Slashdot Mirror
Samba 2.2.0 Released
Samba 2.2.0 - Powering the next generation of Network Attached Storage.
17 April 2001.
The Samba Team is proud to announce a new major release of Samba, version 2.2.0. This release includes significant feature enhancements for Samba, and sets the standard for UNIX® and Microsoft Windows® integration.
Enhancements include :
oIntegration of server terminated leases (Windows "oplocks") with UNIX NFS sharing (Linux 2.4 kernel and IRIX only). Complete data and locking integrity when sharing files between UNIX and Windows.
oAbility to act as an authentication source for Windows 2000® and Windows NT® clients, allowing savings on the purchase of Microsoft® Client Access Licenses.
oFull support for the automatic downloading of Windows 2000 and Windows NT printer drivers, providing the first full implementation of the Windows NT point-and-print functionality independent of Microsoft code.
oUnification of Windows 2000 and Windows NT Access control lists (ACLs) with UNIX Access control lists. Allow Windows clients to directly manipulate UNIX Access control entries as though they were Windows ACLs.
oSingle sign-on integration using the winbind server (available separately). Allow UNIX servers to use Windows 2000 and Windows NT Domain controllers as a user and group account server. Manage all user and group accounts from a single source.
oMicrosoft Distributed File System® (DFS) support. Samba 2.2.0 can act as a DFS server in a Microsoft network.
oShare level security setting. Allow security on Samba shares to be set by Microsoft client tools.
oMany other feature enhancements and bug fixes.
About Samba
Samba is an Open Source/Free Software implementation of the Microsoft CIFS/SMB protocols for UNIX systems. In development for ten years, Samba is considered to be the reference implementation of the CIFS/SMB protocol for UNIX systems. Samba test tools are used by all the CIFS/SMB vendors to test and fix their protocol implementations.
Samba is currently used in Network attached storage (NAS) and other products from the following vendors (Note: this does not imply endorsement by these vendors, please contact the vendor marketing departments separately for comments).
IBM®, SGI® (Samba for IRIX), Sun Microsystems ®(Cobalt Qube), Hewlett Packard® (CIFS/9000), VERITAS®, VA Linux Systems®, REALM Information Technologies ®, Network Concierge®, Procom ® and many others.
In addition, Samba is shipped as a standard part of Linux® offerings from Linux vendors such as Red Hat®, Caldera®, SuSE®, Mandrake®, TurboLinux ® and others.
Samba is being used worldwide to solve the problem of integrating hetrogeneous networks by corporations such as Agilent Technologies ®, CISCO Systems ®, and many others in addition to educational establishments and individuals
Best of all Samba is an Open Source/Free software project, available under the GNU GPL license meaning that source code for Samba is freely available for anyone to modify and customize.
Code from the Samba Team and individuals around the world has been integrated and tested to create Samba. In addition the following corporations have made significant donations of code, effort, testing facilities and support to make this release possible :
Linuxcare (now TurboLinux), VA Linux Systems, Caldera, SGI, Hewlett Packard, VERITAS, IBM.
This new release may be downloaded from our Web site at :
For press enquiries about this release please contact either Jeremy Allison (jra@samba.org), Andrew Tridgell (tridge@samba.org) or John Terpstra (jht@samba.org).
Samba - the SOURCE for Windows Networking !
"Mostly this looks like its stuff for compatibility with Windows."
Umm...no shit. Isn't that the purpose of Samba?
one man's flame is another man's fire...
His comments would have been more tempered if he said "environment they are used to" instead of "more stable, [yada]".
But that wouldn't be saying anything different.
/me ducks
Seriously though, having moved from a Linux environment to a Windows recently, I can attest that Windows is more stable these days than it was. But check this out, I just had to visit a company yesterday that I installed a samba server in over a year and a half ago.
I had never had to visit them since the time I installed it, until now that they are having hardware problems with the case its housed in. They aren't Linux gurus so I can attest that they haven't touched it.
I wonder if anyone can say they have a NT box in a production commercial environment that they haven't had to touch in 18 months, nay not even a reboot.
On my linux box at home, if my wife does something strange, like run tuxracer even though we don't have 3d acceloration, I can log in from work and fix it for her, while she is logged in and without stepping on what she is doing.
I know there is remote admin tools for NT and 2000, but honestly, they aren't as powerful and/or they interupt what the user is doing.
So, I hope this is more insiteful and evenhanded, but I don't need any more karma.
~^~~^~^^~~^
I compiled it last night on Solaris 7, and it was a nice, clean build. Good work, guys!
Have you ever seen an M$ PDC replicate?
:)
All I know is when my former boss decided that NT was the way to go, one day we had just one NT machine and next week there were about 8 of them.
Something was replicating!!!
An interesting (and important) point, but ultimately a little off. Most linux distros also support unattended installation, but how many file servers do you really need? SAMBA being a primarily server-side app, it doesn't make much sense to do automated installs.
On top of that, administering a Windows network takes time, skill, and education, just as much as a UNIX network. MS talks about lower TCO if you just buy Windows, but that hasn't been borne out at my job.
they will change the License for W2K cals.
They did the same thing when puting fast track or web site pro web server on NT Workstation was cheaper than getting NT Server + IIS for 'free'. They changed NT Worstation licence to say you couldn't have more than 10 tcp/ip clients at a time.
doh, that's what's driving WinXP.
-Peace
Dave
Free as in "the Truth shall set you..."
Since we're all in a group hug now :-)
We (at work) have been using Samba for over a year now to serve a small workgroup of NT users. None of us (least of all me, the default sysadmin) are experienced NT or Windows users.
We recently switched our main server from an old (10 years?) SGI Indigo2 XL to a new Dell server - Samba 2.0.6 to 2.0.7. The process of compiling, installing and configuring Samba was straightforward and I can safely say that Samba is one of the most impressive and useful pieces of software I have ever used. Well done and many thanks to all responsible!
I should also put in a good word for O'Reilly for allowing the free distribution of the 'Using Samba' book - invaluable.
Maintaining mixed unix/NT can be a real chore (and I won't even mention Clearcase), but Samba has made it work beautifully. It's a pity that we also ended up with a Syntax TAS (Totalnet Advanced Server) system - purely for Clearcase ... it 'works' (well, actually it does), 'guaranteed support', 'recommended' ... :-/
At some point in the future, when I have time, I'd like to shift Clearcase, and it's SMB appendage TAS, to a Linux/Samba server - just to show it can be done. Then I could get rid of the Ultra5! Which would make me very happy :-)
Now if only there was an easy/cheap way to manage unix and NT users/groups from a unix machine, minus any NT server ofcourse.
Cheers!
--
Alastair
London UK
Winbind sounds like it's the solution to that problem...
--
As Mr. Allison previously noted, the ability to do this is built into the latest Samba. Just FYI, it is possible to do NetBios name resolution without Samba on the unix machine.
This long document on MSDN (scroll about 1/3 the way down to "Enabling WINS lookup") discusses setting up Microsoft's DNS server to use WINS to resolve names to any client that can point to a DNS server, including those which can't run Samba (OS/400, etc.) I've used it at work for a year with few problems.
Of course, you have to run Windows as your DNS server, which you may have technical or perhaps theological objections to. However, you can always have MS DNS forward on to your BIND server if it doesn't find the record in WINS, thus allowing you the best of both worlds (that's what we do.)
But that's not the point of Samba. Want directory services ? Use OpenLDAP. Want Kerberos ? Use MIT Kerb5 or Heimdal. Want DNS ? Use bind. Want DHCP ? Use a dhcp daemon (University of Washington I think). Want Terminal Services ? Use X, or vnc.
:-).
Are you getting the picture ?
You're comparing Samba, which is just the Windows file/print/authentication service for Windows clients on UNIX, with an entire Win2k/NT load.
You should be comparing a full UNIX/Linux distro. containing Samba to do a fair comparison.
Regards,
Jeremy Allison,
Samba Team.
Check out sybase tools. MS-SQL server is wire compatible with Sybase (it uses TDS - Tabular Data Stream protocol. Proprietary though :-( ).
:-).
Standard Linux sybase tools should talk to SQL server no problem (at least they used to). I depended on this in a previous life
Regards,
Jeremy Allison,
Samba Team.
I remember aquaplaning on that bloody thing. Nearly killed me :-). God I *hate* driving on the M1....
Have they knocked down the cooling towers yet ?
:-).
Jeremy.
Ah. You must be a southern git then :-).
Jeremy.
Already included in the 2.2.0 Samba. Look for the nsswitch "wins" module. I forgot to mention it (we've addeda *lot* of stuff :-).
Cheers,
Jeremy Allison,
Samba Team.
BTW: I just uploaded the Red Hat rpms for 2.2.0 for Red Hat 6.2 and 7.0 intel onto samba.org.
Oh - a black pudding muncher..... :-). We'll, we all have our crosses to bear... :-).
Jeremy.
I'm not a bloody Aussie, I've never even *been* to bloody Australia :-). I'm from *Sheffield* (where they do "the Full Monty" :-) :-).
You're thinking of *Andrew*. He's a bloody Aussie !
Bloody foreigners, not knowing the difference between Australia and the UK, I dunno... mumble, grumble....
:-).
Cheers,
Jeremy Allison,
Samba Team.
This is why winbind is so useful for creating Samba appliances. No more local users or groups, just drop the thing into the NT domain and go....
Cheers,
Jeremy Allison,
Samba Team.
Actually, the line I use when developing Samba is :
:-) :-). Plus we run Samba though the IRIX compiler (which is also very, very picky....).
-Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual
to get *really* medieval on the code... (with apologies to "Pulp Fiction"
Cheers,
Jeremy Allison,
Samba Team.
A "braindamage implementation issue" is a printer driver server design that expects to be able to run printer driver binaries *ON THE SERVER THAT IS SERVING THEM OUT TO CLIENTS*. If you think back to the dim and distant past, when NT ran on other things than an Intel CPU then you'll realize how broken this is.....
:-).
Of course that's been fixed by that "portable" OS, Windows 2000
As Samba runs on other things than x86 boxes this is braindamage for us...
Regards,
Jeremy Allison,
Samba Team.
It means it's not completely a PDC, 'cos it doesn't do replication or BDC Stuff yet - but it works well enough to put Windows 2000 or Windows NT clients into a Samba hosted domain, and have people log in and authenticate against it, and download profiles from it.
For many small sites this is all they need - not the full PDC stuff.
That's why I didn't say PDC, but used the phrase "authentication source".
Cheers,
Jeremy Allison,
Samba Team.
9x clients were already supported by the 2.0.x codebase. They're also supported in the same way that W2k/NT servers do it in this new release.
:-).
I didn't mention it 'cos we already had that functionality - so it wasn't news
We've now got a *complete* (modulo bugs and one braindamage implementation issue, hang out on samba-technical@samba.org for details) implementation of W2k/NT point and print. That *includes* W9x driver download.
Cheers,
Jeremy Allison,
Samba Team.
ditto.
YES, it takes more time (generally) to set up something under *nix than it does similar Windows services. However, would you rather put your budget into hiring a $90k admin who knows what s/he's doing, or into hiring a $50k admin who may or may not + $40k for licenses?
Jesus, what an arsehole.
o Ability to act as an authentication source for Windows 2000® and Windows NT® clients, allowing savings on the purchase of Microsoft® Client Access Licenses.
Can someone explain this? Does this version of Samba in essence emulate Microsoft's licensing agent, allowing free use of features that Microsoft wants you to pay for, or does this mean something else?
Sounds like something that could result in a tidal wave of lawsuits from Redmond.
Use an automounter. Most modern distros (such as Mandrake 7.2, RedHat 6.x, etc.) include one.
... the automounter runs as root, so there is no need to give users a SUID binary.
Non root users can mount SMB shares all day long. The old smbmnt isn't needed...the new smbmount is called by the mount command
My journal has hot
greetings, eMBee.
--
Gnu is Not Unix / Linux Is Not UniX
This might be a stupid (inexperienced question), but am I the only one who thinks it would be very useful to have Linux's hostname resolving scheme support Netbios name resolution? e.g. to be able to specify for example in /etc/host.conf something like "order hosts, netbios, bind" or something like that. So that typing (for example) "ping foo" would allow for a Netbios-named PC on the LAN called "foo"'s IP to be found, if it isn't in /etc/hosts, for example. We have a WinNT DHCP server on the LAN, and a Linux server that does some other stuff, and entirely Windows clients, so the Windows clients all get "random" IP addresses on startup. It's a pain to keep /etc/hosts up to date under this scheme, and its also a pain to use IP reservations for every client.
Apart from this probably esoteric setup, I'm sure there are many other possible useful applications for this to be supported (e.g. to recreate something like Windows Network Neighbourhood - how does the new KDE do this?). Seems to me "Linux as a workstation" could benefit seriously from this. You don't really want to be going around explaining the "smbclient" command parameters to every employee - in Windows this stuff "just works, point and click", at least from a user perspective.
Is something like this planned? Is it something that would perhaps be easier to support with the planned LibSMB?
Is this already possible and I just don't know how (or haven't tried recently)? Admittedly its been at least 6 months to a year since I last looked at this stuff. Sorry if it's a stupid question.
-----
You have to consider the cost of employing someone with the required skills to do this versus the cost of a Windows license and a windows installation.
You still need a skilled person to install Windows. Especially given the kind of documentation MS puts out.
Windows supports unattended installations which can be initiated with little or no effort, provided the configuration settings are correctly specified.
However it can take a lot of effort to get these configurations right in the first place. As well as messy mistakes to clean up if they are wrong.
Also how do you get any version of NT to automatically create user shares. Do you know that NT automatically shares it's whole filesystem, by default too. In most cases you don't want this.
The problem RIS solves is how to make installing an OS image (inluding applications)
:)
The "including applications" can also be interpeted as "Windows can't cope with having it's apps on a network drive very well"
So when a user messes up their PC,
So even with Windows 2000 the end user can still mess with things only the admin should really be able to touch?
If something the user did means you have to reinstall the whole OS then something is seriously broken somewhere.
Run cat /etc/passwd | mksmbpasswd.sh > /etc/smbpasswd
This might work on the simplist of setups. But it dosn't scale to many servers using NIS. Which is an area where the samba docs are unclear.
In some ways it's not oracle but in other ways it's better then oracle. It's missing some "enterprise" features like clustering, replication etc but it does have unlimited row sizes, a fantastic rule system, user loadable languages and my fave being able to define your own operators and aggregate functions. Once you use one of these things you will scratch your head and ask why anybody would pay a hundred thousand dollars for a database that does not do it. OTOH if you really need those enterprise features you could probably pay for them. For anybody else it's like butter.
War is necrophilia.
freetds is a good effort but it's not suitable for mission critical web sites.
War is necrophilia.
tds support in sql7 is a bit flaky and worse in w2K. MS is going to ditch TDS support soon because they don't like the fact you can connect to sql server from linux/apacha/php (plays nice with others!). They want to force you to use windows and ODBC/ADO/OLEDB or whatever their alphabet soup of data access technology of the day is.
War is necrophilia.
you still need unix ODBC drivers. Perl's DBI uses freetds so unless you want to pay for an ODBC deriver from merant (thousands of dollars!) you are screwed (freetds is not mission critical).
War is necrophilia.
" It would be very hard for them to change something and not have it affect a lot of implementations. "
why would it be hard for them? Breaking implementation would help MS because it would prevent people from buying non MS products. MS has a history of backstabbing companies that it partnered with. Did they all find god all of a sudden or something?
War is necrophilia.
Hey but I can set up samba in under 30 minutes!
War is necrophilia.
Also, notice that this is hanging out in the elite new developers section!
My mistake, good job guys.
Full support for the automatic downloading of Windows 2000 and Windows NT printer drivers, providing the first full implementation of the Windows NT point-and-print functionality independent of Microsoft code.
This is a huge acomplishment. Using samba's print services has always been a bit of a PITA in large networks. You get a print spooler that doesn't hang when you look at it funny but you had to install drivers for each printer on the workstations. Micrsoft's server products will automagicly provide a driver for clients when you connect to the shared printer, now samba does it too.
Hats of to Jeremy and the Samba team, this is a great feature.
Would have been kind of nice to see 9x clients supported too though.
And if any slashdot editors are reading this, the colors in this section absolutely freakin' rule. Much better than YRO, for instance, which has always made me feel like puking.
Does this have support for the bastardized non-open protocol MS created out of kerberos?
--
"that's not encryption - it's a new perl script that I'm working on..." - from some Matrix parody
I find that when setting up sometning under unix, you can expect it to be working for a LONG time afterwords as well ... just recently at my place of employment I had to upgrade sendmail due to an ORBS warning, (which meant reconfiguring), and while it was a pain in the butt, one couldn't help but admire that the sendmail hadn't been touched since 1997 :)
Free Techno/Jazz/DNB/MI Music by guys obsessed with monkeys!
My boxes are all running SAMBA bound to an internal NIC, which lets me manage them from my Windows workstations. Whether I'm logged in at the office or VPN'ing in, I can reach my OpenBSD boxes and update websites, develop, etc.
I have the SAMBA servers as part of the domain, but it is a hacky solution. I map everyone's NT Domain name to a UNIX name, and they can access the appropriate files.
NT Domain integration was always a little strange. With SAMBA 2.2, the issues should be much cleaner. ACcording to the release, I don't need to create Unix AND NT users, I can just grant access to my NT Domains. This was theoretically possible before with pam_smb (or smb_pam) but was always a confusing mess.
Also, even if I need to create accounts for the users that log in, not having to create accounts for the users that ONLY access via SMB will be a blessing. Not having a bunch of accounts with shell false just to support SAMBA will make life easier.
Adding an NT File Server is a joke, I plug it in, join the domain, create local groups (if I want) and share files with the permissions. Easy as pie.
Doing the same on SAMBA was a pain because I needed to give each user a UNIX account. This meant that a server for 5-10 people was fine, but trying to give an arbitrary group access to the machine was a nightmare.
This will be a tremendous release, and I look forward to putting it on test servers soon and deploying it in production in the next few months.
Alex
Full Monty doesn't impress me. Def Leppard and Judas Priest, though: That impresses me.
--
My mistake. I was thinking of the Judas Priest album Sheffield Steel, but of course the album is actually British Steel . Sheffield Steel is a Joe Cocker album.
--
Windows supports unattended installations...
I'm pretty sure that the install of NT we were trying around here today was attended by demonic spirits. If the monitor started spewing forth pea-soup like liquids at me it wouldn't have surprised me at all.
Justin Buist
Can't we just save everyone the trouble of bookmarking two sites and just glue /. and Freshmeat together
You don't call Slashdot "Slashf---ed" when it covers dot-com bad news. So why call it Slashmeat? Slashdot covers only newsworthy software releases. This includes packages critical to system and network structure (OS kernels, server software, major security patches, etc.) and "cool" stuff that fits the day's omelet. The new Developers section goes a long way toward this*. If you want, you can exclude this section in your user settings if you don't want to look at so-called "Slashmeat."
Either way, don't bother bookmarking two sites. A link to OSDN Freshmeat II is in the OSDN box to the left of the textarea where I paste this very comment.
* It also may represent budget cuts in the OSDN division of VA Linux Systems Inc. If scoop and Taco can work together nicely enough, the integration of Slashdot and Freshmeat may be a Good Thing for LNUX's bottom line.
Will I retire or break 10K?
And when Linux kernels rev and compilers break, this is....? Progress? Innovation?
The GCC developers are not as worried about backwards compatibility as they are about CORRECTNESS. If new features highlight optimization BUGS or standards NON-CONFORMANCES in a given compiler, the compiler is at fault. GCC has kept up very nicely. If you are worried about a new compiler breaking your old code, compile with gcc -Wall to show where your code relies on non-conforming misfeatures of old compilers.
Will I retire or break 10K?
Fact:
http://biz.yahoo.com/bw/010417/0071.html
Opinion:
Slashdot mentioned VA Linux in this article. This makes it more difficult to complain about the lack of "full disclosure". On the other hand, important material information is still missing.
It seems that in an effort to appear unbiased, the editors are reluctant to post anything about VA Linux at all, even when it is perfectly legitimate to do so. VA Linux hiring top level Samba developers is major news. Don't be ashamed, be proud!
In their effort to avoid being perceived as a PR arm of VA Linux, they are being somewhat evasive and this is backfiring.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
The bug that bothers me most is when a windows box goes down (can you imagine that?) only root can unmount the share.
My question is whether this aspect of samba has been fixed. I have combed through all the online material and cant seem to find an answer to that.
Scheduled release for Windows XP is in the near future, but I don't belive it has went gold yet, I say M$FT breaks everything again, or in a friendly windowsupdate patch soon after release.
I'll take that bet. Microsoft has actually been quite cooperative with the Storage Network Industry Association(SNIA) in providing more detailed information on how the Common Internet FileSystem(CIFS) (yes, that's MS's offical name for their networking protocol) servers and clients are supposed to work. It would be very hard for them to change something and not have it affect a lot of implementations. Now authentication software is a different story. I'm not sure what the status of their Kerberos business is.
the most important server apps on Linux
...
And BSD
And AIX
And Solaris
And Irix
Look also for freetds. The latest version is supposed to support SQL2k, and we hope to be testing it soon against that. It's worked fine for SQL7 for the past 6 months here, and the author has been very helpful when we've needed it. :)
creation science book
I'd like to thank the Samba team for developing one of the two first "enterprise" useful tools for linux/unix (apache being the other). Their work has made it possible for Administrators who want the stability and functionality of unix while being hamstrung by technical incompetance at a managerial level.
"We need to support all these windows users."
"okay, let me setup this file server... yeah... windows..."
Projects like Samba, OpenH323, 1/2 of Enlightenment and a fair few others are why I am still in Australia =) ..(yes I know it's a collaborative effort - just good to know we've got some very smart people doing cool things =) not just the "Why whoop your collective butts in sports and we're still all criminals mentality") =)
--
Jon - TheSpork
This has to be one of the coolest bits of software for *nix. Especially with the ability to act as a PDC, it allows an option of what server you want to use to manage your windows clients. I'll go where I damn well please today, thanks.
Where's my lobbyist? Right here.
Besides, installation of components in Linux is simpler than Windows (no rebooting), and the know-how needed to properly configure it will take an hour, maybe two to glean from the HOWTOs.
"You have to consider the cost of employing someone with the required skills"
Besides, the box of a Win 2k implementation might as well say "MCSE Not Included" right on it. At least with Linux you won't have to spend $1000's for the software on top of IT salaries
"Windows supports unattended installations"
"provided the configuration settings are correctly specified."
Like I said, "MCSE Not Included."