svn commit: lorikeet r61 - in trunk/samba4-ad-thesis: .
abartlet at samba.org
abartlet at samba.org
Thu Sep 16 11:59:44 GMT 2004
Author: abartlet
Date: 2004-09-16 11:59:44 +0000 (Thu, 16 Sep 2004)
New Revision: 61
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=lorikeet&path=/trunk/samba4-ad-thesis&rev=61&nolog=1
Log:
Quote CRH on what CIFS is (seeing as he wrote the book...).
Add references.
Andrew Bartett
Modified:
trunk/samba4-ad-thesis/chapters.lyx
trunk/samba4-ad-thesis/thesis.bib
Changeset:
Modified: trunk/samba4-ad-thesis/chapters.lyx
===================================================================
--- trunk/samba4-ad-thesis/chapters.lyx 2004-09-16 04:20:34 UTC (rev 60)
+++ trunk/samba4-ad-thesis/chapters.lyx 2004-09-16 11:59:44 UTC (rev 61)
@@ -195,7 +195,7 @@
, a descendant of the X.500 directory standard from the ITU (and part of
the full OSI networking stack)
-\begin_inset LatexCommand \citet{X.500-LDAP}
+\begin_inset LatexCommand \citet{X.500-LDAP,Understand-X.500}
\end_inset
@@ -241,8 +241,14 @@
make.
\layout Standard
-Much of the challenge of Samba4 is the continued task of 'network protocol
- analysis' - discussed in detail in section
+Much of the challenge of Samba4 is the continued task of `network protocol
+ analysis' - the art of determining the operation of a proprietory network
+ protocol, discussed in detail in chapter
+\begin_inset LatexCommand \vref{cha:Network-Protocol-analysis}
+
+\end_inset
+
+.
\layout Subsection
Simple directory server
@@ -267,12 +273,85 @@
CIFS
\layout Standard
-
+Perhaps the most important protocol in the Micrsoft networking landscape,
+ CIFS
\begin_inset LatexCommand \citep{mind,hertel}
\end_inset
+ dominates the connections made between almost all clients and servers on
+ a windows network.
+ Much of the legwork of Active Directory is carried over CIFS at some point
+ or other.
+ Chris Hertel gives this description of CIFS in his book, Implemeting CIFS:
+\layout Subsection
+What is CIFS?
+\layout Quote
+
+CIFS is a network filesystem plus a set of auxiliary services supported
+ by a bunch of underlying protocols.
+ Any and all of these various bits have been called CIFS, which leaves us
+ with a somewhat muddy definition.
+ To make things easier, we'll start by saying that CIFS is "Microsoft's
+ way of doing network file sharing", and work out the details as we go on.
+\layout Quote
+
+The name "CIFS", of course, is an acronym.
+ It stands for Common Internet File System, a title which deserves a bit
+ of dissection:
+\layout Subsubsection*
+
+Common
+\layout Quote
+
+The term has a variety of connotations, but we will assume that Microsoft
+ was thinking of common in the sense of commonly available or commonly used.
+ All MS operating systems have had some form of CIFS networking available
+ or built in, and there are implementations of CIFS for most major non-MS
+ operating systems as well.
+\layout Quote
+
+Unfortunately, there is not yet a specification for CIFS that is complete,
+ correct, authoritative, and freely available.
+ Microsoft defines CIFS by their implementations and, as we shall see, their
+ attempts at documenting the complete suite have been somewhat random.
+ This has an adverse impact on the commonality of the system.
+
+\layout Subsubsection*
+
+Internet
+\layout Quote
+
+At the time that the "CIFS" name was coined many people felt that Microsoft
+ was late to the table regarding the exploitation of the Internet.
+ As will be described further on, the naming scheme they used back then
+ (based on a piece of older LAN technology known as NetBIOS) doesn't scale
+ to large networks--certainly not the Internet.
+ The idea that CIFS would become an Internet standard probably came out
+ of the work that was being done to redesign Microsoft's networking products
+ for Windows NT5 (now known as Windows2000 or W2K).
+ Under W2K, CIFS can use the Domain Name System (DNS) for name resolution.
+
+\layout Subsubsection*
+
+File System
+\layout Quote
+
+CIFS allows the sharing of directories, files, printers, and other cool
+ computer stuff across a network.
+ That's the filesystem part.
+ To make use of these shared resources you need to be able to find & identify
+ them, and you also need to control access so that unauthorized folk won't
+ fiddle where they shouldn't.
+ This means that there is a hefty amount of administrivia to be managed,
+ so CIFS file sharing comes surrounded by an entourage.
+ There are protocols for service announcement, naming, authentication, and
+ authorization.
+ These are separate, but intertwined.
+ Some are based on published standards, others are not, and most have changed
+ over the years.
+
\layout Section
CLDAP
@@ -445,27 +524,48 @@
Purpose
\layout Standard
-Securly settting up a shared-secret
+The purpose of the `domain join' it to securely setup a password (shared
+ secret) between the workstation (or member server) and the domain controllers.
+ This is done by a privilaged user, who has the right to specify that a
+ new machine account be added to the domain.
+ At the conclusion of this process, both the workstation and the domain
+ controllers know the password, and can use this value to prove to each
+ other that they are indeed authentic.
+
\layout Section
Processs
\layout Subsection
DC Location
+\layout Standard
+
+The first part of the domain join process is to locate a Domain Controller
+ (DC) to join.
+ This involves either CLDAP
\layout Subsubsection
+DNS
+\layout Subsubsection
+
CLDAP
\layout Subsubsection
+Netbios Lookups
+\layout Subsubsection
+
Netbios GetDC
\layout Subsection
CIFS Connection
\layout Subsection
-Kerberos Login (Administrator)
+Kerberos Login
\layout Subsection
+NTLMSSP Login
+\layout Subsection
+
RPC
\layout Subsection
Modified: trunk/samba4-ad-thesis/thesis.bib
===================================================================
--- trunk/samba4-ad-thesis/thesis.bib 2004-09-16 04:20:34 UTC (rev 60)
+++ trunk/samba4-ad-thesis/thesis.bib 2004-09-16 11:59:44 UTC (rev 61)
@@ -239,3 +239,12 @@
key = {isode},
journal = {Messaging Magazine},
}
+
+ at book(Understand-X.500,
+ URL = {http://www.isi.salford.ac.uk/staff/dwc/X500.htm},
+ title = {Understanding X.500 - The Directory},
+ ISBN = {185-0322-813},
+ author = {D. Chadwick},
+ year = 1994
+}
+
More information about the samba-cvs
mailing list