<para>
Use of WINS (either Samba WINS _or_ MS Windows NT Server WINS) is highly
-recommended. Every NetBIOS machine registers it's name together with a
+recommended. Every NetBIOS machine registers its name together with a
name_type value for each of of several types of service it has available.
-eg: It registers it's name directly as a unique (the type 0x03) name.
-It also registers it's name if it is running the lanmanager compatible
+eg: It registers its name directly as a unique (the type 0x03) name.
+It also registers its name if it is running the lanmanager compatible
server service (used to make shares and printers available to other users)
by registering the server (the type 0x20) name.
</para>
(R1, R2) - these do not pass broadcasts. Subnet 1 has 5 machines
on it, subnet 2 has 4 machines, subnet 3 has 4 machines. Assume
for the moment that all these machines are configured to be in the
-same workgroup (for simplicities sake). Machine N1_C on subnet 1
+same workgroup (for simplicity's sake). Machine N1_C on subnet 1
is configured as Domain Master Browser (ie. it will collate the
browse lists for the workgroup). Machine N2_D is configured as
WINS server and all the other machines are configured to register
master browser it looks for a Domain master browser to synchronize
its browse list with. It does this by querying the WINS server
(N2_D) for the IP address associated with the NetBIOS name
-WORKGROUP<1B>. This name was registerd by the Domain master
+WORKGROUP<1B>. This name was registered by the Domain master
browser (N1_C) with the WINS server as soon as it was booted.
</para>
<title>How can one flush the Samba NetBIOS name cache without restarting samba?</title>
<para>
-Sambas' nmbd process controls all browse list handling. Under normal circumstances it is
+Samba's nmbd process controls all browse list handling. Under normal circumstances it is
safe to restart nmbd. This will effectively flush the samba NetBIOS name cache and cause it
to be rebuilt. Note that this does NOT make certain that a rogue machine name will not re-appear
in the browse list. When nmbd is taken out of service another machine on the network will
At this time any appearance that Samba-3 is capable of acting as an
<emphasis>ADS Domain Controller</emphasis> is limited and experimental in nature.
This functionality should not be used until the samba-team offers formal support for it.
-At such a time, the documentation will be revised to duely reflect all configuration and
+At such a time, the documentation will be revised to duly reflect all configuration and
management requirements.
</para>
for it's workgroup entry. It is not uncommon for the name WORKGROUP to be used for this. With this
mode of configuration there are NO machine trust accounts and any concept of membership as such
is limited to the fact that all machines appear in the network neighbourhood to be logically
-groupped together. Again, just to be clear: <strong>workgroup mode does not involve any security machine
+grouped together. Again, just to be clear: <strong>workgroup mode does not involve any security machine
accounts</strong>.
</para>
<title>Samba ADS Domain Control</title>
<para>
-Samba-3 is not and can not act as an Active Directory Server. It can not truely function as
+Samba-3 is not and can not act as an Active Directory Server. It can not truly function as
an Active Directory Primary Domain Controller. The protocols for some of the functionality
-the Active Directory Domain Controllers is have been partially implemented on an experiemental
+the Active Directory Domain Controllers is have been partially implemented on an experimental
only basis. Please do NOT expect Samba-3 to support these protocols - nor should you depend
on any such functionality either now or in the future. The Samba-Team may well remove such
experiemental features or may change their behaviour.
When Samba is running in <emphasis>server level</emphasis> security it is essential that
the parameter <emphasis>password server</emphasis> is set to the precise netbios machine
name of the target authentication server. Samba can NOT determine this from NetBIOS name
-lookups because the choice of the target authentication server arbitrary and can not
+lookups because the choice of the target authentication server is arbitrary and can not
be determined from a domain name. In essence a samba server that is in
<emphasis>server level</emphasis> security is operating in what used to be known as
workgroup mode.
<title>Seamless Windows Network Integration</title>
<para>
-MS Windows clients may use encrypted passwords as part of a challenege/response
+MS Windows clients may use encrypted passwords as part of a challenge/response
authentication model (a.k.a. NTLMv1 and NTLMv2) or alone, or clear text strings for simple
password based authentication. It should be realized that with the SMB protocol
the password is passed over the network either in plain text or encrypted, but
<para>
We all make mistakes. It is Ok to make mistakes, so long as they are made in the right places
-and at the right time. A mistake that causes lost productivity is seldom tollerated. A mistake
+and at the right time. A mistake that causes lost productivity is seldom tolerated. A mistake
made in a developmental test lab is expected.
</para>
Here we look at common mistakes and misapprehensions that have been the subject of discussions
on the samba mailing lists. Many of these are avoidable by doing you homework before attempting
a Samba implementation. Some are the result of misundertanding of the English language. The
-English language has many terms of phrase that are potentially vague and may be highly confusing
+English language has many turns of phrase that are potentially vague and may be highly confusing
to those for whom English is not their native tongue.
</para>
ability to migrate MS Windows NT4 SAM accounts to Samba-3 without the need to provide
matching Unix/Linux accounts. We called this the <emphasis>Non Unix Accounts (NUA)</emphasis>
capability. The intent was that an administrator could decide to use the <emphasis>tdbsam</emphasis>
-backend and by simply specifying <emphasis>"passdb backedn = tdbsam_nua, guest"</emphasis>
+backend and by simply specifying <emphasis>"passdb backend = tdbsam_nua, guest"</emphasis>
this would allow Samba-3 to implement a solution that did not use Unix accounts per se. Late
in the development cycle the team doing this work hit upon some obstacles that prevents this
solution from being used. Given the delays with Samba-3 release a decision was made to NOT
</para>
<para>
- The inclusion of the <emphasis>tdbssam</emphasis> capability is a direct
+ The inclusion of the <emphasis>tdbsam</emphasis> capability is a direct
response to user requests to allow simple site operation without the overhead
of the complexities of running OpenLDAP. It is recommended to use this only
for sites that have fewer than 250 users. For larger sites or implementations
</para>
<para>
- The new LDAP implmentation significantly expands the control abilities that
+ The new LDAP implementation significantly expands the control abilities that
were possible with prior versions of Samba. It is now possible to specify
"per user" profile settings, home directories, account access controls, and
much more. Corporate sites will see that the Samba-Team has listened to their
<listitem><para>
And finally, the amount of information which is stored in an smbpasswd entry leaves
no room for additional attributes such as a home directory, password expiration time,
- or even a Relative Identified (RID).
+ or even a Relative Identifier (RID).
</para></listitem>
</itemizedlist>
<para>
- As a result of these defeciencies, a more robust means of storing user attributes
+ As a result of these deficiencies, a more robust means of storing user attributes
used by smbd was developed. The API which defines access to user accounts
is commonly referred to as the samdb interface (previously this was called the passdb
API, and is still so named in the Samba CVS trees).
System Administration; Gerald Carter, O'Reilly; Chapter 6: Replacing NIS".
Refer to <ulink url="http://safari.oreilly.com/?XmlId=1-56592-491-6">
http://safari.oreilly.com/?XmlId=1-56592-491-6</ulink> for those who might wish to know
- more about configuration and adminstration of an OpenLDAP server.
+ more about configuration and administration of an OpenLDAP server.
</para>
<para>
git.samba.org / sfrench / samba-autobuild / .git / commitdiff