
.B password
] [
-.B -A
+.B \-A
] [
-.B -E
+.B \-E
] [
-.B -L
+.B \-L
.I host
] [
-.B -M
+.B \-M
.I host
] [
-.B -I
+.B \-I
.I IP number
] [
-.B -N
+.B \-N
] [
-.B -P
+.B \-P
] [
-.B -U
+.B \-U
.I username
] [
-.B -d
+.B \-d
.I debuglevel
] [
-.B -l
+.B \-l
.I log basename
] [
-.B -n
+.B \-n
.I netbios name
] [
-.B -O
+.B \-W
+.I workgroup
+] [
+.B \-O
.I socket options
] [
-.B -p
+.B \-p
.I port number
-.B -T
+] [
+.B \-c
+.I command string
+] [
+.B \-T
.I tar options
-.B -D
+] [
+.B \-D
.I initial directory
]
.SH DESCRIPTION
@@ -54,10 +62,10 @@ is a client that can 'talk' to a Lan Manager server. It offers
an interface similar to that of the
.B ftp
program (see
-.B ftp(1)). Operations include things like getting files from the
+.BR ftp (1)).
+Operations include things like getting files from the
server to the local machine, putting files from the local machine to
the server, retrieving directory information from the server and so on.
-
.SH OPTIONS
.B servicename
.RS 3
@@ -87,16 +95,16 @@ be the same as the hostname of the machine running the server.
password
is the password required to access the specified service on the
specified server. If supplied, the
-.B -N
+.B \-N
option (suppress password prompt) is assumed.
There is no default password. If no password is supplied on the command line
(either here or using the
-.B -U
+.B \-U
option (see below)) and
-.B -N
+.B \-N
is not specified, the client will prompt for a password, even if the desired
-service does not require one. (If prompted for a password and none is
+service does not require one. (If no password is
required, simply press ENTER to provide a null password.)
Note: Some servers (including OS/2 and Windows for Workgroups) insist
@@ -106,7 +114,7 @@ rejected by these servers.
Be cautious about including passwords in scripts.
.RE
-.B -A
+.B \-A
.RS 3
This parameter, if specified, causes the maximum debug level to be selected.
@@ -115,21 +123,23 @@ a security issue involved, as at the maximum debug level cleartext passwords
may be written to some log files.
.RE
-.B -L
+.B \-L
.RS 3
This option allows you to look at what services are available on a
server. You use it as "smbclient -L host" and a list should appear.
-The -I option may be useful if your netbios names don't match your
+The
+.B \-I
+option may be useful if your netbios names don't match your
tcp/ip host names or if you are trying to reach a host on another
network. For example:
smbclient -L ftp -I ftp.microsoft.com
-will list the shares available on microsofts public server.
+will list the shares available on Microsoft's public server.
.RE
-.B -M
+.B \-M
.RS 3
This options allows you to send messages, using the "WinPopup"
@@ -143,22 +153,30 @@ message will be lost, and no error message will occur.
The message is also automatically truncated if the message is over
1600 bytes, as this is the limit of the protocol.
-One useful trick is to cat the message through smbclient. For example:
+One useful trick is to cat the message through
+.BR smbclient .
+For example:
cat mymessage.txt | smbclient -M FRED
will send the message in the file "mymessage.txt" to the machine FRED.
-You may also find the -U and -I options useful, as they allow you to
+You may also find the
+.B \-U
+and
+.B \-I
+options useful, as they allow you to
control the FROM and TO parts of the message.
-Samba currently has no way of receiving WinPopup messages.
+See the message command section of
+.BR smb.conf (5)
+for a description of how to handle incoming WinPopup messages in Samba.
Note: Copy WinPopup into the startup group on your WfWg PCs if you
want them to always be able to receive messages.
.RE
-.B -E
+.B \-E
.RS 3
This parameter, if specified, causes the client to write messages to the
@@ -168,7 +186,7 @@ By default, the client writes messages to standard output - typically the
user's tty.
.RE
-.B -I
+.B \-I
.I IP number
.RS 3
@@ -185,7 +203,7 @@ There is no default for this parameter. If not supplied, it will be determined
automatically by the client as described above.
.RE
-.B -N
+.B \-N
.RS 3
If specified, this parameter suppresses the normal password prompt from the
@@ -196,14 +214,16 @@ Unless a password is specified on the command line or this parameter is
specified, the client will request a password.
.RE
-.B -O
+.B \-O
.I socket options
-.RS 3
-
-See the socket options section of smb.conf(5) for details
+.RS 3
+See the socket options section of
+.BR smb.conf (5)
+for details.
.RE
-.B -P
+
+.B \-P
.RS 3
If specified, the service requested will be connected to as a printer service
@@ -213,7 +233,7 @@ will not be applicable for such a connection.
By default, services will be connected to as NON-printer services.
.RE
-.B -U
+.B \-U
.I username
.RS 3
@@ -239,19 +259,19 @@ be empty.
If the service you are connecting to requires a password, it can be supplied
using the
-.B -U
+.B \-U
option, by appending a percent symbol ("%") then the password to
.I username.
For example, to attach to a service as user "fred" with password "secret", you
would specify
-.B -U
+.B \-U
.I fred%secret
on the command line. Note that there are no spaces around the percent symbol.
If you specify the password as part of
.I username
then the
-.B -N
+.B \-N
option (suppress password prompt) is assumed.
If you specify the password as a parameter AND as part of
@@ -269,10 +289,10 @@ rejected by these servers.
Be cautious about including passwords in scripts.
.RE
-.B -d
+.B \-d
.I debuglevel
-.RS 3
+.RS 3
debuglevel is an integer from 0 to 5.
The default value if this parameter is not specified is zero.
@@ -288,7 +308,7 @@ use only by developers and generate HUGE amounts of log data, most of which
is extremely cryptic.
.RE
-.B -l
+.B \-l
.I log basename
.RS 3
@@ -312,9 +332,8 @@ log.client.out (containing outbound transaction data)
The log files generated are never removed by the client.
.RE
-.RE
-.B -n
+.B \-n
.I netbios name
.RS 3
@@ -323,10 +342,18 @@ uppercase) as its netbios name. This parameter allows you to override
the host name and use whatever netbios name you wish.
.RE
-.B -p
-.I port number
+.B \-W
+.I workgroup
+
.RS 3
+Override what workgroup is used for the connection. This may be needed
+to connect to some servers.
+.RE
+
+.B \-p
+.I port number
+.RS 3
port number is a positive integer value.
The default value if this parameter is not specified is 139.
@@ -336,12 +363,25 @@ the server. The standard (well-known) port number for the server is 139,
hence the default.
This parameter is not normally specified.
+.RE
-.B -T
+.B \-T
.I tar options
-.RS3
-where tar options are one or more of c,x,I,X,b,g,N or a; used as:
+.RS 3
+where
+.I tar options
+consists of one or more of
+.BR c ,
+.BR x ,
+.BR I ,
+.BR X ,
+.BR b ,
+.BR g ,
+.BR N
+or
+.BR a ;
+used as:
.LP
smbclient
.B "\\\\\\\\server\\\\share"
@@ -357,18 +397,25 @@ smbclient
.IR filenames....
]
-.RS3
+.RS 3
.B c
Create a tar file on UNIX. Must be followed by the name of a tar file,
-tape device or "-" for standard output. (May be useful to set debugging
-low (-d0)) to avoid corrupting your tar file if using "-"). Mutually
-exclusive with the x flag.
+tape device or "\-" for standard output. (May be useful to set debugging
+low
+.RB ( -d0 ))
+to avoid corrupting your tar file if using "\-"). Mutually
+exclusive with the
+.B x
+flag.
.B x
-Extract (restore) a local tar file back to a share. Unless the -D
+Extract (restore) a local tar file back to a share. Unless the
+.B \-D
option is given, the tar files will be restored from the top level of
-the share. Must be followed by the name of the tar file, device or "-"
-for standard input. Mutually exclusive with the c flag.
+the share. Must be followed by the name of the tar file, device or "\-"
+for standard input. Mutually exclusive with the
+.B c
+flag.
.B I
Include files and directories. Is the default behaviour when
@@ -389,17 +436,25 @@ blocks.
.B g
Incremental. Only back up files that have the archive bit set. Useful
-only with the c flag.
+only with the
+.B c
+flag.
.B N
Newer than. Must be followed by the name of a file whose date is
compared against files found on the share during a create. Only files
newer than the file specified are backed up to the tar file. Useful
-only with the c flag.
+only with the
+.B c
+flag.
.B a
Set archive bit. Causes the archive bit to be reset when a file is backed
-up. Useful with the g (and c) flags.
+up. Useful with the
+.B g
+(and
+.BR c )
+flags.
.LP
.B Examples
@@ -415,20 +470,32 @@ Restore everything except users/docs
smbclient \\\\mypc\\myshare "" -N -Tc backup.tar users/docs
Create a tar file of the files beneath users/docs.
-
+.RE
.RE
-.B -D
+.B \-D
.I initial directory
-.RS3
-
+.RS 3
Change to initial directory before starting. Probably only of any use
-with the tar (\-T) option.
+with the tar
+.RB ( \-T )
+option.
+.RE
+.B \-c
+.I command string
-.RE
+.RS 3
+command string is a semicolon separated list of commands to be
+executed instead of prompting from stdin.
+.B \-N
+is implied by
+.BR \-c .
+This is particularly useful in scripts and for printing stdin to
+the server, e.g. \-c 'print \-'.
+.RE
.SH OPERATIONS
Once the client is running, the user is presented with a prompt, "smb: \\>".
The backslash ("\\") indicates the current working directory on the server,
@@ -573,7 +640,9 @@ Copy the file called
from the server to the machine running the client. If specified, name the
local copy
.I local file name.
-Note that all transfers in smbclient are binary. See also the
+Note that all transfers in
+.B smbclient
+are binary. See also the
.B lowercase
command.
.RE
@@ -637,7 +706,7 @@ when using the
and
.B mget
commands. This is often useful when copying (say) MSDOS files from a server,
-because lowercase filenames are the norm on Unix systems.
+because lowercase filenames are the norm on UNIX systems.
.RE
.RE
@@ -747,8 +816,9 @@ operation - refer to the
.B recurse
and
.B mask
-commands for more information. Note that all transfers in smbclient are
-binary. See also the
+commands for more information. Note that all transfers in
+.B smbclient
+are binary. See also the
.B lowercase
command.
.RE
@@ -791,8 +861,9 @@ operation - refer to the
.B recurse
and
.B mask
-commands for more information. Note that all transfers in smbclient are
-binary.
+commands for more information. Note that all transfers in
+.B smbclient
+are binary.
.RE
.RE
@@ -866,7 +937,9 @@ Copy the file called
from the machine running the client to the server. If specified, name the
remote copy
.I remote file name.
-Note that all transfers in smbclient are binary. See also the
+Note that all transfers in
+.B smbclient
+are binary. See also the
.B lowercase
command.
.RE
@@ -937,7 +1010,7 @@ directory (ie., the directory they are copying
files that match the mask specified using the
.B mask
command will be retrieved. See also the
-.mask
+.B mask
command.
When recursion is toggled OFF, only files from the current working
@@ -990,11 +1063,13 @@ Remove the specified directory (user access privileges permitting)
.RE
.B Description:
.RS 3
-Performs a tar operation - see -T command line option above. Behaviour
+Performs a tar operation - see the
+.B \-T
+command line option above. Behaviour
may be affected by the
.B tarmode
-command (see below). Using the g (incremental) and N (newer) will affect
-tarmode settings. Note that using the "-" option with tar x may not
+command (see below). Using g (incremental) and N (newer) will affect
+tarmode settings. Note that using the "\-" option with tar x may not
work - use the command line option instead.
.RE
.RE
@@ -1035,7 +1110,7 @@ on all files it backs up (implies read/write share).
.RS 3
.B Parameters
.RS 3
-.I <filename> <perm=[+|-]rsha>
+.I <filename> <perm=[+|\-]rsha>
.RE
.B Description
@@ -1047,14 +1122,13 @@ setmode myfile +r
would make myfile read only.
.RE
.RE
-
.SH NOTES
Some servers are fussy about the case of supplied usernames, passwords, share
names (aka service names) and machine names. If you fail to connect try
giving all parameters in uppercase.
It is often necessary to use the
-.B -n
+.B \-n
option when connecting to some types
of servers. For example OS/2 LanManager insists on a valid netbios name
being used, so you need to supply a valid name that would be known to
@@ -1063,10 +1137,8 @@ the server.
.B smbclient
supports long file names where the server supports the LANMAN2
protocol.
-
.SH FILES
Not applicable.
-
.SH ENVIRONMENT VARIABLES
.B USER
.RS 3
@@ -1074,12 +1146,12 @@ The variable USER may contain the username of the person using the client.
This information is used only if the protocol level is high enough to support
session-level passwords.
.RE
-
.SH INSTALLATION
The location of the client program is a matter for individual system
administrators. The following are thus suggestions only.
-It is recommended that the client software be installed under the /usr/local
+It is recommended that the client software be installed under the
+/usr/local/samba
hierarchy, in a directory readable by all, writeable only by root. The client
program itself should be executable by all. The client should NOT be setuid
or setgid!
@@ -1088,8 +1160,11 @@ The client log files should be put in a directory readable and writable only
by the user.
To test the client, you will need to know the name of a running Lan manager
-server. It is possible to run the smbd (see
-.B smbd(8)) as an ordinary user - running that server as a daemon on a
+server. It is possible to run
+.B smbd
+(see
+.BR smbd (8))
+as an ordinary user - running that server as a daemon on a
user-accessible port (typically any port number over 1024) would
provide a suitable test server.
.SH VERSION
@@ -1100,8 +1175,7 @@ the client has extensions or parameter semantics that differ from or are not
covered by this man page. Please notify these to the address below for
rectification.
.SH SEE ALSO
-.B smbd(8)
-
+.BR smbd (8)
.SH DIAGNOSTICS
[This section under construction]
@@ -1118,16 +1192,14 @@ creation of this man page the source code is still too fluid to warrant
describing each and every diagnostic. At this stage your best bet is still
to grep the source code and inspect the conditions that gave rise to the
diagnostics you are seeing.
-
.SH BUGS
None known.
.SH CREDITS
The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper
+Andrew Tridgell (samba-bugs@samba.anu.edu.au). Andrew is also the Keeper
of the Source for this project.
-This man page written by Karl Auer (Karl.Auer@anu.edu.au)
-
See
-.B smb.conf(5) for a full list of contributors and details on how to
+.BR smb.conf (5)
+for a full list of contributors and details on how to
submit bug reports, comments etc.
diff --git a/docs/manpages/smbd.8 b/docs/manpages/smbd.8
index bae41b2c479..7dc9ee1b2fc 100644
--- a/docs/manpages/smbd.8
+++ b/docs/manpages/smbd.8
@@ -1,26 +1,26 @@
-.TH SMBD 8 17/1/1995 smbd smbd
+.TH SMBD 8 smbd smbd
.SH NAME
smbd \- provide SMB (aka LanManager) services to clients
.SH SYNOPSIS
.B smbd
[
-.B -D
+.B \-D
] [
-.B -a
+.B \-a
] [
-.B -d
+.B \-d
.I debuglevel
] [
-.B -l
+.B \-l
.I log file
] [
-.B -p
+.B \-p
.I port number
] [
-.B -O
+.B \-O
.I socket options
] [
-.B -s
+.B \-s
.I configuration file
]
.SH DESCRIPTION
@@ -35,12 +35,14 @@ service LanManager clients.
An extensive description of the services that the server can provide is given
in the man page for the configuration file controlling the attributes of those
services (see
-.B smb.conf(5)). This man page will not describe the services, but
+.BR smb.conf (5)).
+This man page will not describe the services, but
will concentrate on the administrative aspects of running the server.
Please note that there are significant security implications to running this
server, and
-.B smb.conf(5) should be regarded as mandatory reading before proceeding with
+.BR smb.conf (5)
+should be regarded as mandatory reading before proceeding with
installation.
A session is created whenever a client requests one. Each client gets a copy
@@ -50,9 +52,8 @@ are closed, the copy of the server for that client terminates.
The configuration file is automatically reloaded if it changes. You
can force a reload by sending a SIGHUP to the server.
-
.SH OPTIONS
-.B -D
+.B \-D
.RS 3
If specified, this parameter causes the server to operate as a daemon. That is,
@@ -62,14 +63,14 @@ appropriate port.
By default, the server will NOT operate as a daemon.
.RE
-.B -a
+.B \-a
.RS 3
If this parameter is specified, the log files will be overwritten with each
new connection. By default, the log files will be appended to.
.RE
-.B -d
+.B \-d
.I debuglevel
.RS 3
@@ -88,7 +89,7 @@ use only by developers and generate HUGE amounts of log data, most of which
is extremely cryptic.
.RE
-.B -l
+.B \-l
.I log file
.RS 3
@@ -113,14 +114,16 @@ log.out (containing outbound transaction data)
The log files generated are never removed by the server.
.RE
-.B -O
+.B \-O
.I socket options
.RS 3
-See the socket options section of smb.conf(5) for details
+See the socket options section of
+.BR smb.conf (5)
+for details
.RE
-.B -p
+.B \-p
.I port number
.RS 3
@@ -138,7 +141,7 @@ situation.
This parameter is not normally specified except in the above situation.
.RE
-.B -s
+.B \-s
.I configuration file
.RS 3
@@ -148,9 +151,9 @@ The file specified contains the configuration details required by the server.
The information in this file includes server-specific information such as
what printcap file to use, as well as descriptions of all the services that the
server is to provide. See
-.B smb.conf(5) for more information.
+.BR smb.conf (5)
+for more information.
.RE
-
.SH FILES
.B /etc/inetd.conf
@@ -179,23 +182,24 @@ mapping of service name (eg., netbios-ssn) to service port (eg., 139) and
protocol type (eg., tcp). See the section "INSTALLATION" below.
.RE
-.B /usr/local/smb/smb.conf
+.B /usr/local/samba/lib/smb.conf
.RS 3
This file describes all the services the server is to make available to
clients. See
-.B smb.conf(5) for more information.
+.BR smb.conf (5)
+for more information.
.RE
.RE
-
.SH LIMITATIONS
-On some systems smbd cannot change uid back to root after a setuid() call.
+On some systems
+.B smbd
+cannot change uid back to root after a setuid() call.
Such systems are called "trapdoor" uid systems. If you have such a system,
you will be unable to connect from a client (such as a PC) as two different
users at once. Attempts to connect the second user will result in "access
denied" or similar.
-
.SH ENVIRONMENT VARIABLES
.B PRINTER
@@ -206,13 +210,12 @@ use the value of this variable (or "lp" if this variable is not defined)
as the name of the printer to use. This is not specific to the server,
however.
.RE
-
.SH INSTALLATION
The location of the server and its support files is a matter for individual
system administrators. The following are thus suggestions only.
It is recommended that the server software be installed under the
-/usr/local hierarchy, in a directory readable by all, writeable only
+/usr/local/samba hierarchy, in a directory readable by all, writeable only
by root. The server program itself should be executable by all, as
users may wish to run the server themselves (in which case it will of
course run with their privileges). The server should NOT be
@@ -239,9 +242,10 @@ modified to suit your needs.
The remaining notes will assume the following:
.RS 3
-smbd (the server program) installed in /usr/local/smb
+.B smbd
+(the server program) installed in /usr/local/samba/bin
-smb.conf (the configuration file) installed in /usr/local/smb
+smb.conf (the configuration file) installed in /usr/local/samba/lib
log files stored in /var/adm/smblogs
.RE
@@ -255,9 +259,13 @@ TCP-wrapper may be used for extra security.
When you've decided, continue with either "RUNNING THE SERVER AS A DAEMON" or
"RUNNING THE SERVER ON REQUEST".
.SH RUNNING THE SERVER AS A DAEMON
-To run the server as a daemon from the command line, simply put the "-D" option
+To run the server as a daemon from the command line, simply put the
+.B \-D
+option
on the command line. There is no need to place an ampersand at the end of the
-command line - the "-D" option causes the server to detach itself from the
+command line - the
+.B \-D
+option causes the server to detach itself from the
tty anyway.
Any user can run the server as a daemon (execute permissions permitting, of
@@ -273,7 +281,7 @@ port number, log file location, configuration file location and debug level as
desired:
.RS 3
-/usr/local/smb/smbd -D -l /var/adm/smblogs/log -s /usr/local/smb/smb.conf
+/usr/local/samba/bin/smbd -D -l /var/adm/smblogs/log -s /usr/local/samba/lib/smb.conf
.RE
(The above should appear in your initialisation script as a single line.
@@ -282,7 +290,9 @@ this man page. If the above appears as more than one line, please treat any
newlines or indentation as a single space or TAB character.)
If the options used at compile time are appropriate for your system, all
-parameters except the desired debug level and "-D" may be omitted. See the
+parameters except the desired debug level and
+.B \-D
+may be omitted. See the
section "OPTIONS" above.
.SH RUNNING THE SERVER ON REQUEST
If your system uses a meta-daemon such as inetd, you can arrange to have the
@@ -294,8 +304,9 @@ assistance of your system administrator to modify the system files.
You will probably want to set up the name server
.B nmbd
at the same time as
-the smbd - refer to the man page
-.B nmbd(8).
+.B smbd
+- refer to the man page
+.BR nmbd (8).
First, ensure that a port is configured in the file /etc/services. The
well-known port 139 should be used if possible, though any port may be used.
@@ -313,11 +324,14 @@ Next, put a suitable line in the file /etc/inetd.conf (in the unlikely event
that you are using a meta-daemon other than inetd, you are on your own). Note
that the first item in this line matches the service name in /etc/services.
Substitute appropriate values for your system in this line (see
-.B inetd(8)):
+.BR inetd (8)):
.RS 3
-netbios-ssn stream tcp nowait root /usr/local/smb/smbd -d1
--l/var/adm/smblogs/log -s/usr/local/smb/smb.conf
+.\" turn off right adjustment
+.ad l
+netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd -d1
+-l/var/adm/smblogs/log -s/usr/local/samba/lib/smb.conf
+.ad
.RE
(The above should appear in /etc/inetd.conf as a single line. Depending on
@@ -359,7 +373,7 @@ able to connect to the service "\\\\fred\\mary".
To properly test and experiment with the server, we recommend using the
smbclient program (see
-.B smbclient(1)).
+.BR smbclient (1)).
.SH VERSION
This man page is (mostly) correct for version 1.9.00 of the Samba suite, plus some
of the recent patches to it. These notes will necessarily lag behind
@@ -368,14 +382,13 @@ the server has extensions or parameter semantics that differ from or are not
covered by this man page. Please notify these to the address below for
rectification.
.SH SEE ALSO
-.B hosts_access(5),
-.B inetd(8),
-.B nmbd(8),
-.B smb.conf(5),
-.B smbclient(1),
-.B testparm(1),
-.B testprns(1)
-
+.BR hosts_access (5),
+.BR inetd (8),
+.BR nmbd (8),
+.BR smb.conf (5),
+.BR smbclient (1),
+.BR testparm (1),
+.BR testprns (1)
.SH DIAGNOSTICS
[This section under construction]
@@ -392,16 +405,15 @@ creation of this man page the source code is still too fluid to warrant
describing each and every diagnostic. At this stage your best bet is still
to grep the source code and inspect the conditions that gave rise to the
diagnostics you are seeing.
-
.SH BUGS
None known.
.SH CREDITS
The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper
+Andrew Tridgell (samba-bugs@samba.anu.edu.au). Andrew is also the Keeper
of the Source for this project.
-This man page written by Karl Auer (Karl.Auer@anu.edu.au)
See
-.B smb.conf(5) for a full list of contributors and details on how to
+.BR smb.conf (5)
+for a full list of contributors and details on how to
submit bug reports, comments etc.
diff --git a/docs/manpages/smbrun.1 b/docs/manpages/smbrun.1
index 1608d3bb345..c6b2a91fa83 100644
--- a/docs/manpages/smbrun.1
+++ b/docs/manpages/smbrun.1
@@ -1,4 +1,4 @@
-.TH SMBRUN 1 17/1/1995 smbrun smbrun
+.TH SMBRUN 1 smbrun smbrun
.SH NAME
smbrun \- interface program between smbd and external programs
.SH SYNOPSIS
@@ -12,7 +12,7 @@ is a very small 'glue' program, which runs shell commands for
the
.B smbd
daemon (see
-.B smbd(8)).
+.BR smbd (8)).
It first changes to the highest effective user and group ID that it can,
then runs the command line provided using the system() call. This program is
@@ -30,14 +30,13 @@ The PATH variable set for the environment in which
.B smbrun
is executed will affect what executables are located and executed if a
fully-qualified path is not given in the command.
-
.SH INSTALLATION
The location of the server and its support files is a matter for individual
system administrators. The following are thus suggestions only.
It is recommended that the
.B smbrun
-program be installed under the /usr/local hierarchy, in a directory readable
+program be installed under the /usr/local/samba hierarchy, in a directory readable
by all, writeable only by root. The program should be executable by all.
The program should NOT be setuid or setgid!
.SH VERSION
@@ -48,23 +47,28 @@ the program has extensions or parameter semantics that differ from or are not
covered by this man page. Please notify these to the address below for
rectification.
.SH SEE ALSO
-.B smbd(8),
-.B smb.conf(8)
+.BR smbd (8),
+.BR smb.conf (8)
.SH DIAGNOSTICS
-If smbrun cannot be located or cannot be executed by
+If
+.B smbrun
+cannot be located or cannot be executed by
+.B smbd
+then appropriate messages will be found in the
.B smbd
-then appropriate messages will be found in the smbd logs. Other diagnostics are
+logs. Other diagnostics are
dependent on the shell-command being run. It is advisable for your shell
commands to issue suitable diagnostics to aid trouble-shooting.
.SH BUGS
None known.
.SH CREDITS
The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper
+Andrew Tridgell (samba-bugs@samba.anu.edu.au). Andrew is also the Keeper
of the Source for this project.
-This man page was written by Karl Auer (Karl.Auer@anu.edu.au)
+This man page was written by Karl Auer. Bug reports to samba-bugs@anu.edu.au.
See
-.B smb.conf(5) for a full list of contributors and details of how to
+.BR smb.conf (5)
+for a full list of contributors and details of how to
submit bug reports, comments etc.
diff --git a/docs/manpages/smbstatus.1 b/docs/manpages/smbstatus.1
index 76dc50cbb53..6b95fc9d312 100644
--- a/docs/manpages/smbstatus.1
+++ b/docs/manpages/smbstatus.1
@@ -1,41 +1,53 @@
-.TH SMBSTATUS 1 17/1/1995 smbstatus smbstatus
+.TH SMBSTATUS 1 smbstatus smbstatus
.SH NAME
smbstatus \- report on current Samba connections
.SH SYNOPSIS
.B smbstatus
-[-d]
-[-s
+[
+.B \-d
+] [
+.B \-p
+] [
+.B \-s
.I configuration file
]
.SH DESCRIPTION
This program is part of the Samba suite.
.B smbstatus
-is a very simple program to list the current Samba connections
+is a very simple program to list the current Samba connections.
-Just run the program and the output is self explanatory. You can offer
-a configuration filename to override the default. The default is
-CONFIGFILE from the Makefile.
-
-Option
-.I -d
+Just run the program and the output is self explanatory.
+.SH OPTIONS
+.B \-d
gives verbose output.
-.I -p
-print a list of smbd processes and exit. Useful for scripting.
+.B \-p
+print a list of
+.B smbd
+processes and exit. Useful for scripting.
+
+.B \-s
+.I configuration file
+
+.RS 3
+The default configuration file name is determined at compile time.
+The file specified contains the configuration details required by the server.
+See
+.BR smb.conf (5)
+for more information.
+.RE
.SH ENVIRONMENT VARIABLES
Not applicable.
-
.SH INSTALLATION
The location of the server and its support files is a matter for individual
system administrators. The following are thus suggestions only.
It is recommended that the
.B smbstatus
-program be installed under the /usr/local hierarchy, in a directory readable
+program be installed under the /usr/local/samba hierarchy, in a directory readable
by all, writeable only by root. The program itself should be executable by all.
-
.SH VERSION
This man page is (mostly) correct for version 1.9.00 of the Samba suite, plus some
of the recent patches to it. These notes will necessarily lag behind
@@ -44,9 +56,10 @@ the program has extensions or parameter semantics that differ from or are not
covered by this man page. Please notify these to the address below for
rectification.
.SH SEE ALSO
-.B smb.conf(5),
-.B smbd(8)
+.BR smb.conf (5),
+.BR smbd (8)
See
-.B smb.conf(5) for a full list of contributors and details on how to
+.BR smb.conf (5)
+for a full list of contributors and details on how to
submit bug reports, comments etc.
diff --git a/docs/manpages/smbtar.1 b/docs/manpages/smbtar.1
index 0f1c38c271f..70a16afe6f3 100644
--- a/docs/manpages/smbtar.1
+++ b/docs/manpages/smbtar.1
@@ -1,45 +1,51 @@
-.TH SMBTAR 1 18/2/96 smbtar smbtar
+.TH SMBTAR 1 smbtar smbtar
.SH NAME
smbtar \- shell script for backing up SMB shares directly to UNIX tape drive
.SH SYNOPSIS
.B smbtar
.B \-s
.I server
-.B [ \-p
+[
+.B \-p
.I password
-.B ]
-.B [ \-x
+] [
+.B \-x
.I service
-.B ]
-.B [ \-X ]
-.B [ \-d
+] [
+.B \-X
+] [
+.B \-d
.I directory
-.B ]
-.B [ \-u
+] [
+.B \-u
.I user
-.B ]
-.B [ \-t
+] [
+.B \-t
.I tape
-.B ]
-.B [ \-b
+] [
+.B \-b
.I blocksize
-.B ]
-.B [ \-N
+] [
+.B \-N
.I filename
-.B ]
-.B [ \-i ]
-.B [ \-r ]
-.B [ \-l ]
-.B [ \-v ]
+] [
+.B \-i
+] [
+.B \-r
+] [
+.B \-l
+.I log level
+] [
+.B \-v
+]
.I filenames...
-
.SH DESCRIPTION
This program is an extension to the Samba suite.
.B smbtar
-is a very small shell script on top of smbclient, which dumps SMB
-shares directly to tape.
-
+is a very small shell script on top of
+.BR smbclient ,
+which dumps SMB shares directly to tape.
.SH OPTIONS
.B \-s
.I server
@@ -92,13 +98,15 @@ The user id to connect as. Default: UNIX login name.
.RS 3
Tape device. May be regular file or tape device. Default: Tape environmental
variable; if not set, a file called
-.I tar.out.
+.IR tar.out .
.RE
.B \-b
.I blocksize
.RS 3
-Blocking factor. Defaults to 20. See tar(1) for a fuller explanation.
+Blocking factor. Defaults to 20. See
+.BR tar (1)
+for a fuller explanation.
.RE
.B \-N
@@ -120,48 +128,51 @@ Restore. Files are restored to the share from the tar file.
.RE
.B \-l
+.I log level
.RS 3
-Debug level. Corresponds to -d flag on smbclient(1).
+Log (debug) level. Corresponds to
+.B \-d
+flag of
+.BR smbclient (1).
.RE
-
.SH ENVIRONMENT VARIABLES
The TAPE variable specifies the default tape device to write to. May
-be overidden with the -t option.
-
+be overidden with the
+.B \-t
+option.
.SH BUGS
-The smbtar script has different options from ordinary tar and tar
-called from smbclient.
-
+The
+.B smbtar
+script has different options from ordinary tar and tar
+called from
+.BR smbclient .
.SH CAVEATS
Sites that are more careful about security may not like the way
the script handles PC passwords. Backup and restore work on entire shares,
should work on file lists.
-
.SH VERSION
This man page is correct for version 1.9.15p8 of the Samba suite.
-
.SH SEE ALSO
-.B smbclient
-(8),
-.B smb.conf
-(8)
+.BR smbclient (8),
+.BR smb.conf (8)
.SH DIAGNOSTICS
See diagnostics for
.B smbclient
command.
-
.SH CREDITS
The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper
+Andrew Tridgell (samba-bugs@samba.anu.edu.au). Andrew is also the Keeper
of the Source for this project.
Ricky Poulten (poultenr@logica.co.uk) wrote the tar extension and this
-man page. The smbtar script was heavily rewritten and improved by
+man page. The
+.B smbtar
+script was heavily rewritten and improved by
Martin Kraemer <Martin.Kraemer@mch.sni.de>. Many thanks to everyone
who suggested extensions, improvements, bug fixes, etc.
See
-.B smb.conf
-(5) for a full list of contributors and details of how to submit bug reports,
+.BR smb.conf (5)
+for a full list of contributors and details of how to submit bug reports,
comments etc.
diff --git a/docs/manpages/testparm.1 b/docs/manpages/testparm.1
index 4a0ffcbc489..9cdc1406996 100644
--- a/docs/manpages/testparm.1
+++ b/docs/manpages/testparm.1
@@ -1,4 +1,4 @@
-.TH TESTPARM 1 17/1/1995 testparm testparm
+.TH TESTPARM 1 testparm testparm
.SH NAME
testparm \- check an smbd configuration file for internal correctness
.SH SYNOPSIS
@@ -18,7 +18,9 @@ is a very simple test program to check an
.B smbd
configuration
file for internal correctness. If this program reports no problems, you can use
-the configuration file with confidence that smbd will successfully
+the configuration file with confidence that
+.B smbd
+will successfully
load the configuration file.
Note that this is NOT a guarantee that the services specified in the
@@ -56,18 +58,18 @@ parameter is supplied, or strange things may happen.
.SH FILES
.B smb.conf
.RS 3
-This is usually the name of the configuration file used by smbd.
+This is usually the name of the configuration file used by
+.BR smbd .
.RE
.SH ENVIRONMENT VARIABLES
Not applicable.
-
.SH INSTALLATION
The location of the server and its support files is a matter for individual
system administrators. The following are thus suggestions only.
It is recommended that the
.B testparm
-program be installed under the /usr/local hierarchy, in a directory readable
+program be installed under the /usr/local/samba hierarchy, in a directory readable
by all, writeable only by root. The program itself should be executable by all.
The program should NOT be setuid or setgid!
.SH VERSION
@@ -78,8 +80,8 @@ the program has extensions or parameter semantics that differ from or are not
covered by this man page. Please notify these to the address below for
rectification.
.SH SEE ALSO
-.B smb.conf(5),
-.B smbd(8)
+.BR smb.conf (5),
+.BR smbd (8)
.SH DIAGNOSTICS
The program will issue a message saying whether the configuration file loaded
OK or not. This message may be preceded by errors and warnings if the file
@@ -93,12 +95,15 @@ Other messages are self-explanatory.
None known.
.SH CREDITS
The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper
+Andrew Tridgell (samba-bugs@samba.anu.edu.au). Andrew is also the Keeper
of the Source for this project.
-The testparm program and this man page were written by Karl Auer
-(Karl.Auer@anu.edu.au)
+The
+.B testparm
+program and this man page were written by Karl Auer. Bug reports to
+samba-bugs@anu.edu.au.
See
-.B samba(7) for a full list of contributors and details on how to
+.BR samba (7)
+for a full list of contributors and details on how to
submit bug reports, comments etc.
diff --git a/docs/manpages/testprns.1 b/docs/manpages/testprns.1
index f1c3d3ef020..94908a55814 100644
--- a/docs/manpages/testprns.1
+++ b/docs/manpages/testprns.1
@@ -1,4 +1,4 @@
-.TH TESTPRNS 1 17/1/1995 testprns testprns
+.TH TESTPRNS 1 testprns testprns
.SH NAME
testprns \- check printer name for validity with smbd
.SH SYNOPSIS
@@ -30,11 +30,12 @@ file, single printer names and sets of aliases separated by vertical bars
syntax is done beyond that required to extract the printer name. It may
be that the print spooling system is more forgiving or less forgiving
than
+.BR testprns .
+However, if
.B testprns
-however if
-.B testprns
-finds the printer then smbd should do as well.
-
+finds the printer then
+.B smbd
+should do so as well.
.RE
.I printcapname
@@ -52,18 +53,17 @@ will attempt to scan the printcap file specified at compile time
.B /etc/printcap
.RS 3
This is usually the default printcap file to scan. See
-.B printcap(5)).
+.BR printcap (5)).
.RE
.SH ENVIRONMENT VARIABLES
Not applicable.
-
.SH INSTALLATION
The location of the server and its support files is a matter for individual
system administrators. The following are thus suggestions only.
It is recommended that the
.B testprns
-program be installed under the /usr/local hierarchy, in a directory readable
+program be installed under the /usr/local/samba hierarchy, in a directory readable
by all, writeable only by root. The program should be executable by all.
The program should NOT be setuid or setgid!
.SH VERSION
@@ -74,9 +74,9 @@ the program has extensions or parameter semantics that differ from or are not
covered by this man page. Please notify these to the address below for
rectification.
.SH SEE ALSO
-.B printcap(5),
-.B smbd(8),
-.B smbclient(1)
+.BR printcap (5),
+.BR smbd (8),
+.BR smbclient (1)
.SH DIAGNOSTICS
If a printer is found to be valid, the message "Printer name <printername> is
valid" will be displayed.
@@ -84,7 +84,9 @@ valid" will be displayed.
If a printer is found to be invalid, the message "Printer name <printername>
is not valid" will be displayed.
-All messages that would normally be logged during operation of smbd are
+All messages that would normally be logged during operation of
+.B smbd
+are
logged by this program to the file
.I test.log
in the current directory. The program runs at debuglevel 3, so quite extensive
@@ -96,12 +98,15 @@ Other messages are self-explanatory.
None known.
.SH CREDITS
The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper
+Andrew Tridgell (samba-bugs@samba.anu.edu.au). Andrew is also the Keeper
of the Source for this project.
-The testprns program and this man page were written by Karl Auer
-(Karl.Auer@anu.edu.au)
+The
+.B testprns
+program and this man page were written by Karl Auer. Bug reports to
+samba-bugs@anu.edu.au.
See
-.B samba(7) for a full list of contributors and details of how to
+.BR samba (7)
+for a full list of contributors and details of how to
submit bug reports, comments etc.
diff --git a/docs/samba.faq b/docs/samba.faq
new file mode 100644
index 00000000000..b00e5419664
--- /dev/null
+++ b/docs/samba.faq
@@ -0,0 +1,770 @@
+
+ Frequently Asked Questions
+
+ about the
+
+ SAMBA Suite
+
+ (FAQ version 1.9.15a, Samba version 1.09.15)
+
+-------------------------------------------------------------------------------
+
+This FAQ was originally prepared by Karl Auer and is
+currently maintained by Paul Blackman (ictinus@lake.canberra.edu.au).
+
+As Karl originally said, 'this FAQ was prepared with lots of help from numerous
+net.helpers', and that's the way I'd like to keep it. So if you find anything
+that you think should be in here don't hesitate to contact me.
+
+Thanks to Karl for the work he's done, and continuing thanks to Andrew Tridgell
+for developing Samba.
+
+Note: This FAQ is (and probably always will be) under construction. Some
+sections exist only as optimistic entries in the Contents page.
+
+-------------------------------------------------------------------------------
+
+Contents
+
+ * SECTION ONE: General information
+ All about Samba - what it is, how to get it, related sources of
+ information, how to understand the version numbering scheme,
+ pizza details
+ * SECTION TWO: Compiling and installing Samba on a Unix host
+ Common problems that arise when building and installing Samba under
+ Unix.
+ * SECTION THREE: Common client problems
+ Common problems that arise when trying to communicate from a client
+ computer to a Samba server. All problems which have symptoms you see
+ at the client end will be in this section.
+ * SECTION FOUR: Specific client problems
+ This section covers problems that are specific to certain clients,
+ such as Windows for Workgroups or Windows NT. Please check Section
+ Three first!
+ * SECTION FIVE: Specific client application problems
+ This section covers problems that are specific to certain products,
+ such as Windows for Workgroups or Windows NT. Please check Sections
+ Three and Four first!
+ * SECTION SIX: Miscellaneous
+ All the questions that aren't classifiable into any other section.
+
+
+===============================================================================
+SECTION ONE: General information
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 1: What is Samba?
+
+Samba is a suite of programs which work together to allow clients to access
+to a server's filespace and printers via the SMB (Session Message Block)
+protocol. Initially written for Unix, Samba now also runs on Netware, OS/2 and
+AmigaDOS.
+
+In practice, this means that you can redirect disks and printers to Unix disks
+and printers from Lan Manager clients, Windows for Workgroups 3.11 clients,
+Windows NT clients, Linux clients and OS/2 clients. There is also a generic
+Unix client program supplied as part of the suite which allows Unix users to
+use an ftp-like interface to access filespace and printers on any other SMB
+servers. This gives the capability for these operating systems to behave much
+like a LAN Server or Windows NT Server machine, only with added functionality
+and flexibility designed to make life easier for administrators.
+
+The components of the suite are (in summary):
+
+ * smbd, the SMB server. This handles actual connections from clients,
+ doing all the file, permission and username work
+ * nmbd, the Netbios name server, which helps clients locate servers,
+ doing the browsing work and managing domains as this capability is
+ being built into Samba
+ * smbclient, the Unix-hosted client program
+ * smbrun, a little 'glue' program to help the server run external
+ programs
+ * testprns, a program to test server access to printers
+ * testparms, a program to test the Samba configuration file for
+ correctness
+ * smb.conf, the Samba configuration file
+ * smbprint, a sample script to allow a Unix host to use smbclient to
+ print to an SMB server
+ * documentation! DON'T neglect to read it - you will save a great deal
+ of time!
+
+The suite is supplied with full source (of course!) and is GPLed.
+
+The primary creator of the Samba suite is Andrew Tridgell. Later versions
+incorporate much effort by many net.helpers. The man pages and this FAQ were
+originally written by Karl Auer.
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 2: What is the current version of Samba?
+
+At time of writing, the current version was 1.9.16. If you want to be sure
+check the bottom of the change-log file.
+(ftp://samba.anu.edu.au/pub/samba/alpha/change-log)
+
+For more information see question 5, "What do the version numbers mean?"
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 3: Where can I get it?
+
+The Samba suite is available via anonymous ftp from samba.anu.edu.au. The
+latest and greatest versions of the suite are in the directory:
+
+/pub/samba/
+
+Development (read "alpha") versions, which are NOT necessarily stable and which
+do NOT necessarily have accurate documentation, are available in the directory:
+
+/pub/samba/alpha
+
+Note that binaries are NOT included in any of the above. Samba is distributed
+ONLY in source form, though binaries may be available from other sites. Recent
+versions of some Linux distributions, for example, do contain Samba binaries
+for that platform.
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 5: What do the version numbers mean?
+
+It is not recommended that you run a version of Samba with the word "alpha"
+in its name unless you know what you are doing and are willing to do some
+debugging. Many, many people just get the latest recommended stable release
+version and are happy. If you are brave, by all means take the plunge and
+help with the testing and development - but don't install it on your
+departmental server. Samba is typically very stable and safe, and this is
+mostly due to the policy of many public releases.
+
+How the scheme works:
+
+1) when major changes are made the version number is increased. For example,
+the transition from 1.9.15 to 1.9.16. However, this version number will not
+appear immediately and people should continue to use 1.9.15 for production
+systems (see next point.)
+
+2) just after major changes are made the software is considered
+unstable, and a series of alpha releases are distributed, for example
+1.9.16alpha1. These are for testing by those who know what they are doing.
+The "alpha" in the filename will hopefully scare off those who are just
+looking for the latest version to install.
+
+3) when Andrew thinks that the alphas have stabilised to the point where he
+would recommend new users install it, he renames it to the same version
+number without the alpha, for example 1.9.16.
+
+4) inevitably bugs are found in the "stable" releases and minor
+patch levels are released which give us the pXX series, for example
+1.9.16p2.
+
+So the progression goes:
+
+ 1.9.15p7 (production)
+ 1.9.15p8 (production)
+ 1.9.16alpha1 (test sites only)
+ :
+ 1.9.16alpha20 (test sites only)
+ 1.9.16 (production)
+ 1.9.16p1 (production)
+
+The above system means that whenever someone looks at the samba ftp site
+they will be able to grab the highest numbered release without an
+alpha in the name and be sure of getting the current recommended
+version.
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 4: What platforms are supported?
+
+Many different platforms have run Samba successfully. The platforms most widely
+used and thus best tested are Linux and SunOS.
+
+At time of writing, the Makefile claimed support for:
+
+ * SunOS
+ * Linux with shadow passwords
+ * Linux without shadow passwords
+ * SOLARIS
+ * SOLARIS 2.2 and above (aka SunOS 5)
+ * SVR4
+ * ULTRIX
+ * OSF1 (alpha only)
+ * OSF1 with NIS and Fast Crypt (alpha only)
+ * OSF1 V2.0 Enhanced Security (alpha only)
+ * AIX
+ * BSDI
+ * NetBSD
+ * NetBSD 1.0
+ * SEQUENT
+ * HP-UX
+ * SGI
+ * SGI IRIX 4.x.x
+ * SGI IRIX 5.x.x
+ * FreeBSD
+ * NeXT 3.2 and above
+ * NeXT OS 2.x
+ * NeXT OS 3.0
+ * ISC SVR3V4 (POSIX mode)
+ * ISC SVR3V4 (iBCS2 mode)
+ * A/UX 3.0
+ * SCO with shadow passwords.
+ * SCO with shadow passwords, without YP.
+ * SCO with TCB passwords
+ * SCO 3.2v2 (ODT 1.1) with TCP passwords
+ * intergraph
+ * DGUX
+ * Apollo Domain/OS sr10.3 (BSD4.3)
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 5: How can I find out more about Samba?
+
+There are two mailing lists devoted to discussion of Samba-related matters.
+There is also the newsgroup, comp.protocols.smb, which has a great deal of
+discussion on Samba. There is also a WWW site 'SAMBA Web Pages' at
+http://samba.canberra.edu.au/pub/samba/samba.html, under which there is a
+comprehensive survey of Samba users. Another useful resource is the hypertext
+archive of the Samba mailing list.
+
+Send email to listproc@anu.edu.au. Make sure the subject line is blank, and
+include the following two lines in the body of the message:
+
+ subscribe samba Firstname Lastname
+ subscribe samba-announce Firstname Lastname
+
+Obviously you should substitute YOUR first name for "Firstname" and YOUR last
+name for "Lastname"! Try not to send any signature stuff, it sometimes confuses
+the list processor.
+
+The samba list is a digest list - every eight hours or so it regurgitates a
+single message containing all the messages that have been received by the list
+since the last time and sends a copy of this message to all subscribers.
+
+If you stop being interested in Samba, please send another email to
+listproc@anu.edu.au. Make sure the subject line is blank, and include the
+following two lines in the body of the message:
+
+ unsubscribe samba
+ unsubscribe samba-announce
+
+The From: line in your message MUST be the same address you used when you
+subscribed.
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 6: Something's gone wrong - what should I do?
+
+[#] *** IMPORTANT! *** [#]
+DO NOT post messages on mailing lists or in newsgroups until you have carried
+out the first three steps given here!
+
+Firstly, see if there are any likely looking entries in this FAQ! If you have
+just installed Samba, have you run through the checklist in DIAGNOSIS.txt? It
+can save you a lot of time and effort.
+
+Secondly, read the man pages for smbd, nmbd and smb.conf, looking for topics
+that relate to what you are trying to do.
+
+Thirdly, if there is no obvious solution to hand, try to get a look at the log
+files for smbd and/or nmbd for the period during which you were having
+problems. You may need to reconfigure the servers to provide more extensive
+debugging information - usually level 2 or level 3 provide ample debugging
+info. Inspect these logs closely, looking particularly for the string "Error:".
+
+Fourthly, if you still haven't got anywhere, ask the mailing list or newsgroup.
+In general nobody minds answering questions provided you have followed the
+preceding steps. It might be a good idea to scan the archives of the mailing
+list, which are available through the Samba web site described in the previous
+section.
+
+If you successfully solve a problem, please mail the FAQ maintainer a succinct
+description of the symptom, the problem and the solution, so I can incorporate
+it in the next version.
+
+If you make changes to the source code, _please_ submit these patches so that
+everyone else gets the benefit of your work. This is one of the most important
+aspects to the maintainence of Samba. Send all patches to
+samba-bugs@samba.anu.edu.au, not Andrew Tridgell or any other individual and
+not the samba team mailing list.
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* n: Pizza Supply Details
+
+Those who have registered in the Samba survey as "Pizza Factory" will already
+know this, but the rest may need some help. Andrew doesn't ask for payment,
+but he does appreciate it when people give him pizza. This calls for a little
+organisation when the pizza donor is twenty thousand kilometres away, but
+it has been done.
+
+Method 1: Ring up your local branch of an international pizza chain and see if
+they honour their vouchers internationally. Pizza Hut do, which is how the
+entire Canberra Linux Users Group got to eat pizza one night, courtesy of
+someone in the US
+
+Method 2: Ring up a local pizza shop in Canberra and quote a credit card
+number for a certain amount, and tell them that Andrew will be collecting
+it (don't forget to tell him.) One kind soul from Germany did this.
+
+Method 3: Purchase a pizza voucher from your local pizza shop that has no
+international affiliations and send it to Andrew. It is completely useless
+but he can hang it on the wall next to the one he already has from Germany :-)
+
+Method 4: Air freight him a pizza with your favourite regional flavours. It will
+probably get stuck in customs or torn apart by hungry sniffer dogs but it will
+have been a noble gesture.
+
+===============================================================================
+SECTION TWO: Compiling and installing Samba on a Unix host
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+
+===============================================================================
+SECTION THREE: Common client problems
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 1: I can't see the Samba server in any browse lists!
+
+*** Until the FAQ can be updated, please check the file:
+*** ftp://samba.anu.edu.au/pub/samba/BROWSING.txt
+*** for more information on browsing.
+
+If your GUI client does not permit you to select non-browsable servers, you may
+need to do so on the command line. For example, under Lan Manager you might
+connect to the above service as disk drive M: thusly:
+
+ net use M: \\mary\fred
+
+The details of how to do this and the specific syntax varies from client to
+client - check your client's documentation.
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 2: Some files that I KNOW are on the server doesn't show up when I view the
+ directories from my client!
+
+If you check what files are not showing up, you will note that they are files
+which contain upper case letters or which are otherwise not DOS-compatible (ie,
+they are not legal DOS filenames for some reason).
+
+The Samba server can be configured either to ignore such files completely, or
+to present them to the client in "mangled" form. If you are not seeing the
+files at all, the Samba server has most likely been configured to ignore them.
+Consult the man page smb.conf(5) for details of how to change this - the
+parameter you need to set is "mangled names = yes".
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 3: Some files on the server show up with really wierd filenames when I view
+the directories from my client!
+
+If you check what files are showing up wierd, you will note that they are files
+which contain upper case letters or which are otherwise not DOS-compatible (ie,
+they are not legal DOS filenames for some reason).
+
+The Samba server can be configured either to ignore such files completely, or
+to present them to the client in "mangled" form. If you are seeing strange file
+names, they are most likely "mangled". If you would prefer to have such files
+ignored rather than presented in "mangled" form, consult the man page
+smb.conf(5) for details of how to change the server configuration - the
+parameter you need to set is "mangled names = no".
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 4: My client reports "cannot locate specified computer" or similar.
+
+This indicates one of three things: You supplied an incorrect server name, the
+underlying TCP/IP layer is not working correctly, or the name you specified
+cannot be resolved.
+
+After carefully checking that the name you typed is the name you should have
+typed, try doing things like pinging a host or telnetting to somewhere on your
+network to see if TCP/IP is functioning OK. If it is, the problem is most
+likely name resolution.
+
+If your client has a facility to do so, hardcode a mapping between the hosts IP
+and the name you want to use. For example, with Man Manager or Windows for
+Workgroups you would put a suitable entry in the file LMHOSTS. If this works,
+the problem is in the communication between your client and the netbios name
+server. If it does not work, then there is something fundamental wrong with
+your naming and the solution is beyond the scope of this document.
+
+If you do not have any server on your subnet supplying netbios name resolution,
+hardcoded mappings are your only option. If you DO have a netbios name server
+running (such as the Samba suite's nmbd program), the problem probably lies in
+the way it is set up. Refer to Section Two of this FAQ for more ideas.
+
+By the way, remember to REMOVE the hardcoded mapping before further tests :-)
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 5: My client reports "cannot locate specified share name" or similar.
+
+This message indicates that your client CAN locate the specified server, which
+is a good start, but that it cannot find a service of the name you gave.
+
+The first step is to check the exact name of the service you are trying to
+connect to (consult your system administrator). Assuming it exists and you
+specified it correctly (read your client's doco on how to specify a service
+name correctly), read on:
+
+ * Many clients cannot accept or use service names longer than eight
+ characters.
+ * Many clients cannot accept or use service names containing spaces.
+ * Some servers (not Samba though) are case sensitive with service names.
+ * Some clients force service names into upper case.
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 6: My client reports "cannot find domain controller", "cannot log on to the
+network" or similar.
+
+Nothing is wrong - Samba does not implement the primary domain name controller
+stuff for several reasons, including the fact that the whole concept of a
+primary domain controller and "logging in to a network" doesn't fit well with
+clients possibly running on multiuser machines (such as users of smbclient
+under Unix). Having said that, several developers are working hard on
+building it in to the next major version of Samba. If you can contribute,
+send a message to samba-bugs!
+
+Seeing this message should not affect your ability to mount redirected disks
+and printers, which is really what all this is about.
+
+For many clients (including Windows for Workgroups and Lan Manager), setting
+the domain to STANDALONE at least gets rid of the message.
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 7: Printing doesn't work :-(
+
+Make sure that the specified print command for the service you are connecting
+to is correct and that it has a fully-qualified path (eg., use "/usr/bin/lpr"
+rather than just "lpr").
+
+Make sure that the spool directory specified for the service is writable by the
+user connected to the service. In particular the user "nobody" often has
+problems with printing, even if it worked with an earlier version of Samba. Try
+creating another guest user other than "nobody".
+
+Make sure that the user specified in the service is permitted to use the
+printer.
+
+Check the debug log produced by smbd. Search for the printer name and see if
+the log turns up any clues. Note that error messages to do with a service ipc$
+are meaningless - they relate to the way the client attempts to retrieve status
+information when using the LANMAN1 protocol.
+
+If using WfWg then you need to set the default protocol to TCP/IP, not Netbeui.
+This is a WfWg bug.
+
+If using the Lanman1 protocol (the default) then try switching to coreplus.
+Also not that print status error messages don't mean printing won't work. The
+print status is received by a different mechanism.
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 8: My programs install on the server OK, but refuse to work properly.
+
+There are numerous possible reasons for this, but one MAJOR possibility is that
+your software uses locking. Make sure you are using Samba 1.6.11 or later. It
+may also be possible to work around the problem by setting "locking=no" in the
+Samba configuration file for the service the software is installed on. This
+should be regarded as a strictly temporary solution.
+
+In earlier Samba versions there were some difficulties with the very latest
+Microsoft products, particularly Excel 5 and Word for Windows 6. These should
+have all been solved. If not then please let Andrew Tridgell know.
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 9: My "server string" doesn't seem to be recognized, my client reports the
+ default setting, eg. "Samba 1.9.15p4", instead of what I have changed it
+ to in the smb.conf file.
+
+You need to use the -C option in nmbd. The "server string" affects
+what smbd puts out and -C affects what nmbd puts out. In a future
+version these will probably be combined and -C will be removed, but
+for now use -C
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 10: When I attempt to get a listing of available resources from the Samba
+ server, my client reports
+ "This server is not configured to list shared resources".
+
+Your guest account is probably invalid for some reason. Samba uses
+the guest account for browsing in smbd. Check that your guest account is
+valid.
+
+See also 'guest account' in smb.conf man page.
+
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 11: You get the message "you appear to have a trapdoor uid system"
+ in your logs
+
+This can have several causes. It might be because you are using a uid
+or gid of 65535 or -1. This is a VERY bad idea, and is a big security
+hole. Check carefully in your /etc/passwd file and make sure that no
+user has uid 65535 or -1. Especially check the "nobody" user, as many
+broken systems are shipped with nobody setup with a uid of 65535.
+
+It might also mean that your OS has a trapdoor uid/gid system :-)
+
+This means that once a process changes effective uid from root to
+another user it can't go back to root. Unfortunately Samba relies on
+being able to change effective uid from root to non-root and back
+again to implement its security policy. If your OS has a trapdoor uid
+system this won't work, and several things in Samba may break. Less
+things will break if you use user or server level security instead of
+the default share level security, but you may still strike
+problems.
+
+The problems don't give rise to any security holes, so don't panic,
+but it does mean some of Samba's capabilities will be unavailable.
+In particular you will not be able to connect to the Samba server as
+two different uids at once. This may happen if you try to print as a
+"guest" while accessing a share as a normal user. It may also affect
+your ability to list the available shares as this is normally done as
+the guest user.
+
+Complain to your OS vendor and ask them to fix their system.
+
+Note: the reason why 65535 is a VERY bad choice of uid and gid is that
+it casts to -1 as a uid, and the setreuid() system call ignores (with
+no error) uid changes to -1. This means any daemon attempting to run
+as uid 65535 will actually run as root. This is not good!
+
+===============================================================================
+SECTION FOUR: Specific client problems
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 1: Are any MacIntosh clients for Samba.
+
+In Rob Newberry's words (rob@eats.com, Sun, 4 Dec 1994):
+
+The answer is "No." Samba speaks SMB, the protocol used for Microsoft networks.
+The Macintosh has ALWAYS spoken Appletalk. Even with Microsoft "services for
+Macintosh", it has been a matter of making the server speak Appletalk. It is
+the same for Novell Netware and the Macintosh, although I believe Novell has
+(VERY LATE) released an extension for the Mac to let it speak IPX.
+
+In future Apple System Software, you may see support for other protocols, such
+as SMB -- Applet is working on a new networking architecture that will make it
+easier to support additional protocols. But it's not here yet.
+
+Now, the nice part is that if you want your Unix machine to speak Appletalk,
+there are several options. "Netatalk" and "CAP" are free, and available on the
+net. There are also several commercial options, such as "PacerShare" and
+"Helios" (I think). In any case, you'll have to look around for a server, not
+anything for the Mac.
+
+Depending on you OS, some of these may not help you. I am currently
+coordinating the effort to get CAP working with Native Ethertalk under Linux,
+but we're not done yet.
+
+Rob
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 2: I am getting a "Session request failed (131,130)" error when I try to
+ connect to my Win95 PC with smbclient. I am able to connect from the PC
+ to the Samba server without problems. What gives?
+
+The following answer is provided by John E. Miller:
+
+I'll assume that you're able to ping back and forth between the machines by
+IP address and name, and that you're using some security model where you're
+confident that you've got user IDs and passwords right. The logging options
+(-d3 or greater) can help a lot with that. DNS and WINS configuration can
+also impact connectivity as well.
+
+Now, on to 'scope id's. Somewhere in your Win95 TCP/IP network configuration
+(I'm too much of an NT bigot to know where it's located in the Win95 setup,
+but I'll have to learn someday since I teach for a Microsoft Solution Provider
+Authorized Tech Education Center - what an acronym...) [Note: It's under
+Control Panel | Network | TCP/IP | WINS Configuration] there's a little text
+entry field called something like 'Scope ID'.
+
+This field essentially creates 'invisible' sub-workgroups on the same wire.
+Boxes can only see other boxes whose Scope IDs are set to the exact same
+value - it's sometimes used by OEMs to configure their boxes to browse only
+other boxes from the same vendor and, in most environments, this field should
+be left blank. If you, in fact, have something in this box that EXACT value
+(case-sensitive!) needs to be provided to smbclient and nmbd as the -i
+(lowercase) parameter. So, if your Scope ID is configured as the string
+'SomeStr' in Win95 then you'd have to use smbclient -iSomeStr <otherparms>
+in connecting to it.
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 3: How do I synchronize my PC's clock with my Samba server?
+
+To syncronize your PC's clock with your Samba server:
+
+* Copy timesync.pif to your windows directory
+ * timesync.pif can be found at:
+ http://samba.canberra.edu.au/pub/samba/binaries/miscellaneous/timesync.pif
+* Add timesync.pif to your 'Start Up' group/folder
+* Open the properties dialog box for the program/icon
+ * Make sure the 'Run Minimized' option is set in program 'Properties'
+ * Change the command line section that reads \\sambahost to reflect the name
+ of your server.
+* Close the properties dialog box by choosing 'OK'
+
+Each time you start your computer (or login for Win95) your PC will
+synchronize it's clock with your Samba server.
+
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 4: Problems with WinDD, NTrigue, WinCenterPro etc
+
+All of the above programs are applications that sit on an NT box and
+allow multiple users to access the NT GUI applications from remote
+workstations (often over X).
+
+What has this got to do with Samba? The problem comes when these users
+use filemanager to mount shares from a Samba server. The most common
+symptom is that the first user to connect get correct file permissions
+and has a nice day, but subsequent connections get logged in as the
+same user as the first person to login. They find that they cannot
+access files in their own home directory, but that they can access
+files in the first users home directory (maybe not such a nice day
+after all?)
+
+Why does this happen? The above products all share a common heritage
+(and code base I believe). They all open just a single TCP based SMB
+connection to the Samba server, and requests from all users are piped
+over this connection. This is unfortunate, but not fatal.
+
+It means that if you run your Samba server in share level security
+(the default) then things will definately break as described above. The
+share level SMB security model has no provision for multiple user IDs
+on the one SMB connection. See security_level.txt in the docs for more
+info on share/user/server level security.
+
+If you run in user or server level security then you have a chance,
+but only if you have a recent version of Samba (at least 1.9.15p6). In
+older versions bugs in Samba meant you still would have had problems.
+
+If you have a trapdoor uid system in your OS then it will never work
+properly. Samba needs to be able to switch uids on the connection and
+it can't if your OS has a trapdoor uid system. You'll know this
+because Samba will note it in your logs.
+
+Also note that you should not use the magic "homes" share name with
+products like these, as otherwise all users will end up with the same
+home directory. Use \\server\username instead.
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 5: Problem with printers under NT
+
+This info from Stefan Hergeth may be useful:
+
+ A network-printer (with ethernetcard) is connected to the NT-Clients via
+ our UNIX-Fileserver (SAMBA-Server), like the configuration told by
+ Matthew Harrell <harrell@leech.nrl.navy.mil> (see WinNT.txt)
+
+ 1.) If a user has choosen this printer as the default printer in his
+ NT-Session and this printer is not connected to the network
+ (e.g. switched off) than this user has a problem with the SAMBA-
+ connection of his filesystems. It's very slow.
+
+ 2.) If the printer is connected to the network everything works fine.
+
+ 3.) When the smbd ist started with debug level 3, you can see that the
+ NT spooling system try to connect to the printer many times. If the
+ printer ist not connected to the network this request fails and the
+ NT spooler is wasting a lot of time to connect to the printer service.
+ This seems to be the reason for the slow network connection.
+
+ 4.) Maybe it's possible to change this behaviour by setting different printer
+ properties in the Print-Manager-Menu of NT, but i didn't try it
+ yet.
+
+ I hope this information will help in some way.
+
+ Stefan Hergeth <hergeth@f7axp1.informatik.fh-muenchen.de>
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 6: Why are my file's timestamps off by an hour, or by a few hours?
+
+This is from Paul Eggert <eggert@twinsun.com>.
+
+Most likely it's a problem with your time zone settings.
+
+Internally, Samba maintains time in traditional Unix format,
+namely, the number of seconds since 1970-01-01 00:00:00 Universal Time
+(or ``GMT''), not counting leap seconds.
+
+On the server side, Samba uses the Unix TZ variable to convert internal
+timestamps to and from local time. So on the server side, there are two
+things to get right.
+
+ 1. The Unix system clock must have the correct Universal time.
+ Use the shell command "sh -c 'TZ=UTC0 date'" to check this.
+
+ 2. The TZ environment variable must be set on the server
+ before Samba is invoked. The details of this depend on the
+ server OS, but typically you must edit a file whose name is
+ /etc/TIMEZONE or /etc/default/init, or run the command `zic -l'.
+
+ 3. TZ must have the correct value.
+
+ 3a. If possible, use geographical time zone settings
+ (e.g. TZ='America/Los_Angeles' or perhaps
+ TZ=':US/Pacific'). These are supported by most
+ popular Unix OSes, are easier to get right, and are
+ more accurate for historical timestamps. If your
+ operating system has out-of-date tables, you should be
+ able to update them from the public domain time zone
+ tables at <URL:ftp://elsie.nci.nih.gov/pub/>.
+
+ 3b. If your system does not support geographical time zone
+ settings, you must use a Posix-style TZ strings, e.g.
+ TZ='PST8PDT,M4.1.0/2,M10.5.0/2' for US Pacific time.
+ Posix TZ strings can take the following form (with optional
+ items in brackets):
+
+ StdOffset[Dst[Offset],Date/Time,Date/Time]
+
+ where:
+
+ `Std' is the standard time designation (e.g. `PST').
+
+ `Offset' is the number of hours behind UTC (e.g. `8').
+ Prepend a `-' if you are ahead of UTC, and
+ append `:30' if you are at a half-hour offset.
+ Omit all the remaining items if you do not use
+ daylight-saving time.
+
+ `Dst' is the daylight-saving time designation
+ (e.g. `PDT').
+
+ The optional second `Offset' is the number of
+ hours that daylight-saving time is behind UTC.
+ The default is 1 hour ahead of standard time.
+
+ `Date/Time,Date/Time' specify when daylight-saving
+ time starts and ends. The format for a date is
+ `Mm.n.d', which specifies the dth day (0 is Sunday)
+ of the nth week of the mth month, where week 5 means
+ the last such day in the month. The format for a
+ time is [h]h[:mm[:ss]], using a 24-hour clock.
+
+ Other Posix string formats are allowed but you don't want
+ to know about them.
+
+On the client side, you must make sure that your client's clock and
+time zone is also set appropriately. [[I don't know how to do this.]]
+
+Samba traditionally has had many problems dealing with time zones, due
+to the bizarre ways that Microsoft network protocols handle time
+zones. A common symptom is for file timestamps to be off by an hour.
+To work around the problem, try disconnecting from your Samba server
+and then reconnecting to it; or upgrade your Samba server to
+1.9.16alpha10 or later.
+
+===============================================================================
+SECTION FIVE: Specific client application problems
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* 1: MS Office Setup reports "Cannot change properties of the file named:
+ X:\MSOFFICE\SETUP.INI"
+
+When installing MS Office on a Samba drive for which you have admin user
+permissions, ie. admin users = <username>, you will find the setup program
+unable to complete the installation.
+
+To get around this problem, do the installation without admin user permissions
+The problem is that MS Office Setup checks that a file is rdonly by trying to
+open it for writing.
+
+Admin users can always open a file for writing, as they run as root.
+You just have to install as a non-admin user and then use "chown -R" to fix
+the owner.
+
+===============================================================================
+SECTION SIX: Miscellaneous
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Maintained By Paul Blackman, Email:ictinus@lake.canberra.edu.au
diff --git a/docs/samba.lsm b/docs/samba.lsm
index 503ba1ec94b..36abbba769a 100644
--- a/docs/samba.lsm
+++ b/docs/samba.lsm
@@ -7,11 +7,11 @@ Desc3 = SMB compatible clients such as WinNT, WfWg, OS/2
Desc4 = and Pathworks. It also includes a ftp-style unix client
Desc5 = and a netbios nameserver.
Author = Andrew Tridgell
-AuthorEmail = samba-bugs@anu.edu.au
+AuthorEmail = samba-bugs@samba.anu.edu.au
Maintainer = Andrew Tridgell
-MaintEmail = samba-bugs@anu.edu.au
-Site1 = nimbus.anu.edu.au
-Path1 = pub/tridge/samba/
+MaintEmail = samba-bugs@samba.anu.edu.au
+Site1 = samba.anu.edu.au
+Path1 = pub/samba/
File1 = samba-latest.tar.gz
FileSize1 = 200K
Required1 = Ansi-C compiler and a TCP/IP network.
diff --git a/docs/textdocs/BROWSING.txt b/docs/textdocs/BROWSING.txt
index 8a09d2274fb..9d1e85f5310 100644
--- a/docs/textdocs/BROWSING.txt
+++ b/docs/textdocs/BROWSING.txt
@@ -5,53 +5,17 @@ Samba now fully supports browsing. The browsing is supported by nmbd
and is also controlled by options in the smb.conf file (see
smb.conf(5)).
-Samba can act as a browse master for a workgroup, but currently cannot
-act as a domain controller. The ability to be a domain controller will
-be added in a later version.
+Samba can act as a browse master for a workgroup and the ability for
+samba to support domain logons and scripts is now available. See
+DOMAIN.txt for more information on domain logons.
To get browsing to work you need to run nmbd as usual, but will need
to use the "workgroup" option in smb.conf to control what workgroup
Samba becomes a part of.
-The -G option is most useful for simple setups where Samba is browsable
-in only one workgroup. In more complex cases the lmhosts file is
-better.
-
-Be very careful setting up your lmhosts file. An incorrectly setup
-lmhosts file can have disasterous results for your net!
-
-A simple lmhosts file might be:
-
-# This is a simple lmhosts file
-#
-# This is a host alias. Anyone querying this name
-# will get the specified IP
-192.0.2.17 SMBDATA
-#
-# first put ourselves in workgroup MYGROUP using
-# our own net address
-0.0.0.0 MYGROUP G
-
-Note in the above that I overrode what workgroup Samba is in using the
-G flag. Also note that the 0.0.0.0 address is used, which will be
-automatically replaced with the broadcast address for groups, and with
-the local IP address for other entries.
-
Samba also has a useful option for a Samba server to offer itself for
-browsing on another subnet.
-
-This works by the lmhosts file specifying a broadcast address on the
-other network to use to find a browse master for the workgroup.
-
-For example if you wanted yourself to appear in the workgroup STAFF on
-the network which has a broadcast of 192.0.3.255 then this entry would
-do the trick:
-
-# put ourselves in the STAFF workgroup on the other subnet
-192.0.3.255 STAFF G
-
-Notice the G at the end! It is very important you include this as this
-entry without the G could cause a broadcast storm!
+browsing on another subnet. See "remote announce" in the smb.conf man
+page.
If something doesn't work then hopefully the log.nmb file will
help you track down the problem. Try a debug level of 2 or 3 for
@@ -69,13 +33,13 @@ have a valid guest account.
Also, a lot of people are getting bitten by the problem of too many
parameters on the command line of nmbd in inetd.conf. This trick is to
not use spaces between the option and the parameter (eg: -d2 instead
-of -d 2), and to not use the -B and -N options. New versions of nmbd
+Of -d 2), and to not use the -B and -N options. New versions of nmbd
are now far more likely to correctly find your broadcast and network
addess, so in most cases these aren't needed.
The other big problem people have is that their broadcast address,
-netmask or IP address is wrong (specified with the -B, -N and -I
-options to nmbd).
+netmask or IP address is wrong (specified with the "interfaces" option
+in smb.conf)
FORCING SAMBA TO BE THE MASTER
==============================
@@ -87,7 +51,7 @@ election. By default Samba uses a very low precedence and thus loses
elections to just about anyone else.
If you want Samba to win elections then just set the "os level" global
-option in smb.conf to a higher number. It defaults to 0. Using 33
+option in smb.conf to a higher number. It defaults to 0. Using 34
would make it win all elections over every other system (except other
samba systems!)
@@ -132,14 +96,9 @@ ends in a 0) then you will strike problems. Windows for Workgroups
does not seem to support a 0's broadcast and you will probably find
that browsing and name lookups won't work.
-You have a few options:
-
-1) change to a 1's broadcast on your unix server. These often end in
-.255 (check with your local network guru for details)
-
-2) set the nmbd broadcast to a 1's based address on the command line using
-the -B option. This only works if your network setup listens on both
-0s and 1s based broadcasts. The -B option can only control what
-address it sends to, not what it listens on.
-
+MULTIPLE INTERFACES
+===================
+Samba now supports machines with multiple network interfaces. If you
+have multiple interfaces then you will need to use the "interfaces"
+option in smb.conf to configure them. See smb.conf(5) for details.
diff --git a/docs/textdocs/BUGS.txt b/docs/textdocs/BUGS.txt
index e0fd6951477..099791c1562 100644
--- a/docs/textdocs/BUGS.txt
+++ b/docs/textdocs/BUGS.txt
@@ -1,10 +1,6 @@
This file describes how to report Samba bugs.
->> The email address for bug reports is samba-bugs@anu.edu.au <<
-
-(NOTE: This mail may not be in place yet. If you have troubles with it
-then use samba-bugs@arvidsjaur.anu.edu.au)
-
+>> The email address for bug reports is samba-bugs@samba.anu.edu.au <<
Please take the time to read this file before you submit a bug
report. Also, please see if it has changed between releases, as I
@@ -17,15 +13,14 @@ of an answer and a fix if you send me a "developer friendly" bug
report that lets me fix it fast.
Do not assume that if you post the bug to the comp.protocols.smb
-newsgroup that I will read it. I do read all postings to the samba
-mailing list (see the README). If you suspect that your problem is not
-a bug but a configuration problem then it is better to send it to the
-Samba mailing list, as there are (at last count) 1900 other users on
+newsgroup or the mailing list that I will read it. If you suspect that your
+problem is not a bug but a configuration problem then it is better to send
+it to the Samba mailing list, as there are (at last count) 1900 other users on
that list that may be able to help you.
You may also like to look though the recent mailing list archives,
which are conveniently accessible on the Samba web pages
-at http://lake.canberra.edu.au/pub/samba/
+at http://samba.canberra.edu.au/pub/samba/
GENERAL INFO
@@ -36,6 +31,8 @@ errors. Look in your log files for obvious messages that tell you that
you've misconfigured something and run testparm to test your config
file for correct syntax.
+Have you run through DIAGNOSIS.txt? This is very important.
+
If you include part of a log file with your bug report then be sure to
annotate it with exactly what you were doing on the client at the
time, and exactly what the results were.
diff --git a/docs/textdocs/DIAGNOSIS.txt b/docs/textdocs/DIAGNOSIS.txt
index 6681bdc4bcb..740f417ed3b 100644
--- a/docs/textdocs/DIAGNOSIS.txt
+++ b/docs/textdocs/DIAGNOSIS.txt
@@ -11,7 +11,7 @@ carefully choose them so later tests only use capabilities verified in
the earlier tests.
I would welcome additions to this set of tests. Please mail them to
-samba-bugs@anu.edu.au
+samba-bugs@samba.anu.edu.au
If you send me an email saying "it doesn't work" and you have not
followed this test procedure then you should not be surprised if I
@@ -36,7 +36,7 @@ smb.conf. I will assume this share is called "tmp". You can add a
read only = yes
-THESE TESTS ASSUME VERSION 1.9.15 OR LATER OF THE SAMBA SUITE. SOME
+THESE TESTS ASSUME VERSION 1.9.16 OR LATER OF THE SAMBA SUITE. SOME
COMMANDS SHOWN DID NOT EXIST IN EARLIER VERSIONS
@@ -66,7 +66,7 @@ you do have correct entries for the remainder of these tests.
TEST 3:
-------
-run the command "smbclient -L BIGSERVER -U%" on the unix box. You
+run the command "smbclient -L BIGSERVER" on the unix box. You
should get a list of available shares back.
If you get a error message containing the string "Bad password" then
@@ -86,7 +86,14 @@ If you get a "session request failed" then the server refused the
connection. If it says "your server software is being unfriendly" then
its probably because you have invalid command line parameters to smbd,
or a similar fatal problem with the initial startup of smbd. Also
-check your config file for syntax errors with "testparm".
+check your config file for syntax errors with "testparm" and that the
+various directories where samba keeps its log and lock files exist.
+
+Another common cause of these two errors is having something already running
+on port 139, such as Samba (ie smbd is running from inetd already) or something
+like Digital's Pathworks. Check your inetd.conf file before trying to start
+smbd as a daemon, it can avoid a lot of frustration!
+
TEST 4:
-------
@@ -95,7 +102,7 @@ run the command "nmblookup -B BIGSERVER __SAMBA__". You should get the
IP address of your Samba server back.
If you don't then nmbd is incorrectly installed. Check your inetd.conf
-if yu run it from there, or that the daemon is running and listening
+if you run it from there, or that the daemon is running and listening
to udp port 137.
One common problem is that many inetd implementations can't take many
@@ -110,9 +117,7 @@ run the command "nmblookup -B ACLIENT '*'"
You should get the PCs IP address back. If you don't then the client
software on the PC isn't installed correctly, or isn't started, or you
-got the name of the PC wrong. Note that you probably won't get a "node
-status response" from the PC due to a bug in the microsoft netbios
-nameserver implementation (it responds to the wrong port number).
+got the name of the PC wrong.
TEST 6:
-------
@@ -128,20 +133,9 @@ hosts.
If this doesn't give a similar result to the previous test then
nmblookup isn't correctly getting your broadcast address through its
-automatic mechanism. In this case you should experiment with the -B
-option which allows you to manually specify the broadcast address,
-overriding the automatic detection. You should try different broadcast
-addresses until your find the one that works. It will most likely be
-something like a.b.c.255 as microsoft tcpip stacks only listen on 1's
-based broadcast addresses. If you get stuck then ask your local
-networking guru for help (and show them this paragraph).
-
-If you find you do need the -B option (ie. the automatic detection
-doesn't work) then you should add the -B option with the right
-broadcast address for your network to the command line of nmbd in
-inetd.conf or in the script you use to start nmbd as a daemon. Once
-you do this go back to the "nmblookup __SAMBA__ -B BIGSERVER" test to
-make sure you have it running properly.
+automatic mechanism. In this case you should experiment use the
+"interfaces" option in smb.conf to manually configure your IP
+address, broadcast and netmask.
If your PC and server aren't on the same subnet then you will need to
use the -B option to set the broadcast address to the that of the PCs
@@ -168,6 +162,8 @@ compile in support for them in smbd
- you have a mixed case password and you haven't enabled the "password
level" option at a high enough level
- the "path =" line in smb.conf is incorrect. Check it with testparm
+- you enabled password encryption but didn't create the SMB encrypted
+password file
Once connected you should be able to use the commands "dir" "get"
"put" etc. Type "help <command>" for instructions. You should
@@ -221,8 +217,8 @@ TEST 10:
From file manager try to browse the server. Your samba server should
appear in the browse list of your local workgroup (or the one you
-specified in the Makefile). You should be able to double click on the
-name of the server and get a list of shares. If you get a "invalid
+specified in smb.conf). You should be able to double click on the name
+of the server and get a list of shares. If you get a "invalid
password" error when you do then you are probably running WinNT and it
is refusing to browse a server that has no encrypted password
capability and is in user level security mode.
@@ -234,4 +230,5 @@ Still having troubles?
Try the mailing list or newsgroup, or use the tcpdump-smb utility to
sniff the problem.
+Also look at the other docs in the Samba package!
diff --git a/docs/textdocs/DOMAIN.txt b/docs/textdocs/DOMAIN.txt
index 31e19675fae..ee086b0e236 100644
--- a/docs/textdocs/DOMAIN.txt
+++ b/docs/textdocs/DOMAIN.txt
@@ -7,7 +7,8 @@ administration. Support for these kind of things should be added
sometime in the future.
The domain support only works for WfWg and Win95 clients. Support for
-NT and OS/2 clients is still being worked on.
+NT and OS/2 clients is still being worked on and currently does not
+work.
Using these features you can make your clients verify their logon via
the Samba server and make clients run a batch file when they logon to
@@ -39,7 +40,7 @@ For example I have used:
the choice of batch file is, of course, up to you. The above would
give each user a separate batch file as the %U will be changed to
their username automatically. The other standard % macros may also be
-used. You can make the btch files come from a subdirectory by using
+used. You can make the batch files come from a subdirectory by using
soemthing like:
logon script = scripts\%U.bat
diff --git a/docs/textdocs/DOMAIN_CONTROL.txt b/docs/textdocs/DOMAIN_CONTROL.txt
new file mode 100644
index 00000000000..b7f32e5f73e
--- /dev/null
+++ b/docs/textdocs/DOMAIN_CONTROL.txt
@@ -0,0 +1,61 @@
+August 22, 1996
+===============
+
+Contributor: John H Terpstra
+
+Subject: Windows NT Domain Control & Samba
+ =================================
+
+Windows NT Server can be installed as either a plain file and print server
+or as a server that participates in Domain Control. The same is true for
+OS/2 Warp Server, Digital Pathworks and other similar products, all of which
+can participate in Domain Control along with Windows NT.
+
+To many people these terms can be confusing, so let's try to clear the air.
+
+Every Windows NT system (workstation or server) has a registry database.
+The registry contains entries that describe the initialisation information
+for all services (the equivalent of Unix Daemons) that run within the Windows
+NT environment. The registry also contains entries that tell application
+software where to find dynamically loadable libraries that they depend upon.
+In fact, the registry contains entries that describes everything that anything
+may need to know to interact with the rest of the system.
+
+The Microsoft Windows NT system is structured within a security model that
+says that all applications and services much authenticate themselves before
+they can obtain permission from the security manager to do what they set out
+to do.
+
+The Windows NT User database also resides within the registry. This part of
+the registry contains the user's security identifier, home directory, group
+memberships, desktop profile, and so on.
+
+Every Windows NT system (workstation as well as server) will have it's own
+registry. Windows NT Servers that participate in Domain Security control
+have a database that they share in common - thus they do NOT own a complete
+and independant full registry database of their own, as do Workstations and
+plain Servers.
+
+The User database is called the SAM (Security Access Manager) database and
+is used for all user authentication as well as for authentication of inter-
+process authentication (ie: to ensure that the service action a user has
+requested is permitted within the limits of that user's privilidges).
+
+Windows for Workgroups, Windows 95, and Windows NT Workstations and Servers
+can participate in a Domain security system that is controlled by Windows NT
+servers that have been correctly configured. At most every domain will have
+ONE Primary Domain Controller (PDC). It is desirable that each domain will
+have at least one Backup Domain Controller (BDC).
+
+The PDC and BDCs then participate in replication of the SAM database so that
+each Domain Controlling participant will have an up to date SAM component
+within it's registry.
+
+Samba can NOT at this time function as a Domain Controller for any of these
+security services, but like all other domain members can interact with the
+Windows NT security system for all access authentication.
+
+When Samba is configured with the 'security = server' option and the
+'password server = Your_Windows_NT_Server_Name' option, then it will
+redirect all access authentication to that server.
+
diff --git a/docs/textdocs/ENCRYPTION.txt b/docs/textdocs/ENCRYPTION.txt
index 046b473e9a1..82fe2289266 100644
--- a/docs/textdocs/ENCRYPTION.txt
+++ b/docs/textdocs/ENCRYPTION.txt
@@ -1,9 +1,9 @@
LanManager / Samba Password Encryption.
---------------------------------------
-With the development of LanManager compatible password encryption for
-Samba, it is now able to validate user connections in exactly the same
-way as a LanManager or Windows NT server.
+With the development of LanManager and Windows NT compatible password
+encryption for Samba, it is now able to validate user connections in
+exactly the same way as a LanManager or Windows NT server.
This document describes how the SMB password encryption algorithm
works and what issues there are in choosing whether you want to use
@@ -22,6 +22,10 @@ two 56 bit DES keys to encrypt a 'magic' eight byte value, forming a
16 byte value which is stored by the server and client. Let this value
be known as the *hashed password*.
+ Windows NT encryption is a higher quality mechanism, consisting
+of doing an MD4 hash on a Unicode version of the users password. This
+also produces a 16 byte hash value that is non-reversible.
+
When a client (LanManager, Windows for WorkGroups, Windows 95 or
Windows NT) wishes to mount a Samba drive (or use a Samba resource) it
first requests a connection and negotiates the protocol that the client
@@ -31,7 +35,7 @@ Samba server after the reply is sent and is known as the *challenge*.
The challenge is different for every client connection.
-The client then uses the hashed password (16 byte value described
+The client then uses the hashed password (16 byte values described
above), appended with 5 null bytes, as three 56 bit DES keys, each of
which is used to encrypt the challenge 8 byte value, forming a 24 byte
value known as the *response*.
@@ -39,6 +43,9 @@ value known as the *response*.
In the SMB call SMBsessionsetupX (when user level security is
selected) or the call SMBtconX (when share level security is selected)
the 24 byte response is returned by the client to the Samba server.
+For Windows NT protocol levels the above calculation is done on
+both hashes of the users password and both responses are returned
+in the SMB call, giving two 24 byte values.
The Samba server then reproduces the above calculation, using it's own
stored value of the 16 byte hashed password (read from the smbpasswd
@@ -52,8 +59,8 @@ is this allowed access. If not then the client did not know the
correct password and is denied access.
Note that the Samba server never knows or stores the cleartext of the
-users password - just the 16 byte hashed function derived from it. Also
-note that the cleartext password or 16 byte hashed value are never
+users password - just the 16 byte hashed values derived from it. Also
+note that the cleartext password or 16 byte hashed values are never
transmitted over the network - thus increasing security.
IMPORTANT NOTE ABOUT SECURITY
@@ -63,10 +70,10 @@ The unix and SMB password encryption techniques seem similar on the
surface. This similarity is, however, only skin deep. The unix scheme
typically sends clear text passwords over the nextwork when logging
in. This is bad. The SMB encryption scheme never sends the cleartext
-password over the network but it does store the 16 byte hashed value
-on disk. This is also bad. Why? Because the 16 byte hashed value is a
-"password equivalent". You cannot derive the users password from it,
-but it could potentially be used in a modified client to gain access
+password over the network but it does store the 16 byte hashed values
+on disk. This is also bad. Why? Because the 16 byte hashed values are a
+"password equivalent". You cannot derive the users password from them,
+but they could potentially be used in a modified client to gain access
to a server. This would require considerable technical knowledge on
behalf of the attacker but is perfectly possible. You should thus
treat the smbpasswd file as though it contained the cleartext
@@ -108,17 +115,11 @@ ftp
ftp) which send plain text passwords over the net, so not sending them
for SMB isn't such a big deal.
-- the SMB encryption code in Samba is new and has only had limited
-testing. We have tried hard to make it secure but in any new
-implementation of a password scheme there is the possability of an
-error.
-
-
The smbpasswd file.
-------------------
In order for Samba to participate in the above protocol it must
-be able to look up the 16 byte hashed value given a user name.
+be able to look up the 16 byte hashed values given a user name.
Unfortunately, as the UNIX password value is also a one way hash
function (ie. it is impossible to retrieve the cleartext of the users
password given the UNIX hash of it) then a separate password file
@@ -162,14 +163,16 @@ chmod 600 smbpasswd.
The format of the smbpasswd file is
-username:uid:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:Long name:user home dir:user shell
+username:uid:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:Long name:user home dir:user shell
Although only the username, uid, and XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
sections are significant and are looked at in the Samba code.
It is *VITALLY* important that there by 32 'X' characters between the
-two ':' characters - the smbpasswd and Samba code will fail to validate
-any entries that do not have 32 characters between ':' characters.
+two ':' characters in the XXX sections - the smbpasswd and Samba code
+will fail to validate any entries that do not have 32 characters
+between ':' characters. The first XXX section is for the Lanman password
+hash, the second is for the Windows NT version.
When the password file is created all users have password entries
consisting of 32 'X' characters. By default this disallows any access
@@ -185,7 +188,7 @@ NO PASSWORD
Eg. To clear the password for user bob, his smbpasswd file entry would
look like :
-bob:100:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:Bob's full name:/bobhome:/bobshell
+bob:100:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:Bob's full name:/bobhome:/bobshell
If you are allowing users to use the smbpasswd command to set their own
passwords, you may want to give users NO PASSWORD initially so they do
@@ -200,7 +203,7 @@ normal unix /etc/passwd file.
The smbpasswd Command.
----------------------
- The smbpasswd command maintains the 32 byte password field in
+ The smbpasswd command maintains the two 32 byte password fields in
the smbpasswd file. If you wish to make it similar to the unix passwd
or yppasswd programs, install it in /usr/local/samba/bin (or your main
Samba binary directory) and make it setuid root.
@@ -246,7 +249,7 @@ secure by reporting all problems to me (the author, Jeremy Allison).
My email address is :-
-jra@vantive.com
+jra@cygnus.com
Setting up Samba to support LanManager Encryption.
--------------------------------------------------
@@ -256,7 +259,7 @@ password encryption. More complete instructions will probably be added
later.
1) get and compile the libdes libraries. the source is available from
-nimbus.anu.edu.au in pub/tridge/libdes/libdes.tar.92-10-13.gz
+ftp://samba.anu.edu.au/pub/libdes/
2) enable the encryption stuff in the Samba makefile, making sure you
point it to the libdes library and include file (it needs des.h)
@@ -300,7 +303,7 @@ If this fails then you will find that you will need entries that look
like this:
# SMB password file.
-tridge:148:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:Andrew Tridgell:/home/tridge:/bin/tcsh
+tridge:148:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:Andrew Tridgell:/home/tridge:/bin/tcsh
note that the uid and username fields must be right. Also, you must get
the number of X's right (there should be 32).
@@ -325,7 +328,8 @@ The DES library is considered a munition in the USA. Under US Law it is
illegal to export this software, or to put it in a freely available ftp
site.
-Please do not mirror the DES directory from the site on nimbus.anu.edu.au
+Please do not mirror the libdes directory from the site on
+samba.anu.edu.au
Thank you,
diff --git a/docs/textdocs/Faxing.txt b/docs/textdocs/Faxing.txt
new file mode 100644
index 00000000000..132a9f64ceb
--- /dev/null
+++ b/docs/textdocs/Faxing.txt
@@ -0,0 +1,160 @@
+ F A X I N G with S A M B A
+
+This text describes how to turn your SAMBA-server into a fax-server
+for any environment, especially for Windows.
+ Author: Gerhard Zuber <zuber@berlin.snafu.de>
+
+Requirements:
+ UNIX box (Linux preferred) with SAMBA
+ ghostscript package
+ mgetty+sendfax package
+ pbm package (portable bitmap tools)
+
+FTP sites:
+ mgetty099-May31.tar.gz
+ I got it from: ftp://ftp.gwdg.de/pub/linux/misc/mgetty/mgetty099-May31.tar.gz
+
+
+making mgetty+sendfax running:
+==============================
+
+ go to source tree: /usr/src/mgetty+sendfax
+ cp policy.h-dist policy.h
+
+ change your settings: valid tty ports, modem initstring, Station-Id
+
+#define MODEM_INIT_STRING "AT &F S0=0 &D3 &K3 &C1\\\\N2"
+
+#define FAX_STATION_ID "49 30 12345678"
+
+#define FAX_MODEM_TTYS "ttyS1:ttyS2:ttyS3"
+
+ Modem initstring is for rockwell based modems
+ if you want to use mgetty+sendfax as PPP-dialin-server,
+ define AUTO_PPP in Makefile:
+
+CFLAGS=-O2 -Wall -pipe -DAUTO_PPP
+
+ compile it and install the package.
+ edit your /etc/inittab and let mgetty running on your preferred
+ ports:
+
+s3:45:respawn:/usr/local/sbin/mgetty ttyS2 vt100
+
+ now issue a
+ kill -HUP 1
+ and enjoy with the lightning LEDs on your modem
+ your now are ready to receive faxes !
+
+
+ if you want a PPP dialin-server, edit
+ /usr/local/etc/mgetty+sendfax/login.config
+
+/AutoPPP/ - ppp /usr/sbin/pppd auth debug passive modem
+
+
+
+Tools for printing faxes:
+=========================
+
+ your incomed faxes are in:
+ /var/spool/fax/incoming
+
+ print it with:
+
+ for i in *
+ do
+ g3cat $i | g3tolj | lpr -P hp
+ done
+
+ g3cat is in the tools-section, g3tolj is in the contrib-section
+ for printing to HP lasers.
+
+
+
+Now making the fax-server:
+===========================
+
+ fetch the file
+ mgetty+sendfax/frontends/winword/faxfilter
+
+ and place it in
+
+ /usr/local/etc/mgetty+sendfax/
+
+ prepare your faxspool file as mentioned in this file
+ /usr/local/bin/faxspool
+
+ if [ "$user" = "root" -o "$user" = "fax" -o \
+ "$user" = "lp" -o "$user" = "daemon" -o "$user" = "bin" ]
+
+ make sure you have pbmtext (from the pbm-package). This is
+ needed for creaating the small header line on each page.
+
+ make sure your ghostscript is functional. You need fonts !
+ I prefer these from the OS/2 disks
+
+
+ prepare your faxheader
+ /usr/local/etc/mgetty+sendfax/faxheader
+
+
+ edit your /etc/printcap file:
+
+# FAX
+lp3|fax:\
+ :lp=/dev/null:\
+ :sd=/usr/spool/lp3:\
+ :if=/usr/local/etc/mgetty+sendfax/faxfilter:sh:sf:mx#0:\
+ :lf=/usr/spool/lp3/fax-log:
+
+
+
+
+ edit your /usr/local/samba/lib/smb.conf
+
+ so you have a smb based printer named "fax"
+
+
+
+The final step:
+===============
+
+ Now you have a printer called "fax" which can be used via
+ TCP/IP-printing (lpd-system) or via SAMBA (windows printing).
+
+ On every system you are able to produce postscript-files you
+ are ready to fax.
+
+ On Windows 3.1 95 and NT:
+
+ Install a printer wich produces postscript output,
+ e.g. apple laserwriter
+
+ connect the "fax" to your printer
+
+
+ Now write your first fax. Use your favourite wordprocessor,
+ write, winword, notepad or whatever you want, and start
+ with the headerpage.
+
+ Usually each fax has a header page. It carries your name,
+ your address, your phone/fax-number.
+
+ It carries also the recipient, his address and his *** fax
+ number ***. Now here is the trick:
+
+ Use the text:
+ Fax-Nr: 123456789
+ as the recipients fax-number. Make sure this text does not
+ occur in regular text ! Make sure this text is not broken
+ by formatting information, e.g. format it as a single entity.
+
+ The trick is that postscript output is human readable and
+ the faxfilter program scans the text for this pattern and
+ uses the found number as the fax-destination-number.
+
+ Now print your fax through the fax-printer and it will be
+ queued for later transmission. Use faxrunq for sending the
+ queue out.
+
diff --git a/docs/textdocs/GOTCHAS.txt b/docs/textdocs/GOTCHAS.txt
new file mode 100644
index 00000000000..c9f78a10533
--- /dev/null
+++ b/docs/textdocs/GOTCHAS.txt
@@ -0,0 +1,22 @@
+This file lists real Gotchas to watch out for:
+=========================================================================
+Item Number: 1.0
+Description: Problem Detecting Interfaces
+Symptom: Workstations do NOT see Samba server in Browse List
+OS: RedHat - Rembrandt Beta 2
+Platform: Intel
+Date: August 16, 1996
+Submitted By: John H Terpstra <jht@aquasoft.com.au>
+Details:
+ By default RedHat Rembrandt-II during installation adds an
+ entry to /etc/hosts as follows:-
+ 127.0.0.1 loopback "hostname"."domainname"
+
+ This causes Samba to loop back onto the loopback interface.
+ The result is that Samba fails to communicate correctly with
+ the world and therefor may fail to correctly negotiate who
+ is the master browse list holder and who is the master browser.
+
+Corrective Action: Delete the entry after the word loopback
+ in the line starting 127.0.0.1
+=========================================================================
diff --git a/docs/textdocs/HINTS.txt b/docs/textdocs/HINTS.txt
index 953650bdd3e..eedd0bf36e1 100644
--- a/docs/textdocs/HINTS.txt
+++ b/docs/textdocs/HINTS.txt
@@ -40,7 +40,7 @@ Jim barry has written an excellent drag-and-drop cr/lf converter for
windows. Just drag your file onto the icon and it converts the file.
Get it from
-ftp://nimbus.anu.edu.au/pub/tridge/samba/contributed/fixcrlf.zip
+ftp://samba.anu.edu.au/pub/samba/contributed/fixcrlf.zip
----------------------
HINT: Use the "username map" option
diff --git a/docs/textdocs/PROJECTS b/docs/textdocs/PROJECTS
index cf903f2c6dd..5fb75aa98e4 100644
--- a/docs/textdocs/PROJECTS
+++ b/docs/textdocs/PROJECTS
@@ -14,35 +14,39 @@ then please let me know! Also, if you are listed below and you have
any corrections or updates then please let me know.
Email contact:
-samba-bugs@anu.edu.au
+samba-bugs@samba.anu.edu.au
========================================================================
Documentation and FAQ
Docs and FAQ files for the Samba suite of software.
-Contact Karl.Auer@anu.edu.au
+Contact samba-bugs@samba.anu.edu.au with the diffs. These are urgently
+required. The man pages were last guaranteed up to date as of version
+1.7.07, and although many changes have been made since then there is still
+a lot of work to be done.
-Mark Preston is now working on a set of formatted docs for Samba.
-Contact mpreston@sghms.ac.uk
+The FAQ is being added to on an ad hoc basis, see the web pages for info.
-Docs are currently up to date with version, 1.7.07. FAQ being added to
-as questions arise.
+Mark Preston was working on a set of formatted docs for Samba. Is this
+still happening? Contact mpreston@sghms.ac.uk
-Status last updated 27th September 1994
+Status last updated 2nd October 1996
========================================================================
========================================================================
Netbeui support
-This aims to produce patches so that Samba can be used with clients
+This aimed to produce patches so that Samba can be used with clients
that do not have TCP/IP. It will try to remain as portable as possible.
-
-Contact Brian.Onn@Canada.Sun.COM (Brian Onn)
-
-The project is just startup up.
-
-Status last updated 4th October 1994
+Contact Brian.Onn@Canada.Sun.COM (Brian Onn) Unfortunately it died, and
+although a lot of people have expressed interest nobody has come forward
+to do it. The Novell port (see Samba web pages) includes NetBEUI
+functionality in a proprietrary library which should still be helpful as
+we have the interfaces. Alan Cox (a.cox@li.org) has the information
+required to write the state machine if someone is going to do the work.
+
+Status last updated 2nd October 1996
========================================================================
========================================================================
@@ -52,10 +56,11 @@ A mountable smb filesystem for Linux using the userfs userspace filesystem
Contact lendecke@namu01.gwdg.de (Volker Lendecke)
-Currently this is at version 0.2. It works but is really only for
-people with some knowledge and experience of Linux kernel hacking.
+This works really well, and is measurably more efficient than commercial
+client software. It is now part of the Linux kernel. Long filename support
+is in alpha.
-Status last updated 23rd August 1994
+Status last updated 2nd October 1996
========================================================================
========================================================================
diff --git a/docs/textdocs/Printing.txt b/docs/textdocs/Printing.txt
new file mode 100644
index 00000000000..9d053af1e7b
--- /dev/null
+++ b/docs/textdocs/Printing.txt
@@ -0,0 +1,86 @@
+This is a short description of how to debug printing problems with
+Samba. This describes how to debug problems with printing from a SMB
+client to a Samba server, not the other way around. For the reverse
+see the examples/printing directory.
+
+Please send enhancements to this file to samba-bugs@samba.anu.edu.au
+
+Ok, so you want to print to a Samba server from your PC. The first
+thing you need to understand is that Samba does not actually do any
+printing itself, it just acts as a middleman between your PC client
+and your Unix printing subsystem. Samba receives the file from the PC
+then passes the file to a external "print command". What print command
+you use is up to you.
+
+The whole things is controlled using options in smb.conf. The most
+relevant options (which you should look up in the smb.conf man page)
+are:
+ print command
+ lpq command
+ lprm command
+
+Samba should set reasonable defaults for these depending on your
+system type, but it isn't clairvoyant. It is not uncommon that you
+have to tweak these for local conditions.
+
+On my system I use the following settings:
+
+ print command = lpr -r -P%p %s
+ lpq command = lpq -P%p
+ lprm command = lprm -P%p %j
+
+The % bits are "macros" that get dynamically replaced with variables
+when they are used. The %s gets replaced with the name of the spool
+file that Samba creates and the %p gets replaced with the name of the
+printer. The %j gets replaced with the "job number" which comes from
+the lpq output.
+
+When I'm debugging printing problems I often replace these command
+with pointers to shell scripts that record the arguments, and the
+contents of the print file. A simple example of this kind of things
+might be:
+
+ print command = cp %s /tmp/tmp.print
+
+then you print a file and look at the /tmp/tmp.print file to see what
+is produced. Try printing this file with lpr. Does it work? If not
+then your problem with with your lpr system, not with Samba. Often
+people have problems with their /etc/printcap file or permissions on
+various print queues.
+
+Another common problem is that /dev/null is not world writeable. Yes,
+amazing as it may seem, some systems make /dev/null only writeable by
+root. Samba uses /dev/null as a place to discard output from external
+commands like the "print command" so if /dev/null is not writeable
+then nothing will work.
+
+Other really common problems:
+
+- lpr isn't in the search path when Samba tries to run it. Fix this by
+using the full path name in the "print command"
+
+- the user that the PC is trying to print as doesn't have permission
+to print. Fix your lpr system.
+
+- you get an extra blank page of output. Fix this in your lpr system,
+probably by editing /etc/printcap. It could also be caused by
+incorrect setting on your client. For example, under Win95 there is a
+option Printers|Printer Name|(Right
+Click)Properties|Postscript|Advanced| that allows you to choose if a
+Ctrl-D is appended to all jobs. This will affect if a blank page is
+output.
+
+- you get raw postscript instead of nice graphics on the output. Fix
+this either by using a "print command" that cleans up the file before
+sending it to lpr or by using the "postscript" option in smb.conf.
+
+Note that you can do some pretty magic things by using your
+imagination with the "print command" option and some shell
+scripts. Doing print accounting is easy by passing the %U option to a
+print command shell script. You could even make the print command
+detect the type of output and its size and send it to an appropriate
+printer.
+
+If the above debug tips don't help, then maybe you need to bring in
+the bug gun, system tracing. See Tracing.txt in this directory.
+
diff --git a/docs/textdocs/README.jis b/docs/textdocs/README.jis
index 2ac6716a6f6..50ff0cced74 100644
--- a/docs/textdocs/README.jis
+++ b/docs/textdocs/README.jis
@@ -14,6 +14,10 @@
$B$rL\E*$H$7$F$$$^$9!#$=$N$?$a!"F|K\8lBP1~$O!"I,MW:G>.8B$7$+9T$J$C$F$*$j$^$;$s!#(B
+ $BF|K\8lBP1~$7$?(B samba $B$rMxMQ$9$k$?$a$K$O!"%3%s%Q%$%k$9$k;~$K!"I,$:!"(BKANJI $B$NDj5A$rDI(B
+ $B2C$7$F$/$@$5$$!#$3$N%*%W%7%g%s$r;XDj$7$F$$$J$$>l9g$O!"F|K\8l$N%U%!%$%kL>$r@5$7$/07(B
+ $B$&$3$H$O$G$-$^$;$s!#!J%3%s%Q%$%k$K$D$$$F$O!"2<5-(B 3. $B$r;2>H$7$F2<$5$$!K(B
+
2. $BMxMQJ}K!(B
(1) $BDI2C$7$?%Q%i%a!<%?(B
@@ -34,6 +38,12 @@
$B$N(B16$B?J?t$rB3$1$k7A<0$K$J$j$^$9!#(B
$B$3$3$G!"(B':' $B$rB>$NJ8;z$KJQ99$7$?$$>l9g$O!"(Bhex $B$N8e$m$K$=$NJ8;z$r;XDj$7$^$9!#(B
$BNc$($P!"(B@$B$rJQ$o$j$K;H$$$?$$>l9g$O!"(B'hex@'$B$N$h$&$K;XDj$7$^$9!#(B
+ cap: 7 bits $B$N(B ASCII $B%3!<%I0J30$N%3!<%I$r0J2<$N7A<0$GI=$9J}<0$H$$$&E@$G$O(B
+ hex$B$HF1MM$G$9$,!"(BCAP (The Columbia AppleTalk Package)$B$H8_49@-$r;}$DJQ49(B
+ $BJ}<0$H$J$C$F$$$^$9!#(Bhex$B$H$N0c$$$O(B0x80$B0J>e$N%3!<%I$N$_(B':80'$B$N$h$&$KJQ49(B
+ $B$5$l!"$=$NB>$O(BASCII$B%3!<%I$G8=$5$l$^$9!#(B
+ $BNc$($P!"(B'$B%*%U%#%9(B'$B$H$$$&L>A0$O!"(B':83I:83t:83B:83X'$B$H$J$j$^$9!#(B
+
JIS $B%3!<%I$K$D$$$F$O!"0J2<$NI=$r;2>H$7$F2<$5$$!#(B
$B(#(!(!(!(((!(!(!(!(((!(!(!(!(((!(!(!(!(((!(!(!(!(((!(!(!(!(((!(!(!(!(!(!(!(!(!($(B
$B(";XDj(B $B("4A;z3+;O("4A;z=*N;("%+%J3+;O("%+%J=*N;("1Q?t3+;O("Hw9M(B $B("(B
@@ -90,6 +100,8 @@
$B%$%kL>$O!"(BEUC $B%3!<%I$K$J$j$^$9!#$3$3$G;XDj$7$?%3!<%I7O$O!"%5!<%P5Z$S%/%i%$%"%s%H(B
$B%W%m%0%i%`$N%G%U%)%k%H$KCM$J$j$^$9!#(B
+ $B>0!"%*%W%7%g%sCf$N(B \ $B$d(B " $B$bK:$l$:$K;XDj$7$F2<$5$$!#(B
+
3. $B@)8B;v9`(B
(1) $B4A;z%3!<%I(B
@@ -104,21 +116,34 @@
$B$A$c$s$H$7$?%9%Z%C%/$,$h$/$o$+$i$J$+$C$?$N$G$9$,!"0l1~!"(BDOS/V $B$NF0:n$HF1$8F0:n$r9T$J(B
$B$&$h$&$K$J$C$F$$$^$9!#(B
+(4) $B%m%s%0%U%!%$%kL>$K$D$$$F(B
+ Windows NT/95 $B$G$O!"%m%s%0%U%!%$%kL>$,07$($^$9!#%m%s%0%U%!%$%kL>$r(B 8.3 $B%U%)!<%^%C%H(B
+ $B$G07$&$?$a$K!"(Bmangling $B$7$F$$$^$9$,!"$3$NJ}K!$O!"(BNT $B$d(B 95 $B$,9T$J$C$F$$$k(B mangling $B$H(B
+ $B$O0[$J$j$^$9$N$GCm0U$7$F2<$5$$!#(B
+
4. $B>c32Ey$N%l%]!<%H$K$D$$$F(B
$BF|K\8l$N%U%!%$%kL>$K4X$7$F!"J8;z2=$1Ey$N>c32$,$"$l$P!";d$K%l%]!<%H$7$FD:$1$l$P9,$$$G(B
$B$9!#$?$@$7!"%*%j%8%J%k$+$i$NLdBjE@$d<ALd$K$D$$$F$O!"%*%j%8%J%k$N:n<T$XD>@\Ld$$9g$o$;$k(B
$B$+!"$b$7$/$O%a!<%j%s%0%j%9%H$J$I$X%l%]!<%H$9$k$h$&$K$7$F2<$5$$!#(B
+$B%l%]!<%H$5$l$k>l9g!"MxMQ$5$l$F$$$k4D6-(B(UNIX $B5Z$S(B PC $BB&$N(BOS$B$J$I(B)$B$H$G$-$^$7$?$i@_Dj%U%!(B
+$B%$%k$d%m%0$J$I$rE:IU$7$FD:$1$k$H9,$$$G$9!#(B
+
5. $B$=$NB>(B
- hex $B7A<0$NJQ49J}K!$O!"(B
+ $B%3!<%IJQ49$O0J2<$NJ}!9$,:n$i$l$?%W%m%0%i%`$rMxMQ$7$F$$$^$9!#(B
- $BBgLZ!wBgDM!&C^GH(B <ohki@gssm.otsuka.tsukuba.ac.jp>$B;a(B
+ hex $B7A<0(B $BBgLZ!wBgDM!&C^GH(B <ohki@gssm.otsuka.tsukuba.ac.jp>$B;a(B
+ cap $B7A<0(B $BI%ED(B $BF;O:(B (michiro@po.iijnet.or.jp)(michiro@dms.toppan.co.jp)$B;a(B
- $B$,:n$i$l$?%3!<%I$rMxMQ$7$F$$$^$9!#(B
+ $B$=$NB>!"$?$/$5$s$NJ}!9$+$i$$$m$$$m$H8f65<($$$?$@$-$"$j$,$H$&$4$6$$$^$7$?!#:#8e$H$b$h(B
+$B$m$7$/$*4j$$CW$7$^$9!#(B
1994$BG/(B10$B7n(B28$BF|(B $BBh#1HG(B
1995$BG/(B 8$B7n(B16$BF|(B $BBh#2HG(B
+1995$BG/(B11$B7n(B24$BF|(B $BBh#3HG(B
+1996$BG/(B 5$B7n(B13$BF|(B $BBh#4HG(B
+
$BF#ED(B $B?r(B fujita@ainix.isac.co.jp
diff --git a/docs/textdocs/Speed.txt b/docs/textdocs/Speed.txt
index 5dfd70323b1..b62e408922c 100644
--- a/docs/textdocs/Speed.txt
+++ b/docs/textdocs/Speed.txt
@@ -30,6 +30,32 @@ hardware Samba should certainly be competitive in speed with other
systems.
+OPLOCKS
+-------
+
+Oplocks are the way that SMB clients get permission from a server to
+locally cache file operations. If a server grants an oplock
+(opportunistic lock) then the client is free to assume that it is the
+only one accessing the file and it will agressively cache file
+data. With some oplock types the client may even cache file open/close
+operations. This can give enormous performance benefits.
+
+Samba does not support opportunistic locks because they are very
+difficult to do under Unix. Samba can fake them, however, by granting
+a oplock whenever a client asks for one. This is controlled using the
+smb.conf option "fake oplocks". If you set "fake oplocks = yes" then
+you are telling the client that it may agressively cache the file
+data.
+
+By enabling this option on all read-only shares or shares that you know
+will only be accessed from one client at a time you will see a big
+performance improvement on many operations. If you enable this option
+on shares where multiple clients may be accessing the files read-write
+at the same time you can get data corruption. Use this option
+carefully!
+
+This option is disabled by default.
+
SOCKET OPTIONS
--------------
@@ -113,6 +139,10 @@ file to open the file read-only if the first has it open
read-write. For many applications that do their own locking this
doesn't matter, but for some it may.
+NOTE: In the most recent versions of Samba there is an option to use
+shared memory via mmap() to implement the share modes. This makes
+things much faster. See the Makefile for how to enable this.
+
LOG LEVEL
---------
@@ -269,4 +299,4 @@ COMMENTS
If you've read this far then please give me some feedback! Which of
the above suggestions worked for you?
-Mail the samba mailing list or samba-bugs@anu.edu.au
+Mail the samba mailing list or samba-bugs@samba.anu.edu.au
diff --git a/docs/textdocs/Support.txt b/docs/textdocs/Support.txt
index d71bdaf7b3e..ca310c632ee 100644
--- a/docs/textdocs/Support.txt
+++ b/docs/textdocs/Support.txt
@@ -1,14 +1,17 @@
The Samba Consultants List
==========================
-This is a list of people who are prepared to install and support Samba.
-Note that in most countries nobody should admit to "supplying" Samba, since
-there is then an implied warranty with possibly onerous legal obligations.
-Just downloading and installing it isn't supply in this sense, but advertising
-"run our Samba for best results" may be so.
+This is a list of people who are prepared to commercialy support
+Samba. Being on this list does not imply any sort of endorsement by
+anyone, it is just provided in the hope that it will be useful.
-Being on this list does not imply any sort of endorsement by anyone, it is just
-provided in the hope that it will be useful.
+Note that the organisations listed below will expect you to pay for
+The support that they offer. I've been told that several people
+assumed this was a list of kindly companies offering free commercial
+support!
+
+For free support use the Samba mailing list and the comp.protocols.smb
+newsgroup.
If you want to be added to the list, or want your entry modified then
contact the address below. They are currently listed in the
@@ -16,7 +19,7 @@ order that they were received. If it gets too big we may organise it
by region. Please make sure to include a header line giving the region
and country, eg CANBERRA - AUSTRALIA.
-You can contact the maintainers at samba-bugs@anu.edu.au
+You can contact the maintainers at samba-bugs@samba.anu.edu.au
------------------------------------------------------------------------------
@@ -41,11 +44,13 @@ of the SAMBA Web Pages.
------------------------------------------------------------------------------
READING - ENGLAND
-Philip Hands | E-Mail: info@hands.com
-Philip Hands Computing Ltd. | Tel: +44 1734 476287 Fax: 1734 474655
-Unit 1, Cherry Close, Caversham, Reading RG4 8UP UK
+Philip Hands | E-Mail: info@hands.com Tel:+44 118 9545656
+Philip Hands Computing Ltd. | Mobile: +44 802 242989 Fax:+44 118 9474655
+Unit 1, Cherry Close, Caversham, Reading RG4 8UP ENGLAND
-Samba experience: SVR4,SVR3.2 & Linux <--> WfWg, W3.1, OS2 and MS-LanMan
+Samba experience:
+ Server platforms: Linux,SVR4,SVR3.2 & Sequent ptx
+ Clients: WfWg, W3.1, OS2 and MS-LanMan
------------------------------------------------------------------------------
------------------------------------------------------------------------------
@@ -67,13 +72,16 @@ Unix Systems and TCP/IP Network design, programming, and administration.
------------------------------------------------------------------------------
------------------------------------------------------------------------------
-SolutionS R Us has been in business for 3+ years providing viable 3rd
-party support in system/network administration. With our own Linux
-distribution which we're constantly improving to make it the best and
-using it to provide total solutions for companies which are open to
-using Linux.
+Craftwork Solutions Inc.
+
+Craftwork Solutions Inc. is dedicated to providing the best possible
+services to our customers. The Craftworks team will provide you with a
+total solution package that will work for you both today and tomorrow.
+With our own Linux Distribution which we are constantly improving to make
+it the best and using it to provide total solutions for companies which
+are open to using Linux.
-Mauro DePalma <mauro@sru.com>
+Please contact mary@craftwork.com
------------------------------------------------------------------------------
------------------------------------------------------------------------------
@@ -106,9 +114,15 @@ Samba experience: SVR3.2, SOLARIS, ULTRIX, LINUX <--> DOS LAN-MAN, WFW
SYDNEY - AUSTRALIA
John Terpstra - Aquasoft (jht@aquasoft.com.au)
-Business: +612 524 4040
-Home: +612 540 3154
-Shoephone: +612 414 334422 (aka 0414 334422)
+Business: +612 9524 4040
+Home: +612 9540 3154
+Mobile: +612 414 334422 (aka 0414 334422)
+Samba Experience: Member of Samba-Team. Long term contributor to Samba
+ Samba on BSD/OS, Solaris (Sparc & x86), ISC Unix, SCO Unix
+ NCR SVR4, Linux, UnixWare, IBM, HP, DEC, Others.
+ Training Instructor in Windows NT, wide area networking
+ over TCP/IP. Providing paid-for support for Public Domain
+ Software and Linux.
------------------------------------------------------------------------------
------------------------------------------------------------------------------
@@ -136,17 +150,6 @@ philm@esi.com.au (Australia; New South Wales; SYDNEY; North East)
-----------------------------------------------------------------------
------------------------------------------------------------------------------
-EDINBUGH - SCOTLAND
-
-Charlie Hussey email charlie@edina.demon.co.uk
-Edina Software Limited tel 0131 657 1129
-4 James Street fax 0131 669 9092
-Edinburgh EH15 2DS
-
-SAMBA experience: SCO UNIX <=> WfWg
-------------------------------------------------------------------------------
-
-------------------------------------------------------------------------------
LONDON - ENGLAND
Mark H. Preston,
@@ -181,13 +184,15 @@ info@eram.esi.com.au Voice:+61-2-9063377
------------------------------------------------------------------------------
CHANTILLY - USA
-Intelligent Decisions, Inc.
-ATTN: Richard Bullington
-14121 Parke Long Ct. #104
-Chantilly, VA 22021
+Richard Bullington
+ObjectLinks, Inc.
+11166 Main Street
+Suite 407
+Fairfax, VA 22030
U.S.A.
-(703) 803-8070
-rbullington@intdec.com
+703-591-9797
+rbulling@objectlinks.com
+http://www.objectlinks.com/
Samba experience: Linux, DEC ULTRIX <=> WFWG 3.11, Windows NT 3.5
Specializing in World Wide Web related UNIX-to-PC connectivity.
@@ -198,22 +203,15 @@ FORT COLLINS, CO - USA
Granite Computing Solutions
ATTN: Brian Grossman
-Box 270103
+P.O. Box 270103
Fort Collins, CO 80527-0103
U.S.A.
-(970) 225-2370
-granite@fortnet.org
+Tel: +1 (970) 225-2370
+Email: granite@SoftHome.Net WWW: http://www.SoftHome.Net/granite/
Information services, including WfWG, NT, Apple <=> Unix interoperability.
-
-Our standard advertisement says:
-
-> Unix workstations, servers and custom systems <
->> WWW and Unix education <<
->>> Enterprise and departmental computing solutions <<<
->>> Backup & restore <<<
->> Software forensics <<
-> Data translation <
+WWW solutions. WWW education. Unix education. Custom software
+development - eg. http://www.SoftHome.Net/modsim/.
------------------------------------------------------------------------------
----------------------------------------------------------
@@ -243,15 +241,15 @@ LE12 8DX
TELEPHONE 01509-620922
FAX 01509-620933
-CONTACT DAVID ROBINSON
+Contact David Robinson
-WE ARE UNIX ORIENTATED BUT ALSO SPECIALISE IN PC TO UNIX COMMUNICATIONS, WE
-KNOW AND UNDERSTAND PC-NFS, (HENCE OUR INTEREST IN SAMBA).
-WE SUPPORT SUNOS, SOLARIS 1.X AND 2.X, HP-UX 9.0 AND 10.0, OSF (or DEC UNIX,
-whichever you prefer), WinNT, WfWG and Win95.
+We are unix orientated but also specialise in pc to unix communications, we
+know and understand pc-nfs, (hence our interest in samba).
+we support sunos, solaris 1.x and 2.x, hp-ux 9.0 and 10.0, osf (or dec unix,
+whichever you prefer), winnt, wfwg and win95.
-WE ARE ALREADY TALKING TO A COUPLE OF VERY LARGE SAMBA USERS HERE IN THE UK.
-WE WOULD LIKE TO SUPPORT THEM (AND MANY MORE), WOULD YOU PLEASE CONTACT ME ON:
+We are already talking to a couple of very large samba users here in the uk.
+we would like to support them (and many more), would you please contact me on:
david@tectonic.demon.co.uk
----------------------------------------------------------
@@ -357,6 +355,8 @@ rowl@earthlink.net
Michael St. Laurent
Hartwell Corporation
------------------------------------------------------------------------------
+
+------------------------------------------------------------------------------
WASHINGTON DC METRO - USA
Asset Software, Inc. has been running Samba since the 1.6 release on various
@@ -374,3 +374,68 @@ David J. Fenwick Asset Software, Inc.
President djf@assetsw.com
------------------------------------------------------------------------------
+
+------------------------------------------------------------------------------
+WELLINGTON - NEW ZEALAND
+
+David Gempton
+Computer Consultant
+UNIX & PC Networking specialist
+TTC Technology Training Consulting
+PO Box 5444
+Lambton Quay Wellington
+New Zealand
+Phone (025) 518-574
+Email: ttcdg@cyberspace.co.nz
+------------------------------------------------------------------------------
+
+
+
+------------------------------------------------------------------------------
+PRAHA (PRAGUE) - CZECH
+
+AGC Praha,
+David Doubrava
+Sokolovska 141
+PRAHA 8
+180 00
+
+Tel: +42 (2) 6600 2202 Fax: +42 (2) 683 02 55
+Email: ddoubrava@agc.cz WWW: http://corwin.agc.cz/
+
+I have Samba experience with Windows NT,
+Windows 95, and Windows for Workgroups clients with Linux and HP-UX
+servers.
+------------------------------------------------------------------------------
+
+------------------------------------------------------------------------------
+SEOUL - KOREA
+
+MultiMedia KOREA Inc, E-Mail : info@seoul.korea.co.kr
+Internet,WWW,Network Support Group, TEL : +82-02-597-1631
+ FAX : +82-02-521-4463
+SeoChoGu SeoChoDong 1537-6 WWW : http://www.korea.co.kr
+JungAng B/D #401
+SEOUL KOREA
+
+SAMBA Experience : SunOS, Solaris, Linux, SCO-Unix, Win95/NT/3.1
+------------------------------------------------------------------------------
+
+
+------------------------------------------------------------------------------
+UNITED STATES
+
+Stelias Computing is the developer of the InfoMagic Workgroup Server, a
+Linux distribution customized for use as a PC and Macintosh file and
+print server (using Samba and netatalk respectively). Stelias also
+offers custom system programming and Samba support contracts.
+
+For information about the InfoMagic Workgroup Server contact InfoMagic:
+ http://www.infomagic.com/
+ questions@infomagic.com
+ voice: 800-800-6613 or 520-526-9565
+ fax: 520-526-9573
+
+To contact Stelias about custom arrangments, send email to
+info@stelias.com.
+------------------------------------------------------------------------------
diff --git a/docs/textdocs/Tracing.txt b/docs/textdocs/Tracing.txt
new file mode 100644
index 00000000000..6a9ba8b850d
--- /dev/null
+++ b/docs/textdocs/Tracing.txt
@@ -0,0 +1,86 @@
+This file describes how to do a system call trace on Samba to work out
+what its doing wrong. This is not for the faint of heart, but if you
+are reading this then you are probably desperate.
+
+Actually its not as bad as the the above makes it sound, just don't
+expect the output to be very pretty :-)
+
+Ok, down to business. One of the big advantages of unix systems is
+that they nearly all come with a system trace utility that allows you
+to monitor all system calls that a program is making. This is
+extremely using for debugging and also helps when trying to work out
+why something is slower than you expect. You can use system tracing
+without any special compilation options.
+
+The system trace utility is called different things on different
+systems. On Linux systems its called strace. Under SunOS 4 its called
+trace. Under SVR4 style systems (including solaris) its called
+truss. Under many BSD systems its called ktrace.
+
+The first thing you should do is read the man page for your native
+system call tracer. In the discussion below I'll assume its called
+strace as strace is the only portable system tracer (its available for
+free for many unix types) and its also got some of the nicest
+features.
+
+Next, try using strace on some simple commands. For example, "strace
+ls" or "strace echo hello".
+
+You'll notice that it produces a LOT of output. It is showing you the
+arguments to every system call that the program makes and the
+result. Very little happens in a program without a system call so you
+get lots of output. You'll also find that it produces a lot of
+"preamble" stuff showing the loading of shared libraries etc. Ignore
+this (unless its going wrong!)
+
+For example, the only line that really matters in the "strace echo
+hello" output is:
+
+write(1, "hello\n", 6) = 6
+
+all the rest is just setting up to run the program.
+
+Ok, now you're famialiar with strace. To use it on Samba you need to
+strace the running smbd daemon. The way I tend ot use it is to first
+login from my Windows PC to the Samba server, then use smbstatus to
+find which process ID that client is attached to, then as root I do
+"strace -p PID" to attach to that process. I normally redirect the
+stderr output from this command to a file for later perusal. For
+example, if I'm using a csh style shell:
+
+ strace -f -p 3872 >& strace.out
+
+or with a sh style shell:
+
+ strace -f -p 3872 > strace.out 2>&1
+
+Note the "-f" option. This is only available on some systems, and
+allows you to trace not just the current process, but any children it
+forks. This is great for finding printing problems caused by the
+"print command" being wrong.
+
+Once you are attached you then can do whatever it is on the client
+that is causing problems and you will capture all the system calls
+that smbd makes.
+
+So how do you interpret the results? Generally I search thorugh the
+output for strings that I know will appear when the problem
+happens. For example, if I am having touble with permissions on a file
+I would search for that files name in the strace output and look at
+the surrounding lines. Another trick is to match up file descriptor
+numbers and "follow" what happens to an open file until it is closed.
+
+Beyond this you will have to use your initiative. To give you an idea
+of wehat you are looking for here is a piece of strace output that
+shows that /dev/null is not world writeable, which causes printing to
+fail with Samba:
+
+[pid 28268] open("/dev/null", O_RDWR) = -1 EACCES (Permission denied)
+[pid 28268] open("/dev/null", O_WRONLY) = -1 EACCES (Permission denied)
+
+the process is trying to first open /dev/null read-write then
+read-only. Both fail. This means /dev/null has incorrect permissions.
+
+Have fun!
+
+(please send updates/fixes to this file to samba-bugs@samba.anu.edu.au)
diff --git a/docs/textdocs/UNIX-SMB.txt b/docs/textdocs/UNIX-SMB.txt
index b2c064215cf..92167a9e843 100644
--- a/docs/textdocs/UNIX-SMB.txt
+++ b/docs/textdocs/UNIX-SMB.txt
@@ -155,6 +155,9 @@ within the one process. On some unixes (such as SCO) this is not
possible. This means that on those unixes the client is restricted to
a single uid.
+Note that you can also get the "trapdoor uid" message for other
+reasons. Please see the FAQ for details.
+
Port numbers
============
diff --git a/docs/textdocs/security_level.txt b/docs/textdocs/security_level.txt
new file mode 100644
index 00000000000..34d7ce70932
--- /dev/null
+++ b/docs/textdocs/security_level.txt
@@ -0,0 +1,79 @@
+Description of SMB security levels.
+----------------------------------
+
+
+A SMB server tells the client at startup what "security level" it is
+running. There are two options "share level" and "user level". Which
+of these two the client receives affects the way the client then tries
+to authenticate itself. It does not directly affect (to any great
+extent) the way the Samba server does security. I know this is
+strange, but it fits in with the client/server approach of SMB. In SMB
+everything is initiated and controlled by the client, and the server
+can only tell the client what is available and whether an action is
+allowed.
+
+I'll describe user level security first, as its simpler. In user level
+security the client will send a "session setup" command directly after
+the protocol negotiation. This contains a username and password. The
+server can either accept or reject that username/password
+combination. Note that at this stage the server has no idea what
+share the client will eventually try to connect to, so it can't base
+the "accept/reject" on anything other than:
+
+- the username/password
+- the machine that the client is coming from
+
+If the server accepts the username/password then the client expects to
+be able to mount any share (using a "tree connection") without
+specifying a password. It expects that all access rights will be as
+the username/password specified in the "session setup".
+
+It is also possible for a client to send multiple "session setup"
+requests. When the server responds it gives the client a "uid" to use
+as an authentication tag for that username/password. The client can
+maintain multiple authentication contexts in this way (WinDD is an
+example of an application that does this)
+
+
+Ok, now for share level security. In share level security (the default
+with samba) the client authenticates itself separately for each
+share. It will send a password along with each "tree connection"
+(share mount). It does not explicitly send a username with this
+operation. The client is expecting a password to be associated with
+each share, independent of the user. This means that samba has to work
+out what username the client probably wants to use. It is never
+explicitly sent the username. Some commercial SMB servers such as NT actually
+associate passwords directly with shares in share level security, but
+samba always uses the unix authentication scheme where it is a
+username/password that is authenticated, not a "share/password".
+
+Many clients send a "session setup" even if the server is in share
+level security. They normally send a valid username but no
+password. Samba records this username in a list of "possible
+usernames". When the client then does a "tree connection" it also adds
+to this list the name of the share they try to connect to (useful for
+home directories) and any users listed in the "user =" smb.conf
+line. The password is then checked in turn against these "possible
+usernames". If a match is found then the client is authenticated as
+that user.
+
+Finally "server level" security. In server level security the samba
+server reports to the client that it is in user level security. The
+client then does a "session setup" as described earlier. The samba
+server takes the username/password that the client sends and attempts
+to login to the "password server" by sending exactly the same
+username/password that it got from the client. If that server is in
+user level security and accepts the password then samba accepts the
+clients connection. This allows the samba server to use another SMB
+server as the "password server".
+
+You should also note that at the very start of all this, where the
+server tells the client what security level it is in, it also tells
+the client if it supports encryption. If it does then it supplies the
+client with a random "cryptkey". The client will then send all
+passwords in encrypted form. You have to compile samba with encryption
+enabled to support this feature, and you have to maintain a separate
+smbpasswd file with SMB style encrypted passwords. It is
+cryptographically impossible to translate from unix style encryption
+to SMB style encryption, although there are some fairly simple management
+schemes by which the two could be kept in sync.
generated by cgit (git 2.34.1) at 2024-09-25 02:41:23 +0000