These are :
<itemizedlist>
- <listitem><smbconfoption><name>security mask</name></smbconfoption></listitem>
- <listitem><smbconfoption><name>force security mode</name></smbconfoption></listitem>
- <listitem><smbconfoption><name>directory security mask</name></smbconfoption></listitem>
- <listitem><smbconfoption><name>force directory security mode</name></smbconfoption></listitem>
+ <listitem><para><smbconfoption><name>security mask</name></smbconfoption></para></listitem>
+ <listitem><para><smbconfoption><name>force security mode</name></smbconfoption></para></listitem>
+ <listitem><para><smbconfoption><name>directory security mask</name></smbconfoption></para></listitem>
+ <listitem><para><smbconfoption><name>force directory security mode</name></smbconfoption></para></listitem>
</itemizedlist>
</para>
<para>
<itemizedlist>
- <listitem>cups.hlp</listitem>
- <listitem>cupsdrvr.dll</listitem>
- <listitem>cupsui.dll</listitem>
+ <listitem><para>cups.hlp</para></listitem>
+ <listitem><para>cupsdrvr.dll</para></listitem>
+ <listitem><para>cupsui.dll</para></listitem>
</itemizedlist>
</para>
<para>
<itemizedlist>
- <listitem>ADFONTS.MFM</listitem>
- <listitem>ADOBEPS4.DRV</listitem>
- <listitem>ADOBEPS4.HLP</listitem>
- <listitem>DEFPRTR2.PPD</listitem>
- <listitem>ICONLIB.DLL</listitem>
- <listitem>PSMON.DLL</listitem>
+ <listitem><para>ADFONTS.MFM</para></listitem>
+ <listitem><para>ADOBEPS4.DRV</para></listitem>
+ <listitem><para>ADOBEPS4.HLP</para></listitem>
+ <listitem><para>DEFPRTR2.PPD</para></listitem>
+ <listitem><para>ICONLIB.DLL</para></listitem>
+ <listitem><para>PSMON.DLL</para></listitem>
</itemizedlist>
</para>
<para>
<itemizedlist>
- <listitem>ADOBEPS5.DLL</listitem>
- <listitem>ADOBEPSU.DLL</listitem>
- <listitem>ADOBEPSU.HLP</listitem>
+ <listitem><para>ADOBEPS5.DLL</para></listitem>
+ <listitem><para>ADOBEPSU.DLL</para></listitem>
+ <listitem><para>ADOBEPSU.HLP</para></listitem>
</itemizedlist>
</para>
</para>
<itemizedlist>
- <listitem>smb://WORKGROUP/WINDOWSNETBIOSNAME/printersharename </listitem>
- <listitem>smb://username:password@WORKGROUP/WINDOWSNETBIOSNAME/printersharename</listitem>
- <listitem>smb://username:password@WINDOWSNETBIOSNAME/printersharename</listitem>
+ <listitem><para>smb://WORKGROUP/WINDOWSNETBIOSNAME/printersharename </para></listitem>
+ <listitem><para>smb://username:password@WORKGROUP/WINDOWSNETBIOSNAME/printersharename</para></listitem>
+ <listitem><para>smb://username:password@WINDOWSNETBIOSNAME/printersharename</para></listitem>
</itemizedlist>
<para>
<para>On Debian you need to install the following packages:</para>
<para>
<itemizedlist>
- <listitem>libkrb5-dev</listitem>
- <listitem>krb5-user</listitem>
+ <listitem><para>libkrb5-dev</para></listitem>
+ <listitem><para>krb5-user</para></listitem>
</itemizedlist>
</para>
</sect3>
<para>On RedHat this means you should have at least: </para>
<para>
<itemizedlist>
- <listitem>krb5-workstation (for kinit)</listitem>
- <listitem>krb5-libs (for linking with)</listitem>
- <listitem>krb5-devel (because you are compiling from source)</listitem>
+ <listitem><para>krb5-workstation (for kinit)</para></listitem>
+ <listitem><para>krb5-libs (for linking with)</para></listitem>
+ <listitem><para>krb5-devel (because you are compiling from source)</para></listitem>
</itemizedlist>
</para>
</para>
<itemizedlist>
- <listitem>MS Windows machines register their presence to the network</listitem>
- <listitem>Machines announce themselves to other machines on the network</listitem>
- <listitem>One or more machine on the network collates the local announcements</listitem>
- <listitem>The client machine finds the machine that has the collated list of machines</listitem>
- <listitem>The client machine is able to resolve the machine names to IP addresses</listitem>
- <listitem>The client machine is able to connect to a target machine</listitem>
+ <listitem><para>MS Windows machines register their presence to the network</para></listitem>
+ <listitem><para>Machines announce themselves to other machines on the network</para></listitem>
+ <listitem><para>One or more machine on the network collates the local announcements</para></listitem>
+ <listitem><para>The client machine finds the machine that has the collated list of machines</para></listitem>
+ <listitem><para>The client machine is able to resolve the machine names to IP addresses</para></listitem>
+ <listitem><para>The client machine is able to connect to a target machine</para></listitem>
</itemizedlist>
<para>
</para>
<itemizedlist>
- <listitem>WINS: the best tool!</listitem>
- <listitem>LMHOSTS: is static and hard to maintain.</listitem>
- <listitem>Broadcast: uses UDP and can not resolve names across remote segments.</listitem>
+ <listitem><para>WINS: the best tool!</para></listitem>
+ <listitem><para>LMHOSTS: is static and hard to maintain.</para></listitem>
+ <listitem><para>Broadcast: uses UDP and can not resolve names across remote segments.</para></listitem>
</itemizedlist>
<para>
Alternative means of name resolution includes:
</para>
<itemizedlist>
-<listitem><filename>/etc/hosts</filename>: is static, hard to maintain, and lacks name_type info</listitem>
-<listitem>DNS: is a good choice but lacks essential name_type info.</listitem>
+<listitem><para><filename>/etc/hosts</filename>: is static, hard to maintain, and lacks name_type info</para></listitem>
+<listitem><para>DNS: is a good choice but lacks essential name_type info.</para></listitem>
</itemizedlist>
<para>
<para>Basically, you need three components:</para>
<itemizedlist>
- <listitem>The File and Print Client ('IBM Peer')</listitem>
- <listitem>TCP/IP ('Internet support') </listitem>
- <listitem>The "NetBIOS over TCP/IP" driver ('TCPBEUI')</listitem>
+ <listitem><para>The File and Print Client ('IBM Peer')</para></listitem>
+ <listitem><para>TCP/IP ('Internet support') </para></listitem>
+ <listitem><para>The "NetBIOS over TCP/IP" driver ('TCPBEUI')</para></listitem>
</itemizedlist>
<para>Installing the first two together with the base operating
<para>
<itemizedlist>
- <listitem>Logon Hours</listitem>
- <listitem>Password Aging</listitem>
- <listitem>Permitted Logon from certain machines only</listitem>
- <listitem>Account type (Local or Global)</listitem>
- <listitem>User Rights</listitem>
+ <listitem><para>Logon Hours</para></listitem>
+ <listitem><para>Password Aging</para></listitem>
+ <listitem><para>Permitted Logon from certain machines only</para></listitem>
+ <listitem><para>Account type (Local or Global)</para></listitem>
+ <listitem><para>User Rights</para></listitem>
</itemizedlist>
</para>
An ordered list of User GPOs is obtained. The list contents depends on what is configured in respect of:
<itemizedlist>
- <listitem>Is user a domain member, thus subject to particular policies</listitem>
- <listitem>Loopback enablement, and the state of the loopback policy (Merge or Replace)</listitem>
- <listitem>Location of the Active Directory itself</listitem>
- <listitem>Has the list of GPOs changed. No processing is needed if not changed.</listitem>
+ <listitem><para>Is user a domain member, thus subject to particular policies</para></listitem>
+ <listitem><para>Loopback enablement, and the state of the loopback policy (Merge or Replace)</para></listitem>
+ <listitem><para>Location of the Active Directory itself</para></listitem>
+ <listitem><para>Has the list of GPOs changed. No processing is needed if not changed.</para></listitem>
</itemizedlist>
</para></listitem>
</para>
<itemizedlist>
- <listitem>All Users settings</listitem>
- <listitem>Default User settings (contains the default NTUser.DAT file)</listitem>
+ <listitem><para>All Users settings</para></listitem>
+ <listitem><para>Default User settings (contains the default NTUser.DAT file)</para></listitem>
</itemizedlist>
<para>
</para>
<itemizedlist>
- <listitem>A profile unique to that user</listitem>
- <listitem>A mandatory profile (one the user can not change)</listitem>
- <listitem>A group profile (really should be mandatory ie:unchangable)</listitem>
+ <listitem><para>A profile unique to that user</para></listitem>
+ <listitem><para>A mandatory profile (one the user can not change)</para></listitem>
+ <listitem><para>A group profile (really should be mandatory ie:unchangable)</para></listitem>
</itemizedlist>
</sect2>
environment. However, there are certain compromises:
<itemizedlist>
- <listitem>No machine policy files</listitem>
- <listitem>No Group Policy Objects</listitem>
- <listitem>No synchronously executed AD logon scripts</listitem>
- <listitem>Can't use ANY Active Directory management tools to manage users and machines</listitem>
- <listitem>Registry changes tattoo the main registry, while with AD they do NOT. ie: Leave permanent changes in effect</listitem>
- <listitem>Without AD you can not peprform the function of exporting specific applications to specific users or groups</listitem>
+ <listitem><para>No machine policy files</para></listitem>
+ <listitem><para>No Group Policy Objects</para></listitem>
+ <listitem><para>No synchronously executed AD logon scripts</para></listitem>
+ <listitem><para>Can't use ANY Active Directory management tools to manage users and machines</para></listitem>
+ <listitem><para>Registry changes tattoo the main registry, while with AD they do NOT. ie: Leave permanent changes in effect</para></listitem>
+ <listitem><para>Without AD you can not peprform the function of exporting specific applications to specific users or groups</para></listitem>
</itemizedlist>
</para>
<itemizedlist>
<listitem><para>Domain Controller</para>
<itemizedlist>
- <listitem>Primary Domain Controller</listitem>
- <listitem>Backup Domain Controller</listitem>
- <listitem>ADS Domain Controller</listitem>
+ <listitem><para>Primary Domain Controller</para></listitem>
+ <listitem><para>Backup Domain Controller</para></listitem>
+ <listitem><para>ADS Domain Controller</para></listitem>
</itemizedlist>
</listitem>
<listitem><para>Domain Member Server</para>
<itemizedlist>
- <listitem>Active Directory Domain Server</listitem>
- <listitem>NT4 Style Domain Domain Server</listitem>
+ <listitem><para>Active Directory Domain Server</para></listitem>
+ <listitem><para>NT4 Style Domain Domain Server</para></listitem>
</itemizedlist>
</listitem>
<listitem><para>Stand Alone Server</para></listitem>
A simple module to audit file access to the syslog
facility. The following operations are logged:
<itemizedlist>
- <listitem>share</listitem>
- <listitem>connect/disconnect</listitem>
- <listitem>directory opens/create/remove</listitem>
- <listitem>file open/close/rename/unlink/chmod</listitem>
+ <listitem><para>share</para></listitem>
+ <listitem><para>connect/disconnect</para></listitem>
+ <listitem><para>directory opens/create/remove</para></listitem>
+ <listitem><para>file open/close/rename/unlink/chmod</para></listitem>
</itemizedlist>
</para>
</para>
<itemizedlist>
- <listitem>MS DOS Network client 3.0 with the basic network redirector installed</listitem>
- <listitem>Windows 95 with the network redirector update installed</listitem>
- <listitem>Windows 98 [se]</listitem>
- <listitem>Windows Me</listitem>
+ <listitem><para>MS DOS Network client 3.0 with the basic network redirector installed</para></listitem>
+ <listitem><para>Windows 95 with the network redirector update installed</para></listitem>
+ <listitem><para>Windows 98 [se]</para></listitem>
+ <listitem><para>Windows Me</para></listitem>
</itemizedlist>
<note>
</para>
<itemizedlist>
- <listitem>Windows NT 3.5x</listitem>
- <listitem>Windows NT 4.0</listitem>
- <listitem>Windows 2000 Professional</listitem>
- <listitem>Windows 200x Server/Advanced Server</listitem>
- <listitem>Windows XP Professional</listitem>
+ <listitem><para>Windows NT 3.5x</para></listitem>
+ <listitem><para>Windows NT 4.0</para></listitem>
+ <listitem><para>Windows 2000 Professional</para></listitem>
+ <listitem><para>Windows 200x Server/Advanced Server</para></listitem>
+ <listitem><para>Windows XP Professional</para></listitem>
</itemizedlist>
<para>
</para>
<itemizedlist>
- <listitem><emphasis>add</emphasis> user or machine accounts</listitem>
- <listitem><emphasis>delete</emphasis> user or machine accounts</listitem>
- <listitem><emphasis>enable</emphasis> user or machine accounts</listitem>
- <listitem><emphasis>disable</emphasis> user or machine accounts</listitem>
- <listitem><emphasis>set to NULL</emphasis> user passwords</listitem>
- <listitem><emphasis>manage interdomain trust accounts</emphasis></listitem>
+ <listitem><para><emphasis>add</emphasis> user or machine accounts</para></listitem>
+ <listitem><para><emphasis>delete</emphasis> user or machine accounts</para></listitem>
+ <listitem><para><emphasis>enable</emphasis> user or machine accounts</para></listitem>
+ <listitem><para><emphasis>disable</emphasis> user or machine accounts</para></listitem>
+ <listitem><para><emphasis>set to NULL</emphasis> user passwords</para></listitem>
+ <listitem><para><emphasis>manage interdomain trust accounts</emphasis></para></listitem>
</itemizedlist>
<para>
</para>
<itemizedlist>
- <listitem>add, remove or modify user accounts</listitem>
- <listitem>listing user accounts</listitem>
- <listitem>migrate user accounts</listitem>
+ <listitem><para>add, remove or modify user accounts</para></listitem>
+ <listitem><para>listing user accounts</para></listitem>
+ <listitem><para>migrate user accounts</para></listitem>
</itemizedlist>
<para>
</para>
<itemizedlist>
- <listitem>sambaHomePath</listitem>
- <listitem>sambaLogonScript</listitem>
- <listitem>sambaProfilePath</listitem>
- <listitem>sambaHomeDrive</listitem>
+ <listitem><para>sambaHomePath</para></listitem>
+ <listitem><para>sambaLogonScript</para></listitem>
+ <listitem><para>sambaProfilePath</para></listitem>
+ <listitem><para>sambaHomeDrive</para></listitem>
</itemizedlist>
<para>