Skip to content
GitLab
Menu
Why GitLab
Pricing
Contact Sales
Explore
Why GitLab
Pricing
Contact Sales
Explore
Sign in
Get free trial
Changes
Page history
Rearrange Overview sections
authored
Aug 28, 2018
by
Tim Beale
Show whitespace changes
Inline
Side-by-side
samba-functionality/overview.md
View page @
83448e93
...
...
@@ -82,6 +82,41 @@ So this is functionality is actually provided by the file server (via the `[netl
Note that it is critical for client security that access to this share only be made
over a SMB signed connection, and clients need to enforce this.
## [Netbios Name server](https://www.samba.org/samba/docs/current/man-html/nmbd.8.html)
Samba can announce its name and accept name resolution requests via
`NetBIOS`
broadcasts and maintain the database of names in the
`Network Neigbourhood`
(the browse list). It also supports the
centralised WINS protocol allowing a single server to maintain the
registrations.
Samba has two implementations of these protocols, the one in
`source3`
is the original implementation and includes browsing support, the one
in source4 is a newer implementation and includes multi-master WINS
replication support.
*
[
source3/nmbd
](
https://git.samba.org/?p=samba.git;a=tree;f=source3/nmbd
)
*
[
source4/nbt_server
](
https://git.samba.org/?p=samba.git;a=tree;f=source4/nbt_server
)
## [Domain member](https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member)
A domain member is a server or workstation joined to an AD or NT4
domain which uses that domain as the source of authentication and
authorization for connecting users. This allows transparent access to
the resources on that server without maintaining a distinct password list.
The primary use of a domain member server is as a file server, however
there are other interesting use cases:
*
[
source3/winbindd
](
https://git.samba.org/?p=samba.git;a=tree;f=source3/winbindd
)
### Kerberos
A domain member holds a kerberos principal in the realm (domain) and
so the
*machine account*
(the object in the domain that represents the
domain member) can be used to make or accept Kerberised network
requests.
## Client
Samba provides a wide range of client utilities.
...
...
@@ -97,12 +132,8 @@ are `samba-tool domain provision` used to create a new AD Domain,
*
[
python/samba/netcmd
](
https://git.samba.org/?p=samba.git;a=tree;f=python/samba/netcmd
)
### Python API
The python API used by Samba to build tools like samba-tool is
available for direct use as well.
*
[
python
](
https://git.samba.org/?p=samba.git;a=tree;f=python
)
`samba-tool`
is based on a set of Python APIs in the Samba
[
codebase
](
https://git.samba.org/?p=samba.git;a=tree;f=python
)
.
These set of python APIs could potentially be re-used to build custom tools.
## [*Classic* or NT4-like Domain Controller](https://wiki.samba.org/index.php/Setting_up_Samba_as_an_NT4_PDC_(Quick_Start))
...
...
@@ -127,39 +158,5 @@ This domain is also not entirely NT4-like because Windows clients will
use modern cryptography against such a Samba domain that NT4 never
supported.
## [Domain member](https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member)
A domain member is a server or workstation joined to an AD or NT4
domain which uses that domain as the source of authentication and
authorization for connecting users. This allows transparent access to
the resources on that server without maintaining a distinct password list.
The primary use of a domain member server is as a file server, however
there are other interesting use cases:
*
[
source3/winbindd
](
https://git.samba.org/?p=samba.git;a=tree;f=source3/winbindd
)
### Kerberos
A domain member holds a kerberos principal in the realm (domain) and
so the
*machine account*
(the object in the domain that represents the
domain member) can be used to make or accept Kerberised network
requests.
## [Netbios Name server](https://www.samba.org/samba/docs/current/man-html/nmbd.8.html)
Samba can announce its name and accept name resolution requests via
`NetBIOS`
broadcasts and maintain the database of names in the
`Network Neigbourhood`
(the browse list). It also supports the
centralised WINS protocol allowing a single server to maintain the
registrations.
Samba has two implementations of these protocols, the one in
`source3`
is the original implementation and includes browsing support, the one
in source4 is a newer implementation and includes multi-master WINS
replication support.
*
[
source3/nmbd
](
https://git.samba.org/?p=samba.git;a=tree;f=source3/nmbd
)
*
[
source4/nbt_server
](
https://git.samba.org/?p=samba.git;a=tree;f=source4/nbt_server
)
