Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2005 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Advanced Samba Administration Part.

Published byTodd Fields Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2005 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Advanced Samba Administration Part."— Presentation transcript:

1 © 2005 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Advanced Samba Administration Part 1: Samba 3 Overview Tim Pottertpot@hp.com Samba Teamtpot@samba.org

2 March 6, 2006 2 About Me Samba Team member since 2000 Worked on Samba 2.0, 2.2, 3.0 and 4.0 Hired by HP to work on Print Server Appliance Now working on Integrity server manageability Still contributing to Samba project

3 March 6, 2006 3 Tutorial Format Three sections −Part 1: Overview and New Features −Part 2: Domain Configurations −Part 3: Server Migration 10 minute break between parts Please ask questions as we go

4 March 6, 2006 4 Tutorial Theme How does this feature of Samba enable us to kick ass in our jobs? To do this we will look at: −features −configurations −know-how

5 March 6, 2006 5 Samba 3 vs Samba 4 Samba 4 is an almost complete rewrite An emphasis on completeness and testing Cross-pollination of code, tests, and ideas between branches Samba 3 development to continue as before Samba 4 development in parallel

6 March 6, 2006 6 Samba 3 vs Samba 4 Samba 3 Production branch Version 3.0.20 released 20 Aug 2005 Version 3.0.21 released 22 Dec 2005 Features to help you get your job done Samba 4 Research branch Technical Preview 1 released 24 Jan 2006 Technical Preview 2 released 22 Mar 2006 Try out new ideas and designs

7 March 6, 2006 7 Samba 4 Resources Keeping track of development −25 August, 2015amba-technical@lists.samba.org25 August, 2015amba-technical@lists.samba.org −#samba-technical on irc.freenode.net Developer interviews and presentations −Jeremy Allison, Linux Format UK −Slides from Samba XP conference, 2004-2006 Technical Preview source code −TP1 released 24/1/06 −TP2 released 22/3/06

8 March 6, 2006 8 Part 1- Overview & New Features What's new in Samba 3.0? Network analysis tools User Rights and Privileges File System ACLs Distributed File System support (Dfs) Samba Virtual File System (VFS) layer

9 March 6, 2006 9 What's New in 3.0? Use of Kerberos and LDAP when joined to an Active Directory domain UNICODE support Improved printing Better NT4 domain control and migration features Flexible authentication and account storage options

10 March 6, 2006 10 What's New in 3.0? (cont) Improved winbind Better CIFS compatibility with Windows file servers Later 3.0.x versions include more policy settings −Password lockout −Password history −Logon hours −User rights −Nested groups

11 March 6, 2006 11 Network Analysis Tools Ethereal – a network protocol analyser http://www.ethereal.com/ Works under Windows and Linux Parses Unix, Windows and proprietary capture file formats Decodes hundreds of network protocols

12 March 6, 2006 12 Ethereal Filters Capture filters vs display filters Capture filters for CIFS traffic −port 139 or port 445 −udp port 137 or udp port 138 or udp port 139 Display filters know about more protocols −smb −dcerpc −spoolss Connection tracking features

13 March 6, 2006 13 Ethereal Tips Shows many important and unimportant protocol details Need to know what is normal and what is not Error codes are sometimes normal Run ethereal and examine the output when everything is working!

14 March 6, 2006 14 Network Analysis Tools tcpdump – a network packet capture program Run on your Linux box to capture and filter traffic seen by that box To capture all CIFS traffic: # tcpdump -i eth0 -s 0 -w cifs.cap \ port 139 or port 445

15 March 6, 2006 15 File System ACLs Requires POSIX ACL support −kernel −file system −samba Must use 'acl' mount option nt acl support (boolean) −Should a file share support file system ACLs? Defaults to true

16 March 6, 2006 16 POSIX ACL Semantics No new permission bits Normal Unix permissions still apply Can grant additional ugo bits to named users and groups Can specify ACLs on directories that are inherited by files and subdirectories

17 March 6, 2006 17 Handling Windows ACLs WindowsSamba NT ACL POSIX ACL Samba maps ACLs in the Windows domain to ACLs in the POSIX domain An engineering trade-off Mapping algorithm reasonably complex

18 March 6, 2006 18 More Info on ACLs “POSIX Access Control Lists on Linux” −Paper by Andreas Grünbacher from SuSE Labs −25 August, 2015ttp://www.suse.de/~agruen/acl/linux- acls/online/25 August, 2015ttp://www.suse.de/~agruen/acl/linux- acls/online/ General man page on POSIX ACLs is at acl(5) Man pages for getfacl(1), setfacl(1) and chacl(1) utilities IEEE POSIX 1003.1e standards document

19 March 6, 2006 19 Distributed File System Network mount points for Windows Native client support in −Windows 98/ME −Windows NT/2K/XP −Download add-on for Windows 95 Samba 3.0.12 includes Dfs support in smbclient

20 March 6, 2006 20 Dfs Redirection dir \\potato\dfs\cdrom ? look at \\carrot\cdrom... \\POTATO \\CARROT dir \\carrot\cdrom ? 1 2

21 March 6, 2006 21 MS Dfs Parameters host msdfs (boolean) (G) −Should smbd act as a Dfs server? msdfs root (boolean) (S) −Does this file share contain Dfs redirects? −msdfs links coexist with local files and directories msdfs proxy (string) (S) −UNC path to share containing the real Dfs referrals Dfs disabled by default in Samba <= 3.0.21

22 March 6, 2006 22 Creating Dfs Redirects Specially formed symbolic links −msdfs:SERVER\share For the potato/carrot cdrom example $ ln -s msdfs:carrot\\cdrom cdrom

23 March 6, 2006 23 File Share Switcheroo Can use the msdfs proxy parameter to transparently redirect a file share Original server must have Dfs enabled beforehand [data] msdfs proxy = \newserver\data

24 March 6, 2006 24 Virtual File System File system operations abstracted behind a function call interface Default is to call the regular disk I/O functions VFS module provides another implementation of these functions vfs objects (string) −List of shared libraries and configuration options

25 March 6, 2006 25 Available VFS Modules Multiple vfs modules can be loaded for a given share −audit file open/close, read/write operations −scan for viruses −implement a recycle bin −netatalk compatibility −MS-DFS referral heuristics

26 March 6, 2006 26 VFS Example Network recycle bin [protected] path = /export/smb/protected vfs object = recycle recycle:repository =.recycle recycle:versions = True recycle:touch = True recycle:keeptree = True recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$

27 March 6, 2006 27 Write your own! API definition in source/include/vfs.h Implement subset of disk, directory, file, ACL, EA and async I/O operations Handle configuration parameters

28 March 6, 2006 28 Summary of Part 1 Samba 3 vs Samba 4 Network analysis with ethereal and tcpdump File system ACLs Distributed File System support Virtual File System support

29 End of Part 1 Break for 10 minutes End of Part 1 Break for 10 minutes

Download ppt "© 2005 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Advanced Samba Administration Part."

Similar presentations

automated single login access to Novell storage resources

automated single login access to Novell storage resources
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.

Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Managing User Settings with Group Policy

Managing User Settings with Group Policy
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.

Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 8: Implementing and Managing Printers.
Chapter 12 Reading assignment n From “Running Linux”, on reserve at PSU Main library (2-hour checkout) Chapter 1 (pages 1 through 41)Chapter 1 (pages 1.

Chapter 12 Reading assignment n From “Running Linux”, on reserve at PSU Main library (2-hour checkout) Chapter 1 (pages 1 through 41)Chapter 1 (pages 1.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.

Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.
1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.

1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.
© 2005 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Advanced Samba Administration Part.

© 2005 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Advanced Samba Administration Part.
CMSC 691X – Summer 2002 Project By Pravin D’Souza.

CMSC 691X – Summer 2002 Project By Pravin D’Souza.
1 COP 4343 Unix System Administration Unit 16: file server – samba.

1 COP 4343 Unix System Administration Unit 16: file server – samba.

Similar presentations

Ads by Google