Changes

Page history
Merge NetBIOS server into other sections authored by Tim Beale's avatar Tim Beale
Hide whitespace changes
Inline Side-by-side
samba-functionality/overview.md
View page @ e1da9be2
...@@ -16,9 +16,10 @@ operates as: ...@@ -16,9 +16,10 @@ operates as:
* File server, as well as providing printing services. * File server, as well as providing printing services.
* Active Directory (AD) Domain Controller (DC) * Active Directory (AD) Domain Controller (DC)
## [File Server](https://www.samba.org/samba/docs/current/man-html/smbd.8.html) ## Network server
Samba is best known as a file server, sharing POSIX file systems to Microsoft's Samba is best known as a [File Server](https://www.samba.org/samba/docs/current/man-html/smbd.8.html),
sharing POSIX file systems to Microsoft's
Windows clients. Samba translates between the NTFS file system semantics Windows clients. Samba translates between the NTFS file system semantics
expected by modern Windows clients and the POSIX file system on which it runs, expected by modern Windows clients and the POSIX file system on which it runs,
including locking, Access Control Lists and case insensitivity. including locking, Access Control Lists and case insensitivity.
...@@ -39,25 +40,16 @@ attached or are remote printers connected to the local [CUPS](https://www.cups.o ...@@ -39,25 +40,16 @@ attached or are remote printers connected to the local [CUPS](https://www.cups.o
access and install the correct driver for available printers. access and install the correct driver for available printers.
This can be used to create a central print server. This can be used to create a central print server.
## [Netbios Name server](https://www.samba.org/samba/docs/current/man-html/nmbd.8.html) * [_Netbios Name server_](https://www.samba.org/samba/docs/current/man-html/nmbd.8.html).
Samba can announce its name and accept name resolution requests via Samba can announce its name and accept name resolution requests via
`NetBIOS` broadcasts and maintain the database of names in the [`NetBIOS`](https://en.wikipedia.org/wiki/NetBIOS) broadcasts and maintain the database of names in the
`Network Neigbourhood` (the browse list). It also supports the `Network Neigbourhood` (the browse list). It also supports the
centralised WINS protocol allowing a single server to maintain the centralised [WINS](https://en.wikipedia.org/wiki/Windows_Internet_Name_Service)
registrations. protocol, allowing a single server to maintain the registrations.
Samba has two implementations of these protocols, the one in `source3`
is the original implementation and includes browsing support, the one
in source4 is a newer implementation and includes multi-master WINS
replication support.
* [source3/nmbd](https://git.samba.org/?p=samba.git;a=tree;f=source3/nmbd)
* [source4/nbt_server](https://git.samba.org/?p=samba.git;a=tree;f=source4/nbt_server)
## [Active Directory Domain Controller](https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller) ## Active Directory Domain Controller
Active Directory (AD) is a set of network services that run on a Domain Controller (DC). Active Directory (AD) is a set of network services that run on a [Domain Controller (DC)](https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller).
The AD DC administers a _domain_ of users and computers. The AD DC administers a _domain_ of users and computers.
The AD DC is responsible for verifying the identity of hosts in the network, The AD DC is responsible for verifying the identity of hosts in the network,
using a common database (or _directory_). using a common database (or _directory_).
...@@ -69,8 +61,11 @@ and Samba (specifically the `samba` binary) acts as server for each protocol. ...@@ -69,8 +61,11 @@ and Samba (specifically the `samba` binary) acts as server for each protocol.
The server responsibilties include: The server responsibilties include:
* _File Server_. The AD DC must always provide file server functionality. * _File and NetBIOS Server_. The AD DC must always provide file server and NetBIOS functionality.
Note that the file server always runs as a separate binary ([smbd](https://git.samba.org/?p=samba.git;a=tree;f=source3/smbd)). The file server always runs as a separate binary, called [smbd](https://git.samba.org/?p=samba.git;a=tree;f=source3/smbd).
Note that when run as an AD DC, Samba uses different [NetBIOS server code](https://git.samba.org/?p=samba.git;a=tree;f=source4/nbt_server)
(rather than the [nmbd](https://git.samba.org/?p=samba.git;a=tree;f=source3/nmbd) binary),
which includes multi-master WINS replication support.
* _LDAP Server_. LDAP (Lightweight Directory Access Protocol) is one way * _LDAP Server_. LDAP (Lightweight Directory Access Protocol) is one way
AD clients look up user information or to perform administration. AD clients look up user information or to perform administration.
...@@ -101,9 +96,10 @@ So this is functionality is actually provided by the file server (via the `[netl ...@@ -101,9 +96,10 @@ So this is functionality is actually provided by the file server (via the `[netl
Note that it is critical for client security that access to this share only be made Note that it is critical for client security that access to this share only be made
over a SMB signed connection, and clients need to enforce this. over a SMB signed connection, and clients need to enforce this.
## [Domain member](https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member) ## Domain member
A _domain member_ is essentially a machine that forwards authentication requests to an AD DC. A [_domain member_](https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member)
is essentially a machine that forwards authentication requests to an AD DC.
The domain member joins an AD domain and uses that domain as the source of authentication and The domain member joins an AD domain and uses that domain as the source of authentication and
authorization for connecting users. This allows transparent access to authorization for connecting users. This allows transparent access to
the resources on that server, without the server maintaining a distinct password list. the resources on that server, without the server maintaining a distinct password list.
... ...
......