1.2 Samba Functionality in OES 2

This section covers the following topics:

1.2.1 Samba Differences in OES 2

The open source Samba software described in earlier sections is installed automatically on every SLES 10 server. OES 2 uses this base Samba software, but configures it differently and installs additional software to take advantage of enhanced services available in OES 2.

The main differences between base Samba on SLES 10 and OES 2 are:

  • Samba on OES 2 is configured to use the eDirectory LDAP server for secure user authentication.

  • In order for eDirectory users to be able to access shares on an OES 2 server, they must be created in a container with a Samba-compliant password policy assigned to it and be members of a group that has been properly Linux-enabled.

    OES 2 includes a new Samba Management plug-in for iManager that simplifies the process of enabling users for Samba access by automatically making users members of the default Samba Users group that is created for every OES 2 Samba server. See Section 7.0, Managing Samba Servers, Shares, and Users for more information.

  • With OES 2, Samba shares can be created on Novell Storage Services (NSS) volumes or on NetWare Core Protocol (NCP) volumes on Linux POSIX file systems. This allows access to be controlled by the Novell Trustee Model, which offers more robust and flexible security.

  • OES 2 does not support Samba running in NT 4 domain mode as either a primary or backup domain controller.

  • Samba on OES 2 should be managed by using the tools provided with OES, such as the iManager Samba Management plug-in, and not the tools available in SLES 10, such as the YaST Samba Server tool and the browser-based SWAT utility.

  • Although Samba can also provide Windows print services, OES print services are provided by iPrint, not by Samba.

A general overview of Samba, in context with other file services in OES, is provided in Novell Samba in the OES 2 SP3: Planning and Implementation Guide.

1.2.2 Software Installed with the Novell Samba Pattern

In an OES 2 server installation, the Novell Samba pattern is available for selection in the OES Services category. Selecting this pattern installs the following packages:

  • novell-samba-cim (Samba Management Loadable CIM Module)

    This package is the CIM (Common Information Model) provider required for the Samba Management plug-in for iManager.

  • novell-samba-config (Samba Config for Novell Open Enterprise Server)

    This package configures Samba for integration with Novell eDirectory.

  • yast2-samba-server (YaST2 Samba Server Configuration)

    This package contains the YaST2 component for Samba server configuration.

Selecting the Novell Samba pattern automatically selects Novell Backup/Storage Management Services (SMS), Novell Linux User Management (LUM), and Novell Remote Manager (NRM).

1.2.3 Other OES Services That Work with Samba

Depending on what you want to do with Samba, you can select other patterns from the OES Services category:

  • Novell Cluster Services (NCS): Select this pattern if you want to include this server in a high availability cluster.

  • Novell eDirectory: Samba in OES 2 requires eDirectory.

  • Novell iManager: To manage Samba shares and users, Novell iManager must be installed on at least one server in the network.

  • Novell NCP Server/Dynamic Storage Technology: Select this pattern if you want to create NCP volumes on NSS or on a Linux POSIX file system such as Reiser or ext3.

  • Novell Storage Services (NSS): Select this pattern if you want to create Samba shares on NSS volumes. (NCP Server is automatically selected when you select this pattern.)

IMPORTANT:You cannot select Novell Domain Services for Windows along with the Novell Samba pattern. Domain Services for Windows requires its own specialized configuration of the base Samba software, which is incompatible with the standard OES 2 Linux configuration. For more information, see the OES 2: Domain Services for Windows Administration Guide.

1.2.4 Samba Users Are Both Windows and eDirectory Users

As stated earlier, the purpose of Samba in OES is to allow Windows client users to access data directories on OES Linux servers.

Both the Windows workstations and the OES Linux servers require authenticated access. On the Windows workstation, users log in using their Windows usernames and passwords. When they log in to the OES Linux server, they use their eDirectory usernames and passwords. Samba requires that these usernames and passwords match.

In other words, the Windows usernames on your network workstations and the eDirectory usernames you create for Samba access must be the same and must have the same password.

For example, if you have a Windows workstation user with the username of jsmith and password abcd*1234 that you want to be a Samba user, you must create an eDirectory user with the username of jsmith and password abcd*1234.

One advantage of Samba is that Windows users who have matching eDirectory accounts can access shares on OES 2 servers without having the Novell Client for Windows installed on the workstation. After authenticating to Windows, users can see the Samba shares they have rights to access via native Windows interfaces, such as Windows Explorer and My Network Places.

As long as the Novell NCP Server software is installed on the OES 2 server, Windows users that have the Novell Client software installed can continue to access files they have rights to on the Linux server via standard Novell interfaces, such as drive mappings.