DOCSLIB.ORG

LDAP-Based Authentication for Samba Install and Configure Samba As a Primary Domain Controller with LDAP on Linux

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
LDAP-Based Authentication for Samba Install and Configure Samba As a Primary Domain Controller with LDAP on Linux LDAP-based authentication for Samba Install and configure Samba as a primary domain controller with LDAP on Linux Skill Level: Intermediate Keith Robertson ([email protected]) Advisory software engineer IBM 31 Jan 2006 This tutorial demonstrates how to install and configure Samba as a primary domain controller with a secure LDAP-based authentication mechanism. It also describes how to configure the LDAP server, OpenLDAP, for PAM-based authentication and how to secure the link between Samba and OpenLDAP with Transport Layer Security (TLS). The completed system boasts a secure file- and print-sharing setup, in addition to a robust LDAP server that could be used for purposes beyond those required by Samba. Additionally, Windows® clients are able to logon to your Samba server which acts as a primary domain controller and have shared drives automatically mounted for them based on their group membership. Section 1. Before you start About this tutorial In this tutorial -- about how to install and configure Samba as a primary domain controller with a secure LDAP-based authentication mechanism -- I'll: • Introduce LDAP, show how it integrates with Samba, and discuss security concerns LDAP-based authentication for Samba © Copyright IBM Corporation 1994, 2008. All rights reserved. Page 1 of 32 developerWorks® ibm.com/developerWorks • Go through the steps of configuring LDAP, including installing OpenLDAP and the IDEALX LDAP Samba toolkit; configuring OpenLDAP necessities, the slapd.conf file, the /etc/ldap.conf file, and the Pluggable Authentication Modules (PAM); and explain how to start OpenLDAP • Next, show you how to configure Samba, including installing and starting Samba and the Logon Profile Generator; creating the required directories and the shared drives; configuring the smb.conf file and setting the LDAP database-access password; populating the database; adding the PAM and other users and adding Windows workstations to the domain; and debugging the Samba installation in case it didn't work • Finally, cover security issues and talk about how to enable security for this system, including enabling the Transport Layer Security for OpenLDAP, PAM, and Samba and how to test the security of your system The completed system boasts a secure file- and print-sharing setup, in addition to a robust LDAP server that could be used for purposes beyond those required by Samba. Additionally, Microsoft Windows clients are able to logon to your Samba server which acts as a primary domain controller and have shared drives automatically mounted for them based on their group membership. This tutorial is best suited for readers with moderate UNIX or Linux familiarity and experience with basic IP networking concepts. The author used Fedora Core 3 as the Linux distribution, but other Linux distributions or UNIX variants, such as AIX, Solaris, or HP-UX, would also work for the setup described in the tutorial. All applications and utilities used in this tutorial are open source and are available from either your Linux vendor or the application vendor's homepage. Prerequisites The Linux distribution is Fedora Core 3; however, there is no reason why the setup described here would not work on other Linux distributions or UNIX variants such as AIX, Solaris, or HP-UX. The software is free and obtained in a number of ways. I recommend that you get a precompiled version (such as an RPM) from your Linux vendor's ftp mirror. Here is a list of software used in this tutorial. There is no need to get the list beforehand as the tutorial describes how to download and install them. • OpenSSL. • OpenLDAP. LDAP-based authentication for Samba Page 2 of 32 © Copyright IBM Corporation 1994, 2008. All rights reserved. ibm.com/developerWorks developerWorks® • Samba. • Perl module Crypt::SmbHash. • Perl module Digest::SHA1. • Perl module IO::Socket::SSL. • Perl module Net::SSLeay. • IDEALX Samba LDAP tools. Note: This tutorial identifies the specific versions of the various software components tested. You might have success with earlier versions of the software, but I cannot guarantee that they will work. In general, software that is newer than the versions described in this tutorial should work. Tutorial network layout The network described in this tutorial is intended to be small so that you can easily duplicate the examples on a home or lab network. For this setup, I used a typical home broadband router with a built-in firewall. The following diagram depicts the physical network layout. Figure 1. Tutorial network configuration This Microsoft Windows network contains three classes of users -- marketing, engineering, and management. Engineering and marketing each have a shared drive where users from each group may place files for others in that same group to see; however, members from one group cannot see files on the other group's shared drive. For example, a marketing employee may not view a file on the engineering LDAP-based authentication for Samba © Copyright IBM Corporation 1994, 2008. All rights reserved. Page 3 of 32 developerWorks® ibm.com/developerWorks drive. Management also has a shared drive that is visible only to managers. In addition, we give managers special privileges so that they can see files from both engineering and marketing. Section 2. Introducing LDAP Now I'll introduce LDAP, show how it integrates with Samba, and discuss security concerns. A brief introduction to LDAP LDAP is a popular mechanism for authentication and as a repository for storing personally identifiable information. It has several advantages over traditional flat-file-based authentication mechanisms, for example /etc/passwd. One of these advantages is that LDAP can be used to produce the Holy Grail of password management, a single sign-on. Single sign-on is available because software applications can authenticate remotely against a common LDAP-based user repository across a TCP/IP network. The LDAP method of authentication is in direct contrast to flat-file-based authentication schemes that are typically tied to a single machine and do not distribute well. LDAP manages data in what is termed a directory information tree. This tree helps to organize data through categorization. Many LDAP servers use SQL databases to store their information because they are a natural fit. As with a traditional SQL database, LDAP uses schemas to define where data should be located and how data should be formatted. The use of schemas and the similarities with traditional SQL databases are key advantages of LDAP because they contribute greatly to its extensibility. Integrating Samba with LDAP There are three main integration points between Samba and an LDAP server: • The first is the inclusion of Samba's schema into the LDAP server. • The second is configuring Samba to authenticate through the LDAP server. LDAP-based authentication for Samba Page 4 of 32 © Copyright IBM Corporation 1994, 2008. All rights reserved. ibm.com/developerWorks developerWorks® Authentication takes place with the help of Linux's PAM utility (Pluggable Authentication Modules). The PAM utility abstracts the process of authentication away from software applications running on Linux so that they do not have to understand the complexities of a particular authentication mechanism. As such, PAM gives software applications an enormous degree of flexibility because a software application can call one API for authentication and PAM decides if it should use flat file, LDAP, or some other mechanism for authentication. • The third integration point involves a set of tools that aid in the management of Samba's LDAP directory information tree. This toolkit is produced by a third-party; however, it is covered under the GNU Public License. Security A key strength of LDAP is its ability to be used as an authentication mechanism for software applications that could be scattered across a network. A side effect of this strength is that passwords may flow across the network during the authentication phase and, as a result, could be intercepted. Fortunately, LDAP supports both SSL (Secure Sockets Layer) and TLS. In this tutorial, the LDAP server is running on the same physical server as Samba; thus, there isn't much need for encryption. However, I will demonstrate how to encrypt the channel between LDAP and Samba because it is relatively simple and necessary for the reader who hosts Samba and LDAP on different machines. This tutorial proceeds in two phases. The first phase details how to configure Samba and LDAP in an unsecured mode. Once the first phase is complete, encryption is enabled to secure the channel between Samba and the LDAP server. I am proceeding in a two-phase approach because in general, it is usually easier to install, configure, and diagnose problems in an unsecured mode. Section 3. Configuring LDAP Step 1: Installing OpenLDAP To install OpenLDAP: LDAP-based authentication for Samba © Copyright IBM Corporation 1994, 2008. All rights reserved. Page 5 of 32 developerWorks® ibm.com/developerWorks 1. Check to see if your distribution has OpenLDAP installed. Issue the following command at a terminal: rpm -qa | grep ldap. If you do not get a response of openldap-2.2.13 or greater, then you should either upgrade or install anew (which is described next). 2. If you don't have OpenLDAP version 2.2.13 or greater, go to your distribution's mirror and download a binary package. In my case, I went to Fedora's mirror list and downloaded openldap-2.2.13-2.i386.rpm. Then I issued the following command: rpm -Uvh openldap-2.2.13-2.i386.rpm. Step 2: Installing IDEALX's LDAP Toolkit for Samba A toolkit from IDEALX is required to automate many of the important interactions between Samba and your LDAP server. Included in the toolkit from IDEALX are scripts that Samba automatically call to add users, modify users, add machines, etc. The scripts are written in Perl and can also be used from the command line.
Load more

Recommended publications
  • Ldap Server Interview Questions
    By OnlineInterviewQuestions.com Ldap Server Interview Questions Q1. What is the port no of LDAP ? LDAP uses CLDAP as its transport protocol. The Default Port no. LDAP is on Http is 389 and 636 over SSL. Q2. What is LDAP? Lightweight Directory Access Protocol (LDAP) is a light weighted client-server protocol used for accessing the directory services particularly the X. 500 based directory services. It runs over the TCP/IP or the other connection-oriented transfer services. Q3. Where is LDAP used? This protocol is mainly used for querying and modification purposes and it is used in places such as Microsoft Active Directory, OPEN LDAP, and many more. Q4. What is LDIF? The LDIF (LDAP Data Interchange Files) are used to exchange data between the LDAP directory servers. This plain text data interchange format was designed by Tim Howes in the early 1990s for representing LDAP directory content and update requests. The content in this file is represented as a group of attributes. Here, the records are separated from one another by blank lines while the attributes of the record itself are represented as single logical lines. There are many tools that deploy LDIF such as Microsoft Windows 2000 Server, Windows 2003 Server, JXplorer, Netscape Communicator, and OpenLDAP. Q5. Name object class types in Ldap? There are three object class types present in LDAP. They are, Structural - It is used to define the primary entry type. Auxiliary - It is used to define the characteristics of an LDAP entry. Abstract - This type is not used to create entries directly but is subclassed by the Auxiliary class.
    [Show full text]
  • List of Applications Updated in ARL #2571
    List of Applications Updated in ARL #2571 Application Name Publisher Nomad Branch Admin Extensions 7.0 1E M*Modal Fluency Direct Connector 3M M*Modal Fluency Direct 3M M*Modal Fluency Direct Connector 10.0 3M M*Modal Fluency Direct Connector 7.85 3M Fluency for Imaging 3M M*Modal Fluency for Transcription Editor 7.6 3M M*Modal Fluency Flex 3M M*Modal Fluency Direct CAPD 3M M*Modal Fluency for Transcription Editor 3M Studio 3T 2020.2 3T Software Labs Studio 3T 2020.8 3T Software Labs Studio 3T 2020.3 3T Software Labs Studio 3T 2020.7 3T Software Labs MailRaider 3.69 Pro 45RPM software MailRaider 3.67 Pro 45RPM software FineReader Server 14.1 ABBYY VoxConverter 3.0 Acarda Sales Technologies VoxConverter 2.0 Acarda Sales Technologies Sample Master Accelerated Technology Laboratories License Manager 3.5 AccessData Prizm ActiveX Viewer AccuSoft Universal Restore Bootable Media Builder 11.5 Acronis Knowledge Builder 4.0 ActiveCampaign ActivePerl 5.26 Enterprise ActiveState Ultimate Suite for Microsoft Excel 18.5 Business Add-in Express Add-in Express for Microsoft Office and .NET 7.7 Professional Add-in Express Office 365 Reporter 3.5 AdminDroid Solutions Scout 1 Adobe Dreamweaver 1.0 Adobe Flash Professional CS6 - UNAUTHORIZED Adobe Illustrator CS6 Adobe InDesign CS6 - UNAUTHORIZED Adobe Fireworks CS6 Adobe Illustrator CC Adobe Illustrator 1 Adobe Media Encoder CC - UNAUTHORIZED Adobe Photoshop 1.0 Adobe Shockwave Player 1 Adobe Acrobat DC (2015) Adobe Flash Professional CC (2015) - UNAUTHORIZED Adobe Acrobat Reader DC Adobe Audition CC (2018)
    [Show full text]
  • Understanding LDAP Design and Implementation
    Front cover Understanding LDAP Design and Implementation LDAP concepts and architecture Designing and maintaining LDAP Step-by-step approach for directory Steven Tuttle Ami Ehlenberger Ramakrishna Gorthi Jay Leiserson Richard Macbeth Nathan Owen Sunil Ranahandola Michael Storrs Chunhui Yang ibm.com/redbooks International Technical Support Organization Understanding LDAP Design and Implementation June 2004 SG24-4986-01 Note: Before using this information and the product it supports, read the information in “Notices” on page xv. Second Edition (June 2004) This edition applies to Version 5, Release 2 of IBM Tivoli Directory Server. © Copyright International Business Machines Corporation 1998, 2004. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . xv Trademarks . xvi Preface . xvii The team that wrote this redbook. xvii Become a published author . xix Comments welcome. xx Summary of changes . xxi June 2004, Second Edition . xxi Part 1. Directories and LDAP . 1 Chapter 1. Introduction to LDAP . 3 1.1 Directories . 5 1.1.1 Directory versus database . 5 1.1.2 LDAP: Protocol or directory. 7 1.1.3 Directory clients and servers. 8 1.1.4 Distributed directories . 9 1.2 Advantages of using a directory . 10 1.3 LDAP history and standards . 12 1.3.1 OSI and the Internet . 12 1.3.2 X.500 the Directory Server Standard . 13 1.3.3 Lightweight Access to X.500 . 14 1.3.4 Beyond LDAPv3 . 15 1.4 Directory components . 16 1.5 LDAP standards . 20 1.6 IBM’s Directory-enabled offerings .
    [Show full text]
  • Praise for Samba-3 by Example
    TitleandCR.fm Page i Thursday, March 4, 2004 11:55 AM Praise for Samba-3 by Example “John Terpstra has written what I think to be the definitive book on how to incorporate Samba into a heterogenous network. I like this book because, in a series of well defined "real-world" networking problem scenarios, it shows how Samba can help solve the problem, the steps for implementation, as well as the thinking behind the solution. Terpstra uses real-world networking examples to show how Samba could help solve networking problems. If you’re interested in using Samba in any way on your network, this is the book to have.” —Kent Dannehl, Engineer “This book does an excellent job at showing how Samba file and print serving solutions can grow with a company. These solutions are described in an way that is easy to understand and with enough examples that the book can be used as a reference.” —Michael MacIsaac, IBM Linux Technical Support “From a solutions perspective, Terpstra not only covers Samba-3, but he also primes you with examples of the critical tools and applications you will need for a complete solution. Whether it be small or large, a new network rollout or a migration, this book brings it all together with everything you need to start designing and strategizing your next implementation. If you just want to learn, you will be deploying Samba, DHCP, DNS, WINS, and LDAP before you know it. Well done!” —Ed Riddle, Business Technology Solutions Consultant “This book would make a great text or lab manual for an Information Technology course in network implementation and administration.
    [Show full text]
  • Free and Open Source Software
    Free and open source software Copyleft ·Events and Awards ·Free software ·Free Software Definition ·Gratis versus General Libre ·List of free and open source software packages ·Open-source software Operating system AROS ·BSD ·Darwin ·FreeDOS ·GNU ·Haiku ·Inferno ·Linux ·Mach ·MINIX ·OpenSolaris ·Sym families bian ·Plan 9 ·ReactOS Eclipse ·Free Development Pascal ·GCC ·Java ·LLVM ·Lua ·NetBeans ·Open64 ·Perl ·PHP ·Python ·ROSE ·Ruby ·Tcl History GNU ·Haiku ·Linux ·Mozilla (Application Suite ·Firefox ·Thunderbird ) Apache Software Foundation ·Blender Foundation ·Eclipse Foundation ·freedesktop.org ·Free Software Foundation (Europe ·India ·Latin America ) ·FSMI ·GNOME Foundation ·GNU Project ·Google Code ·KDE e.V. ·Linux Organizations Foundation ·Mozilla Foundation ·Open Source Geospatial Foundation ·Open Source Initiative ·SourceForge ·Symbian Foundation ·Xiph.Org Foundation ·XMPP Standards Foundation ·X.Org Foundation Apache ·Artistic ·BSD ·GNU GPL ·GNU LGPL ·ISC ·MIT ·MPL ·Ms-PL/RL ·zlib ·FSF approved Licences licenses License standards Open Source Definition ·The Free Software Definition ·Debian Free Software Guidelines Binary blob ·Digital rights management ·Graphics hardware compatibility ·License proliferation ·Mozilla software rebranding ·Proprietary software ·SCO-Linux Challenges controversies ·Security ·Software patents ·Hardware restrictions ·Trusted Computing ·Viral license Alternative terms ·Community ·Linux distribution ·Forking ·Movement ·Microsoft Open Other topics Specification Promise ·Revolution OS ·Comparison with closed
    [Show full text]
  • Policy Server Installation Guide 12.51
    CA SiteMinder® Policy Server Installation Guide 12.51 Fourth Edition This Documentation, which includes embedded help systems and electronically distributed materials (hereinafter referred to as the “Documentation”), is for your informational purposes only and is subject to change or withdrawal by CA at any time. This Documentation may not be copied, transferred, reproduced, disclosed, modified or duplicated, in whole or in part, without the prior written consent of CA. This Documentation is confidential and proprietary information of CA and may not be disclosed by you or used for any purpose other than as may be permitted in (i) a separate agreement between you and CA governing your use of the CA software to which the Documentation relates; or (ii) a separate confidentiality agreement between you and CA. Notwithstanding the foregoing, if you are a licensed user of the software product(s) addressed in the Documentation, you may print or otherwise make available a reasonable number of copies of the Documentation for internal use by you and your employees in connection with that software, provided that all CA copyright notices and legends are affixed to each reproduced copy. The right to print or otherwise make available copies of the Documentation is limited to the period during which the applicable license for such software remains in full force and effect. Should the license terminate for any reason, it is your responsibility to certify in writing to CA that all copies and partial copies of the Documentation have been returned to CA or destroyed. TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS DOCUMENTATION “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT.
    [Show full text]
  • Documanage Administrator's Guide
    Start Oracle® Documanage Documanage Administrator’s Guide version 6.6 Part number: E14904-01 March 2009 s Notice Copyright © 2009, Oracle. All rights reserved. The Programs (which include both the software and documentation) contain proprietary information; they are provided under a license agreement containing restrictions on use and disclosure and are also protected by copyright, patent, and other intellectual and industrial property laws. Reverse engineering, disassembly, or decompilation of the Programs, except to the extent required to obtain interoperability with other independently created software or as specified by law, is prohibited. The information contained in this document is subject to change without notice. If you find any problems in the documentation, please report them to us in writing. This document is not warranted to be error-free. Except as may be expressly permitted in your license agreement for these Programs, no part of these Programs may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose. If the Programs are delivered to the United States Government or anyone licensing or using the Programs on behalf of the United States Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the Programs, including documentation and technical data, shall be subject to the licensing restrictions set forth in the applicable Oracle license agreement, and, to the extent applicable, the additional rights set forth in FAR 52.227-19, Commercial Computer Software--Restricted Rights (June 1987).
    [Show full text]
  • CA Directory Release Summary
    CA Directory Release Summary r12.0 SP8 This documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the “Documentation”) is for your informational purposes only and is subject to change or withdrawal by CA at any time. This Documentation may not be copied, transferred, reproduced, disclosed, modified or duplicated, in whole or in part, without the prior written consent of CA. This Documentation is confidential and proprietary information of CA and may not be disclosed by you or used for any purpose other than as may be permitted in (i) a separate agreement between you and CA governing your use of the CA software to which the Documentation relates; or (ii) a separate confidentiality agreement between you and CA. Notwithstanding the foregoing, if you are a licensed user of the software product(s) addressed in the Documentation, you may print or otherwise make available a reasonable number of copies of the Documentation for internal use by you and your employees in connection with that software, provided that all CA copyright notices and legends are affixed to each reproduced copy. The right to print or otherwise make available copies of the Documentation is limited to the period during which the applicable license for such software remains in full force and effect. Should the license terminate for any reason, it is your responsibility to certify in writing to CA that all copies and partial copies of the Documentation have been returned to CA or destroyed. TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS DOCUMENTATION “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT.
    [Show full text]
  • Etrust Directory Administrator Guide
    eTrust ™ Directory Administrator Guide 4.1 This documentation and related computer software program (hereinafter referred to as the “Documentation”) is for the end user’s informational purposes only and is subject to change or withdrawal by Computer Associates International, Inc. (“CA”) at any time. This documentation may not be copied, transferred, reproduced, disclosed or duplicated, in whole or in part, without the prior written consent of CA. This documentation is proprietary information of CA and protected by the copyright laws of the United States and international treaties. Notwithstanding the foregoing, licensed users may print a reasonable number of copies of this documentation for their own internal use, provided that all CA copyright notices and legends are affixed to each reproduced copy. Only authorized employees, consultants, or agents of the user who are bound by the confidentiality provisions of the license for the software are permitted to have access to such copies. This right to print copies is limited to the period during which the license for the product remains in full force and effect. Should the license terminate for any reason, it shall be the user’s responsibility to return to CA the reproduced copies or to certify to CA that same have been destroyed. To the extent permitted by applicable law, CA provides this documentation “as is” without warranty of any kind, including without limitation, any implied warranties of merchantability, fitness for a particular purpose or non- infringement. In no event will CA be liable to the end user or any third party for any loss or damage, direct or indirect, from the use of this documentation, including without limitation, lost profits, business interruption, goodwill, or lost data, even if CA is expressly advised of such loss or damage.
    [Show full text]
  • 821-1273.Pdf
    Oracle® Fusion Middleware Administration Guide for Oracle Unified Directory 11g Release 1 (11.1.1) Part No: 821–1273 June 2011 Copyright © 2006, 2011, Oracle and/or its affiliates. All rights reserved. License Restrictions Warranty/Consequential Damages Disclaimer This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. Warranty Disclaimer The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. Restricted Rights Notice If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract,and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007).
    [Show full text]
  • Etrust® Directory Administrator Guide
    eTrust® Directory Administrator Guide r8.1 Second Edition This documentation (the “Documentation”) and related computer software program (the “Software”) (hereinafter collectively referred to as the “Product”) is for the end user’s informational purposes only and is subject to change or withdrawal by CA at any time. This Product may not be copied, transferred, reproduced, disclosed, modified or duplicated, in whole or in part, without the prior written consent of CA. This Product is proprietary information of CA and protected by the copyright laws of the United States and international treaties. Notwithstanding the foregoing, licensed users may print a reasonable number of copies of the Documentation for their own internal use, and may make one copy of the Software as reasonably required for back-up and disaster recovery purposes, provided that all CA copyright notices and legends are affixed to each reproduced copy. Only authorized employees, consultants, or agents of the user who are bound by the provisions of the license for the Software are permitted to have access to such copies. The right to print copies of the Documentation and to make a copy of the Software is limited to the period during which the license for the Product remains in full force and effect. Should the license terminate for any reason, it shall be the user’s responsibility to certify in writing to CA that all copies and partial copies of the Product have been returned to CA or destroyed. EXCEPT AS OTHERWISE STATED IN THE APPLICABLE LICENSE AGREEMENT, TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS PRODUCT “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT.
    [Show full text]
  • Oracle Application Server Installation Guide for Microsoft Windows
    Oracle® Fusion Middleware Patching Guide 11g Release 1 (11.1.1) E16793-07 March 2011 Oracle Fusion Middleware Patching Guide 11g Release 1 (11.1.1) E16793-07 Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Primary Author: Kevin Hwang This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007).
    [Show full text]