Posted Dec 1, 2011 8:25 UTC (Thu) by myllynen (subscriber, #55412)
Parent article: Releasing Samba 4
> the current 3.x versions lack many of the features that enterprise users require (Active Directory support in particular)
I think this needs a bit of clarification.
Already with Samba 3.x a Linux/Unix system can be a domain *member* in an AD domain. When a system running Samba 3.x is a domain member it enables user id/authentication with Samba's Winbind component from AD domain(s), different Winbind idmap backends are available depending whether AD has IdM for UNIX role service enabled or not. And when you have set up user id/auth from AD you can turn your system into a server providing Kerberos based single sign-on (SSO) login, file shares, and printers for AD users (so both Windows/Linux users who just have a Kerberos ticket from AD are able to access those SSO services). And if wanted you can use the Samba net(8) tool to generate additional Kerberos principals, for example for additional services like httpd which are then also available as SSO services for AD users.
As later made clearer in the article the missing piece in Active Directory support is the AD domain *controller* functionality. However, how many enterprises are eagerly awaiting to be able to start introducing Samba DCs into their domains which often provide the most crucial pieces of infrastructure for an organization and might easily have tens of thousands of users, groups, and systems around the globe, I don't know.