Samba 3 By Example 195
Samba 3 By Example: Practical Exercises to Successful Deployment | |
author | John H. Terpstra |
pages | 340 |
publisher | Prentice Hall PTR |
rating | 10 |
reviewer | Joshua Malone |
ISBN | 0131472216 |
summary | Working examples to use Samba 3 in small or large office |
Samba 3 By Example begins on a very friendly note by explaining how to get the most out of it any what you'll need to complete the exercises in the rest of the book. The beginning also includes a Windows networking primer, complete with packet captures (using the popular tool 'ethereal') showing how network browsing really works, under the hood.
This book follows the evolution of a fictitious company, "Abmas", through an impossible growth from a 9-person office to a 2000-person network with multiple sites around the world. You assume the role of the IT guy: charged with growing the company's network infrastructure, planning for change and, above all, keeping the users happy.
Some of the major challenges tackled in this book are:
- Using Samba-3 as an NT-4 style PDC
- Using Samba-3 as an domain member server
- Using the various authentication backends as alternatives to the traditional 'smbpasswd' backend
- Using LDAP to implement a Samba-3 PDC with backup domain controllers
- Authentication using winbindd
- Migrating from NT-4 to Samba-3 for a PDC
- Using kerberos to integrate Samba-3 into a Microsoft Active Directory domain (as a domain member server)
I am extremely impressed by Terpstra's book. It addresses the complete spectrum of Samba deployments, from the 10-person office to the 2000-seat, multi-site enterprise while explaining not just what to do, but how to do it and, most importantly, why. The examples are practical and you can really imagine some poor sap^H^H^H^H^H^H^H^H unfortunate systems administrator finding him/herself in these very positions. This book says that these scenarios are hypothetical aggregations of real-world situations, but could swear I've worked for this company before.
One of the nicest things about this book is that each situation is followed by a Q&A section - almost like a textbook - that addresses both the important points of the exercise, as well as some of the trivial details that were left out for the sake of brevity. Don't be tempted to skip them thinking that it's just a rehash.
It's worth noting that this book is not a replacement for TOSHARG and defers to it for technical details in multiple cases. These two books should be sidearms for any IT administrator that has to deal with Windows clients on a daily basis.
I'm also very impressed with Terpstra's candor about Samba's features, weaknesses and road map. Nowhere in this book is Windows put down as inferior or is Samba touted as the "be-all, end-all" of Desktop and client management solutions. The relative flexibility of Active Directory and Samba is discussed only briefly and the choice to use Samba over Windows is ultimately left to the reader. Since you've gone to the trouble of purchasing this book, Terpstra assumes you've already made up your mind and require no further convincing.
Continuing to be mindful of office politics, Terpstra devotes a section in each chapter to the political implications of replacing Windows with an open source product, and an entire chapter to the issues inherent in bringing Samba into a traditionally Windows-based shop. Even though he refers to this chapter as a "shameless self-promotion of Samba-3", I found it to be an even-handed discussion of the issues you will most likely encounter from anti-Unix advocates and IT managers who have bought into the anti-Linux FUD. These are real issues that Systems Administrators need to know how to deal with effectively but too many of us simply dismiss because we feel they are uninformed.
In addition to examples of Samba configuration, examples are provided to integrate Samba with other useful servers such as the squid web proxy, OpenLDAP, bind and dhcpd. The configuration files for Samba as well as these additional pieces of software are also conveniently located on the included CD-ROM, along with Samba 3.0.2 packages for Red Hat Fedora Core 1 and SuSE Linux (Enterprise server 8 for x86 and s390 and SuSE Linux 9).
I think my biggest complaint with this book is that the "case study"-like format of this book tends to lump a large number of new features into a single example. This can make it hard to isolate the particular feature that you're interested in.
For instance, the example that illustrates automatic printer driver downloads to Windows clients is lumped into a chapter that is primarily concerned with using LDAP to implement a BDC. Automatic driver installation is a great feature that many sites far too small to consider implementing LDAP would likely be interested in.
In all, though, I'm extremely pleased with Samba 3 by Example - perhaps even more than TOSHARG. In it, you'll find plenty of tips, working examples and honest admissions of bugs (and their workarounds) that will keep you from losing your sanity. You could almost call this book a 300 page Samba and Windows networking consultant with over 8 years of experience. Terpstra has been incredibly kind to the Samba community by imparting so much wisdom to us all in this book.
Josh Malone has been a FreeBSD and Windows system administrator for three and a half years working in development shops and hosting companies, and currently works as a Linux engineer for an embedded systems company. You can purchase Samba 3 By Example from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page
samba rocks (Score:5, Insightful)
little known fact (Score:3, Insightful)
We're talking about Samba and Linux here... (Score:3, Insightful)
The cryptic voodoo I struggle to keep up with is Samba and Linux itself. Setting up networking, even advanced domain stuff, in Windows is very easy in comparison. Hence books like this one.
I don't mean to troll, but one of Linux's biggest problems from a usability point of view is that there is no central place where configuration information is stored (aka the "hated" registry in Windows). It's supposed to end up in
I think we would all be better off if the Linux community would work on fixing usability problems and making Linux more unified instead of continually adding new features. And if that sounds like many criticisms of Microsoft you've heard, then so be it.
Re:almost 40% at bookpool.com (Score:4, Insightful)
Re:Kerberos Authentication (Score:1, Insightful)
Very true, but I think the issue many people have is with Microsoft using this field and then not telling anyone how to interpret it (well, at first anyway).
Why aren't tech authors into "free as in beer?" (Score:2, Insightful)
Of course, this means learning not only what LDAP is , but how to configure and test it, etc.. OpenLDAP wasnt the toughest nut to crack, but it's configuration files are out there in wackyland. This is as far as I've gotten.
Then getting samba and other services to auth against it. Of course, to use pam_ldap.so I need to have linux boxes that use PAM, and getting that running on my mutant once-slackware-but-now-fubar installs is no easy task..
Anyways, to say the documentation on such things is sparse would be an understatement. What's to be found is completely obtuse and hard to follow.
It would seem that this book would help. And if this were work-related I could get it and write off the expense. But this is just hobbyist messing-around stuff, and by this time next week I'll be messing with something different.
I just dont have the funds to spend 200 bucks on literature for my time-wasting project du jour. Google's alright most of the time, but often I just see 9 billion users group postings of the same error I'm getting (with no replies containing solutions).
Re:We're talking about Samba and Linux here... (Score:5, Insightful)
You mean like the 229
Seriously...I don't know what Linux distro you're using......I've heard this comment before, and out of the few dozen I've tried, nothing ever stored configuration information in more than two places:
1)
2) hidden directories in the user's home directory, for personal configuration files, rather than system-wide.
Anything that's in the user's home directory is set by the interface of whatever program they're running, though, so you hardly need to 'search out and edit' files that are in 'various different formats'.
If you're going to spread FUD, at least spread something that's true.
Oh...wait.....that would mean it wouldn't be FUD, wouldn't it?
Re:excellent! i have been looking for this (Score:4, Insightful)
Re:adds stability to Win9x/ME workgroups (Score:4, Insightful)
It sounds like a good idea, but in practice, if the master browser changes or is rebooted, the other machines in the workgroup won't be able to find network resources unless they are restarted too. This is usually the source of most network issues with Windows on home networks. By setting up a samba machine that is always and never gives up "master browser" status, the table of which machines are on the network remains available.
Re:Samba vs. NFS (Score:2, Insightful)
Re:excellent! i have been looking for this (Score:2, Insightful)
Get a Playstation! Thats what I did and since have been able to kiss windows goodbye and still play games that I like.
Re:We're talking about Samba and Linux here... (Score:3, Insightful)
MS needs to freaking put in some better backup and auto-recover features for the registry! It's far to vital to rely on a Sysadmin backing it up on a regular basis. There needs to be a multi-layered backup going back several days. Sure you can do a system restore but it's not rock solid enough and scares the hell out of most people. Go-Back was and is much more reliable and easier to understand then the first generation Microsoft System Restore feature. The registry should be backed up after every single successful reboot and one should have at least 4-5 choices to roll it back to if there is a problem. You should be able to do this at boot time when the registry has an issue being read or written to. A dialog should popup and ask if you wish to switch the current registry files to the backed up ones.
Linux scatters INI like configuration files in a variety of locations and the format varies. But at least if your Samba.conf file gets hosed, it won't blow out everything else along with it. Say it's truly corrupted, you can at least edit the sucker with vi / emacs and fix the glitch. With a binary registry file you're fucked.
Apple's got it right with their XML