[PATCH] S3 TOSHARG-Install.xml(Samba3-HOWTO)
Samba-JP oota
ribbon at samba.gr.jp
Thu Sep 30 00:36:28 MDT 2010
When I translated Samba3-HOWTO to Japanese,I feel document is old.
So, I update it.
--- TOSHARG-Install.xml 2010-09-09 23:22:50.000000000 +0900
+++ ../../../../src/sf-samba/samba-jp/test/docs-xml/Samba3-HOWTO/TOSHARG-Install.xml 2010-09-30 15:13:55.000000000 +0900
@@ -31,19 +31,23 @@
</sect1>
<sect1>
- <title>Configuring Samba (smb.conf)</title>
+ <title>Configuring Samba</title>
<para>
<indexterm><primary>/etc/samba/smb.conf</primary></indexterm>
<indexterm><primary>SWAT</primary></indexterm>
- Samba's configuration is stored in the &smb.conf; file, which usually resides in
- <filename>/etc/samba/smb.conf</filename> or <filename>/usr/local/samba/lib/smb.conf</filename>. You can either
- edit this file yourself or do it using one of the many graphical tools that are available, such as the
- Web-based interface SWAT, that is included with Samba.
+ Samba has two configuration methods. First method , using the &smb.conf; file, which usually resides in
+ <filename>/etc/samba/smb.conf</filename> or <filename>/usr/local/samba/lib/smb.conf</filename>.
+ You can either edit this file yourself or do it using one of the many graphical tools that
+ are available, such as the Web-based interface SWAT, that is included with Samba.</para>
+ <para>
+ Second method is registory-based configuration , which describe <parameter>config backend</parameter>
+ or <parameter>include = registory</parameter> parameter. The syntax of configuration
+ similar the description method of &smb.conf;. So We explain the syntax of &smb.conf; first.
</para>
<sect2>
- <title>Configuration File Syntax</title>
+ <title>Configuration File(smb.conf) Syntax</title>
<para>
<indexterm><primary>section name</primary></indexterm>
@@ -118,6 +122,89 @@
</example>
</sect2>
+<sect2>
+<title>Registry-based configuration</title>
+<!-- from smb.conf.5.xml -->
+ <para>
+ Starting with Samba version 3.2.0, the capability to
+ store Samba configuration in the registry is available.
+ The configuration is stored in the registry key
+ <emphasis><literal>HKLM\Software\Samba\smbconf</literal></emphasis>.
+ There are two levels of registry configuration:
+ </para>
+
+ <orderedlist continuation="restarts" inheritnum="ignore" numeration="arabic">
+ <listitem><para>Share definitions stored in registry are used.
+ This is triggered by setting the global
+ parameter <parameter>registry shares</parameter>
+ to <quote>yes</quote> in <emphasis>smb.conf</emphasis>.
+ </para>
+
+ <para>The registry shares are loaded not at startup but
+ on demand at runtime by <emphasis>smbd</emphasis>.
+ Shares defined in <emphasis>smb.conf</emphasis> take
+ priority over shares of the same name defined in
+ registry.</para></listitem>
+
+ <listitem>
+ <para>Global <emphasis>smb.conf</emphasis>
+ options stored in registry are used. This can be activated
+ in two different ways:</para>
+
+ <para>Firstly, a registry only configuration is triggered
+ by setting
+ <smbconfoption name="config backend">registry</smbconfoption>
+ in the [global] section of <emphasis>smb.conf</emphasis>.
+ This resets everything that has been read from config files
+ to this point and reads the content of the global configuration
+ section from the registry.
+ This is the recommended method of using registry based
+ configuration.</para>
+
+ <para>Secondly, a mixed configuration can be activated
+ by a special new meaning of the parameter
+ <smbconfoption name="include">registry</smbconfoption>
+ in the [global] section of <emphasis>smb.conf</emphasis>.
+ This reads the global options from registry with the same
+ priorities as for an include of a text file.
+ This may be especially useful in cases where an initial
+ configuration is needed to access the registry.</para>
+
+ <para>Activation of global registry options automatically
+ activates registry shares. So in the registry only case,
+ shares are loaded on demand only.</para>
+ </listitem>
+ </orderedlist>
+
+ <para>
+ Note: To make registry-based configurations foolproof
+ at least to a certain extent, the use
+ of <parameter>lock directory</parameter> and
+ <parameter>config backend</parameter>
+ inside the registry configuration has been disabled:
+ Especially by changing the
+ <parameter>lock directory</parameter> inside the registry
+ configuration, one would create a broken setup where the daemons
+ do not see the configuration they loaded once it is active.
+ </para>
+
+ <para>
+ The registry configuration can be accessed with
+ tools like <emphasis>regedit</emphasis> or <emphasis>net (rpc)
+ registry</emphasis> in the key
+ <emphasis><literal>HKLM\Software\Samba\smbconf</literal></emphasis>.
+
+ More conveniently, the <emphasis>conf</emphasis> subcommand of the
+ <citerefentry><refentrytitle>net</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> utility
+ offers a dedicated interface to read and write the
+ registry based configuration locally, i.e. directly
+ accessing the database file, circumventing the
+ server.
+ </para>
+
+
+</sect2>
<sect2 id="tdbdocs">
<title>TDB Database File Information</title>
@@ -147,173 +234,18 @@
</para>
<para>
-<indexterm><primary>tdb file descriptions</primary></indexterm>
- The persistent tdb files are described in <link linkend="tdbpermfiledesc">the Persistent TDB File
- Descriptions table</link>. All persistent tdb files should be regularly backed up. Use the
+ Tdb files have two types. There ar persistent tdb and temporary tdb.
+ All persistent tdb files should be regularly backed up. Use the
<command>tdbbackup</command> utility to backup the tdb files. All persistent tdb files must be
preserved during machine migrations, updates and upgrades.
</para>
<para>
The temporary tdb files do not need to be backed up, nor do they need to be preseved across machine
- migrations, updates or upgrades. The temporary tdb files are described in <link linkend="tdbtempfiledesc">
- the Temporary TDB File Descriptions</link>.
+ migrations, updates or upgrades. All tdb files are described in <link linkend="tdb">
+ Managing TDB Files</link> of this book.
</para>
- <table frame='all' id="tdbpermfiledesc"><title>Persistent TDB File Descriptions</title>
- <tgroup cols='2'>
- <colspec align="left"/>
- <colspec align="justify" colwidth="1*"/>
- <colspec align="left"/>
- <thead>
- <row>
- <entry align="left">Name</entry>
- <entry align="justify">Description</entry>
- </row>
- </thead>
- <tbody>
- <row>
- <entry>account_policy</entry>
- <entry><para>Samba/NT account policy settings, includes password expiration settings.</para></entry>
- </row>
- <row>
- <entry>group_mapping</entry>
- <entry><para>Mapping table from Windows groups/SID to UNIX groups.</para></entry>
- </row>
- <row>
- <entry>ntdrivers</entry>
- <entry><para>Stores per-printer installed driver information.</para></entry>
- </row>
- <row>
- <entry>ntforms</entry>
- <entry><para>Stores per-printer installed forms information.</para></entry>
- </row>
- <row>
- <entry>ntprinters</entry>
- <entry><para>Stores the per-printer devmode configuration settings.</para></entry>
- </row>
- <row>
- <entry>passdb</entry>
- <entry><para>
- Exists only when the tdbsam passwd backend is used. This file stores the
- SambaSAMAccount information. Note: This file requires that user POSIX account information is
- available from either the /etc/passwd file, or from an alternative system source.
- </para></entry>
- </row>
- <row>
- <entry>registry</entry>
- <entry><para>
- Read-only Samba database of a Windows registry skeleton that provides support for exporting
- various database tables via the winreg RPCs.
- </para></entry>
- </row>
- <row>
- <entry>secrets</entry>
- <entry><para>
- This file stores the Workgroup/Domain/Machine SID, the LDAP directory update password, and
- a further collection of critical environmental data that is necessary for Samba to operate
- correctly. This file contains very sensitive information that must be protected. It is stored
- in the PRIVATE_DIR directory.
- </para></entry>
- </row>
- <row>
- <entry>share_info</entry>
- <entry><para>Stores per-share ACL information.</para></entry>
- </row>
- <row>
- <entry>winbindd_idmap</entry>
- <entry><para>Winbindd's local IDMAP database.</para></entry>
- </row>
- </tbody>
- </tgroup>
- </table>
-
- <table frame='all' id="tdbtempfiledesc"><title>Temporary TDB File Descriptions</title>
- <tgroup cols='3'>
- <colspec align="left"/>
- <colspec align="justify" colwidth="1*"/>
- <colspec align="left"/>
- <thead>
- <row>
- <entry align="left">Name</entry>
- <entry align="justify">Description</entry>
- <entry align="center">Backup</entry>
- </row>
- </thead>
- <tbody>
- <row>
- <entry>brlock</entry>
- <entry><para>Byte-range locking information.</para></entry>
- <entry>No</entry>
- </row>
- <row>
- <entry>connections</entry>
- <entry><para>A temporary cache for current connection information used to enforce max connections.</para></entry>
- <entry>no</entry>
- </row>
- <row>
- <entry>eventlog/*tdb</entry>
- <entry><para>Records of eventlog entries. In most circumstances this is just a cache of system logs.</para></entry>
- <entry>no</entry>
- </row>
- <row>
- <entry>gencache</entry>
- <entry><para>Generic caching database for dead WINS servers and trusted domain data.</para></entry>
- <entry>no</entry>
- </row>
- <row>
- <entry>login_cache</entry>
- <entry><para>A temporary cache for login information, in particular bad password attempts.</para></entry>
- <entry>no</entry>
- </row>
- <row>
- <entry>messages</entry>
- <entry><para>Temporary storage of messages being processed by smbd.</para></entry>
- <entry>no</entry>
- </row>
- <row>
- <entry>netsamlogon_cache</entry>
- <entry><para>Caches user net_info_3 structure data from net_samlogon requests (as a domain member).</para></entry>
- <entry>no</entry>
- </row>
- <row>
- <entry>perfmon/*.tdb</entry>
- <entry><para>Performance counter information.</para></entry>
- <entry>no</entry>
- </row>
- <row>
- <entry>printing/*.tdb</entry>
- <entry><para>Cached output from lpq command created on a per-print-service basis.</para></entry>
- <entry>no</entry>
- </row>
- <row>
- <entry>schannel_store</entry>
- <entry><para>
- A confidential file, stored in the PRIVATE_DIR, containing crytographic connection
- information so that clients that have temporarily disconnected can reconnect without
- needing to renegotiate the connection setup process.
- </para></entry>
- <entry>no</entry>
- </row>
- <row>
- <entry>sessionid</entry>
- <entry><para>Temporary cache for miscellaneous session information and for utmp handling.</para></entry>
- <entry>no</entry>
- </row>
- <row>
- <entry>unexpected</entry>
- <entry><para>Stores packets received for which no process is actively listening.</para></entry>
- <entry>no</entry>
- </row>
- <row>
- <entry>winbindd_cache</entry>
- <entry><para>Cache of Identity information received from an NT4 domain or from ADS. Includes user
- lists, etc.</para></entry>
- <entry>yes</entry>
- </row>
- </tbody>
- </tgroup>
- </table>
</sect2>
More information about the samba-technical
mailing list