[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: samba & zip

To: Dan Downs <retnuh.downs@xxxxxxxxx>
Subject: Re: samba & zip
From: "Adam Williams" <awilliam@xxxxxxxxxxxxx>
Date: Fri, 11 Dec 1998 02:04:35 +0000
Cc: klug@xxxxxxxxxxxxxxxx
In-Reply-To: Dan Downs <retnuh.downs@wmich.edu> "samba & zip" (Dec 9, 10:13pm)
References: <366EF5FD.9F1FDF86@wmich.edu>

On Dec 9, 10:13pm, Dan Downs wrote:
> Subject: samba & zip
> Just reminding you to send some samba configs. Also I downloaded pkzip
> for linux and it works much faster, I tried deleting files out of an
> archive and I had a prompt again in about a second.
>

Great, I didn't know the "real" pkzip/pkunzip was available for linux.  I'll
have to check that out.  And the GUI front your using is tkzip, right?  I
assume that means it's written in tickle?

I've attached three Samba config files,  that represent the three basic types
of Samba servers.

First three things to remember:
	1 - All Windows users must have matching account on the Unix box and an
entry in the smbpasswd file.  Their accounts can have bogus shells so they
can't logon but they MUST have UID.
	2 - All UNIX groups should probably have a user account as well (that
is a UID as well as a GID), as future versions of Samba may require this.  In
NT a group can OWN a file just like a User can, so be prepared.
	3 - UNIX and Windows use diffrent name spaces (DNS vs. WINS/Browseing).
 By keeping a central WINS servers and your DNS and SMB host names the same,
life will be ALOT easier.

smb.conf.littleboy is the Samba config for a server that handles the WINS
requests (if you have more than one subnet or any broadcast-isolated clients,
you NEED WINS and you need it on ALL your clients),  all authentication login
requests, and is the primary print server.  I really recommend making ONE
server that stores all your passwords,  it makes things really simple.  By the
way this machine is also the master NIS server and DNS server.  User's do not
log into this machine or run applications there so it is quite secure and
performance is steady.
Important points:
        os level = 250
        local master = yes
        preferred master = yes
        wins support = yes
        smb passwd file = /usr/local/samba/private/smbpasswd
        encrypt passwords = yes
        security = user
        domain master = yes
        domain logons = yes

smb.conf.mie is the config file for the REAL file server (a RS/6000 590 with
1Gb of RAM).  It passes all password requests off the littleboy (password
server=) and wins requests (wins server=). It defines alot of shares
include-ing the home directories and the netlogon share where Win95 policies
are stores.
Important points:
   invalid users = root
   security = server
   password server = littleboy
   domain master = no
   domain logons = no
   wins server = 192.168.1.9
   logon script = %U.bat
   os level = 100

smb.conf.whitesand is a wee-little box (486) sitting in a closet at our central
warehouse (one of two locations other than the main-office where we have
Windows PC's).  It handles local print jobs to keep them from crossing the WAN
link twice (to server/back to printer).   It also keeps a local NT workstation
from handling the local browse list (which it habitually corrupts).
Important points:
   security = server
   password server = littleboy
   encrypt passwords = yes
   local master = yes
   os level = 35
   domain master = yes
   preferred master = yes
   wins server = 192.168.1.9

It is possible to disable encrypted password on Win95/98 with a registry hack
but if you have NT Sp3+ you MUST have encrypted passwords.  They are a pain as
you have to (or at least want to) keep them in sync with your UNIX passwords if
your users login to the Unix boxes.  You'll have to engineer a system to do
that based upon requirements at your site.

Data

Prev by Date: Re: Dual Booting (Part II)
Next by Date: Re: Dual Booting (Part II)
Prev by thread: Re: Dual Booting (Part II)
Next by thread: Meeting - December 15
Index(es):
- Date
- Thread