1<?xml version="1.0" encoding="iso-8859-1"?> 2<!DOCTYPE glossary PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc"> 3<glossary> 4 <title>Glossary</title> 5 6 <glossentry> 7 <glossterm>Access Control List</glossterm> 8 <acronym>ACL</acronym> 9 <glossdef><para> 10 A detailed list of permissions granted to users or groups with respect to file and network 11 resource access. 12 </para></glossdef> 13 </glossentry> 14 15 <glossentry> 16 <glossterm>Active Directory Service</glossterm> 17 <acronym>ADS</acronym> 18 <glossdef><para> 19 A service unique to Microsoft Windows 200x servers that provides a centrally managed 20 directory for management of user identities and computer objects, as well as the 21 permissions each user or computer may be granted to access distributed network resources. 22 ADS uses Kerberos-based authentication and LDAP over Kerberos for directory access. 23 </para></glossdef> 24 </glossentry> 25 26 <glossentry> 27 <glossterm>Common Internet File System</glossterm> 28 <acronym>CIFS</acronym> 29 <glossdef><para> 30 The new name for SMB. Microsoft renamed the SMB protocol to CIFS during 31 the Internet hype in the 1990s. At about the time that the SMB protocol was renamed 32 to CIFS, an additional dialect of the SMB protocol was in development. The need for the 33 deployment of the NetBIOS layer was also removed, thus paving the way for use of the SMB 34 protocol natively over TCP/IP (known as NetBIOS-less SMB or <quote>naked</quote> TCP 35 transport). 36 </para></glossdef> 37 </glossentry> 38 39 <glossentry> 40 <glossterm>Common UNIX Printing System</glossterm> 41 <acronym>CUPS</acronym> 42 <glossdef><para> 43 A recent implementation of a high-capability printing system for UNIX developed by 44 <ulink url="http://www.easysw.com/">Easy Software Inc.</ulink>. The design objective 45 of CUPS was to provide a rich print processing system that has built-in intelligence 46 that is capable of correctly rendering (processing) a file that is submitted for 47 printing even if it was formatted for an entirely different printer. 48 </para> 49 </glossdef> 50 </glossentry> 51 52 <glossentry> 53 <glossterm>Domain Master Browser</glossterm> 54 <acronym>DMB</acronym> 55 <glossdef><para> 56 The Domain Master Browser maintains a list of all the servers that 57 have announced their services within a given workgroup or NT domain. 58 </para></glossdef> 59 </glossentry> 60 61 <glossentry> 62 <glossterm>Domain Name Service</glossterm> 63 <acronym>DNS</acronym> 64 <glossdef><para> 65 A protocol by which computer hostnames may be resolved to the matching IP address/es. 66 DNS is implemented by the Berkeley Internet Name Daemon. There exists a recent version 67 of DNS that allows dynamic name registration by network clients or by a DHCP server. 68 This recent protocol is known as dynamic DNS (DDNS). 69 </para></glossdef> 70 </glossentry> 71 72 <glossentry> 73 <glossterm>Dynamic Host Configuration Protocol</glossterm> 74 <acronym>DHCP</acronym> 75 <glossdef><para> 76 A protocol that was based on the BOOTP protocol that may be used to dynamically assign 77 an IP address, from a reserved pool of addresses, to a network client or device. 78 Additionally, DHCP may assign all network configuration settings and may be used to 79 register a computer name and its address with a dynamic DNS server. 80 </para></glossdef> 81 </glossentry> 82 83 <glossentry> 84 <glossterm>Group IDentifier</glossterm> 85 <acronym>GID</acronym> 86 <glossdef><para> 87 The UNIX system group identifier; on older systems, a 32-bit unsigned integer, and on 88 newer systems, an unsigned 64-bit integer. The GID is used in UNIX-like operating systems 89 for all group-level access control. 90 </para></glossdef> 91 </glossentry> 92 93 <glossentry> 94 <glossterm>Key Distribution Center</glossterm> 95 <acronym>KDC</acronym> 96 <glossdef><para> 97 The Kerberos authentication protocol makes use of security keys (also called a ticket) 98 by which access to network resources is controlled. The issuing of Kerberos tickets 99 is effected by a KDC. 100 </para></glossdef> 101 </glossentry> 102 103 <glossentry> 104 <glossterm>Lightweight Directory Access Protocol</glossterm> 105 <acronym>LDAP</acronym> 106 <glossdef> 107 <para> 108 The Lightweight Directory Access Protocol is a technology that 109 originated from the development of X.500 protocol specifications and 110 implementations. LDAP was designed as a means of rapidly searching 111 through X.500 information. Later LDAP was adapted as an engine that 112 could drive its own directory database. LDAP is not a database per 113 se; rather it is a technology that enables high-volume search and 114 locate activity from clients that wish to obtain simply defined 115 information about a subset of records that are stored in a 116 database. LDAP does not have a particularly efficient mechanism for 117 storing records in the database, and it has no concept of transaction 118 processing nor of mechanisms for preserving data consistency. LDAP is 119 premised around the notion that the search and read activity far 120 outweigh any need to add, delete, or modify records. LDAP does 121 provide a means for replication of the database to keep slave 122 servers up to date with a master. It also has built-in capability to 123 handle external references and deferral. 124 </para></glossdef> 125 </glossentry> 126 127 <glossentry> 128 <glossterm>Local Master Browser</glossterm> 129 <acronym>LMB</acronym> 130 <glossdef><para> 131 The Local Master Browser maintains a list of all servers that have announced themselves 132 within a given workgroup or NT domain on a particular broadcast isolated subnet. 133 </para></glossdef> 134 </glossentry> 135 136 <glossentry> 137 <glossterm>Media Access Control</glossterm> 138 <acronym>MAC</acronym> 139 <glossdef><para> 140 The hard-coded address of the physical-layer device that is attached to the network. 141 All network interface controllers must have a hard-coded and unique MAC address. The 142 MAC address is 48 bits long. 143 </para></glossdef> 144 </glossentry> 145 146 <glossentry> 147 <glossterm>NetBIOS Extended User Interface</glossterm> 148 <acronym>NetBEUI</acronym> 149 <glossdef><para> 150 Very simple network protocol invented by IBM and Microsoft. It is used to do NetBIOS 151 over Ethernet with low overhead. NetBEUI is a non-routable protocol. 152 </para></glossdef> 153 </glossentry> 154 155 <glossentry> 156 <glossterm>Network Address Translation</glossterm> 157 <acronym>NAT</acronym> 158 <glossdef><para> 159 Network address translation is a form of IP address masquerading. It ensures that internal 160 private (RFC1918) network addresses from packets inside the network are rewritten so 161 that TCP/IP packets that leave the server over a public connection are seen to come only 162 from the external network address. 163 </para></glossdef> 164 </glossentry> 165 166 <glossentry> 167 <glossterm>Network Basic Input/Output System</glossterm> 168 <acronym>NetBIOS</acronym> 169 <glossdef><para> 170 NetBIOS is a simple application programming interface (API) invented in the 1980s 171 that allows programs to send data to certain network names. NetBIOS is always run over 172 another network protocol such as IPX/SPX, TCP/IP, or Logical Link Control (LLC). 173 NetBIOS run over LLC is best known as NetBEUI (the NetBIOS Extended User Interface 174 &smbmdash; a complete misnomer!). 175 </para></glossdef> 176 </glossentry> 177 178 <glossentry> 179 <glossterm>NetBT</glossterm> 180 <acronym>NBT</acronym> 181 <glossdef><para> 182 Protocol for transporting NetBIOS frames over TCP/IP. Uses ports 137, 138, and 139. 183 NetBT is a fully routable protocol. 184 </para></glossdef> 185 </glossentry> 186 187 <glossentry> 188 <glossterm>NT/LanManager Security Support Provider</glossterm> 189 <acronym>NTLMSSP</acronym> 190 <glossdef><para> 191 The NTLM Security Support Provider (NTLMSSP) service in Windows NT4/200x/XP is responsible for 192 handling all NTLM authentication requests. It is the front end for protocols such as SPNEGO, 193 Schannel, and other technologies. The generic protocol family supported by NTLMSSP is known as 194 GSSAPI, the Generic Security Service Application Program Interface specified in RFC2078. 195 </para></glossdef> 196 </glossentry> 197 198 <glossentry> 199 <glossterm>Server Message Block</glossterm> 200 <acronym>SMB</acronym> 201 <glossdef><para> 202 SMB was the original name of the protocol spoken by Samba. It was invented in the 1980s 203 by IBM and adopted and extended further by Microsoft. Microsoft renamed the protocol to 204 CIFS during the Internet hype in the 1990s. 205 </para></glossdef> 206 </glossentry> 207 208 <glossentry> 209 <glossterm>The Simple and Protected GSS-API Negotiation</glossterm> 210 <acronym>SPNEGO</acronym> 211 <glossdef><para> 212 The purpose of SPNEGO is to allow a client and server to negotiate a security mechanism for 213 authentication. The protocol is specified in RFC2478 and uses tokens as built via ASN.1 DER. 214 DER refers to Distinguished Encoding Rules. These are a set of common rules for creating 215 binary encodings in a platform-independent manner. Samba has support for SPNEGO. 216 </para></glossdef> 217 </glossentry> 218 219 <glossentry> 220 <glossterm>The Official Samba-3 HOWTO and Reference Guide, Second Edition</glossterm> 221 <acronym>TOSHARG2</acronym> 222 <glossdef><para> 223 This book makes repeated reference to <quote>The Official Samba-3 HOWTO and Reference Guide, Second 224 Edition</quote> by John H. Terpstra and Jelmer R. Vernooij. This publication is available from 225 Amazon.com. Publisher: Prentice Hall PTR (August 2005), 226 ISBN: 013122282. 227 </para></glossdef> 228 </glossentry> 229 230 <glossentry> 231 <glossterm>User IDentifier</glossterm> 232 <acronym>UID</acronym> 233 <glossdef><para> 234 The UNIX system user identifier; on older systems, a 32-bit unsigned integer, and on newer systems, 235 an unsigned 64-bit integer. The UID is used in UNIX-like operating systems for all user-level access 236 control. 237 </para></glossdef> 238 </glossentry> 239 240 <glossentry> 241 <glossterm>Universal Naming Convention</glossterm> 242 <acronym>UNC</acronym> 243 <glossdef><para>A syntax for specifying the location of network resources (such as file shares). 244 The UNC syntax was developed in the early days of MS DOS 3.x and is used internally by the SMB protocol. 245 </para></glossdef> 246 </glossentry> 247 248 <glossentry> 249 <glossterm>Wireshark</glossterm> 250 <acronym>wireshark</acronym> 251 <glossdef><para> 252 A network analyzer, also known as a network sniffer or a protocol analyzer. Formerly known as Ethereal, Wireshark is 253 freely available for UNIX/Linux and Microsoft Windows systems from 254 <ulink url="http://www.wireshark.org">the Wireshark Web site</ulink>. 255 </para></glossdef> 256 </glossentry> 257 258</glossary> 259