Errata

not when mapping it.

The Example UNC "\HYDRA
etwork" is a mixture of roman (capitals)
and italic (lower case) text. This looks somewhat odd.
The conventions listed on p.xiii seem to imply that this should
all be in italics, though this is not particularly clear.

This is how a URL is formally defined.
A browser that accepts backward slashes is doing so purely for
user convenience (which is fair enough), but this shouldn't be
implied as having any formal standing.

with an asterisk", but asterisk is not in the list of acceptable
characters at all.

into an example of the output of NBTSTAT, where "type" has a
different meaning.
This distinction isn't made particularly clear.

with no further explanation. This is a term that may well
be unfamiliar to many experience network people, unless they
have had experience with low-level networking or telecomms.
This whole paragraph is rather less clearly explained
than I would expect from an O'Reilly book.

Are these two terms synonymous?

to it as being "currently active", implying that backup domain
controllers are not. The final sentence then implies that any
domain controller (including BSCs) can be used to authenticate
users. This appears to contradict the initial description.

The third paragraph refers to "other PDC responsibilities"
in contrast to authentication. However, this is the only
responsibility that has been described so far. What other
PDC responsibilities are there?

This is the first time that "subnet" has been mentioned.
It either needs a word of explanation, or else to be skimmed
over until this is covered more fully on p24.

browsers seems overly complex. It seems to be simply one
backup browser for every 32 NT, or 16 Windows 9x workstations
(or part thereof).
What are the implications of a having mixture of NT and 9x
systems in the same workgroup? Are these two calculations
done independently, or does a 9x system count as equivalent to
2 NT systems?

This may be reasonable, but it might be worth adding a word
of explanation.
Presumably "subnet" is intended to also cover distinct IP
networks, as well as IP subnets? (Since the examples in
Figure 1-14 are different networks, rather than subnets).

Given that this figure is reference from the previous page
(where "WINS" has not yet been covered), and is not referred
to during the description of WINS, is this label necessary.
Either refer to a NBNS, primary name server, or similar
generic term, or don't bother labelling it at all.

The second sentence of the WINS desription seems to state
that all machines *must* be called "fred"! OK, it's clear
what this actually means, but the wording could be improved.

servers relate to the preceding discussion of multiple WINS
servers? Can you have multiple primary WINS servers?

The description of Samba states that it "cannot properly
synchronize its data", but the table implies that it can
act as Primary Domain Controller. Surely it needs to
be able to synchronize with NT backup controllers to do this?

Table 1-6 refers to "Samba 2.1 or higher recommended".
But Samba 2.1 isn't out yet!
This apparent contradiction isn't properly explained
until much later (p186)

page) is not particularly clear.

more commonly specified as simply "nowait". The limit on maximum
number of servers is not available on many Unix systems.

encrypted database", which doesn't make sense. This isn't what is
meant, but this sentence could be re-phrased to avoid this confusion.

some fields that aren't described in the text. This is confusing.

The field values (SIMPLE, USER, etc) mentioned in the text should
probably be in constant width font (according to the conventions in
the introduction), and it might be helpful to have the field names
distinguished in some way as well.

How do you get from Figure 2-3 to Figure 2-4? Is selecting the
name from the list sufficient, or do you also need to press the
"Choose Share" button?

Is this significant here, or can they be ignored?

it also listens on UDP ports as well (including 'netbios-ns').

Line 5 this paragraph: "listens in place*S* of all the others".

is not particularly clear. It might be easier to understand if
the existing username/password case was described separately.

encryption [being] improved between Win9x and Win2000".
Where does NT 4.0 fit in?

The second paragraph of "Setting up the Network" talks about
"see[ing] ... a network device ... bound to [a] protocol".
It's not clear how you can "see" this binding (unless you have
multiple devices). What you "see" is two apparently separate
things - a device and a protocol. The binding is implicit.

There is also no description of what binding means anyway,
in contrast with the NT equivalent on p71.

from manufacturer Microsoft". In fact, you have to select the
manufacturer first, so these should be mentioned in the opposite
order.

address in the box that's shown empty in Figure 3-10.

The name "client" is a poor choice, and probably ought to match
the name used in the accompanying text ("hobbes"). This also
applies to the following figures 3-13 and 3-14.

The 'Domain' and the 'Domain Suffix Search Order' ought to match.

used for the local machine in the preceding description.

The paragraph at the top of this page talks about entering NT WINS
servers as well as the example Samba server. The turkey comment
lower down says that mixing them does not work.
Which is correct?

(Figure 3-14).
This also only set up a single share "test" - would the "lp" share
be visible by default (Figure 3-15) ? The same question arises with
reference to Figure 3-27 on p73.

the same as the equivalent Win9x versions, but phrased slightly
differently in niggling little ways. Ideally, the two phrases
should be made consistent, taking the better of each.
I particularly noticed the descriptions for DNS (p57/68),
WINS (p59/70) and hosts (p60/71) as well as the description of
bindings (p71) which was not really properly explained in the
Win9x case (p60).

The text description re-uses the IP address previously used for
the Win9x box (and doesn't match Figure 3-22 on the next anyway).

The owl comment refers to 192.168.x.x being "reserved for ... LANs".
The important thing about these addresses is that they are
reserved for *private* LANS, those not connected to the Internet.

and the DNS servers don't match the text either.
A similar comment holds for the WINS server in figure 3-24 (over).

in Chapter 9. The Win9x equivalent referred simply to Chapter 9
as a whole.

too quickly. This information would probably be better coming after
the header table, and the null TID could easily be left until the
example walkthrough.

The description of the Command Contents is unclear. The text implies
that each command is different, but the table entries seem to be
general (and aren't really explained properly).
This could do with some re-working.

"LAN Manager 0.12". Presumably this means "NT LAN Manager 1.0"
a.k.a. ID string "NT LM 0.12".
It would be better not to mix the version numbers in this way.

a "bidirectional virtual channel". This jargon probably needs to
be explained, or phrased more simply.

The negotiation talks about setting the TID to 0, in contrast with
p74, where it said that a null TID had the value 0xFFFF.

mean that this command also has yet another command piggybacked
onto it? Presumably not, but that's the impression given by the
initial description of the 'X' suffix immediately before.

is more specific than previous descriptions. They started with the
general case, and then described a specific example.
This starts with the specific type, and *then* widens out.

name and value, but significant within the value. Is *trailing*
whitespace significant or not? (This is worth mentioning explicitly)

The description of multiple valued options is not clear.
How does this differ from the preceding example (which also had
multiple tokens, but only one value) ?

I.e. does the backslash have to be the last character in the line,
or simply the last non-blank character?
(This is a common source of difficult-to-track down faults, so
I hope it's the latter - but definitely worth mentioning if not!)

file) Samba "won't do anything at all".
This is ambiguous - does it mean that Samba will stop working,
or silently ignore the include line? Needs clarification.

using this to relocate services from a dead or retired machine.
This is actually an example of standard practise in the Unix DNS
world, where the accepted naming convention is to try and "hide"
the real server name, and use generic service names as much as
possible.
A mail server would typically be referred to as "mail", even
though its actual name would probably be something else. Similarly
the web server would usually be "www", etc. The netbios name
could easily be used to offer the same sort of "server independent
service name".

CIDR format. This implies this is done as well as the netmask format
shown previously. This would be better described as "alternatively".

The owl description talks about "this option", which is ambiguous.
Does it mean the whole interface option, or just this use of netmasks?

list, but this wasn't done in the example on p101.

How does the 'socket address' option differ from 'bind interfaces'?
This distinction isn't particularly clear.

seen so far", but we haven't seen any yet!

level itself is very unobvious. (I'd call this a flaw in the Samba
design). This needs to be made much clearer in the description.
You shouldn't let the fact that this book has been "officially
adopted" by the Samba team, muzzle you from criticising Samba
where this seems appropriate.

Does the debug timestamp option affect syslog log entries?

Rather than talk about your setup, it would be better to talk in
more general terms, stress the fact this is set as part of configuring
Samba, and perhaps mention what the default default would be.

The format of the timestamp here differs from the example on p108.

lower than the 'log level' option. What is the effect of having
syslog set higher than the file logging?

The first paragraph of the "syslog" option ends by mentioning the
"syslog only" option, followed immediately by "For example". But
the example that follows has nothing to do with "syslog only",
and is just showing the normal settings.
Given that this option is about to be described later on the same
page, is there any point in even mentioning it here?

The first sentence of the description of "syslog only" ends with
a subclause that contains no verb.
"the system logger only" makes no sense!

network. But the example output includes both 'chimaera' and
'phoenix', which were introduced as network clients earlier (p93).

been added or changed? I believe this is occasionally done on
some later examples, but it isn't carried through consistently.
It doesn't match the conventions introduced at the start of the
book, but is extremely useful in following the descriptions.

(as implied by the table title) or just the role "Preferred Master
Browser" (as implied by step 3) ?

In step 6, it talks about the "runner up" (singular) becoming a
backup browser, but the initial description in Chapter 1 implied
that there could be a number of backup browsers. How is this
handled in this election mechanism?

Is this the same as the "preferred master browser *role*" covered
on the previous page ?
If not, then I don't think you have mentioned Samba setting this
before (in contrast to the claim made here).

master browser removes the need for a local master browser.
But figure 1-14 showed one machine acting as both domain and
local master browser (which seems more logical). Which is right?

paragraph) a continuation of the preceding sentence (starting
"In addition..."), or a separate alternative to 'remote announce'.
It feels a bit of both, and hence reads rather strangely.

Why "main browser master" rather than "domain master browser" ?

you shouldn't need to change this, and then tells you how to!
Most similar "hands off" option descriptions tend to *finish*
by saying this shouldn't be changed.

The description of 'auto services' recommends against using this
for printers, but never really explains why not.

place in elections" - this should read "take PART in elections".
If this is set to 'no', will Samba not take part in elections
at all, or take part, but ensure that it loses?

"we" want rather than than what "you" want.

by a slash. Since this is talking about multiple entries within the
one option, "separated" is redundent, but each entry needs to begin
*and* end with a slash.

Figure 5-3 shows a hidden file 'hello.java', which was not listed
in the previous figure at all.

The penultimate paragraph starts by talking about the effect of this
option in general. The second sentence, starting "By doing so"
suddenly switches to the particular example used.

option" - i.e. implying setting it to true. In fact, it needs to
be set to false to get the described behaviour (as in the example).
It would be less ambiguous to "use the follow symlinks option".

In Figure 5-5, surely 'hello.txt' should have the text document icon.

or two of introduction would be useful, as well as an explanation
of some of the possible dangers of using this.

structure of the GCOS field? Will it return the whole of this
field, or just the text up to the first comma?

The description of 'follow symlinks' was only a page or two back,
so it seems unnecessary to say "discussed in greater detail earlier".

natural if they came in the opposite order, so wide links follows
directly on from follow symlinks.

getwd cache is particularly slow if wide links is set - why?

wide links "includes any files or directories at the other end".
What is this meant to mean? It is not at all clear.

hide dot files "doesn't *necessarily* guarantee" that the client
cannot view them? It doesn't guarantee this at all! (any more than
hide files does). The word "necessarily" implies that it may
guarantee this in some circumstances, which is not true.

used to protect is anything required for correct use of the
Unix system (if the user has direct access to this).
The description in this paragraph implies that the Windows users
are distinct from the Mac users. It is quite possible (as in this
department) that a single user could use Windows, Mac and Unix systems
interchangeably, and use Samba to keep the same filestore visible
across all three systems.

The paragraph under "File Permissions" implies that Unix was designed
as a networked operating system. This is wrong - Unix dates from 1970
or so, but wasn't networked until the mid-to-late '70s.

'DOS' in this discussion is presumably intended to include Windows 9x

the permissions a file [has when] it is created" and then goes on to
say that umask "control[s] what permission a file .. does *not* have".
While this is strictly correct, it feels like a misprint, particularly
since the Samba option works in a different (more obvious?) way.
Either it needs a word of explanation, or rephrasing to avoid the 'not'.

For files accessed from Windows, you can disable various attribute bits
"as well" - as well as what?

The numeric forms 744 and 755 need an explanation of what this means.

than the attributes (i.e. the permissions just discussed).

The fourth paragraph talks about "some other user on a single-user
machine". This simply doesn't make sense - inherently!

accompanying descriptions, they're last.

Recommending a mask of 644 (under create mask) implies that attribute
bits are not available to the client. While this is vaguely referred
to in the next sentence, this could be made clearer.

The default for create mask is 744 in the table, and 755 in the text.

(implying that other users can't access the files anyway).

A directory mask of 750 is only sensible if the group mechanism is
actively being used. Otherwise everyone is likely to be in the same
group (when 750 is equivalent to 755) or in separate groups (when
you might as well be safe and set 700).

Presumably force create mode can be used to force world permissions,
as well as group ones?

The owl comment presumes that the original data file had group
write access in the first place. Otherwise, editing a (private)
file would give the rest of the group write access to it.

backups were done, but not necessarily what files were backed up.

Name Mangling) is accurate, but unclear. It appears to be extending
the list of characters that are case-sensitive, rather than being
two separate characteristics - longer names and case-sensitive names.

The bullet point at the bottom of the page talks about "up to the
first five alphanumeric characters", which is clumsy and unclear.

the previous one, so why repeat the same (clumsy) description?

The phrase "to the 8.3 filename" in the third bullet point is
unnecessary, and could easily be omitted.

inconsistent phrasing - "keep the case" vs "preserve case".

The description of "mangling char" in this table isn't meaningful.

The textual description of "default case" starts by saying that
this is the default case that will be used. The next sentence then
says that "lower" will use mixed case.

to yes" (which is the default anyway), and then "leave this option
to [sic] its default".

The descriptions of mangled names and mangle case (over the page)
are in the opposite order from Table 5-7.

for long names?

The 'mangled map' option specifies a mapping that can be used
"before or even in place" of the standard mangling. How are
these two possibilities distinguished?

"receive an error ... and wait until the lock is released".
It's also possible for the second process to simply fail.

Is "byte-range locking" (end of the first sentence of the second
paragraph) partof standard DOS/NT locking, or a Samba addition?
Is it supported on all Samba systems, or just those where the
underlying architecture supports it natively?

The second paragraph of the discussion of opportunistic locking
talks about "the interrupting process [being] granted an oplock
break". Is this actually visible to this second process, or does
the break happen transparently behind the scenes?

much less clear than I'd expect from the rest of the book.
Maybe I was just tired, but this didn't seem to click.

there a need for an option to enable or disable them?

Workstation SP3, implying that later service packs are not affected.
In fact the comments should refer to "SP3 or higher".

page is shown in bold type. This is a useful way to indicate changes,
but this is the first time it has been used, and it was not indicated
in the list of conventions in the Preface.
It would be worth carrying this idea through the rest of the book.

The last sentence in the first paragraph refers to "difference [in]
access rights [to] files" - it is unclear precisely what is meant.

The next paragraph talks about "the Unix user that Samba uses to
represent the client" - how is this user determined?

in the example of setting up the shared directory, has the same effect
as the "directory mode" option. These actually refer to different
levels (the "home directory" and subdirectories of this respectively).

The modes 0660 and 0770 assume a shared GID to be at all sensible.
How is the GID of the connection determined?

The config fragment under "[homes]" uses the option 'browsable'.
While this is valid, all previous examples use the form 'browseable'.

'auto services', which is not relevant to the topics being covered.

The description of 'admin users' refers to NIS netgroups. Is this
only supported for this option, or can NIS netgroups be used with
other options (such as 'valid users' on p156)?
Having described this option, the advice is then given not to use
it. Why not, if root access is what is required for that situation?

The options 'read list' and 'write list' refer to lists of users.
Can these options be used with group names (as with the other
options that list users that have just been described) ?

account. Why not offer the possibility of creating a special account
for this purpose? (Also on p162)

Table 6-1 lists the various access control options, but omits
'guest ok'. Granted, this has been covered in Table 4-4 (p97)
but is still relevant to this discussion. At the very least, a
reference back to this earlier description would be sensible.

of the admin user". Does this mean the admin user on the Unix side
(presumably root), or the user making the connection?

for needing this would be length limitations on the Unix side. This
option could also be used to cope with different names on the two
systems due to historical reasons (e.g. administration differences)

In the third sentence of this section, the last clause is unnecessary.
Having said that Unix usernames may be limited in length, it would
be clearer to simply say "... mapping a free-form client username to
a Unix username".

In protecting access to the map file, it it sufficient to ensure that
the file is not writeable to normal users. Making the file owned by
root (while possibly sensible) is not strictly necessary.

is not mentioned explicitly, but has to be inferred from the example.

The last paragraph of the user map description is unclear.

The fact that the 'username level' option will try *permutations*
of the username is tacked on to the end of the description, almost as
an afterthought. This ought to be made more prominent.

.. read-write access, and so on". What other options are there?

Second paragraph - does NT support share-level security?

The second sentence of the second paragraph reads rather oddly
(enabling share-level security twice), and the following sentence
feels like a separate step rather than the continuation of this task.

The third paragraph seems to imply that you can only share a whole
drive - I believe it is possible to share a particular folder.

A figure for this second step would be be useful.

allow access to a share, if the password belongs to *any* valid user.
I hope I misunderstand this, as the implications for password cracking
are horrendous!
The last sentence of this step is somewhat odd - it would be more
natural to phrase this in the reverse sense. How does failure under
4 interact with step 5? This is not clear.

The last paragraph talks about "each of the users in its own list".
How is this list determined? The same comment holds for the "internal
list" referred to on the next page.

As opposed to re-entering it for the first time, perhaps? <grin>

The 'revalidate' option is not explained for another 20+ pages.

the names used previously are simply 'PHOENIX' and 'HYDRA'.

If a server rejects the password, "the connection will ... fail".
Does this mean that access will be denied (regardless of guest access
settings), or simply that the authentication has failed?

a connection [open]... ". Surely it could, but "*does* not"?

This would appear to be the default location anyway.

In the second paragraph under "Disabling encrypted password", it
talks about installing two files on each system. Are both files
needed in each case - or is it simply the appropriate one for the
particular O/S?

broadcast across the network". Are these sent via a network broadcast,
or sent directly to the authentication server?

Figure 6-3 shows a trailing colon at the end of the line. If this
is necessary, then mention the fact (and that following fields are
ignored). Otherwise it would be clearer to omit it.

is specified as /usr/local/9781565924499/private. On page 183, at the
bottom of the page, we learn that many Red Hat distributions put
the smbpasswd file in /etc. It would be helpful to have this
information about Red Hat earlier.

account flags field. This makes it impossible to tell how many
spaces should be included. It would be worth mentioning this
explicitly here.

Is it necessary to specify the username with the smbpasswd command?
Since this seems to work in the same way as the traditional Unix
passwd command, it would be clearer to invoke it with no arguments.

since the password command is run as root, the old password won't
be asked for (as implied just above).

will only match the RedHat style conversation, not the traditional
form. But the first line says that "this will *also* handle ..."
Is there any way to specify alternatives?

The next couple of lines talk about using the debug option to "set
up a new chat script". This is somewhat confusing.

The last line in this section talks about making "password
synchronization a thing of the past". Is this really what is meant?

password of the user". Is this is the old password or the new one?
If this refers to the old password (as implied by the footnote),
then what are the implications of setting the 'encrypted passwords'
option? Will setting the Unix password still work?

These two descriptions appear in the opposite order to Table 6-8

The penultimate paragraph talks about a client "connect[ing] *to*
a non-encrypted password".

implications for a non-zero setting, as well as the performance hit.
Is this setting relevant if encrypted passwords are being used?

(such as bin) necessarily have null Unix passwords. This is not
inevitably the case.

abruptly after the respective config fragments.

In the turkey comment, it mentions that Samba 2.1 is available via
CVS. Is this a "release-candidate" version of 2.1, or alpha code?

The Windows NT section refers to "a few more steps" - but there is
only one step described (setting encryped passwords) before the end
of the section. The discussion of trust accounts reads as a
completely separate section.

if there are a large number of clients.

The fourth paragraph says that the resource ID "cannot conflict"
with other resource IDs. Clearly it could - but it "*must* not".

The last paragraph talks about just entering a password. Is it not
necessary to enter a username as well?

owl comment, which mentions "local groups". Are these synonymous?

Windows NT clients only" - this phrasing feels rather clumsy.

The "more information" reference to the NT Nutshell book
effectively duplicates the owl comment at the bottom of the page.

a term that has been used before - previous discussions have simply
talked about the share directory.

The penultimate paragraph recommends using DOS/Windows to create
logon scripts. It would also be possible to use a modern Unix editor
(like 'vim') and explicitly setting the text mode to DOS style.

and NT (in the first sentence), but this doesn't mention Windows 98
(which is then included in Figure 6-6).

The only use for roaming profiles suggested is to synchronise
between a desktop and a portable. Another situation where this
could be useful would be a "hotdesking" environment, or a lab of
identical systems.

was not particularly clear. In particular, it is never explicitly
stated that this should be a UNC, rather than a Unix path.

Is the share name 'profile' in the second config fragment fixed,
or does this refer to the path element of the UNC from the previous
fragment?

The create and directory modes given are "owner only", but the
Unix listing of an example profile include group write access.
What (Unix) ownership and permissions should be set for the root
directory of the profile share, and the per-user subdirectories?

What happens if there is both a user.dat and user.man file?

requirement about line endings in the first and last sentences.
This only needs to be stated once - probably dropping "with
lines ending in carriage return/line feed" from the first line.

The 'logon path' option again omits to state that this is a UNC
name (though this is mentioned in Table 6-10).

The obvious choice of drive letter for a user's home directory would
surely be H: (for 'Home')

isn't necessarily the same as a "good" choice.

The description of the first function in Table 6-11 starts
"Sets a command..." - all the others start "Sets a Unix command".
These should ideally be consistent.

global write access to the log file, which might leave it open
to corruption or tampering. What is the advantage of doing this
here, rather than in the root preexec section?

The two user exec options discard any output. Do the two root
exec options work similarly? If so, it would be worth saying so.

Is the %u variable set for the root exec options as well?

The obvious role for 'root postexec' would be undoing whatever
was set up by 'root preexec' (such as unmounting the CD-ROM).

setting up users. This feels rather arbitrary and incomplete.
Since these two options both specifically refer to NIS, why
not introduce the table in these terms - perhaps using the
paragraph that currently follows the table?

The references to 'server' in this discussion are unclear,
since these can refer to processes or machines. The details
of who is talking to who is somewhat confusing.

a more detailed description of the first topic. This could perhaps
be split into two paragraphs.

The second paragraph says that this chapter will "introduce WINS".
But WINS has already been mentioned in Chapter 1. This coverage
implied that the WINS server offers more than simply IP addresses.

The third paragraph talks about "effortlessly" sending print jobs.
Given the amount of work needed to set up printing in the first place,
this is perhaps a bit tactless. A better description would perhaps
be "transparently"

much of which is probably not strictly necessary to know.

'right side' of the option. Previously this has been described as
the 'value' of this option.

The example print command for the System V case sets the printer
explicitly (using "-d%p"), as will the config fragment on p206
("-P%p"), but the config fragment earlier on the page left this implicit.

being sent to a busy printer". Good! That's the whole point
of printer queues.

The pause/resume facilities are only available if the underlying
operating system supports them. This is not made explicit here.

of the system printers" - this seems misleading since there is only
one such share listed in the configuration file.

The 'testparm' command in the example at the bottom of the page should
be in bold type, according to the conventions listed in the Preface.

match the value set in the previous config fragment.

The line 'lppause command' is not indented correctly.

The second paragraph talks about changing the guest account "as
mentioned before" - I'm not quite sure where this is referring to.
It could do with being a more precise reference.

in the text appears to indicate the screen dump labelled Figure 7-3.
The "real" Figure 7-3 appears to be missing.

The last sentence of the penultimate paragraph recommends to "keep
using" existing printer drivers. Is this the same as the option to
"reuse" the driver mentioned just above?

Up Printer Drivers mentions skipping the Manufacturer dialog - is this
the only bit of the Add Printer Wizard dialog that is skippable?

and puts this in the file 'printers.def'. It would be safer to
*append* this definition - otherwise any existing definitions
would be lost.

subfolder. Presumably this structure needs to be retained on the Unix
side? If so, it would be worth emphasising this.

of the PRINTER$ share - is this a UNC-style name, or a file path?

The second path states "If Samba asks you to delete unneeded files,
do so". How are such file identified? Will Samba offer to delete
these, or list which files are candidates for deletion?

Canon printers shown in Figure 7-7.

listed in the 'sd' field has a different name to the printer name.
This might work, but is unconventional, and not particularly clear.

The comment against 'sh' is misspelled - "suppress" not "surpress".
The same error is present on p223.

machine". Does the machine have to be rebooted, or is it sufficient
to restart the servers?

The second line of the System V description starts "to get obtain ...."

The lpadmin command command refers to the option '-i./smbprint.sysv'
This will only work if given from the correct directory.

list of printers is stored under System V.

The config fragment listed under 'printable' uses a new share name
that's never appeared before (and isn't used again).

The 'printer driver file' option gives the location for Windows 95/98
driver files. What about Windows NT - is this handled the same way?

which is covered in a different column.

would be more appropriately covered on the following page, under
the 'printcap name' description. This paragraph refers to using
"an appropriate lpstat command" - would it be possible to provide
some examples.

Why is the printcap file footnoted here, but not on p215?

I think this means that it's the only one you haven't described so far.

after "the name" - this presumably means the domain name, rather than
the server name, but this is not made clear.

Can you combine names (with the same IP address) on the same line?

The last paragraph describes use of the 'wins proxy' option. Does this
refer to name resolution from witin the Samba software itself, or
requests from other clients?

mutually exclusive. What happens if both are specified? Which wins?
The description on p228 says that Samba will "flag an error", but still
does not make clear what happens.

The last paragraph starts "Finally", as did the previous sentence.

The distinction between 'dns proxy' and the 'name resolve order'
options hosts setting is unclear.

"from itself" to another server. How does this differ from the
'wins server' role?

programs rely .... for their programs to function".
Duplication of "their programs".

A magic script ought to work with Windows CR/LF line endings, if each
line also ends with a semicolon character, which marks the end of a
shell command.

mapping lowercase to uppercase, but Table 8-4 feels to be more a
character set. This distinction is confusing to those not familiar
with Windows character handling.

I'm surprised that the default code page is 850 (Western European)
rather than 437 (United States). Is this standard, or an internal
Samba configuration?

explicitly, even though it is the default 850.
Is this necessary, or just done for clarity?

assumes that the server is running X11 on the console. This is often
not the case for a server, so it would be sensible to mention this.

What is meant by "unique variables" in the introduction to Table 8-8 ?
A reference to the "standard variables" would be useful.

The section on Recently Added Options states that these are "not
entirely supported". What on earth does this mean?

option "will work" - I should think so! What this appears to mean
is that it will not cause undue disruption to the user.

The command at the bottom of the page is specific to the BSD form of df.
This is not mentioned here, and the only indication of this fact is
over the page, where the System V equivalent is mentioned. If the
reader doesn't turn the page here, this will be missed.
The BSD version also uses a bare command name, while the System V
version gives the full path to the command. Why the inconsistency?

The description of 'set directory' refers to the VMS command as
'setdir' (one word) in contrast to the entry in Table 8-10
("set dir" - two words).

How is it possible to use a CD-ROM to back up a system ? They're read
only! Presumably this means using a CD writer, but it reads oddly.

on your Samba system". Surely data on the Samba server would be
backed up using standard Unix backup tools (e.g. dump, etc) ?

In Figure 8-2, highlight "File and printer sharing".

The third paragraph refers to sharing the disk "with the tape server".
Marking a disk for sharing doesn't appear to specify acceptable hosts
to share with. It simply offers the disk for sharing generally.

The "second step" mentioned on the last line is ambiguous. Does it
refer to the second numbered step on p246, or the second step of
sharing the disk?

figures referred to a folder on a disk that wasn't already shared.

Given that only one of the invocations of smbtar requires write access,
it would be sensible for Figures 8-4/8-5 to share the folder Read-Only.
Full sharing has security implications, and if this isn't necessary,
why risk it?

are introduced in this chapter. Steps 2, 3 and 4 are discussed in
reverse order. Steps 6 and 7 are also covered in the opposite order,
and there is no mention here of the Samba mailing lists (see p292)

2 version, and is just truncated. It should therefore start with the
"Got SIGHUP" message, and include the various share section handling.
In fact, it appears to be detailing a small portion from within the
middle of the level 2 operations. This is not stated clearly anywhere.

but this is only mentioned at the end of the description.

with the packet dump, rather than being off to the right.
The explanatory text 'Beginning of a reply to a request' wraps.

The explanation of the command-line options at the bottom of
the page is in a different order to the way they were used.

This is slightly misleading, as the TCP software will be installed
already. What is probably meant is "testing of" TCP software, etc.

The output of "ping 127.0.0.1" includes references to "localhost".
In practise, pinging a numeric address typically does not perform
the reverse lookup, so only the numeric address would be shown.
The layout of this example does not seem to match the standard
Linux ping command, which looks like this:
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.1 ms
(This is RedHat 5.1, and the ping command is in the RPM 'netkit-base').

says to "repeat it for the client". This is ambiguous - do you
ping the client's IP address from the client, or the server's IP
address from the client. The first is what is meant, but this could
be read either way.

The last paragraph says to ping the server (by name) from the client.
An intermediate test that has been omitted is to ping the server
by IP address from the client. This would show network connectivity,
without relying on the name service.

the server name to the full form, as described underneath (point 2).
The IP address show does not match that in the text (point 3).

Should the command 'arp -a' be given on the client, or the server?
If on the server, it is also possible to ask for the ARP entry
of a particular machine, using 'arp hostname'.

that one remote machine. A problem with lack of connectivity is
likely to result in multiple "(incomplete)" entries.
This form of entry appears to be specific to Unix systems.
Our Windows boxes do not display entries for non-responding systems.

The address 192.168.236.86 is an IP address, not an Ethernet address.

If the ARP address is obtained via a proxy response, then it would
be quite normal for the ping to fail if the remote machine is turned
off. This would *not* indicate "an intermittent or ARP problem"
as stated in the second dash-point.

A possibility omitted from the case 'a' at the bottom of the page
is that the routing on the local system is wrongly configured.

drop .. packets". This makes it sound inevitable, and desirable!

The last paragraph talks about "multiple names for an Ethernet address"
Does this mean Ethernet address, or IP address?

testing will have tested UDP services. This is not correct if name
resolution is done locally.

The second bullet point assumes that all Unix systems allow FTP and
telnet connections. This is not necessarily true - particularly for
servers, which may (ought!) to provide a minimal set of services
to improve their security. Restricting FTP and telnet to a limited
set of machines is one such approach.

is in constant width font. This isn't actually the name of an option,
so ought to be in normal type.

next line. This makes it difficult to read.

The example output includes the state 'LISTEN', but the following
text talks about the state 'LISTENING'

The fifth sentence of the third paragraph starts "If both of the
lines *is* missing....".

The penultimate sentence talks about "our" daemons. Does this mean
the daemons at the authors' site, or those started manually?

informational messages, and warnings or errors. It's not always
clear which of these can be ignored, and which are likely to affect
the correct operation of the system, and need fixing.

connection..." message. The word 'account_name' should probably
be in a different font to distinguish it, and the next two words
"to service" are also part of the message, so should be within the
double quotes.

The output of smbclient at the bottom of the page, supposedly
invoked using the guest user, includes "User=[davecb]".

The penultimate bullet point refers to "%U" rather than "U%"

the Password prompt, but this was not shown on the earlier example.

The phrasing of the error given in this paragraph is fairly specific,
and will not be the same for all of the possible problems listed.

given only has a single leading backslash. Surely there should be two?
There's a similar error in the last paragraph of the next page.

The screen shot on the next page uses the command 'net use g:'
rather than 'net use *'

are acceptable on a local network. This assumes that this local
network is regarded as secure.

The bullet point following states that Samba will try a password
"once with it in uppercase and once in lower case". This implies
that a password will never be tested in the form received.
The is also an inconsistency in whether "case" should be a
separate word or not.

of protocol binding.

Figures 9-2 and 9-3 show different contents of the TEMP directory.

fail. This is only a problem if the Samba server is not set
up to handle encrypted passwords.

broadcast capability. The first chapter seemed to imply that the
use of master browser systems could avoid this requireent.

The implication that "normal = reliable" is probably unwarrented.
Use of the descriptions "reliable" and "unreliable" is somewhat
confusing anyway. I don't think this has been common terminology
so far, so it seems unnecessary to start using it now.

The example output on this page has some minor indent problems.

The third dash-point mentions "OS/2 or Windows for Workgroup clients".
Given that this testing is being done with 'smbclient', what relevance
do OS/2 or WfW clients have?

This refers to the past, so should read "... *was* first analyzed".

The penultimate bullet states that the "-B option takes a broadcast
address", but the preceding paragraph said to use the server name.

The third sentence of the last bullet is missing a word - "If so, it
may not BE claiming names...".
The word "configuration" is misspelled in the penultimate sentence.
The double negative in the last sentence makes it hard to follow.

It should also probably read "*with* the client's name".
The client name in the "nmblookup" command should be in italics
to agree with the "nmblookup" command on the previous page.
(or the previous page should use bold fixed width instead)

The "any failures" at the end of the line following this bullet
point would appear to include the problems mentioned there.
It should probably refer to "any other failures"

The last line of the page appears to be corrupted.

time in the whole book that "File Manager" has been mentioned.

The view of the server in Figures 9-4 and 9-5 are inconsistent.

The last couple of lines refer to "looking too soon". Too soon
after what? After logging in? Booting the system?

error, or simply appear empty?

The first paragraph under "Other Things that Fail" implies that
*all* problems are either solved or new to the authors. The section
then proceeds to outline other known problems, which haven't already
been solved, in contrast to this claim.

The last sentence under "Not logging on" suggests "shutting down
and logging in again". It's extremely difficult to log into a
system that has been shut down!
How about "restarting the system and logging in again".

The description of WINS given earlier implied that the WINS server
would try DNS anyway.

The third bullet point talks about "the SMB client program" using
something different. Does this refer to the previous bullet points?
If so, this is not immediately apparent.

In the sentence following this list, the suggestions made conflict
with the information just given. If this list is simply the default
settings, then this needs to be made explicit.

The presence of a /etc/resolv.conf file (paragraph 3) does not
necessarily imply that DNS is being actually used. This may depend on
other settings, such as the /etc/nsswitch.conf file mentioned later.

or the short form? This is only addressed in the third dash-point.

If any of the name servers are active, the nslookup command should
work (though you may need to wait for the earlier ones to time out).

Does the "these lines" in the last sentence refer to the workgroup
lines, or the server lines, or both?

types was first described.

The "name" parameter in the ypmatch commands should be in italics.

described as starting with "default" (line 2) and "domain" (line 5).
Which is correct?

The command under NIS should have "hostname" in italics, as with NIS+.
The following comment implies that this should be the short form. Yes?

If the short form works under DNS but the long form doesn't, the
obvious error is that the domain is set wrongly.

possible to have a subnet mask of 255.255.252.0, for example.
This possibility is not recognised at all.

about "getting a real network". This should read "getting a real
network address" - an isolated network is still a "real network"!

It mentions downloading Samba with CVS and to be honest, the whole
stuff is not written very well.

The company Cyclic Software does not exist anymore, although their
Web Site is adopted through a community effort and actually
maintained by SourceGear, the company which bought Cyclic Software.

CVS was written on top of RCS and has needed an installed RCS,
but this is NOT required anymore since Version 1.10.X of CVS.
You only have to install CVS on your machine and a lot of Linux
distributions and *BSD systems has already installed a proper version.

Once you have connected to the Samba CVS server, you must first
log in. But to log in you have to send a password, which you do
not mention at all. The right password is cvs.

Since the Samba CVS distribution is really big, you should at
least mention that one could use the option -z3 to compress the
data stream. It would be nice if you could correct these issues.