From a0ac72c3eecdb4fdbbb8aef9808a0f14f72f9bba Mon Sep 17 00:00:00 2001
From: Martin Goik <goik@hdm-stuttgart.de>
Date: Fri, 5 Jun 2015 09:07:20 +0200
Subject: [PATCH] Samba chapter
---
Doc/Common/glossary.xml | 10 +++
Doc/Sdi/ldap.xml | 9 ++-
Doc/Sdi/samba.xml | 138 ++++++++++++++++++++++++++++++++++++++++
Doc/lectures.xml | 2 +
4 files changed, 158 insertions(+), 1 deletion(-)
create mode 100644 Doc/Sdi/samba.xml
diff --git a/Doc/Common/glossary.xml b/Doc/Common/glossary.xml
index db716ea01..4d73aebce 100644
--- a/Doc/Common/glossary.xml
+++ b/Doc/Common/glossary.xml
@@ -466,6 +466,16 @@
</glossdef>
</glossentry>
+ <glossentry xml:id="glo_SMB">
+ <glossterm><acronym>SMB</acronym></glossterm>
+
+ <glossdef>
+ <para><link
+ xlink:href="http://en.wikipedia.org/wiki/Server_Message_Block">Server
+ Message Block</link></para>
+ </glossdef>
+ </glossentry>
+
<glossentry xml:id="glo_Soft">
<glossterm>Software</glossterm>
diff --git a/Doc/Sdi/ldap.xml b/Doc/Sdi/ldap.xml
index 9efe035d5..d07026c68 100644
--- a/Doc/Sdi/ldap.xml
+++ b/Doc/Sdi/ldap.xml
@@ -230,6 +230,13 @@
Studio.</para>
</listitem>
</itemizedlist>
+
+ <tip>
+ <para>In case you **ever** loose your master <code>admin</code>
+ password see <link
+ xlink:href="http://techiezone.rottigni.net/2011/12/change-root-dn-password-on-openldap">Change
+ Root DN Password on OpenLDAP</link> for troubleshooting.</para>
+ </tip>
</section>
<section xml:id="ldapCompanyLdif">
@@ -366,7 +373,7 @@ mail: beam@betrayer.com</programlisting>
Manager</productname> on top of an Apache Web Server.
<productname>Ubuntu</productname> allows for <link
xlink:href="https://www.ldap-account-manager.org/static/doc/manual/ch01.html">package
- based installation</link>. </para>
+ based installation</link>.</para>
</section>
<section xml:id="ldapReplication">
diff --git a/Doc/Sdi/samba.xml b/Doc/Sdi/samba.xml
new file mode 100644
index 000000000..098ab52c9
--- /dev/null
+++ b/Doc/Sdi/samba.xml
@@ -0,0 +1,138 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<chapter version="5.0" xml:id="sdiSamba" xmlns="http://docbook.org/ns/docbook"
+ xmlns:xlink="http://www.w3.org/1999/xlink"
+ xmlns:xi="http://www.w3.org/2001/XInclude"
+ xmlns:svg="http://www.w3.org/2000/svg"
+ xmlns:m="http://www.w3.org/1998/Math/MathML"
+ xmlns:html="http://www.w3.org/1999/xhtml"
+ xmlns:db="http://docbook.org/ns/docbook">
+ <title>Network file systems served by Samba</title>
+
+ <section xml:id="sdiSectSambaPrerequisites">
+ <title>Prerequisites</title>
+
+ <para>Suggested readings:</para>
+
+ <itemizedlist>
+ <listitem>
+ <para><link
+ xlink:href="https://help.ubuntu.com/community/Samba">Ubuntu official
+ Samba</link></para>
+ </listitem>
+ </itemizedlist>
+ </section>
+
+ <section xml:id="sdiSectSambaInstall">
+ <title>Samba server installation</title>
+
+ <orderedlist>
+ <listitem>
+ <para>Follow <link
+ xlink:href="https://help.ubuntu.com/community/How%20to%20Create%20a%20Network%20Share%20Via%20Samba%20Via%20CLI%20%28Command-line%20interface/Linux%20Terminal%29%20-%20Uncomplicated%2C%20Simple%20and%20Brief%20Way%21">How
+ to Create a Network Share ...</link> setting up a basic <xref
+ linkend="glo_SMB"/> service.</para>
+
+ <para>Where is the physical representation (user meta information
+ database) of Samba passwords?</para>
+ </listitem>
+
+ <listitem>
+ <para>After creating a local <code>tdbsam</code> user entry
+ <code>smbtester</code> (or similar) test your share definitions using
+ <command>smbclient</command>:</para>
+
+ <programlisting language="none">root@sdi4a:~# smbclient -L localhost --user smbtester
+Enter smbtester's password:
+Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.6-Ubuntu]
+
+ Sharename Type Comment
+ --------- ---- -------
+ print$ Disk Printer Drivers
+ IPC$ IPC IPC Service (sdi4a server (Samba, Ubuntu))
+ smbtester Disk Home Directories
+Domain=[WORKGROUP] OS=[Unix] Server=[Samba 4.1.6-Ubuntu]
+
+ Server Comment
+ --------- -------
+ SDI4A sdi4a server (Samba, Ubuntu)
+
+ Workgroup Master
+ --------- -------
+ WORKGROUP SDI4A</programlisting>
+
+ <para>Create a test file within your shared directory having some
+ textual content.</para>
+ </listitem>
+
+ <listitem>
+ <para>Try to mount a share from a remote client (either Windows,
+ Mac-OS or Linux):</para>
+
+ <programlisting language="none">root@mi-ESPRIMO-P910:~# mount -t cifs //sdi4a.mi.hdm-stuttgart.de/smbtester /mnt/test/ -ouser=smbtester
+Password for smbtester@//sdi4a.mi.hdm-stuttgart.de/smbtester:
+root@mi-ESPRIMO-P910:~# cat /mnt/test/
+.bash_history q.txt .viminfo
+root@mi-ESPRIMO-P910:~# cat /mnt/test/q.txt
+Mal sehen ...
+root@mi-ESPRIMO-P910:~# df /mnt/test/
+Filesystem 1K-blocks Used Available Use% Mounted on
+//sdi4a.mi.hdm-stuttgart.de/smbtester 4048548 783608 3264940 20% /mnt/test
+</programlisting>
+ </listitem>
+
+ <listitem>
+ <para>Follow the <link
+ xlink:href="https://help.ubuntu.com/lts/serverguide/samba-ldap.html">Samba
+ and LDAP</link> documentation to enable <xref linkend="glo_LDAP"/>
+ support in favour of your local tdbsam database.</para>
+
+ <tip>
+ <itemizedlist>
+ <listitem>
+ <para>Operating locally you may want to disable <xref
+ linkend="glo_TLS"/> support.</para>
+ </listitem>
+
+ <listitem>
+ <para>As with local Samba users each <xref linkend="glo_LDAP"/>
+ user must be visible by the OS. As being mentioned in the
+ documentation configuring nsswitch to resolve i.e.
+ <command>id</command> <parameter>(samba_ldapu_sername) is an
+ essential</parameter> precondition.</para>
+ </listitem>
+ </itemizedlist>
+ </tip>
+ </listitem>
+
+ <listitem>
+ <para>Test your Samba/LDAP installation by mounting a user's share via
+ ldap.</para>
+
+ <tip>
+ <para>Debugging may require setting the <xref linkend="glo_LDAP"/>
+ server's <parameter>loglevel</parameter> accordingly. Consider
+ creating a file <filename>loglevel.ldif</filename>:</para>
+
+ <programlisting language="none">dn: cn=config
+changetype: modify
+replace: olcLogLevel
+olcLogLevel: stats</programlisting>
+
+ <para>Activation may be effected by executing
+ <command>ldapmodify</command> <option>-Q -Y EXTERNAL -H ldapi:/// -f
+ loglevel.ldif</option>.</para>
+
+ <para>If you want to see all log messages you may issue:</para>
+
+ <programlisting language="none">root@sdi4a:/var/log# cd /var/log/
+root@sdi4a:/var/log# tail -n0 -f `find . -type f`
+==> ./alternatives.log <==
+...</programlisting>
+
+ <para>This will browse all (possibly unrelated) log
+ statements.</para>
+ </tip>
+ </listitem>
+ </orderedlist>
+ </section>
+</chapter>
diff --git a/Doc/lectures.xml b/Doc/lectures.xml
index ff1f0d864..7462bc260 100644
--- a/Doc/lectures.xml
+++ b/Doc/lectures.xml
@@ -103,6 +103,8 @@
<xi:include href="Sdi/dns.xml" xpointer="element(/1)"/>
<xi:include href="Sdi/apache.xml" xpointer="element(/1)"/>
+
+ <xi:include href="Sdi/samba.xml" xpointer="element(/1)"/>
</part>
<xi:include href="Common/bibliography.xml" xpointer="element(/1)"/>
--
GitLab