| [311] | 1 | <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Glossary</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="index.html" title="Samba-3 by Example"><link rel="prev" href="apa.html" title="Appendix A. GNU General Public License version 3"><link rel="next" href="ix01.html" title="Index"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Glossary</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="apa.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="ix01.html">Next</a></td></tr></table><hr></div><div class="glossary"><div class="titlepage"><div><div><h2 class="title"><a name="id2630385"></a>Glossary</h2></div></div></div><dl><dt>Access Control List</dt><dd><p>
|
|---|
| [286] | 2 | A detailed list of permissions granted to users or groups with respect to file and network
|
|---|
| 3 | resource access.
|
|---|
| 4 | </p></dd><dt>Active Directory Service</dt><dd><p>
|
|---|
| 5 | A service unique to Microsoft Windows 200x servers that provides a centrally managed
|
|---|
| 6 | directory for management of user identities and computer objects, as well as the
|
|---|
| 7 | permissions each user or computer may be granted to access distributed network resources.
|
|---|
| 8 | ADS uses Kerberos-based authentication and LDAP over Kerberos for directory access.
|
|---|
| 9 | </p></dd><dt>Common Internet File System</dt><dd><p>
|
|---|
| 10 | The new name for SMB. Microsoft renamed the SMB protocol to CIFS during
|
|---|
| 11 | the Internet hype in the 1990s. At about the time that the SMB protocol was renamed
|
|---|
| 12 | to CIFS, an additional dialect of the SMB protocol was in development. The need for the
|
|---|
| 13 | deployment of the NetBIOS layer was also removed, thus paving the way for use of the SMB
|
|---|
| 14 | protocol natively over TCP/IP (known as NetBIOS-less SMB or “<span class="quote">naked</span>” TCP
|
|---|
| 15 | transport).
|
|---|
| 16 | </p></dd><dt>Common UNIX Printing System</dt><dd><p>
|
|---|
| 17 | A recent implementation of a high-capability printing system for UNIX developed by
|
|---|
| 18 | <a class="ulink" href="http://www.easysw.com/" target="_top">Easy Software Inc.</a>. The design objective
|
|---|
| 19 | of CUPS was to provide a rich print processing system that has built-in intelligence
|
|---|
| 20 | that is capable of correctly rendering (processing) a file that is submitted for
|
|---|
| 21 | printing even if it was formatted for an entirely different printer.
|
|---|
| 22 | </p></dd><dt>Domain Master Browser</dt><dd><p>
|
|---|
| 23 | The Domain Master Browser maintains a list of all the servers that
|
|---|
| 24 | have announced their services within a given workgroup or NT domain.
|
|---|
| 25 | </p></dd><dt>Domain Name Service</dt><dd><p>
|
|---|
| 26 | A protocol by which computer hostnames may be resolved to the matching IP address/es.
|
|---|
| 27 | DNS is implemented by the Berkeley Internet Name Daemon. There exists a recent version
|
|---|
| 28 | of DNS that allows dynamic name registration by network clients or by a DHCP server.
|
|---|
| 29 | This recent protocol is known as dynamic DNS (DDNS).
|
|---|
| 30 | </p></dd><dt>Dynamic Host Configuration Protocol</dt><dd><p>
|
|---|
| 31 | A protocol that was based on the BOOTP protocol that may be used to dynamically assign
|
|---|
| 32 | an IP address, from a reserved pool of addresses, to a network client or device.
|
|---|
| 33 | Additionally, DHCP may assign all network configuration settings and may be used to
|
|---|
| 34 | register a computer name and its address with a dynamic DNS server.
|
|---|
| 35 | </p></dd><dt>Group IDentifier</dt><dd><p>
|
|---|
| 36 | The UNIX system group identifier; on older systems, a 32-bit unsigned integer, and on
|
|---|
| 37 | newer systems, an unsigned 64-bit integer. The GID is used in UNIX-like operating systems
|
|---|
| 38 | for all group-level access control.
|
|---|
| 39 | </p></dd><dt>Key Distribution Center</dt><dd><p>
|
|---|
| 40 | The Kerberos authentication protocol makes use of security keys (also called a ticket)
|
|---|
| 41 | by which access to network resources is controlled. The issuing of Kerberos tickets
|
|---|
| 42 | is effected by a KDC.
|
|---|
| 43 | </p></dd><dt>Lightweight Directory Access Protocol</dt><dd><p>
|
|---|
| 44 | The Lightweight Directory Access Protocol is a technology that
|
|---|
| 45 | originated from the development of X.500 protocol specifications and
|
|---|
| 46 | implementations. LDAP was designed as a means of rapidly searching
|
|---|
| 47 | through X.500 information. Later LDAP was adapted as an engine that
|
|---|
| 48 | could drive its own directory database. LDAP is not a database per
|
|---|
| 49 | se; rather it is a technology that enables high-volume search and
|
|---|
| 50 | locate activity from clients that wish to obtain simply defined
|
|---|
| 51 | information about a subset of records that are stored in a
|
|---|
| 52 | database. LDAP does not have a particularly efficient mechanism for
|
|---|
| 53 | storing records in the database, and it has no concept of transaction
|
|---|
| 54 | processing nor of mechanisms for preserving data consistency. LDAP is
|
|---|
| 55 | premised around the notion that the search and read activity far
|
|---|
| 56 | outweigh any need to add, delete, or modify records. LDAP does
|
|---|
| 57 | provide a means for replication of the database to keep slave
|
|---|
| 58 | servers up to date with a master. It also has built-in capability to
|
|---|
| 59 | handle external references and deferral.
|
|---|
| |
|---|
