Home > Store

larger cover

Add To My Wish List

Register your product to gain access to bonus material or receive a coupon.

Samba-3 by Example: Practical Exercises to Successful Deployment, 2nd Edition

Book

  • Your Price: $43.99
  • List Price: $54.99
  • Usually ships in 24 hours.
  • Description
  • Downloads
  • Sample Content
  • Updates
  • Copyright 2006
  • Dimensions: 7x9-1/4
  • Pages: 512
  • Edition: 2nd
  • Book
  • ISBN-10: 0-13-188221-X
  • ISBN-13: 978-0-13-188221-8

Samba-3 by Example provides useful, thoroughly documented explanations for all aspects of a Samba deployment. They’re the same kind of patient answers I got when my dad taught me how to ride a bike without training wheels. Now, if only dad knew active Directory....”

—Will Enestvedt, UNIX System Administrator, Johnson & Wales University
“When my colleague and I were first reading John Terpstra’s Samba-3 by Example, we were impressed by how easy it was to find the chapter we wanted to implement, and the ease of following his step-by-step approach. We always felt Terpstra was there with us, for every configuration line. It was like having our own personal tutor. I always take his book to every client that uses Samba. Additionally, Terpstra does something most authors don’t, he keeps his documentation up to date. When we were doing our first implementation, he just released the update that morning; we downloaded it, printed it, and implemented it. Now, to me, that is cutting-edge technology at its best.”

—Steven C. Henry
“A cook learns to follow a recipe until he has mastered the art. This is your cookbook to successful Windows networks. I followed this recipe to migrate our NT4 domain to Samba-3, and the recipe just worked great. I could not have completed this project without the Samba-3 by Example book—it brings dry, lifeless man-pages down to the reality IT support people face.”

—Geoff Scott, IT Systems Administrator, Guests Furniture Hire Pty Ltd
“I used the book Samba-3 by Example to get started at 8:30 last night. I finished my complete PDC and it was up and running in six hours with Windows 2000 and XP Pro clients ready for work in the morning. That’s from someone who is brand new to Linux. This book is awesome!”

—Jesse Knudsen, Windows Systems Administrator
The Practical, Tested, Step-by-Step Samba-3 Guidebook Has Now Been Fully Updated!

The definitive Samba-3 guidebook has been completely updated to reflect the latest Samba releases and migration techniques. This book’s complete configuration files, step-by-step implementation instructions, network diagrams, and automated scripts make deployment a breeze—even if you've never worked with Samba before. From small office networks to enterprise environments, here are proven configurations, backed by guidance from one of the world’s most respected Samba experts, Samba Team contibutor John H. Terpstra.

This edition has added comprehensive diagnostic techniques and validation steps, as well as solutions to common implementation mistakes: everything you need to assure reliability and performance regardless of your network environment. In response to reader requests, the author has also added detailed coverage of updating existing Samba networks, as well as a practical primer on how Samba stores essential network information. Samba-3 by Example, Second Edition, covers all these scenarios, and more.

  • Deploying “no frills” servers for small, convenient networks
  • Implementing small- to-mid-sized networks using basic security
  • Implementing full-fledged enterprise network environments, with tips for enhancing availability and performance
  • Building secure, scalable networks with domain logons and roaming profiles
  • Deploying Samba in environments that utilize routers and firewalls
  • Examples that minimize desktop management requirements, using policy controls and folder redirection
  • Integrating Samba-3 with Windows Server 2003 and Microsoft Active Directory domains
  • Migrating seamlessly from Windows NT 4 to Samba-3
  • Adding Samba servers as Windows domain members
  • Configuring DHCP, DNS, and OpenLDAP servers to get the most out of your Samba network
  • An example of Squid, using Windows authentication through Samba
  • Estimating server hardware, using the practical guidelines included here

If you’re a Windows network administrator responsible for deploying or managing Samba, Samba-3 by Example, Second Edition, is your indispensable resource.

CD-ROM Included

The CD-ROM contains all example configuration files, scripts, and tools covered in the book.



Online Sample Chapter

Updating Samba-3 with Minimal Pain and User Frustration

Downloadable Sample Chapter

Download the Sample Chapter related to this title.

Table of Contents

List of Examples.

List of Figures.

List of Tables.

Foreword.

Preface.

I. EXAMPLE NETWORK CONFIGURATIONS.

Chapter 1. No-Frills Samba Servers.

    1.1 Introduction.

    1.2 Assignment Tasks.

    1.3 Questions and Answers.

Chapter 2. Small Office Networking.

    2.1 Introduction.

    2.2 Dissection and Discussion.

    2.3 Implementation.

    2.4 Questions and Answers.

Chapter 3. Secure Office Networking.

    3.1 Introduction.

    3.2 Dissection and Discussion.

    3.3 Implementation.

    3.4 Questions and Answers.

Chapter 4. The 500-User Office.

    4.1 Introduction.

    4.2 Dissection and Discussion.

    4.3 Implementation.

    4.4 Questions and Answers.

Chapter 5. Making Happy Users.

    5.1 Regarding LDAP Directories and Windows Computer Accounts.

    5.2 Introduction.

    5.3 Dissection and Discussion.

    5.4 Samba Server Implementation.

    5.5 Samba-3 BDC Configuration.

    5.6 Miscellaneous Server Preparation Tasks.

    5.7 Windows Client Configuration.

    5.8 Key Points Learned.

    5.9 Questions and Answers.

Chapter 6. A Distributed 2000-User Network.

    6.1 Introduction.

    6.2 Dissection and Discussion.

    6.3 Implementation.

    6.4 Questions and Answers.

II. DOMAIN MEMBERS, UPDATING SAMBA AND MIGRATION.

Chapter 7. Adding Domain Member Servers and Clients.

    7.1 Introduction.

    7.2 Dissection and Discussion.

    7.3 Implementation.

    7.4 Questions and Answers.

Chapter 8. Updating Samba-3.

    8.1 Introduction.

    8.2 Upgrading from Samba 1.x and 2.x to Samba-3.

    8.3 Updating a Samba-3 Installation.

Chapter 9. Migrating NT4 Domain to Samba-3.

    9.1 Introduction.

    9.2 Dissection and Discussion.

    9.3 Implementation.

    9.4 Questions and Answers.

Chapter 10. Migrating Netware Server to Samba-3.

    10.1 Introduction.

    10.2 Dissection and Discussion.

    10.3 Implementation.

III. REFERENCE SECTION.

Chapter 11. Active Directory, Kerberos, and Security.

    11.1 Introduction.

    11.2 Dissection and Discussion.

    11.3 Implementation.

    11.4 Questions and Answers.

Chapter 12. Integrating Additional Services.

    12.1 Introduction.

    12.2 Dissection and Discussion.

    12.3 Implementation.

    12.4 Questions and Answers.

Chapter 13. Performance, Reliability, and Availability.

    13.1 Introduction.

    13.2 Dissection and Discussion.

    13.3 Guidelines for Reliable Samba Operation.

    13.4 Key Points Learned.

Chapter 14. Samba Support.

    14.1 Free Support.

    14.2 Commercial Support.

Chapter 15. A Collection of Useful Tidbits.

    15.1 Joining a Domain: Windows 200x/XP Professional.

    15.2 Samba System File Location.

    15.3 Starting Samba.

    15.4 DNS Configuration Files.

    15.5 Alternative LDAP Database Initialization.

    15.6 The LDAP Account Manager.

    15.7 IDEALX Management Console.

    15.8 Effect of Setting File and Directory SUID/SGID Permissions Explained.

    15.9 Shared Data Integrity.

Chapter 16. Networking Primer.

    16.1 Requirements and Notes.

    16.2 Introduction.

    16.3 Exercises.

    16.4 Dissection and Discussion.

    16.5 Questions and Answers.

Appendix A. GNU General Public License.

    A.1 Preamble.

    A.2 Terms and Conditions for Copying, Distribution and Modification.

    A.3 How to Apply These Terms to Your New Programs.

Glossary.

Subject Index.

 

Preface

Untitled Document Network administrators live busy lives. We face distractions and pressures that drive us to seek proven, working case scenarios that can be easily implemented. Often this approach lands us in trouble. There is a saying that, geometrically speaking, the shortest distance between two points is a straight line, but practically we find that the quickest route to a stable network solution is the long way around.

This book is your means to the straight path. It provides step-by-step, proven, working examples of Samba deployments. If you want to deploy Samba-3 with the least effort, or if you want to become an expert at deploying Samba-3 without having to search through lots of documentation, this book is the ticket to your destination.

Samba is software that can be run on a platform other than Microsoft Windows, for example, UNIX, Linux, IBM System 390, OpenVMS, and other operating systems. Samba uses the TCP/IP protocol that is installed on the host server. When correctly configured, it allows that host to interact with a Microsoft Windows client or server as if it is a Windows file and print server. This book will help you to implement Windows-compatible file and print services.

The examples presented in this book are typical of various businesses and reflect the problems and challenges they face. Care has been taken to preserve attitudes, perceptions, practices, and demands from real network case studies. The maximum benefit may be obtained from this book by working carefully through each exercise. You may be in a hurry to satisfy a specific need, so feel free to locate the example that most closely matches your need, copy it, and innovate as much as you like. Above all, enjoy the process of learning the secrets of MS Windows networking that is truly liberated by Samba.

The focus of attention in this book is Samba-3. Specific notes are made in respect of how Samba may be made secure. This book does not attempt to provide detailed information regarding secure operation and configuration of peripheral services and applications such as OpenLDAP, DNS and DHCP, the need for which can be met from other resources that are dedicated to the subject.

Why Is This Book Necessary?

This book is the result of observations and feedback. The feedback from the Samba-HOWTO-Collection has been positive and complimentary. There have been requests for far more worked examples, a “Samba Cookbook,” and for training materials to help kick-start the process of mastering Samba.

The Samba mailing lists users have asked for sample configuration files that work. It is natural to question one’s own ability to correctly configure a complex tool such as Samba until a minimum necessary knowledge level has been attained.

The Samba-HOWTO-Collection — as does The Official Samba-3 HOWTO and Reference Guide — documents Samba features and functionality in a topical context. This book takes a completely different approach. It walks through Samba network configurations that are working within particular environmental contexts, providing documented step-by-step implementations. All example case configuration files, scripts, and other tools are provided on the CD-ROM. This book is descriptive, provides detailed diagrams, and makes deployment of Samba-3 a breeze.

Samba 3.0.20 Update Edition

The Samba 3.0.x series has been remarkably popular. At the time this book first went to print Samba-3.0.2 was being released. There have been significant modifications and enhancements between Samba-3.0.2 and Samba-3.0.14 (the current release) that necessitate this documentation update. This update has the specific intent to refocus this book so that its guidance can be followed for Samba-3.0.20 and beyond. Further changes are expected as Samba-3 matures further and will be reflected in future updates.

Prerequisites

This book is not a tutorial on UNIX or Linux administration. UNIX and Linux training is best obtained from books dedicated to the subject. This book assumes that you have at least the basic skill necessary to use these operating systems, and that you can use a basic system editor to edit and configure files. It has been written with the assumption that you have experience with Samba, have read The Official Samba-3 HOWTO and Reference Guide and the Samba-HOWTO-Collection, or that you have familiarity with Microsoft Windows.

If you do not have this experience, you can follow the examples in this book but may find yourself at times intimidated by assumptions made. In this situation, you may need to refer to administrative guides or manuals for your operating system platform to find what is the best method to achieve what the text of this book describes.

Approach

The first chapter deals with some rather thorny network analysis issues. Do not be put off by this. The information you glean, even without a detailed understanding of network protocol analysis, can help you understand how Windows networking functions.

Each following chapter of this book opens with the description of a networking solution sought by a hypothetical site. Bob Jordan is a hypothetical decision maker for an imaginary company, Abmas Biz NL. We will use the non-existent domain name abmas.biz. All facts presented regarding this company are fictitious and have been drawn from a variety of real business scenarios over many years. Not one of these reveal the identify of the real-world company from which the scenario originated.

In any case, Mr. Jordan likes to give all his staff nasty little assignments. Stanley Saroka is one of his proteges; Christine Roberson is the network administrator Bob trusts. Jordan is inclined to treat other departments well because they finance Abmas IT operations.

Each chapter presents a summary of the network solution we have chosen to demonstrate together with a rationale to help you to understand the thought process that drove that solution. The chapter then documents in precise detail all configuration files and steps that must be taken to implement the example solution. Anyone wishing to gain serious value from this book will do well to take note of the implications of points made, so watch out for the this means that notations.

Each chapter has a set of questions and answers to help you to to understand and digest key attributes of the solutions presented.

Summary of Topics

The contents of this second edition of Samba-3 by Example have been rearranged based on feedback from purchasers of the first edition.

Clearly the first edition contained most of what was needed and that was missing from other books that cover this diffcult subject. The new arrangement adds additional material to meet consumer requests and includes changes that originated as suggestions for improvement.

Chapter 1 now dives directly into the heart of the implementation of Windows file and print server networks that use Samba at the heart.

Chapter 1 — No Frills Samba Servers. Here you design a solution for three different business scenarios, each for a company called Abmas. There are two simple networking problems and one slightly more complex networking challenge. In the first two cases, Abmas has a small simple office, and they want to replace a Windows 9x peer-to-peer network. The third example business uses Windows 2000 Professional. This must be simple, so let’s see how far we can get. If successful, Abmas grows quickly and soon needs to replace all servers and workstations.

TechInfo — This chapter demands:

  • Case 1: The simplest smb.conf file that may reasonably be used. Works with Samba-2.x also. This configuration uses Share Mode security. Encrypted passwords are not used, so there is no smbpasswd file.
  • Case 2: Another simple smb.conf file that adds WINS support and printing support. This case deals with a special requirement that demonstrates how to deal with purpose-built software that has a particular requirement for certain share names and printing demands. This configuration uses Share Mode security and also works with Samba-2.x. Encrypted passwords are not used, so there is no smbpasswd file.
  • Case 3: This smb.conf configuration uses User Mode security. The file share configuration demonstrates the ability to provide master access to an administrator while restricting all staff to their own work areas. Encrypted passwords are used, so there is an implicit smbpasswd file.
Chapter 2 — Small Office Networking. Abmas is a successful company now. They have 50 network users and want a little more varoom from the network. This is a typical small office and they want better systems to help them to grow. This is your chance to really give advanced users a bit more functionality and usefulness.

TechInfo —This smb.conf file makes use of encrypted passwords, so there is an smbpasswd file. It also demonstrates use of the valid users and valid groups to restrict share access. The Windows clients access the server as Domain members. Mobile users log onto the Domain while in the office, but use a local machine account while on the road. The result is an environment that answers mobile computing user needs.

Chapter 3 — Secure Office Networking. Abmas is growing rapidly now. Money is a little tight, but with 130 network users, security has become a concern. They have many new machines to install and the old equipment will be retired. This time they want the new network to scale and grow for at least two years. Start with a sufficient system and allow room for growth. You are now implementing an Internet connection and have a few reservations about user expectations.

TechInfo —This smb.conf file makes use of encrypted passwords, and you can use a tdbsam password backend. Domain logons are introduced. Applications are served from the central server. Roaming profiles are mandated. Access to the server is tightened up so that only domain members can access server resources. Mobile computing needs still are catered to.

Chapter 4 — The 500-User Office. The two-year projections were met. Congratulations, you are a star. Now Abmas needs to replace the network. Into the existing user base, they need to merge a 280-user company they just acquired. It is time to build a serious network. There are now three buildings on one campus and your assignment is to keep everyone working while a new network is rolled out. Oh, isn’t it nice to roll out brand new clients and servers! Money is no longer tight, you get to buy and install what you ask for. You will install routers and a firewall. This is exciting!

TechInfo —This smb.conf file makes use of encrypted passwords, and a tdbsam password backend is used. You are not ready to launch into LDAP yet, so you accept the limitation of having one central Domain Controller with a Domain Member server in two buildings on your campus. A number of clever techniques are used to demonstrate some of the smart options built into Samba.

Chapter 5 — Making Happy Users. Congratulations again. Abmas is happy with your services and you have been given another raise. Your users are becoming much more capable and are complaining about little things that need to be fixed. Are you up to the task? Mary says it takes her 20 minutes to log onto the network and it is killing her productivity. Email is a bit unreliable — have you been sleeping on the job? We do not discuss the technology of email but when the use of mail clients breaks because of networking problems, you had better get on top of it. It’s time for a change.

TechInfo —This smb.conf file makes use of encrypted passwords; a distributed ldap-sam password backend is used. Roaming profiles are enabled. Desktop profile controls are introduced. Check out the techniques that can improve the user experience of network performance. As a special bonus, this chapter documents how to configure smart downloading of printer drivers for drag-and-drop printing support. And, yes, the secret of configuring CUPS is clearly documented. Go for it; this one will tease you, too.

Chapter 6 — A Distributed 2000-User Network. Only eight months have passed, and Abmas has acquired another company. You now need to expand the network further. You have to deal with a network that spans several countries. There are three new networks in addition to the original three buildings at the head-office campus. The head office is in New York and you have branch offices in Washington, Los Angeles, and London. Your desktop standard is Windows XP Professional. In many ways, everything has changed and yet it must remain the same. Your team is primed for another roll-out. You know there are further challenges ahead.

TechInfo — Slave LDAP servers are introduced. Samba is configured to use multiple LDAP backends. This is a brief chapter; it assumes that the technology has been mastered and gets right down to concepts and how to deploy them.

Chapter 7 — Adding UNIX/Linux Servers and Clients. Well done, Bob, your team has achieved much. Now help Abmas integrate the entire network. You want central control and central support and you need to cut costs. How can you reduce administrative overheads and yet get better control of the network?

This chapter has been contributed by Mark Taylor (mark.taylor@siriusit.co.uk) and is based on a live site. For further information regarding this example case, please contact Mark directly.

TechInfo — It is time to consider how to add Samba servers and UNIX and Linux network clients. Users who convert to Linux want to be able to log on using Windows network accounts. You explore nss_ldap, pam_ldap, winbind, and a few neat techniques for taking control. Are you ready for this?

Chapter 8 — Updating Samba-3. This chapter is the result of repeated requests for better documentation of the steps that must be followed when updating or upgrading a Samba server. It attempts to cover the entire subject in broad-brush but at the same time provides detailed background information that is not covered elsewhere in the Samba documentation.

TechInfo — Samba stores a lot of essential network information in a large and growing collection of files. This chapter documents the essentials of where those files may be located and how to find them. It also provides an insight into inter-related matters that affect a Samba installation.

Chapter 9 — Migrating NT4 Domain to Samba-3. Another six months have passed. Abmas has acquired yet another company. You will find a way to migrate all users off the old network onto the existing network without loss of passwords and will effect the change-over during one weekend. May the force (and caffeine) be with you, may you keep your back to the wind and may the sun shine on your face.

TechInfo — This chapter demonstrates the use of the net rpc migrate facility using an LDAP ldapsam backend, and also using a tdbsam passdb backend. Both are much-asked-for examples of NT4 Domain migration.

Chapter 10 — Migrating NetWare 4.11 Server to Samba. Misty Stanley-Jones has contributed information that summarizes her experience at migration from a NetWare server to Samba-3.

TechInfo — The documentation provided demonstrates how one site migrated from NetWare to Samba. Some alternatives tools are mentioned. These could be used to provide another pathway to a successful migration.

Chapter 11 — Active Directory, Kerberos, and Security. Abmas has acquired an-other company that has just migrated to running Windows Server 2003 and Active Directory. One of your staff makes offhand comments that land you in hot water. A network security auditor is hired by the head of the new business and files a damning report, and you must address the defects reported. You have hired new network engineers who want to replace Microsoft Active Directory with a pure Kerberos solution. How will you handle this?

TechInfo — This chapter is your answer. Learn about share access controls, proper use of UNIX/Linux file system access controls, and Windows 200x Access Control Lists. Follow these steps to beat the critics.

Chapter 12 — Integrating Additional Services. The battle is almost over, Samba-3 has won the day. Your team are delighted and now you find yourself at yet another cross-roads. Abmas have acquired a snack food business, you made promises you must keep. IT costs must be reduced, you have new resistance, but you will win again. This time you choose to install the Squid proxy server to validate the fact that Samba is far more than just a file and print server. SPNEGO authentication support means that your Microsoft Windows clients gain transparent proxy access.

TechInfo — Samba provides the ntlm auth module that makes it possible for MS Windows Internet Explorer to connect via the Squid Web and FTP proxy server. You will configure Samba-3 as well as Squid to deliver authenticated access control using the Active Directory Domain user security credentials.

Chapter 13 — Performance, Reliability, and Availability. Bob, are you sure the new Samba server is up to the load? Your network is serving many users who risk becoming unproductive. What can you do to keep ahead of demand? Can you keep the cost under control also? What can go wrong?

TechInfo — Hot tips that put chili into your network. Avoid name resolution problems, identify potential causes of network collisions, avoid Samba configuration options that will weigh the server down. MS distributed file services to make your network fly and much more. This chapter contains a good deal of “Did I tell you about this...?” type of hints to help keep your name on the top performers list.

Chapter 14 — Samba Support. This chapter has been added specifically to help those who are seeking professional paid support for Samba. The critics of Open Source Software often assert that there is no support for free software. Some critics argue that free software undermines the service that proprietary commercial software vendors depend on. This chapter explains what are the support options for Samba and the fact that a growing number of businesses make money by providing commercial paid-for Samba support.

Chapter 15 — A Collection of Useful Tidbits. Sometimes it seems that there is not a good place for certain odds and ends that impact Samba deployment. Some readers would argue that everyone can be expected to know this information, or at least be able to find it easily. So to avoid offending a reader’s sensitivities, the tid-bits have been placed in this chapter. Do check out the contents, you may find something of value among the loose ends.

Chapter 16 — Windows Networking Primer. Here we cover practical exercises to help us to understand how MS Windows network protocols function. A network protocol analyzer helps you to appreciate the fact that Windows networking is highly dependent on broadcast messaging. Additionally, you can look into network packets that a Windows client sends to a network server to set up a network connection. On completion, you should have a basic understanding of how network browsing functions and have seen some of the information a Windows client sends to a file and print server to create a connection over which file and print operations may take place.

Foreword

Download the Foreword file related to this title.

Index

Download the Index file related to this title.

FREE

ONE MONTH ACCESS!

WITH PURCHASE


Get unlimited 30-day access to thousands of Books & Training Videos about technology, professional development and digital media If you continue your subscription after your 30-day trial, you can receive 30% off a monthly subscription to the Safari Library for up to 12 months.