Samba 4.0 released
| From: | Jeremy Allison <jra-AT-samba.org> | |
| To: | Jonathan Corbet <corbet-AT-lwn.net>, Jake Edge <jake-AT-lwn.net> | |
| Subject: | Samba 4.0 released - The First Free Software Active Directory Compatible Server is now available ! | |
| Date: | Tue, 11 Dec 2012 09:34:14 -0800 | |
| Message-ID: | <20121211173414.GE20974@samba2> | |
| Cc: | jra-AT-samba.org |
Samba Team Releases Samba 4.0
=============================
December 11th 2012.
The Samba Team is proud to announce the release of Samba 4.0, a major
new release of the award-winning Free Software file, print and
authentication server suite for Microsoft Windows clients.
The First Free Software Active Directory Compatible Server
==========================================================
As the culmination of ten years' work, the Samba Team has created the
first compatible Free Software implementation of Microsoft’s Active
Directory protocols. Familiar to all network administrators, the
Active Directory protocols are the heart of modern directory service
implementations.
Samba 4.0 comprises an LDAP directory server, Heimdal Kerberos
authentication server, a secure Dynamic DNS server, and
implementations of all necessary remote procedure calls for Active
Directory. Samba 4.0 provides everything needed to serve as an Active
Directory Compatible Domain Controller for all versions of Microsoft
Windows clients currently supported by Microsoft, including the
recently released Windows 8.
The Samba 4.0 Active Directory Compatible Server provides support for
features such as Group Policy, Roaming Profiles, Windows
Administration tools and integrates with Microsoft Exchange and Free
Software compatible services such as OpenChange.
The Samba 4.0 Active Directory Compatible Server can also be joined to
an existing Microsoft Active Directory domain, and Microsoft Active
Directory Domain Controllers can be joined to a Samba 4.0 Active
Directory Compatible Server, showing true peer-to-peer
interoperability of the Microsoft and Samba implementations of the
Active Directory protocols.
Acknowledging the value of the interoperability of the Samba 4.0
Active Directory Compatible Server, Steve van Maanen, the co-founder
of Starsphere LLC, an IT services company in Tokyo, said:
"Thanks to Samba4, I have two fully replicating Active Directory
Domain controllers that boot in under 10 seconds ! It is nice to have
alternatives, and Samba4 is a great one."
Upgrade scripts are also provided for organizations using the previous
Microsoft Windows NT Domain Controller functionality in Samba 3.x, to
allow them to migrate smoothly to Samba 4.0.
Suitable for low-power and embedded applications, yet scaling to large
clusters, Samba 4.0 is efficient and flexible. Its Python programming
interface and administration toolkit help in enterprise deployments.
Created Using Microsoft Documentation
=====================================
The Samba 4.0 Active Directory Compatible Server was created with help
from the official protocol documentation published by Microsoft
Corporation and the Samba Team would like acknowledge the
documentation help and interoperability testing by Microsoft engineers
that made our implementation interoperable.
"Active Directory is a mainstay of enterprise IT environments, and
Microsoft is committed to support for interoperability across
platforms," said Thomas Pfenning, director of development, Windows
Server. "We are pleased that the documentation and interoperability
labs that Microsoft has provided have been key in the development of
the Samba 4.0 Active Directory functionality."
Introducing SMB2.1 File Serving Support
=======================================
Samba 4.0 includes the first Free Software implementation of
Microsoft's SMB2.1 file serving protocol. Building on the success of
the SMB2.0 server in Samba 3.6, the Samba 4.0 file server component is
an evolution of the trusted Samba file serving code that is used
worldwide by vendors of file servers, such as IBM's clustered Scale
Out Network Attached Storage (SONAS), and many other commercial
products.
In addition, the Samba 4.0 file server contains an initial
implementation of SMB3, which will be further developed in later Samba
4 releases into a fully-featured SMB3 clustered file server
implementation.
Future developments of our SMB3 server and client suite, in
combination with our expanding number of SMB3 tests, will keep driving
the performance improvements and improved compatibility with Microsoft
Windows that Samba users have come to expect from our software.
Integrated Clustered File Server Support
========================================
Building on our success as the first commercial implementation of a
clustered SMB/CIFS server, Samba 4.0 provides industry-leading
scalability and performance as a clustered SMB2/SMB/CIFS file server,
using our "clustered tdb" (ctdb) technology - also available as Free
Software.
Clustered Samba provides a "Single Server" view of clustered file
storage, allowing clients to connect to the least loaded server and
still providing a completely coherent view of the underlying clustered
file system.
Written and tested to be compatible with most clustered file systems,
both Free Software and proprietary, Samba 4.0 with ctdb provides a
scalable clustered file server solution with full Windows file sharing
semantics.
Samba and ctdb have been shipping in production file serving products
for many years, to some of the most demanding customers in the world.
Easy Integration into Existing Directory Services
=================================================
Samba 4.0 ships with an improved winbind, which allows Samba 4.0 file
servers to easily integrate into existing Active Directory services as
member servers. Both Microsoft Active Directory and Samba 4.0 Active
Directory Compatible servers are supported.
Stability, Security and Performance
===================================
Samba 4.0 has been tested using our widely accepted smbtorture test
suite, created by the Samba Team to test Samba itself and now used by
most of the companies writing SMB3/SMB2/SMB/CIFS file server software
to test their own products. We also regularly test interoperability
with other major vendors at plug-fest events to make sure Samba 4.0
deployments work correctly with existing customer equipment.
In addition, Samba is one of eleven open source projects that leading
software integrity vendor Coverity has certified as "secure" and has
reached Coverity "Integrity Rung 2" certification.
The Samba Team provides immediate responses to any security
vulnerabilities, and provides fixes to all vendors using the Samba
code in coordination with industry standard security reporting
agencies.
A Modular Toolbox for OEM Vendor Needs
======================================
As Free Software, Samba 4.0 is the ideal choice for Original Equipment
Manufacturers (OEMs) to use for their file, print and authentication
products. It is easily integrated into a whole host of different
tasks, and can be customized at will by the vendor to satisfy their
needs.
In addition, Samba 4.0 includes a modular "Virtual File System" (VFS)
interface that vendors can use to quickly and efficiently customize
Samba to take advantage of any specific features of their underlying
technology without having to modify any of the core Samba code. From
advanced file systems to network traffic analysis, the Samba VFS layer
allows external code to be easily integrated with Samba. Example
modules are provided as source code for vendors to customize as they
wish.
Samba is the leading choice for Microsoft Windows connectivity
==================================================================
Samba is the leading technology choice for Windows file serving on
Linux and UNIX platforms and in embedded Network Attached Storage
(NAS) solutions. Samba is used by vendors selling NAS solutions
ranging from high end clustered business-critical systems, to low end
consumer devices, and everything in between. Samba is fully IPv6
enabled and meets all mandates for modern network interoperability.
Commercial support is available for Samba from many different vendors.
Getting Samba 4.0
=================
Samba 4.0 source code is available now from the Samba Web site.
http://www.samba.org
About Active Directory
======================
Microsoft Windows and Active Directory are trademarks of Microsoft
Corporation.
About the Samba Team
====================
The Samba Team is a worldwide group of computer professionals working
together via the Internet to produce the highest quality Free Software
Windows (SMB3/SMB2/SMB/CIFS) server and client software. We are the
undisputed experts in providing interoperability with computers
running Microsoft Windows. Members of the Samba Team work for many of
the largest companies in the software Industry and even helped
Microsoft produce the protocol documentation that fully specifies the
SMB/CIFS protocol.
Posted Dec 11, 2012 18:31 UTC (Tue)
by Del- (guest, #72641)
[Link]
Posted Dec 11, 2012 21:32 UTC (Tue)
by nettings (subscriber, #429)
[Link]
Posted Dec 12, 2012 0:51 UTC (Wed)
by Zenith (guest, #24899)
[Link]
A big applause for everyone who has helped out on this - it will definitely be appreciated by many - thank you for all your hard work guys...
Posted Dec 12, 2012 15:19 UTC (Wed)
by drag (guest, #31333)
[Link] (7 responses)
Posted Dec 12, 2012 16:47 UTC (Wed)
by HelloWorld (guest, #56129)
[Link] (6 responses)
Posted Dec 12, 2012 21:35 UTC (Wed)
by drag (guest, #31333)
[Link] (5 responses)
dick.
Posted Dec 12, 2012 22:20 UTC (Wed)
by viro (subscriber, #7872)
[Link]
Bragging, are we?
> dick.
... even in signature.
Posted Dec 12, 2012 23:26 UTC (Wed)
by man_ls (guest, #15091)
[Link] (2 responses)
Posted Dec 13, 2012 15:29 UTC (Thu)
by drag (guest, #31333)
[Link] (1 responses)
And, btw, Samba 4 is awesome. It's a monumental acheivement.
Posted Dec 13, 2012 22:32 UTC (Thu)
by man_ls (guest, #15091)
[Link]
Even your first message carried clearly more signal than the next, and also it was polite. You could have added some details about what you like in Samba 4.0, but at this point and after so many years in the making your message was enough. Yes, it is sweet :)
To the rest of you guys and girls: the relevance police is a great way to populate your killfiles, please subscribe if you haven't already. If I wanted to see trolls I'd go see The Hobbit.
Posted Dec 13, 2012 13:19 UTC (Thu)
by Karellen (subscriber, #67644)
[Link]
If that were a valid reason, the 10 character limit would not exist for paying subscriber accounts. Instead, it's an evasion, a red-herring, and a fallacious appeal to authority.
"dick"
And that's an ad hominem.
Congratulations, you have posted 0 (zero) logically sound responses to the question that was asked. Care to try again?
Posted Dec 13, 2012 13:59 UTC (Thu)
by ortalo (guest, #4654)
[Link] (1 responses)
Is there any chance someday that the project also propose some replacement/addon to the native MS/Windows authentication in Vista/7/8&co. *HOME* Editions?
It's so frustrating to configure Samba4 at home only to see that the home PCs cannot join an Active Directory domain and the kids cannot get their individual accounts...
(I know I could entirely skip the OS - but well, they want the games too - and I confess being sensitive to the objection too.. ;-)
Posted Dec 13, 2012 16:10 UTC (Thu)
by cortana (subscriber, #24596)
[Link]
Posted Dec 16, 2012 7:42 UTC (Sun)
by aristedes (guest, #35729)
[Link] (2 responses)
I understand this was probably done for good technical reasons, but it creates a wall between Samba and the rest of a well behaved Unix eco-system. It may be possible, I've not yet found a way to integrate the Samba user directory with other LDAP extensions (such as what you might use for netatalk).
Part of the problem here might be that I understand LDAP very well and don't have my head wrapped around Active Directory. It does appear that Samba 3 tried to bring a Unix sensibility to configuration and integration; now Samba 4 has much better integration with Microsoft tools, but seems more foreign to the Unix side of things.
Posted Dec 16, 2012 15:41 UTC (Sun)
by anselm (subscriber, #2796)
[Link]
The Univention company has a tool that will apparently do bi-directional sync between OpenLDAP and Samba 4's LDAP (or indeed Microsoft AD). I haven't actually tried it myself but it is one of the more touted components of their Univention Corporate Server (UCS) product so it probably works.
The code is available under the AGPL from http://forge.univention.org/websvn. It isn't exactly documented very well but considering that Univention would rather have you buy UCS that's probably understandable in a way.
Posted Dec 17, 2012 0:39 UTC (Mon)
by abartlet (subscriber, #3928)
[Link]
The there are three ways out of this difficult situation
I'm not a fan of synchronisation of directories - just that I prefer a single canonical store rather than the complexity of synchronisation, but it certainly may be an option in some situations.
I certainly agree that it appears quite rude, on the face of it, to step up from being an equal partner in the unix-LDAP ecosystem supporting a number of different directory servers to demanding that everyone else use only our internal server. I do wish it didn't have to be this way, and I've left in (with tests) as much of the code we used for the LDAP backend experiment as is possible, in case somehow someone builds a workable use case in the future.
Andrew Bartlett
Samba 4.0 released
:-D
Steve van Maanen, the co-founder of Starsphere LLC, an IT services company in Tokyo, said: "Thanks to Samba4, I have two fully replicating Active Directory Domain controllers that boot in under 10 seconds ! It is nice to have alternatives, and Samba4 is a great one."
Funny how the reboot time of a server is still a major selling point for Windows deployments. Old habits die hard :)
Samba 4.0 released
Samba 4.0 released
(10 char)
Samba 4.0 released
Samba 4.0 released
Samba 4.0 released
I would pay money to get the list of people in more killfiles. Life is beautiful. (Hint, hint.)
No need to get upset
No need to get upset
I wasn't complaining about you (drag). I was just hinting at you that you don't need to get upset with certain people, just ignore them, but I was clearly too subtle.
No need to apologize
Samba 4.0 released
Samba 4.0 released
Samba 4.0 released
Samba 4.0 released
Samba 4.0 released
Samba 4.0 and LDAP Backends
- continue to use Samba as a 'classic' domain controller as-is using smbd/nmbd (this code remains and remains supported).
- Add schema extensions to our LDAP server (disabled by default, but supported), and cope with the AD-specified layout restrictions.
- Somehow sync Samba with an existing LDAP server.