samba - Jul 2009 - TOSHARG-DomainMember.xml translate finish and some bug found

Now, TOSHARG-DomainMember.xml translate to Japanese finished.

and Some bug found.

<procedure>
<title>Server Manager Account Machine Account Management</title>
                      -------Domain?
        <step><para>
        From the menu select <guimenu>Computer</guimenu>.
        </para></step>

        When the user elects to make the client a domain member, Windows 200x
prompts for
        an account and password that has privileges to create  machine accounts
in the domain.
        A Samba administrator account (i.e., a Samba account that has
<constant>root</constant> privileges on the
        Samba server) must be entered here; the operation will fail if an
ordinary user
        account is given.

---> Can user who have SeMachineAccountPrivilege rights  join machine ?


<para>
<indexterm><primary>ADS</primary></indexterm>
<indexterm><primary>SRV records</primary></indexterm>
<indexterm><primary>DNS zon</primary></indexterm>
                        ---zone?

<indexterm><primary>KDC</primary></indexterm>
<indexterm><primary>_kerberos.REALM.NAME</primary></indexterm>
Microsoft ADS automatically create SRV records in the DNS zone


<indexterm><primary>Kerberos</primary></indexterm>
<indexterm><primary>Create the Computer
Account</primary></indexterm>
<indexterm><primary>Testing Server
Setup</primary></indexterm>
<indexterm><primary></primary></indexterm>
                   -why null?

If all you want is Kerberos support in &smbclient;, then you can skip
directly to <link


        <indexterm><primary>kinit</primary></indexterm>
        <indexterm><primary>rights</primary></indexterm>
        You need to log in to the domain using <userinput>kinit
                    -------
                    login ?
       
<replaceable>USERNAME</replaceable>@<replaceable>REALM</replaceable></userinput>.
        <replaceable>USERNAME</replaceable> must be a user who has
rights to add a machine to the domain.
        </para></listitem></varlistentry>


On a Windows 2000 client, try <userinput>net use *
\\server\share</userinput>. You should
be logged in with Kerberos without needing to know a password. If this fails,
then run
------------
login ?
<userinput>klist tickets</userinput>. Did you get a ticket for the
server? Does it have
an encryption type of DES-CBC-MD5?


On your Samba server try to log in to a Windows 2000 server or your Samba
                            ------
                            login?
server using &smbclient; and Kerberos. Use &smbclient; as usual, but
specify the <option>-k</option> option to choose Kerberos
authentication.
</para>

</sect2>

<sect2>
<title>Notes</title>

--
--- Oota Toshiya ---  t-oota at dh.jp.nec.com
NEC Computers Software Operations Unit              Shiba,Minato,Tokyo
Open Source Software Platform Development Division  Japan,Earth,Solar system
(samba-jp/ldap-jp Staff,mutt-j/samba-jp postmaster)

Hi,

OPC oota wrote:
> Now, TOSHARG-DomainMember.xml translate to Japanese finished.
>
> and Some bug found.
>
> <procedure>
> <title>Server Manager Account Machine Account
Management</title>
>                       -------Domain?
>         <step><para>
>         From the menu select <guimenu>Computer</guimenu>.
>         </para></step>
>
>         When the user elects to make the client a domain member, Windows
200x prompts for
>         an account and password that has privileges to create  machine
accounts in the domain.
>         A Samba administrator account (i.e., a Samba account that has
<constant>root</constant> privileges on the
>         Samba server) must be entered here; the operation will fail if an
ordinary user
>         account is given.
>
> ---> Can user who have SeMachineAccountPrivilege rights  join machine ?
>   
I'm not sure how this works in Samba 3 actually, hopefully somebody else
knows.
> <para>
> <indexterm><primary>ADS</primary></indexterm>
> <indexterm><primary>SRV
records</primary></indexterm>
> <indexterm><primary>DNS zon</primary></indexterm>
>                         ---zone?
>   
Fixed.
> <indexterm><primary>Kerberos</primary></indexterm>
> <indexterm><primary>Create the Computer
Account</primary></indexterm>
> <indexterm><primary>Testing Server
Setup</primary></indexterm>
> <indexterm><primary></primary></indexterm>
>                    -why null?
>   
Thanks, fixed.
> If all you want is Kerberos support in &smbclient;, then you can skip
directly to <link
>
>
>        
<indexterm><primary>kinit</primary></indexterm>
>        
<indexterm><primary>rights</primary></indexterm>
>         You need to log in to the domain using <userinput>kinit
>                     -------
>                     login ?
>        
<replaceable>USERNAME</replaceable>@<replaceable>REALM</replaceable></userinput>.
>         <replaceable>USERNAME</replaceable> must be a user who
has rights to add a machine to the domain.
>         </para></listitem></varlistentry>
>
>   
Similar to the previous chapter, I think "log in" is also valid.

Cheers,

Jelmer