Log in

No account? Create an account

Samba 4 Technology Preview

I just saw Andrew Tridgell's report on the Samba team's progress of Samba 4. The hall was packed for one of Australia's homegrown heroes. Here's a summary of an excellent presentation of some amazing work:

Tridge's report on Samba 4 technology preview:

Samba 4.0.0-tp1 is now out. It's not production ready, but it is ready for testing.

  1. supports being an active directory domain controller

  2. supports true NT ACLs and file streams

  3. includes a replicating WINS server

  4. builtin LDAP and Kerberos servers

They put in the Kerberos server because updating the system libraries would be too difficult for system administrators, who can't afford to run testing system libraries that affect multiple applications, and they want people to test it out.

They put in their own LDAP server because of non-standard Microsoft fields, including Security Descriptors, that wouldn't work well with the MIT LDAP server or Fedora Directory Server.

There is a new management tool using AJAX and based on an embedded javascript engine, ejs. This allows objects to be passed from the browser to the server. This is the latest incarnation of SWAT (Samba Web Administration Tool). It has a registry editor tool in it that can administer the Samba server that you are connected to, as well as administer other Samba or Windows servers using proxied javascripted RPC calls.

The Vampire migration tool now has "longer fangs", and can take over an Active Directory domain. Tridge demonstrated sucking the life out of a Windows 2003 PDC in one click, importing all its user and machine information using SWAT. He then restarted bind on his Samba 4 server, changed the server role to PDC in smb.conf (this will be automatic in the final release), shut down the Windows PDC, and then logged into the domain with an XP client using the new Samba 4 server as the PDC. This elicited suitable oohs and aahs from the audience. :-)

That feature will help the gentleman I met the other day to migrate back to Linux and Samba once the university gets sick of the downtime.

Printing is not working as it's not finished yet. Samba 4 currently does file serving and authentication. Work is underway on porting printing backends from Samba 3.

Microsoft has introduced a new protocol - SMB2 - with the latest Vista technology preview, and the boys on the Samba team are having more fun than they've had since the 90's reverse-engineering it (it's just network protocol analysis - nothing illegal), and they have released their implementation, in Samba 4 technology preview, before Microsoft. Booyakasha!

I recorded the talk with small flash-based recorder using the internal microphone. There will be a much better recording, made from the PA system, available later, I'd imagine. In the meantime, here is an interim one (it's a 17MB ogg).



just blogged ya!

Josh, thanks for the update on Samba....

cheers from a fellow Aussie,
Graeme Thickins
Minneapolis, MN, USA
Tech~Surf~Blog...It Comes in Waves™


Network Protocol Analysis

the Samba team are having more fun than they've had since the 90's reverse-engineering it

Please note that "reverse-engineering" is an undesirable attribution these days with all the patent and IP litigation. The term sounds like they're disassembling binaries or using a scope on some chip or something which they of course are not doing. They are simply capturing and analysing traffic transmitted by Windows computers over a network. That is called "network protocol analysis".

Re: Network Protocol Analysis

Word. Nice clarification. Thanks for that.


September 2006

Powered by LiveJournal.com