Samba 4 Reaches "Susan" Stage

superfebs writes "Some day ago Samba4 reached a pretty serious test stage. Promises are beautiful: full SMB protocol implementation, Active Directory Domain Controller facility, and more; here's a full roadmap."

Some dayS

[double-oh+three]

Good lord, it's in the first clause of the first sentance and they missed that it needed an S?

Re:Some dayS

plural form be for wuss. It the china person way.

Re:Some dayS

[pe1rxq]

What is a 'sentance'?

Re:Some dayS

[double-oh+three]

grammar-nazi != spelling-nazi

Re:Some dayS

Maybe he's a Lisp guy?

Re:Some dayS

[eflester]

"sentence" If we're going to be pedantic, let's get it right...

Heavyweight Protocol.

"Samba 4 Reaches "Susan" Stage"

So what happens when it reaches the "CowboyNeal" stage?

Re:Heavyweight Protocol.

Duck and cover.

Re:Heavyweight Protocol.

When it hits CowboyNeal, everyone starts complaining about the bloat.

Re:Heavyweight Protocol.

[r3dx0r]

the more important question is: who is susan stage? and what's she got to do with samba eh ?

Re:Heavyweight Protocol.

[DARKFORCE123]

I am more in the mood for a lightweight protocol . Get back with me when it reaches the 'Mary Kate Olsen' stage.

Re:Heavyweight Protocol.

[c0p0n]

If we speak of a lightweighter stage we would be speaking of a 'Natalie Portman' stage.

Re:Heavyweight Protocol.

Wouldn't that be the hot grits stage?

Re:Heavyweight Protocol.

[xanadu-xtroot.com]

So what happens when it reaches the "CowboyNeal" stage?

1. We start seeing duplicate releases of the same version...

Re:Heavyweight Protocol.

[pAnkRat]

This might answer your question:

Susan Stage

Found via GIS

Luke Kenneth Casson Leighton

Just remember, that if it wasn't for Luke Kenneth Casson Leighton, most of the ideas in Samba 4 would never have even been thought of, never mind implemented.

It'd be nice if they gave him some credit somewhere instead of just blanking him out because he 'rocked the boat'.

Re:Luke Kenneth Casson Leighton

[mralert]

For more information on lkcl; Here is a quite interesting presentation by Luke Kenneth Casson Leighton (lkcl) from a SSLUG (a Danish LUG) meeting: http://sslug.mmmanager.org/Members/BabyTux/luke_le ighton

Re:Luke Kenneth Casson Leighton

[Vlad_the_Inhaler]

Is he the guy behind Samba TNG?

I never knew the name but was told that he was difficult to work with. Classic innuendo tactics really, unless it happens to be the truth and that I can't judge.

Re:Luke Kenneth Casson Leighton

[muftak]

Hi Luke

Re:Luke Kenneth Casson Leighton

Yes, he's a complete wanker. But in many ways, an absolute genius.

Re:Luke Kenneth Casson Leighton

Here here - his other bits and pieces (pam_ldap) and yp ldap gateway are great bits of sw too.

Has anyone tried his XAD product yet?

http://www.padl.com/Products/XAD.html

Re:Luke Kenneth Casson Leighton

That's Luke Howard. Luke Howard is a really nice guy and a really really smart guy.

lkcl is a really smart guy but as someone else put it, a total wanker.

Re:Luke Kenneth Casson Leighton

Give credit where credit is due. lkcl did a lot of the early RPC work and should be given credit for that.

He's a smart guy, but Samba would have made as much progress without him. It would have taken more time, but it would have made it.

Don't make it sound like lkcl wrote 90% of Samba. He didn't. And in Samba4, almost none of his code still remains. And the new reverse engineering techniques being employed could have rapidly discovered this things he discovered. Just take a look at the number of RPC's support today in Samba4.

Re:Luke Kenneth Casson Leighton

Are you his father? The dark side is strong in you.

Re:Luke Kenneth Casson Leighton

Are you sure? You sound a lot like him.

Re:Luke Kenneth Casson Leighton

Fuck yeah.

LKCL rocks.

I was running his Samba-HEAD (right before the TNG fork) as a PDC back in late 1999.

That guy rocks.

Re:Luke Kenneth Casson Leighton

Look back at the mailing list archives a bit. All the ideas that Luke had about writing a full RPC implementation were knocked back then -- they just didn't want to know.

Now, of course, they realised the error of their ways and are writing Samba 4 properly, how it should have been done in the first place. But if it wasn't for Luke proving them all wrong with Samba-TNG, they would not have bothered and just kept on with the same old crap.

The point is that he isn't being given any credit whatsoever, as usual they are washing their hands of him and denying the huge contributions -- not just in code but in ideas! -- that he made.

Re:Luke Kenneth Casson Leighton

[lkcl]

yep, that's me.

yes, i failed. i took on a fascinating and very large task - to help EVERYONE out of a difficult hole, both microsoft, the open source community AN D its users, AND microsoft and samba's competitors (the Storage Area Network community) i succeeded in getting the knowledge out there but i failed in implementing it in an "acceptable" way.

yes, the times when i was working on samba got progressively more painful as the difference between the SAMBA_NTDOM and the main cvs branch got steadily further and further apart - in the end approximately 100,000 to 120,000 lines of code apart.

yes, without the work that i did for four years, spurred by paul ashton's initial decoding of the NT domains logon system, the samba team would likely still be peddling you a system that was compatible with windows 95. that's a gross exaggeration: the Active Directory interoperability is a lot easier but still fraught with difficulties.

one of the key problems was that andrew tridgell found it increasingly difficult to actually accept that i could think of things that he could not.

he also had great difficulty, as most people do, in accepting the level of complexity of the MSRPC (aka DCE/RPC) subsystem and quite how inter-connected the whole thing is.

in the end, i had to use other people (such as tim potter, to whom i am very grateful) to get ideas and code accepted.

in particular, the winbind project: note the striking similarity between the use of unix domain sockets in winbind, which andrew tridgell reviewed and accepted, and the use of unix domain sockets in Samba TNG, which andrew tridgell REFUSED to review and REFUSED to accept.

i was told, by andrew tridgell, things like "you should try to log in as root occasionally, and if you break out in a cold sweat, lie down for a while until the feeling goes away".

whilst i learned an awful lot about systems programming from andrew, the way that he treated me was with disdain and complete lack of respect - which was terribly, terribly disappointing for me because, being absolutely honest, i loved and respected him greatly.

anyway: he learned nothing from me, and consequently, he has set samba's development back by at least ten man-years.

luke howard, in three years, ON HIS OWN, produced XAD (www.padl.com) which he has been selling for at least the past two years as a commercial product - an NT 5 Active Directory Server.

Re:Luke Kenneth Casson Leighton

Fuck you.

Re:Luke Kenneth Casson Leighton

[lkcl]

yeh, i'll accept that - both parts.

i see patterns. i mean i SEE patterns. it freaks people out. especially those people who are insecure in their abilities and position.

one thing i do have a lot of difficulty with when i fail to explain or get across a deep understanding of a complex topic.

i find it particularly frustrating in areas where people are supposed to have the capabilities and expertise to cope with a certain level of complexity.

but - basically - the one way to absolutely GUARANTEE to make me see pink mist is for you to be dishonest. whereever i find people being dishonest with themselves, me, or other people, i WILL go for the throat - without fail.

and it gets me into difficulties. c'est la vie.

Re:Luke Kenneth Casson Leighton

[Vlad_the_Inhaler]

Thanks - a far more interesting response than I had imagined seeing here.

Yup, I had noticed that Samba mainstream was drifting towards the TNG model when winbindd came out.

What I said above was only part of the story though, the claim was that you wanted to introduce several additional daemons and this was deemed too complicated back then.

All this is a few years back, I was a Samba administrator up until mid-2000 but have been in Novell shops with no smb since so my memory of the details is fading. That website you see as my homepage here has not been updated for a while and probably will not be unless something changes workwise.

Re:Luke Kenneth Casson Leighton

[lkcl]

one other thing that i really should make clear is that i used - and still use - a programming technique which recently gained a name: "extreme programming".

basically what i do is i build up a picture in my head of what results i want to achieve, and how, in broad architectural terms that that picture should be built.

then i start incessantly, repeatedly, rapidly, bluntly and brutally chipping away at the details: in the case of coding that could result in 30 cvs commits per day.

does this work? oops, no it didn't, let's try something else.

occasionally, usually due to exhaustion or frustration, i would sit and re-think.

i bounced hundreds of messages off of the samba mailing lists, most of which were not actually understood but that was okay because it allowed me to think out loud.

this process drove jeremy allison completely nuts.

jeremy's development model was radically different: very controlled, very calculated, very infrequent cvs commits (relatively speaking) - if it's not ready, if it don't work, it ain't going in the cvs repository.

contrast this with me having at best a pentium 90 with 16mb of memory (my fastest machine) and having to do partial-builds (ccache didn't exist) due to a complete build taking 90 minutes, and random cvs commits in case someone stole my computer from the cybercafe... ... i frequently had no choice but to commit in code at the risk of breaking the build.

this also drove jeremy nuts.

c'est la vie.

Re:Luke Kenneth Casson Leighton

[lkcl]

hi there :)

Re:Luke Kenneth Casson Leighton

I'm not surprised they chucked you off the project then. In the long run, it makes sense to try to work well with others, even if it does mean short term compromises.

You need to learn from your social mistakes in the same way you learn from coding/design errors.

Re:Luke Kenneth Casson Leighton

[lkcl]

yep. i totally agree! i can't even apply for jobs any more because i would rapidly become a threat to any of the long-standing employees, simply by opening my mouth and explaining things to them that would not have occurred to them.

my last job was working for a parallel processor company: in the tutorials they gave in the first WEEK i came up with a way to use the processor that the guy who had DESIGNED the DMA controller had not thought of. within three months he was not on speaking terms with me, his contempt barely disguised.

ironically employed as an applications engineer, i came up with enough new ideas for the company to apply for six or seven new patents on the CORE architecture of their product.

now that's _gotta_ piss some people off.

Re:Luke Kenneth Casson Leighton

How exactly did you explain your ideas to him? Often, presentation can make a huge difference between acceptance and dismissal.

Re:Luke Kenneth Casson Leighton

[lkcl]

working with others requires cooperation both ways.

_i_ have learned where i have failed.

now PLEASE will you do me the favour of communicating to andrew and to jeremy where THEY have failed.

the samba team is not a team at all: it is a group of people who work on their own areas with hardly any actual cooperation at all.

i WISH that the samba project had an ASF charter, with an additional clause that lends equal weight to "strategic" decisions in the part about code being accepted on "technical merit".

if the ASF charter was in place on the samba project, so many many people would not have left it in frustration.

there is much more that i could say but the number of comments on this topic is getting high (and consequently thinner), and is distracting me from my work.

Re:Luke Kenneth Casson Leighton

[lkcl]

p.s. they didn't throw me off: i left. too many incredibly hurtful comments from andrew. the one i will always remember is where he thanked tim potter for completing winbind, without acknowledging that i had helped nor that winbind would have even been possible without the dce/rpc client libraries i'd written.

Re:Luke Kenneth Casson Leighton

[10am-bedtime]

you say you have learned, but you have not learned to not hurt.

for many people, learning to not hurt requires being dishonest (w/ themselves and sometimes w/ others). you probably still have time to learn another method that does not involve dishonesty. that will be a fine day when you get there.

happy hacking!

Re:Luke Kenneth Casson Leighton

[Jeremy+Allison+-+Sam]

I'm only going to say one thing here, and then leave it at that. As has been pointed out before, Luke has a very selective memory about his involvement with Samba.

Yes he made substantial contributions, for which we were very grateful, but in the end the difficulties in working together outweighed the benfits.

I'm not going to say any more - those who are interested can read the relevent email archives.

Jeremy.

Re:Luke Kenneth Casson Leighton

Helpful hint: most other human beings don't see the sort of social pathology you just described as being something to pat yourself on the back for.

Good luck in your chosen career as a lone-gunman coder.

Re:Luke Kenneth Casson Leighton

Just from reading your posts here today, I suspect you're just a jerk. Perhaps very talented but still a jerk.

Re:Luke Kenneth Casson Leighton

[Blnky]

Your not the only one.

> i see patterns...

That makes perfect sense to me as I also see patterns in the same way and have had the same experience with it freaking other people out. I wouldn't be surprised if you routinely see "patterns within patterns" and "patterns of patterns".

> i find it particularly frustrating in areas...

I agree. If you are to be qualified for something then you should be able to understand the various complexities that arise. Granted, no one will get everything perfect, within their claimed area of expertise, but it is aggravating when they have a 50+% failure rate.

> but - basically...

Again, I have to say "ditto". It doesn't matter whether you are being dishonest with me or someone else. I get really peeved. The same goes with hypocrisy.

> and it gets me into difficulties

That is a good way to put it. This makes me wonder, what would a group of similar inviduals like us be able to accomplish? Would we fragment against each other or would we be able to accomplish far more than has recently been seen? Perhaps someday I shall have the chance to find out.

Re:Luke Kenneth Casson Leighton

[lkcl]

jeremy, can i suggest that you read _all_ of the comments that i have made here?

a basic summary of those comments is that i accept responsibility for my failings.

can you do the same?

also - there is nothing wrong with my memory. i remember every painful word, every hurtful comment - mine, yours and andrew's.

Re:Luke Kenneth Casson Leighton

[lkcl]

That is a good way to put it. This makes me wonder, what would a group of similar inviduals like us be able to accomplish? Would we fragment against each other or would we be able to accomplish far more than has recently been seen? Perhaps someday I shall have the chance to find out.

i would hazard a guess that it would be hit-and-miss - like all projects and all groups of people who choose to work together.

i would also hazard a guess that under the careful direction of a non-techie with extremely strong communication and negotiating skills that any project that fast-minded people work with/under/for, would be extremely successful.

Re:Luke Kenneth Casson Leighton

[lkcl]

yes. i cannot express how disappointed i am that in that regard i failed so badly.

still, on the up-side, the information _is_ available, and microsoft no longer has a stranglehold over people.

i didn't get killed. their attempts to hire me were pathetically under-offered. they haven't (and according to the outcome of the lexmark case) and CAN'T use the DMCA to threaten me - or anyone else.

so that's all good.

Re:Luke Kenneth Casson Leighton

[lkcl]

dear ttn, of all the comments on this topic, yours is the one that i will cherish the most - because it is something new to me that i have not heard from anyone before. you are right in two ways - that i have not learned to not hurt [as in be hurt] nor have i learned to not hurt [others]. i am reminded of orson scott card's "ender series" of books, in which bean endeavours to get across vital information and strategic advice without patronising the recipients. i have adapted that technique when attempting to communicate information. it had never occurred to me to apply the same (or another) technique to ensuring that people are _not_ hurt by what i say. thank you.

Re:Luke Kenneth Casson Leighton

[rice_burners_suck]

dude, jesus christ dude... you think you posted enough on /. today? man, you just about wrote a whole damn book. there's at least 5 comments here, each of them quite lengthy. not that I'm being disrespectful or anything, but just saying.

maybe you need to chill out a little. it's not like you need to defend yourself so much. these stupid people don't appreciate what you did, fuck 'em. a lot of times people try to do shit and it doesn't work out exactly the way they want. oh well, at least you tried. damn, if you never fail at anything, it means you never try anything, may as well be dead or something. but damn, even if your particular goals didn't get implemented in an "acceptable" way, who cares, you still made quite a positive influence on the whole damn community... just get a beer and dance some samba and everything will be ok.

Re:Luke Kenneth Casson Leighton

[lkcl]

i'll take that as a compliment. if you genuinely didn't care, you wouldn't have bothered to post. thanks for bothering, because it tells me i still have work to do.

Re:Luke Kenneth Casson Leighton

[lkcl]

not very well, but it was an uphill battle.

the main problem was that if, as part of the discussions, andrew would come up with an alternative idea, then that was it - he was off.

one classic example was that after explaining the idea of implementing a proper registry (mainly for the future convenience of the Wine team) i was delighted when i came in one morning to hear that andrew wanted to implement one [a registry].

as the details came out, i was dismayed to find that he intended to make the lookup keys ascii based rather than unicode (thereby making it, for the purposes of the use to which this registry was to be put, impossible for samba to have non-UK/US-based workstations join the domain - so domain names with japanese or cyrillic characters would be right out).

i have to admit that at this time (2000), i was beginning to give up already.

i do realise that in the end i had to use other people to do the presenting of ideas.

you know what? this is going to sound like a cop-out but i _promise_ you it's not. i'm going to think about your question, and i'm going to think about ways in which i could have done better.

Re:Luke Kenneth Casson Leighton

[lkcl]

*lol*. kuso. yes, now you know why i stopped writing messages on this subject - because whenever i do, it's a torrent.

but each time i learn something new, and that can only be good.

today is a day to consider how not to hurt and how not to _be_ hurt, to think about ways in which ideas can be better communicated and presented, and a day to conclude that yes, a lot of people were helped by the information i was able to research.

Re:Luke Kenneth Casson Leighton

[lkcl]

warning, warning, that presentation is about two hours long!!!

Re:Luke Kenneth Casson Leighton

this process drove jeremy allison completely nuts.

Of course it did! I can't stand the random noise thrown off by advocates of XP either. It's like trying to think with heavy metal music playing on full volume!

I would have thrown your arse off the project too.

And can you please use correct English and capitalise some words? I'm sure that drove people up the wall too.

Re:Luke Kenneth Casson Leighton

Respectfully; If you are in the position to significantly advance the state-of-the-art in UNIX computer network services and systems administration software (PAM, SAMBA, OpenLDAP, Cyrus-SASL, MIT/Heimdal), and are unable to contribute to it's development anymore because of personal indifference to other individual engineers, then, well, I have no smypathy for you whatsoever.

Listen, not all of us are able to change the world. I can barely remember to change the tapes and my shorts.

Please find a project you can call home, and do some good. Code. Document. Share. This is what you want to do. So do it. Don't let a few fucktards punish the rest of us shell/perl hacks out here.

And by the way, Mr. Howard could use some improvement with his software as well. Have you ever unpacked the nss_ldap or pam_ldap tarballs? Tell me -- where is the documentation? Look at the pam.d/ snips he has. No really, I wish I could laugh but it's so not funny. It's pathetic. The lists run by PADL suck.

SuSE has gone with a pam_unix2.so. Why?

Linux-PAM is a joke. There is no such thing. There is only RedHat PAM. PAM on RedHat is patched with what? More than 50 patches last time I looked.

PADL sells a solution. Symas sells some solutions too.

Personally I know the software will continue to advance anyways, there are enough developers. The desired features will get implemented sooner or later.

It just burns my ass to see the gifted individuals turning their backs on the communities, the ones who provided them with open tools and sources and code and docs and utilities and recources that they used while starting upon their own journey into software engineering.

Of course this is all the blabbering opinion of one dude, and you don't owe me or anybody else anything. I respect you have your own life and you can do whatever the fuck you please.

But I thought it was important to express a couple of my thoughts, no matter how retarded they may seem to you. I've personally witnessed a "call to the community" on the samba m/l, from either Allison or Tridgell, I can't remember which one, asking for the "really smart people" to look at this problem X thing, and see if they could solve it. Seeing this type of broadcasted call for help coming from this highly respected engineer was rare for me, and I've been reading the -technical m/l for a few years now.

And who comes to the rescue, like only a matter of hours later if I recall correctly? (This was only a few months ago) Mr. Luke Howard. Look, I don't know any of the prominent personalities in the OSS world, and quite frankly maybe none of them would like me as a person anyways, but man it's completely obvious how gifted and sharp some of them are, and it's really sad to think about the degree to which these people could really help the world out by contributing their skills.

Personally I would rather you either just dissappeared and completely STFU, or be yourself and do what you're good at; and if that is being disruptive to a group of developers by exposing forward-thinking ideas and concepts, then so be it. There are many other slick developers out there who don't post comments and don't make any noise; lurkers. Out of the few billion people on the planet you're not going to get along with every other one of them, but surely with a whole fucking bunch of them, you will. But please don't just walk up-and-down the sidelines of the field boo-hoo'ing.

Maybe the SAMBA team elite have enough self-assuredness and enough cock-of-the-walkedness that they don't feel compelled to apologize to you for anything due to frequent and repeated ego-stroking directed at them from others. So who fucking cares? Fuck them. Grab the bull by the horns and ride it. One of them already personally replied to you in this story thread, which was probably difficult for them to do, but they did. They're not letting YOU get them down.

You should just show them the same courtesy.

I don't

Re:Luke Kenneth Casson Leighton

[T-Ranger]

First, I have no idea who you are, nor do I know anything about SAMBA politics. For that matter, I don't know much about SAMBA either.

Here is an idea. Learn how to use your shift key. I've only read about 10 of your posts in this discussion, and I have already decided that the other guy is right.

Re:Luke Kenneth Casson Leighton

[Etyenne]

You are an interesting and insightful person. I volunteer to buy you a keyboard with working Shift keys; it would make reading your intervention so much more enjoyable.

Re:Luke Kenneth Casson Leighton

Luke Kenneth Casson Leighton wrote

> p.s. they didn't throw me off: i left.

Really ? Care to explain this email then ?

http://lists.samba.org/archive/samba-technical/2 00 2-January/018388.html

________________________________________________ __ _______
From Andrew Tridgell tridge at samba.org

> i explained each piece of the architecture to andrew and he got more and more out of his depth.
> he didn't want to admit it or lose control over the code.

Quick translation for those who haven't tried to code with Luke. When Luke says "X was getting out of his depth" it means "X didn't agree with Luke".

> in particular, he didn't want to accept technically "inferior"
> solutions or "inferior" code.

right, I don't.

> his response was to fob me off, requiring removal of pieces of functionality that he could not understand, or to have
> me do _anything_ that meant that the code would not meet his standards.

oh I understood your code all too well. Your checkins almost invariably were extremely buggy as hell and you had by far the highest rate of checkins that don't compile of any team member.

I have spent months of my life fixing the bugs in your code, or patiently explaining to you how unix memory management works, or how pipes and sockets work etc etc. Usually you end up coming back to me a few weeks or months later and start claiming that you were the one who had some idea for the code, and I go "yes Luke", because taking the
time to point out that your "new idea" is something I explained to you months before is just not worth it.

When you finally left the team it was such a relief to wake up each morning and not have to fix the dozens of compilation errors or portability bugs you had introduced overnight. Of course, your attitude was that such a brilliant programmer as yourself shouldn't need to worry about such niceties as the code actually working or not having gaping security holes. Those details are or lesser mortals like Jeremy, Tim, JF and myself to fix. Your grand plans should never be sullied by such details.

> if andrew had not raised the technical bar higher and higher and higher in order to, ultimately, block TNG code from
> going mainstream, then i would be in a much more stable financial situation than i am now.

Your very first emails to me way way back in 1996 were already complaining about your terrible financial situation. You were in terrible shape then and you are in terrible shape now. The only difference now is that you blame me for it.

and yes, I did raise the technical bar in Samba. I've been steadily rasing it ever since I started Samba. It was rising well before you started work on Samba and it has continued rising after you left.

As projects get bigger the bar *must* rise. Just look at the state of the code in the early versions of Samba and you will see why this is essential. A good project leader will spend a large proportion of their time reviewing the basic infrastructure of the project and deciding when that infrastructure needs improving in order to support new functionality. I've been doing that constantly since Samba started.

> i am working extremely long hours on a building site, earning approximately one quarter to one half of the amount of money
> that i need to pay for everything, and i come home to read my email once every three days, and find messages that remind me that some extremely good code that i wrote OVER TWO YEARS
> AGO and spent FOUR YEARS WRITING still hasn't made it into main-stream samba.

If you are looking for sympathy from me then you won't get it. When you started writing the code I very clearly told you that it would not be accepted in the form you were doing it. You went ahead anyway. Jeremy and I spent a long time explaining in great detail how you would need to write the code in order for it to be accepted. You ignored us. We rewote

Re:Luke Kenneth Casson Leighton

[dubious9]

Hi back. It has been a long time since I've read a programming thread that really shows the human side of the equation. I've enjoyed your posts today even though I may not agree with all of your assertions. It is rare to see inside the big projects for those that don't delve into the mailing lists. There was had a little X insight a while back, but not as , well, dramatic

Anyways, Kudos for the help to samba, and for some good reading today.

Re:Luke Kenneth Casson Leighton

[imroy]

Exactly. Lukes' posts here don't present a very good picture of his personality. Frankly, he comes off as a pompus jerk. Maybe he is as good as he claims and has made some good contributions. But just about every one of his posts here contain some annecdote claiming I was too good and they were threatened by my skill and knowledge. I know I'd find it hard to work with someone like that.

Jeremy Allison has already weighed in saying simply that working with him was difficult and didn't justify the benefits.

Re:Luke Kenneth Casson Leighton

no sour grapes there then!

well I have met members of samba, freebsd core and user ppp development teams before, and imho they're all self-righteous, pompous and arrogant little twits. You will not, can not learn anything from these people.

so no love lost.

Re:Luke Kenneth Casson Leighton

[Tomun]

That makes perfect sense to me as I also see patterns in the same way and have had the same experience with it freaking other people out. I wouldn't be surprised if you routinely see "patterns within patterns" and "patterns of patterns".

It's called Synesthesia and it comes in lots of different varieties. Sometimes it's useful and sometimes its not.

There was a great Horizon program on it not long ago called Derek tastes of earwax. Although the parts of the program saying we're all synaesthetes were reaching somewhat.

Re:Luke Kenneth Casson Leighton

[lkcl]

:) MOST LETTERS YOU READ IN YOUR LIFETIME WILL BE LOWER_CASE>

unfortunately i can't post all caps because slashdot thinks it's yelling!!!

Re:Luke Kenneth Casson Leighton

[Shillo]

> one other thing that i really should make clear is that i used - and still use - a programming technique which recently gained a name: "extreme programming".

> basically what i do is i build up a picture in my head of what results i want to achieve, and how, in broad architectural terms that that picture should be built.

> then i start incessantly, repeatedly, rapidly, bluntly and brutally chipping away at the details: in the case of coding that could result in 30 cvs commits per day.

This is precisely the *opposite* of the Extreme Programming.

XP means you have to first decide on the exact functionality that you want to deliver, then write the stubs (i.e. classes/function calls that do nothing) and tests for those stubs (which invariably fail).

Then you implement the stubs, making the tests work one by one.

One of the defining characteristics of XP is that the committed code always builds and always does something, and you can always *tell* which part of it works by looking at the test runs.

Committing broken code into CVS is not programming at all. It's team disruption and is inexcusable. It also raises your own productivity at the cost of lowering everyone else's, something else that I find inexcusable.

Re:Luke Kenneth Casson Leighton

[KlomDark]

What? You can't think with loud metal playing? That's when I do my best thinking! :)

Re:Luke Kenneth Casson Leighton

Thanks for the answer but I meant the guy who designed that processor, not Mr Tridge, btw.

Re:Luke Kenneth Casson Leighton

[GuyWithLag]

No. It's called understanding.

Re:Luke Kenneth Casson Leighton

There is this pattern (in English) where you use capital letters for certain words, not just for emphasis. (Which is a dirty hack: punctuation and phraseology should do it for you.) You seem to have missed that pattern.

Re:Uh, oh

[canuck57]

Anyone else notice that Linux Today is sponsored by Microsoft?

It is ironic isn't it?

dupe!

[LWolenczak]

this was posted like... two or three weeks ago.

Re:dupe!

[Ibag]

You can say "clearly this is a dupe," without adding anything else if it is a dupe of something that has beeen on the front page in the last 48 hours. However, beyond that, you really should add a link of some sort.

It's not that I don't believe you, but since neither google nor slashdot's search came up with anything that resembles a dupe (that I could find), I'm a bit skeptical. Maybe you weren't reading slashdot? Maybe you were reading the samba forums?

So for all of you still reading, if you're going to post "dupe" on something that isn't an obvious dupe, provide a link.

ob. Susan quotes from imdb

[Keruo]

Snatch:
Avi: Should I call you Bullet? Tooth?
Bullet Tooth Tony: You can call me Susan if it makes you happy.

Babylon 5:
Susan Ivanova: It was the year everything changed.
Susan Ivanova: I know, I know. It's a Russian thing. When we're about to do something stupid, we like to catalog the full extent of our stupidity for future reference.

Re:ob. Susan quotes from imdb

Shut up.

Re:ob. Susan quotes from imdb

"Who am I? I am Susan Ivanova. Commander. Daughter of Andrei and Sophie Ivanov. I am the right hand of vengeance, and the boot that is going to kick your sorry ass all the way back to Earth, sweetheart! I am death incarnate, and the last living thing that you are ever going to see. God sent me."

Andrew Tridgell - a free software hero

[mralert]

Andrew Tridgell is the man behind two of the most interesting and usable free software products available; samba and rsync. Samba is truly great, but I find rsync so incredibly useful and smart. Does the Windows world have any kind of rsync-equivalent? (Besides the Windows rsync-ports, which require a lot of extra stuff like Cygwin.) Backing up data with rsync makes me sleep well at night :-) Thanks Tridgell! :-)

Re:Andrew Tridgell - a free software hero

[MisterP]

Check out cwrsync

It is a stand alone package of rsync for windows. It even comes with an installer to make it run as a service. I use to it replicate web content on some faily major websites.

Re:Andrew Tridgell - a free software hero

Robocopy, part of the Windows resource kits, is what I use on Windows.

Re:Andrew Tridgell - a free software hero

[Vancorps]

The Windows world has either robocopy or the more automated Distributed Filesystem support. DFS replication is a bit more elegant but robocopy is nice and simple, easy to understand and very easy to script.

Re:Andrew Tridgell - a free software hero

[Tony+Hoyle]

..which uses cygwin :)

There are proper Win32 ports out there, though.

Re:Andrew Tridgell - a free software hero

[Tony+Hoyle]

Robocopy != Rsync

Rsync copies the minimum amount required to make the old file == the new file - works well over slow links. Robocopy can only copy whole files.

Re:Andrew Tridgell - a free software hero

Change a byte in a several gigabyte file and watch robocopy copy the whole thing while rsync just copies the change..

Re:Andrew Tridgell - a free software hero

[Trogre]

rsync is great, but I still haven't figured out how to do incremental backups with it. I don't mean the --backup option which creates incremental backups of the old copies, but it would be really useful to create a 600MB incremental backup of a 20GB directory that you could burn to CD once a week.

Re:Andrew Tridgell - a free software hero

Use Dar.

http://freshmeat.net/projects/dar/

Re:Andrew Tridgell - a free software hero

[poulbailey]

> There are proper Win32 ports out there, though.

Do go on, please.

Re:Andrew Tridgell - a free software hero

Is there a Window 2K/XP port of samba?

Re:Andrew Tridgell - a free software hero

[Nurf]

rsync is great, but I still haven't figured out how to do incremental backups with it.

Have a look at rdiff-backup. It uses rsync on the backup and does incremental backups. I use it to back up my local and remote machines. Diffs between versions are stored in a single directory and you can back those up. I can't recommend it enough.

Here is it's homepage: http://www.nongnu.org/rdiff-backup/

Re:Andrew Tridgell - a free software hero

[zulux]

Look up RSnapshot - it's a great front end to make rsync do incremental backups. Highly recomended - it's works on all the *BSD's too!

Re:Andrew Tridgell - a free software hero

[Q+Who]

Check out Unison File Synchronizer.

It's bi-directional file/directory synchronizer, works over just ssh, cross-platform, very fast.

Extremely useful when you need to keep, say, home and university accounts in sync, or do remote backups.

Re:Andrew Tridgell - a free software hero

[davecb]

An, in cause you didn't notice, unison the laptop-synchronizer uses the rsynch algorithm.

Congrats to Tridge and to Benjamin Pierce for Unison.

--dave

Re:Andrew Tridgell - a free software hero

I thought Rusty Russel was the main man on this?

Re:Andrew Tridgell - a free software hero

[cloudmaster]

rsync is a tool that keeps one directory in sync with another. On *nix, a tool should do one thing and do it well. If you want the differences between 2 directories, use diff. If you want to know what changed in 2 directories -

First, make a copy of your data. Next time you run a backup, you should start by creating a copy of the existing backup that's hardlinked to the originals. The easiest way to do that is "cp -al backup snapshot.1" or similar. So, now you have 2 directories that are identical, but which take up little more space than one, since the files are hardlinked to each other. Then, you rsync your source to the backup dir again. This works great because rsync unlinks changed files before it puts the new file in its place.

So, you get a complete snapshot that only takes up the space of the changed files, essentially. The files that stay the same are just hardlinks to the same data, and the files that change exist in both the old form (because the hardlink cp -l created still exists even when the entry in /backup is unlinked by rsync), and the new form exists in /backup because rsync replaced it.

Now you're using cp and rsync, and you've got snapshots and backups. The next step is to find the differences. Use "diff -r backup snapshot.1" for that. Parse it with some kind of shell script (which should be easy), and you've got a file list that details what changed and/or was removed/added. So, you then use another script (or the same one) to calculate the total size of those files. If it's more than your CD can hold, you have 2 options. You can create a tar file and run it through dd in order to split it up into exact-sized chunks. That'd suck for restoring, though. I'd choose option B, generate a list of file sizes, add files to a .iso until you get to a file that'd push you over the limit, and then start adding files to another .iso.

This'd all take little more than a few minutes to write, if you're proficient with somc scripting language (and are on a platform that allows such activity). Personally, I just do the snapshot backup thing (had to write a program to do the "cp -l", though, since my OS X backup server's cp doesn't handle non-file/directory entries well (device nodes, named pipes, etc)) and keep the whole deal synced up with an off-site backup system. I've got about 10 full linux server machines backed up this way, with about a year of snapshots - including email and an active web server - and it doesn't even take up 2x the space of the initial backup set. It works great, and makes restoring *super* easy. "I deleted a directory a few days ago". "Well, I've got the state of the whole directory as of midnight 4 days ago right here". I love it.

Re:Uh, oh

[ttldkns]

its not, thats an advert quite cleverly designed to liik like the rest of the site. The links are all ad.doubleclick.net and the blurb is all about windows being better.

slashdot even has MS adverts, they are just everywhere. and where better to put them? trying to scare inquisitive new users away.

Samba 4 Reaches "Susan" Stage????

[datadriven]

What the hell does that mean?

Re:Samba 4 Reaches "Susan" Stage????

Read the fucking article. It's the name of his wife, in reference to the fact that he considers the code stable enough to have her test it to store her files on.

Re:Samba 4 Reaches "Susan" Stage????

[LEgregius]

If you had RTFA, you would realize that it mean that the head developer, Tridge, who started the whole samba thing years ago, go to the place where his wife, Susan, is testing it at home. She has apparently been a tester for ever major release, and she apparently encouraged him to started the Samba project to begin with.

Re:Samba 4 Reaches "Susan" Stage????

The next logical step is that only females named Susan be recruited to Beta test on a larger scale. Birth Certificate required, and no Runaround Sue jokes allowed.

Susan

Re:Samba 4 Reaches "Susan" Stage????

I suppose then she's not a lazy susan...

/rimshot

Re:Uh, oh

[Compholio]

Anyone else notice that Linux Today is sponsored by Microsoft?

It is ironic isn't it?

They want us to "see the light", the great Microsoft god must give all non-believers a chance at redemption so it can feel good when it casts us all into hell.

Samba's great

[Stevyn]

It can be a pain to set up at first because you have to deal with config files, but once it's set up, it Just Works (TM).

My little network at my apartment has two windows machines (roommates), my linux machine, and the xbox with XBMC. I can share movies and music across the network and it always works. The xbox and the windows machines can always see shared directories.

On the other hand, SMB on the windows xp and windows 98SE only works some of the time. I can always count on mine working though.

Good job, samba team!

Re:Samba's great

[Blakey+Rat]

Ok, I call foul on using "Just Works (tm)" on anything that requires config files.

The origin of the phrase was to describe how MacOS X is capable of doing pretty much exactly what you'd expect it to do in every circumstance without any configuration. For instance, copy a few cells from Excel and paste them into Photoshop-- it just works. Using Connect To Server and typing in the path to a Windows fileshare-- it just works.

If you need to use any kind of configuration file, it doesn't Just Work.

Re:Samba's great

[Vancorps]

Poor example there considering the Windows share doesn't work unless you disable connection signing which 2003 has enabled by default.

I agree with your point about config files but I will take a config file over the automagic approach anyday seeings how it can be a pain in fix automagic apps.

Re:Samba's great

[m50d]

True, but in the case of Samba what you would expect it to do is not share anything - I don't want to be sharing my hard disks unless there's a good reason, thank you very much. And the client part does work without any configuration, at least on my distro.

Finally, SWAT means you just have to fill in a simple form rather than editing a conf file, unless you have a very weird setup. It's not zero work, but it's pretty close.

Re:Samba's great

[Taladar]

So your computer should guess all by itself what directories you want to share or how do you implement "Just works" with servers?

Samba config files are really easy to write and the example ones contain all common cases where you just have to put in your paths so yes, it just works after you tell it the info it can't know automagically as long as it doesn't use a mind-reading library.

Re:Samba's great

[BHearsum]

MacOSX "Just Works" when you're doing only what it was *explicitly* designed for. Apple software is very simplistic and does not provide many advanced features last time I checked. Maybe this is a good thing, for some people, but last time I used an OSX desktop (3 weeks ago), I wasn't comfortable, or even capable of doing many things I wanted until I had a terminal open and was ssh'ed back home.

Re:Samba's great

[FuzzieNorn]

Mac OS X has a default smb.conf the same as any Linux/etc distribution, a config file - which is REQUIRED for OS X's samba to work, shock! - and in order to edit it for your needs you have to, guess what, customise the configuration file! Whether using a pretty GUI tool, the samba web interface, or using an editor.

Ranting about how Mac OS X does everything 'without any configuration' is bullshit. Yes, it has much much nicer defaults and much much nicer software for most things, but that doesn't mean you don't need to dig into the configuration at times.

Re:Samba's great

True, without graphical browsing support, OSX's samba is pretty halfassed. At least it stopped crashing the finder in 10.3.

Re:Samba's great

[bbk]

Mac OS X uses Samba for its SMB/CIFS connections, and is thus the equal of any Linux distro in terms of connecting to Windows.

Coming from a Windows or Unix background, it does take a bit of time to get used to Mac OS X and get a good working set of applications, as with any other system. Once you do... the rewards of using OS X far outway the problems, in my circumstances. Your circumstances might dictate otherwise.

Re:Samba's great

[BHearsum]

My issue is that MacOSX apps aren't useful with anything but other MacOSX apps. Details about them are not disclosed, and they use propriatary formats for everything. Two examples:

1) I needed to read some iChat logs on my Linux machine, there is absolutely *no* app out there that's not OSX specific (why the fuck do you code a log parser in *Aqua*, it's fucking text, jesus), nor could I find any details about the log format (it's binary for christ sake!) so I could whip up a perl script.

2) As a result of that I *did* manage to find an app that claimed to run on all POSIX complaint systems that would parse iChat logs -- but it was packaged in .dmg. So I went on a hunt for a dmg decompressor. After a lot of searching I find something that would mount them as a filesystem, unfortunately the app was also coded for Aqua. Sad.

I ended up using cat file.chat | strings to read them, which was extremely ugly.

Re:Samba's great

[Blakey+Rat]

iChat sucks ass anyway. I know it's not really an answer to your problem, but there you go. AIM on Macintosh keeps logs in plain ol' HTML format, easy to read, with descriptive filenames.

Re:Samba's great

[rice_burners_suck]

On the other hand, SMB on the windows xp and windows 98SE only works some of the time. I can always count on mine working though.

Yeah no kidding. Probably one of the things I hate most about Microsloth Losedows is the stupid Network Neighborhood window. If I'm in a good mood and I want to become angry, all I have to do is click on Network Neighborhood, and I go from happy to pissed off in no time flat. First of all, it practically locks up the entire computer while it SEARCHES for network shares. The damn thing will search and search and search and not find anything, even though it is properly configured, and so are all the other computers, and they're connected just fine. The computers will communicate via every other protocol in the book, and Losedows will be extremely aware of the fact that they exist out there, and yet the Network Neighborhood window will just sit there and search.

So then I do the next thing... I go into Find and go into Find Computer, and I type in the name of the computer I want. Then, Losedows will search for a few minutes, and let's say about half of the time, it will find that computer. Then, I'll click on that computer and it will take Losedows forever to open up another window.

All the time this is happening, if I go back into, Windows Explorer and go into Network Neighborhood there, it will NOT find the computer that it is accessing perfectly well in another window. In other words, in one window it knows that everything is fine. In Windows Explorer, it will search and search, even if you tell the stupid thing to "Refresh", and it will not find it.

Losedows is not an operating system. It is a virus.

But on the other hand, Samba works.

Reminds me of Plug n' Play. Microsoft invented that standard. Then, every operating system in the world, FreeBSD, BeOS, Linux, you name it, was able to find and configure supported hardware in no time. Every operating system except Windows, that is. In Windows, this standard earned the name Plug n' Pray.

No surprise, given the fact that all of Microsloth's programmers are completely inept, a bunch of bumbling idiots, monkeys punching away at keyboards could program better, every standard that Microsoft invents works a lot better when someone else implements it.

Re:Samba's great

[BHearsum]

Tis not a problem anymore.

I was simply pointing out a fallacy of the Apple development model anyways.

Re:Samba's great

[toddestan]

A great trick, if you know the IP address of the machine you want to connect to, is choose Run... in the start menu, then type two slashes followed by the IP address, such as \\192.168.1.100

This is usually faster than Network Neighboorhood, and almost always works, even when "Find Computer" fails. Getting back on topic, it even works for connecting to Samba servers.

Re:Samba's great

[SmittyTheBold]

You can also use the Windows computer name; this method is *almost* as reliable as using IP addresses or proper domain names.

Re:Samba's great

(why the fuck do you code a log parser in *Aqua*, it's fucking text, jesus)

That should be readily apparent. GUI = better, always, as far as Mac users are concerned. And I agree with them. I use a CLI for some *nix things that can't be done any other way, but by and large do things in GUI-driven apps whenever possible.

I find Linux's insistence on the CLI above all else to be very tiring. XWindows has been around long enough to implement GUI tools for everything. Yet, oddly enough, not much has been done to implement much of anything in GUI form.

If you needed to parge iChat logs, why not just parse them on the OS X machine you created them on? Unless you weren't actually creating them, and therefore couldn't have access to the system long enough to parse them, which would sound a lot like you were spying on your girlfriend/wife/Significant Other/boss/underling/etc? If so, tsk, tsk, paranoid boy... that you had to jump through so many hoops might've been your first clue that you were doing something morally wrong.

But, oh yes, CLI for everything. Yes, yes, CLI, don't let me delude you letting the real world (which Linux will eventually have to interact with if it wants to grow) intrude on your thoughts.

Re:Samba's great

[BHearsum]

They were actually *my* logs that were created when I was using my ex-girlfriend's Mac. I do not own one, nor have the desire to, but I thought I'd give it a chance while I was there. I wanted my logs, so I ssh'ed them home only to later realize they were almost useless.

p.s. If I had wanted to read my ex's logs, I would've done so while I was there.

Re:Samba's great

[Kaboom13]

I suspect the network you had these problems on was not very well configured. Most likely, you were trying to use simple autodetecting workgroups on a complicated network. To find other stations in this manner, it has to send broadcasts (similiar to DHCP broadcasts). Most routers do not send these broadcasts past the originating router, so you cannot see machines on other parts of the network. This can be fixed by implementing a WINS server for older versions of Windows or more properly by implementing a domain controller. Trying to use the auto-detect on anything other then a 1 hub home network is going beyond it's scope. Of course if it's such a hassle for you, the ip address of the machine can be used in just about every instance instead of the computer name. As for Plug'n'Play, Windows currently vastly outperforms Linux in the hardware that is automatically detected. Mac OS may be considered to have an edge in percentage of hardware automatically detected, but the actual number of devices available for Mac is much much smaller. The Plug'n'Pray moniker came from a time when it was new technology, and you were lucky to have it work for obscure hardware on any platform. Rants like these (calling it Losedows does not grant you credibility) calls attention from the real problems with Windows (of which there are many).

Re:Samba's great

[Asphixiat]

Not if the PDC has been up for about a week, and is not in the "mood" for refereshing network information about which shares are available (I dont care about shares that aren't there anymore). Then the IP address usually works (bypasses the wins info I think).

Windows CIFS sucks, samba's is wicked, but tricky to configure - typical linux scenario IMHO - but you get used to having to hack linux (at least you have the option! you all know how to fix the windows problem I described tho right?? yup REBOOT)

Re:Samba's great

After a lot of searching I find something that would mount [DMGs] as a filesystem, unfortunately the app was also coded for Aqua.

It's called "Disk Copy" and comes with OS X. This shouldn't have taken a lot of searching. (The commandline version is called hdiutil, but it wouldn't shock me if it was not portable.)

Sounds like you learned the hard way that MacOS X is not really a Unix system -- it is a Macintosh system with a Unix add-on.

Re:Samba's great

[KlomDark]

Losedows? I always thought it was Wimp DOS. (DOS for idiots that need a pretty picture to remember things...)

And when Microsoft starts to clamp down on this...

... it will be "Black-Eyed" Susan to you.

Call me when

[mboverload]

Call me when it gets to the Pamela Anderson stage.

Re:Call me when

Uh, no thanks, I don't want viruses on my box.

Why a rewrite?

[benjamindees]

For those who don't follow too closely, what necessitated a rewrite of Samba 3 and/or what gains are to be expected?

Re:Why a rewrite?

Some of the code base was getting hard to maintain. Fugly so to speak.

Re:Why a rewrite?

[ndogg]

The answer to this question is in the slides linked to in the article.

So, yeah, RTFA.

Really, the slides only take about three minutes to go through, if you read slowly.

Re:Why a rewrite?

For your RTFM attitude: you get *nothing.* And AC gets +Insightful. Mwuhaha. Maybe if I'm feeling mean later you'll get -Troll, too.

Re:Why a rewrite?

[Anthony+Liguori]

Samba3 is a mess. All the RPC code is hand-written, the SMB parsing logic is all over the place.

Samba4 automates the generate of most of the RPC code (the numbers change frequently, but it's something like 3,000 lines of IDL now replaces 100,000 lines of handcoded C).

Plus, Samba3 took the approach of just doing enough of the protocol so that it worked. You'd see a lot of mysterious += 8 where you'd just skip over chunks of the packet. In Samba4, every field is understand and accounted for.

Samba3 never could have been written as Samba4. Noone knew enough about SMB to understand that Samba4 was needed. This is really just Samba4 growing up.

The biggest user-visible change is going to be better Active Directory support. Active Directory support in Samba3 is painful. Very painful. If Samba4 does get it's own LDAP server, you may seem some extremely good interop in Samba4.

Re:Why a rewrite?

[lkcl]

All the RPC code is hand-written

that is my fault: i started that technique.

it was better to do it that way at the time because FreeDCE was not available, and even if it was, FreeDCE would have needed quite a lot of additional SKILLED work on it to make it possible to use (http://sf.net/projects/freedce).

and yet more work to make it production-ready.

so basically, SEVERAL learning curves had to be breached before anyone could start using (or developing) proper tools for the job.

people forget that samba is actually now about TWENTY FIVE separate protocols / APIs, about five of which are implemented in one program (nmbd), about TWENTY of which are implemented or used in smbd.

Re:Why a rewrite?

[Anthony+Liguori]

that is my fault: i started that technique.

Yup.

people forget that samba is actually now about TWENTY FIVE separate protocols / APIs, about five of which are implemented in one program (nmbd), about TWENTY of which are implemented or used in smbd.

You'll appreciate this one. A couple years ago we were looking into better Active Directory interop. It was discovered that to do a real AD-style logon (the same way that XP and most Windows clients do it) required an RPC that was only available over TCP/IP (Windows refused to send it over SMB).

This led to a major hack job of Samba3 to support an end-point mapper and to support RPC over TCP. We eventually gave up and decided that AD would have to wait for Samba4.

In all fairness, once you get used to the hand-coded RPC style, it's not that bad. It's a decent subsystem as far as Samba3 goes. However, as you said, the learning curve is steep. I'm sure I still don't understand completely when to pad and when not to pad.

Re:Why a rewrite?

[Etyenne]

If Samba4 does get it's own LDAP server, you may seem some extremely good interop in Samba4.

This strike me as being a good example of wheel-reinventing and NIH syndrome. And reinventing a pretty complex wheel at that; LDAP is lightweight only in name, that's for sure. Would'nt it be easier to add the required functionnality and behavior to OpenLDAP, maybe as a plugin/module, a build option or as a runtime configuration directive ?

LDAP is used to centralize information. As a Samba user, I would prefer Samba to use my existing information store if at all possible. Being forced to build a separate DIT just for my Samba stuff is not exactly a rejoicing thought and imply a lot of duplication I am trying to avoid in the first place by using LDAP.

Any pointer toward good discussion about why existing LDAP daemon can't be used for AD interop ? I guess ACI support on individual object is a big one, but it is curretnly being worked on in case you did not know.

Re:Why a rewrite?

[Anthony+Liguori]

Any pointer toward good discussion about why existing LDAP daemon can't be used for AD interop

We discussed this mostly in person or on #samba-technical. Basically, there are a number of things about AD that won't ever be in OpenLDAP because it would comprimise OpenLDAP's standards compliance.

A very well-known example (that's quite personal for me) is connectionless-LDAP support. Active Directory supports a form of LDAP over UDP. There's a conflicting standard that's not really in use for this type of transport. The code's in OpenLDAP to support it but Kurt won't let it be easily enabled for fear that it will hamper future standization efforts.

Samba and OpenLDAP have an amicable relationship. It's just that we have different goals at the end of the day.

And as for reinventing the wheel, it's not really. Samba4 has a generic backend and an ASN1 library. Adding LDAP server-support doesn't require that much. There are some difficult parts but basic functionality isn't so bad.

Re:Why a rewrite?

[Etyenne]

And as for reinventing the wheel, it's not really. Samba4 has a generic backend and an ASN1 library. Adding LDAP server-support doesn't require that much. There are some difficult parts but basic functionality isn't so bad.

ASN.1 is a biggy, but it does'nt stop there. Filter parsing, ACI/ACL, the storage mechanism plus all of the network protocol itself. Hopefully, you will just fork OpenLDAP instead of writing from scratch. Samba is a nice project, but it still require a lot of work. I'd rather see you guys woking on QA and solving exisiting problems.

Whatever float your boat, I guess.

Thanks Samba Team

[LittleLebowskiUrbanA]

Whenever I need to bam up a shared directory in my Windows/Mac/Linux environment at work, samba is quick and easy and free. Good software.

Re:Thanks Samba Team

[Vancorps]

Samba has been my savior on many occasions because of the damn Macs. They don't just handle remote file-systems very well. They never release a file they open. The G5s at my work I often have to boot off because other users are unable to move files around which is part of our workflow process currently so its quite annoying. Samba fixes the problem by acting as my proxy. It talks very nicely to all major network platforms. They've done some nice work this far, Samba 4 looks even more promising.

I am Impressed!

They actually made a full implementation of AD Controller (a very difficult thing to do).

This is really a major acheivement.

Kudos to the Samba Development

Re:I am Impressed!

They actually made a full implementation of AD Controller (a very difficult thing to do).

Hmmm, I wonder how Microsoft's legal army is going to react to this.

Re:I am Impressed!

[msh104]

don't worry... they will release a windows "patch" very soon after samba 4 gets deployed, integrate there smb/cifs stuff with .net winfs and introduce other features that will make a samba server unusable with longhorn clients.

Re:I am Impressed!

[Lehk228]

I doubt MS would do that, unlike previos versions Longhorn is competing with a powerful, secure (for windows), stable(for windows) and easy to use OS as it's old version. XP was competing against 2000 (pretty damned good stability and could be secured well by a proper IT staff) but also against 98/ME (piss poor stability in many configuraions, piss poor local security [contributed to piss poor stability], solid remote security by virtue of almost nothing facing the network)

My point is that if longhorn has features that fuck with mixed environments without giving much benefits it will do poorly. 2000 was good enough in an office environment, but XP provided a solid platform common to office and home environments. I am certainly no lover of MS, but I do use XP Pro on my computer and it is perfectly acceptable most of the time (excluding the time it decided to trash my OS partition) and it is a good platform for running Free software (Openoffice.org, gaim, firefox, foobar2000, thunderbird, eclipse, Bloodshed Dev-C++, DC++, bzflag, The gimp.

also some closed stuff like nero, ut2k4 retail, Half Life 2 - EMPORiO release, and Everquest.

And right next to the article

[gatesh8r]

An ad called the "Linux Resource Center: Sponsored by Microsoft". The irony.

anybody remembering the Samba/Samba TNG Fork?

[legrimpeur]

So basically the Samba team is doing what they believed was too ambtious in 2000, thus leading to the forked Samba - TNG project. Am I correct?

Judging from the results probably Tridgell & co. were right...

Re:anybody remembering the Samba/Samba TNG Fork?

[piquadratCH]

So basically the Samba team is doing what they believed was too ambtious in 2000, thus leading to the forked Samba - TNG project. Am I correct?

They had a little help...

SCNR ;)

Re:susan ?

[nsayer]

To this day my wife gives me a look when I tell her I need to work on AMANDA.

Re:susan ?

[DrSkwid]

no because my partner is an adult

Re:susan ?

gf? you must be new here.

Why not just simply call it the "Sue" stage?

Since Sue is short for Susan and also "sue" is what you do to someone when you litigate against them and because our favorite 9000 pound gorilla up in the pacific northwest is very likely gonna start opening up their jumbo-sized can of whoopass for implementing Active Directory domain controller features in violation of evil software patents they hold.

non-POSIX backends?

[Skiron]

I presume this something to do with some Windows functionality?

I remember reading Andrew Tridgell's comments in 'The Rebel Code' by Glyn Moody - "...And we try to remain bug-for-bug compatible where it makes sense. There are some cases where it doesn't make sense, and their [MS] bugs are just ridiculous, and you shouldn't emulate them. But in most cases, we emulate the bugs so that we interoperate completely with the Microsoft implementation."

Re:non-POSIX backends?

[Anthony+Liguori]

non-POSIX backends generally refer to backends that sit on storage devices or something like that. The idea is that Window's has a richer file-system model than POSIX (yeah, believe or not, some things are actually designed better in Windows).

Some non-POSIX storage devices (like for instance, IBM's Storage Tank) have more sophisticated features like snap-shotting that Windows also supports. The idea is to let those features be exposed to Windows clients instead of limiting the feature-set to those that are mappable to POSIX.

Re:non-POSIX backends?

Can't use apostrophes... but makes an interesting point... how to moderate?

My head hurts.

Easy to install?

[DoktorTomoe]

Ever tried to add some Redhat servers to a windows domain with user-account given automagically by Active Directory? Tried for 2 days, gave up...

I certainly hope the configuration is more userfriendly now.

Re:Easy to install?

[willgott]

I accomplished this task on my school's computer-system a year ago with the help of Samba 3, PAM and kerberos. It was a long and frustrating adventure that stretched out for several weeks, but finally I made it work partially. However, I soon realised that that there were too many shortcomings in my setup. I configured the system to mount the windows-user's homedir on logon, but the user couldn't run X since file-looking didn't seem to exist in the world of SMB (XFree86 needed it). Furthermore, smb-passwords containing characters outside of the standard en-ascii-table didn't work.

Sure, I could probably have fixed the last issues by rewriting some parts here and reconfigured other things there, but it just wasn't worth the effort. In the end I concluded that there couldn't be many cases where the intergration of a Linux-box in an AD-domain would make sense. It would have been easier for me to just swap the school's win2k-server and replaced it with a system running samba fetching authentication-information from an LDAP-server.

Re:Easy to install?

[Etyenne]

This is explained step-by-step in The Official Samba-3 HOWTO and Reference Guide. In particuliar, have a look at chapter 21 if you are trying to use your Active Directory as a source for Unix account (ssh, mail, etc). You could also use a combination of nss_ldap, pam-ldap and MS Service For Unix if this is what you are trying to achieve. Note that this is definitely not a project for beginner; it touch some pretty advanced Linux sysadmin-fu like the nsswitch library and PAM.

Quick remote file ops?

[Jeremi]

Any chance that Samba4 will have quick/intelligent remote file operations? By this I mean that I could do the following:

1. Mount remote-share-drive-A, open A's shared folder as a window in KDE
2. Mount remote-share-drive-B, open B's shared folder as a window in KDE
3. Drag the icon for a 1GB file from A's window to B's window
4. Have the file's data be copied directly from remote-drive-A to remote-drive-B, instead of having it all go (from drive A, over the network, to my client machine, then back over the network again, to drive B)... (which as you can imagine takes forever!)

Re:Quick remote file ops?

[Vancorps]

There is a rather fundimental flaw in your request that Windows could not allow unless it was between two domain controllers. Every resource has its own session key. You would not have the permissions to create a new session key on your remote server since only system and krtg are allowed to do such things.

My solution is to either use ssh and copy the file from the box, or if the two servers/shares are Windows I use AnalogX TS Drop Copy which does exactly what you ask for.

Re:Quick remote file ops?

[dossen]

Good question. It would require the SMB protocol to support a serverside local copy operation. And then the userspace software (KDE) needs to know about this option. Samba can't distinguish between a copy and a read/write unless it is told about it.

Re:Quick remote file ops?

[Anthony+Liguori]

Actually, there is a CopyFile SMB. If it's there, Samba4 supports it. However, the burden really falls to the client here. It depends on how smart KDE would be in using the appropriate SMB's. Samba4's client libraries are much richer than Samba3's so the ability to do this would be exposed to them.

So, the short answer is yes, but it would require a much more sophisticated client than what you presently see today.

Thanks for the roadmap, Samba guys!

[teamhasnoi]

I've already given coders the order to embrace this improved version for inclusion into Longhorn.

I'd like to extend my heartfelt thanks for working so hard on this.

Thanks again!
Bill Gates

Re:Thanks for the roadmap, Samba guys!

[BillGatesTheSecond]

Are you stupid or what?

Windows has full SMB implementation, what the Samba project is trying to do basically is to play catch up for other plattforms

Re:Thanks for the roadmap, Samba guys!

Good joke. But think about this: samba is
GPL'd. If MS tried to extend, then all its
extensions would be GPL'd as well.

The GPL is a shield against embrace and extend!
(That's why MS hates it!)

Re:Thanks for the roadmap, Samba guys!

[mattyrobinson69]

This would never happen - bill gates would never be polite about it.

Fix LDAP first...

[illumin8]

It would be nice if they actually fixed their LDAP code so that it would work with any directory server other than OpenLDAP. The fact of the matter is, I spent the last month trying to get PDC functionality to work with iPlanet Directory Server, and even Netscape Directory Server, which coincidentally Redhat just purchased, and the buggy Samba implementation of LDAP as a storage mechanism for account information just doesn't work with anything other than OpenLDAP. Users on a Windows XP workstation can't authenticate, and sometimes they can authenticate by the XP client gets a BSOD right after authenticating. It's bizzare, it's actually as if Samba is sending the XP client a buffer overflow while authenticating. If someone can prove me wrong I would be happy to hear it.

I spent weeks working with RHEL technical support, and even had one of the Redhat support techs rebuild my environment, and sure enough, his users can't authenticate either (and experience the same BSOD).

I'd love to be able to replace my entire Windows NT 4 domain with Samba running on Linux, but until Samba can actually provide a backup domain controller functionality that works with our existing LDAP infrastructure, I'm sorry, but Samba is not ready for prime-time. Having a single point of failure in your Samba PDC is not acceptable for enterprise use.

Can you believe the only workable enterprise-level solution for Samba is to make the Samba server a domain member of an Active Directory domain? And then you still have to purchase Windows Client Access Licenses (CALs) for all of your workstations, saving you $0!!! (Not to mention your RHEL license and support fees which are more expensive than Windows 2003 Server)....

Fucking ridiculous... If I sound a little pissed off it's because I wasted a month of my time trying to get this buggy software to work properly and even Redhat enterprise support just threw up their hands and said: Sorry, it's not supported and doesn't work.

Re:Fix LDAP first...

[vegetasaiyajin]

I'd love to be able to replace my entire Windows NT 4 domain with Samba running on Linux, but until Samba can actually provide a backup domain controller functionality that works with our existing LDAP infrastructure, I'm sorry, but Samba is not ready for prime-time. Having a single point of failure in your Samba PDC is not acceptable for enterprise use.

Samba supports PDC/BDC functionality. You can have has many BDC's as you want. I have a PDC and a BDC installed. It works fine. I'm using OpenLDAP though.

BTW, does Windows Server support any LDAP back-end that is not Microsoft's Active directory?

Re:Fix LDAP first...

[ink]

BTW, does Windows Server support any LDAP back-end that is not Microsoft's Active directory?

Shhhhhh. Microsoft doesn't have to work with 3rd parties; the 3rd parties are responsible for reverse-engineering Windows and working perfectly with every possible combination that an end user may choose. And, god forbid anyone track down the bugs with iPlanet and fix them... it's much more efficient to complain about it on Slashdot.

FWIW, we have PDC/BDC witih Samba3; and we previously used a 'hot standby' Samba2 server in a PDC/coldPDC configuration. Samba is incredible; we love it. We're even using <gasp> OpenLDAP with Samba3 right now. It plugs in with Squirrelmail, Courier, Exim, Apache, Tomcat, Coldfusion, and a buch of custom applications. Oh, and I also wrote a Samba-to-fax gateway that doesn't require any Windows programs to work (and works from any OS). It's a verah niiice.

Re:Fix LDAP first...

[nfsilkey]

I'm sorry, but Samba is not ready for prime-time. Having a single point of failure in your Samba PDC is not acceptable for enterprise use.

Well, if you looked a bit deeper into FMSO roles and AD, you would see that Windows has a glaring SPOF also. Youre box responsible for the Global Catalog is NOT the one you dont want to lose.

Re:Fix LDAP first...

[Anthony+Liguori]

It would be nice if they actually fixed their LDAP code so that it would work with any directory server other than OpenLDAP.

It does. We routinely run it with IBM Directory Server.

and the buggy Samba implementation of LDAP as a storage mechanism for account information just doesn't work with anything other than OpenLDAP.

Were you linking against iPlanet LDAP libs or OpenLDAP libs? It's quite possible that you're linking against the OpenLDAP libs and that they're not getting along with iPlanet.

Samba only uses the standard LDAP calls. Other than the schema extensions (which unfortunately aren't in a standardized format) there's no LDAP-platform dependence.

It's bizzare, it's actually as if Samba is sending the XP client a buffer overflow while authenticating.

Why haven't you submitted this as a bug report at samba.org?

I spent weeks working with RHEL technical support,

Grab the latest from samba.org. The RHEL packages are sometimes quite old.

I'm sorry, but Samba is not ready for prime-time.

It's good that you made this decision for the world. Since noone's actually using Samba in production environments right now.

Look, Samba's used in a lot of enterprise environments. You're experience isn't the norm. You're environment also isn't the norm. Not many folks use iPlanet. Netscape's DS is also considered one of the lesser LDAP servers out there.

If this is a reproducable bug, and of the severity you describe, and is still present in the latest version of Samba, it's certainly be a high priority fix.

Keep in mind though, we don't do a lot of testing with things like iPlanet because we don't have access to copies of it. OpenLDAP and IDS get a lot of testing with Samba because people who work on Samba have ready access to it.

What's more, I don't see a single way in which any kind of LDAP failure could result in Samba sending an incorrect packet (with an incorrectly sized buffer) to a Windows client.

Bugzilla is your friend.

Re:Fix LDAP first...

[sharkey]

Youre box responsible for the Global Catalog is NOT the one you dont want to lose.

Actually, it IS the box you don't want to lose. The way to hedge your bets on this is to have mare than one GC.

Re:Fix LDAP first...

[illumin8]

Were you linking against iPlanet LDAP libs or OpenLDAP libs? It's quite possible that you're linking against the OpenLDAP libs and that they're not getting along with iPlanet.

Samba only uses the standard LDAP calls. Other than the schema extensions (which unfortunately aren't in a standardized format) there's no LDAP-platform dependence.

Well, you see, that's the problem... Management refuses to let me implement a solution that's not supported, and as soon as I go and compile Samba custom, I lose the ability to call Redhat for support. Also, Redhat doesn't support use of any LDAP server other than OpenLDAP, which really screws us, although I'm told this might change with RHEL 4, especially since Redhat just acquired Netscape Directory Server.

Even the Samba team has realized that OpenLDAP sucks and has started writing their own LDAP implementation for Samba 4 (look in the roadmap, you'll see it's in there, but not yet started or written yet).

Perhaps IBM Directory Server is the way to go... it sounds like you're getting good use out of it... My only problem is that we're mostly a Sun shop and Sun bundles iPlanet Directory Server free with Solaris (up to 200,000 entries), which makes the price right.

Also, did you have to compile Samba with IBM's LDAP libraries to make it work properly?

Again, I run into the problem of management wanting a single throat to choke if the system goes belly up and dies on us. It's really difficult, but every solution in our company has to be built with standard off-the-shelf components or else management won't green-light it. I think this is typical in the corporate world though. The thing is, I might be an uber-hacker and able to compile Samba and link three or four custom libraries into it, but suppose I quit and the next admin they bring in is a point-and-click Windows admin who doesn't know how to compile software? They want him to be able to support it, so I'm screwed.

In regards to your other question:

Why haven't you submitted this as a bug report at samba.org?

Because I know they'd probably throw it back in my face and say it's unreproduceable since who wants to install Iplanet Directory Server and set up a whole PDC + Windows XP client just to reproduce the bug? Also, if it turns out the problem is Samba was built linked against the OpenLDAP libs instead of iPlanet libs then it is considered a "configuration issue" anyway and is not their problem (even though MS should probably have a look at it, since XP shouldn't be blue-screening like that, no matter what packet a PDC sends it).

BTW, thanks for the info, you've given me some valuable help for 6 months or so down the road when I decide to give this project a second shot.

For now, our solution is probably going to be "roll OpenLDAP, keep it separate from the Unix LDAP (iPlanet on Solaris), and just maintain two separate directories..." (ugh... the Holy Grail of Single Sign On eludes us once again...)

Re:Fix LDAP first...

[runenfool]

Samba 3 does work with whatever Sun is calling their directory these days (I get confused ;) ). Ive got it running myself actually, as a PDC. Granted, the directory is on the same box as the samba software, which is admittedly different than what you have (for one Im not even using Linux in this case) - but it works.

On the other hand I will tell you that its just easier to get it working with OpenLDAP because thats what they test with. Using the Sun directory on Solaris/SPARC is quite a bit harder to set up than OpenLDAP on Linux x86.

Id be happy to help with specific questions or errors if I can, but the point of this post is pretty much to let the slashdot world know that *yes*, it does work with other directories (specifically Sun - since someone already mentioned the IBM variant). Im not the only one who has it working, even if it was a pain to get it there.

Now if Sun would just drop their PC interoperability product and just move to Samba (do what Apple has done - integrate it - dont make your users do it) I'd be a lot happier. I can set up an Apple or Linux-OpenLDAP Samba PDC much faster than a Solaris-iPlanet one.

Re:Fix LDAP first...

Wait...management refuses to let you implement a solution that is not supported, Redhat doesn't support the use of any LDAP server except OpenLDAP, and you're using iPlanet and NDS?

Do you see the problem here?

Re:Fix LDAP first...

[multipartmixed]

> if it turns out the problem is Samba was built linked against the
> OpenLDAP libs instead of iPlanet libs

You wouldn't be the first person to do this.

Anyhow, "ldd <binary>" will list exactly which (shared) libraries a given binary has been linked against.

Re:Fix LDAP first...

[ilmdba]

so wait, your management and environment forces you to use iPlanet, and you havn't bothered to even try compiling a more recent version of samba to see if it works, and this is somehow all samba's fault?

oh wait, i see here the first sentence in your reply:

Well, you see, that's the problem... Management refuses to let me implement a solution that's not supported

maybe you should try looking here: http://us1.samba.org/samba/support/ instead of whining on slashdot. better yet, give iPlanet support a call, or (and this is pretty crazy i know) try, just try, compiling a more recent version than than the ancient version shipped with RHEL, to see if that works. maybe you'll learn something.

also how are you getting away with using iPlanet , if as you say, you only are supported when using openLDAP with Redhat?

and not bothering to file a bug, but bitching loudly about it on slashdot, and investing 6 months of your time trying to get around the bug, says a lot

Re:Fix LDAP first...

[owlstead]

Afaik LDAP is quite a standardised protocol. You might ask your management why this restriction is set.

It's like only using exchange client as POP or IMAP server, just because the client has Outlook or Outlook Express installed on its computer (I honestly don't know which one of these screws up your security more btw). Or Netscape server because you are using the mozilla browser. The list goes on and on.

Explain to them what modules are, and that you better use the best module out there. In my opinion that means dropping anything that has "Netscape" and "Server" in the name, but that's not the point.

Re:Fix LDAP first...

Users on an XP workstation crash... so you blame Samba?

When Microsoft screws up, blame Microsoft.

Re:Fix LDAP first...

Are you saying it's not the box that you don't want to not lose, then??

Re:Fix LDAP first...

[Anthony+Liguori]

Well, you see, that's the problem... Management refuses to let me implement a solution that's not supported, and as soon as I go and compile Samba custom, I lose the ability to call Redhat for support.

Yeah, I figured this. This is very common. Are you using the latest RHEL package available though? RHEL3 ships with a version poor version of Samba (like 3.0.0rcXXX or something). I've had tons of problems with it. You can get pretty much the newest version from RedHat though.

Even the Samba team has realized that OpenLDAP sucks and has started writing their own LDAP implementation for Samba 4 (look in the roadmap, you'll see it's in there, but not yet started or written yet). :-) This is not why. The problem is LDAP interoperability. OpenLDAP strives for compliance to the LDAP RFCs. Samba strives for interop with Windows. Microsoft's LDAP server does not obey the LDAP RFCs in a number of important ways. It's all pretty obscure, but suffice to say that without implementing our own LDAP server, we could never get great Active Directory interop.

Also, did you have to compile Samba with IBM's LDAP libraries to make it work properly?

Nope. It should work out of the box.

Because I know they'd probably throw it back in my face and say it's unreproduceable since who wants to install Iplanet Directory Server and set up a whole PDC + Windows XP client just to reproduce the bug?

Nope, we don't do that :-) We've taken bug reports that require mainframes, metaframe client, OS/2, or any number of weird setups. It's a large team with a lot of resources.

For now, our solution is probably going to be "roll OpenLDAP, keep it separate from the Unix LDAP (iPlanet on Solaris), and just maintain two separate directories..." (ugh... the Holy Grail of Single Sign On eludes us once again...)

IBM has a product called IBM Directory Integrator who's sole purpose in life is two syncronize two separate directories. You should check it out.

BTW, if you haven't figured it out by now, I work for IBM on Samba :-)

Re:Fix LDAP first...

[illumin8]

Samba 3 does work with whatever Sun is calling their directory these days (I get confused ;) ). Ive got it running myself actually, as a PDC. Granted, the directory is on the same box as the samba software, which is admittedly different than what you have (for one Im not even using Linux in this case) - but it works.

Excellent... Might I ask if you had to compile Samba linked against the Sun LDAP libraries? If so, what configure command did you use? This information would be very helpful. Also, what pre-requisite packages did you either compile/pkgadd to get it there? Also, are you using the Idealx perl scripts to add, modify, and delete users?

FYI, I was able to add the schema correctly. I was also able to run the smbldap-populate script and populated the correct information into the directory server. I'm also able to join a machine to the domain just fine, but it's just the authentication that fails. If I watch my directory server log, I see the Samba server do a bind and get the user account in question, but the authentication fails as if I had typed in an invalid password. Also, users that are added to LDAP can properly authenticate with Unix and Linux; nss_ldap and pam_ldap are working just fine.

If you'd be willing to help I'd be very appreciative.

Re:Fix LDAP first...

[illumin8]

Are you using the latest RHEL package available though? RHEL3 ships with a version poor version of Samba (like 3.0.0rcXXX or something). I've had tons of problems with it. You can get pretty much the newest version from RedHat though.

Yes, I ran up2date and updated to the latest version.


Nope, we don't do that :-) We've taken bug reports that require mainframes, metaframe client, OS/2, or any number of weird setups. It's a large team with a lot of resources.

That is good to hear. I think I'll try compiling all of my information and creating a bug. The Redhat support guy was stumped as well. At first he thought it was an SSL thing (we use SSL of course for LDAP), but even disabling SSL and using standard port 389 the same problem existed.

IBM has a product called IBM Directory Integrator who's sole purpose in life is two syncronize two separate directories. You should check it out.

Any idea what the cost is? This might be a workable solution, but I'd like to reduce the complexity as much as possible. The ideal solution would be to get it working with iPlanet as the backend, since that was the original goal.

BTW, I should say that even though the solution we were trying to implement was not supported, the Redhat guy was nice enough to try and reproduce our setup and help us (for a week or two, until he got stumped and said "sorry, it's not supported").

Re:Fix LDAP first...

[askegg]

Yes - try Novell eDirectory (http://www.novell.com.edirectory/). It's light years ahead of MAD.

Re:Fix LDAP first...

[askegg]

You can have more than one GC, but no more than one of each FMSO (one for each role). Now you have multiple SPOFs :)

Re:Fix LDAP first...

[Etyenne]

For now, our solution is probably going to be "roll OpenLDAP, keep it separate from the Unix LDAP (iPlanet on Solaris), and just maintain two separate directories..." (ugh... the Holy Grail of Single Sign On eludes us once again...)

You are making the common mistake of confusing "single sign-on" with centralized authentication. This is pretty common. Kerberos is single sign-on (well, as far as kerberized services and clients are concerned): you provide your credentials once, then authentication to various services happen transparently and without interaction with the user. LDAP can be used to build centralized authentication; your credentials still have to be provided to different services, which in turn authenticate against this central authentication mechanism. Sorry for the nitpicking, it's a pet peeve of mine.

Re:Fix LDAP first...

[vegetasaiyajin]

I am not asking if there are other LDAP server available for windows. Of course there are.

My question is if Windows Server's SMB/CIFS implementation supports LDAP backends different than ActiveDirectory. It's an honest question. I don't know if it does.

Re:Fix LDAP first...

[Anthony+Liguori]

Any idea what the cost is? This might be a workable solution, but I'd like to reduce the complexity as much as possible.

I'm not a sales guy but I'd reckon it'd be overkill. Here's what you should do, reproduce the problem with the latest version of Samba compiled from source. Take a network trace of the Windows BSOD. Post something to bugzilla that links to the network capture and the appropriate Samba logs.

It'll get fixed. The LDAP integration in Samba is a rather important feature and there's quite a few people on the team that tackle those sort of problems. Once it's in bugzilla, it's just a matter of time until it's fixed.

If you don't go through the effort of reproducing it with the latest version of Samba though, people will be much less willing to help out. The more leg work you do the quicker it'll get fixed.

Heck, if you've got a network trace of Samba 3.0.9 sending a bad packet to a Windows client, it'll get fixed really quickly. That's the sort of thing that catches people's eyes...

BTW, I should say that even though the solution we were trying to implement was not supported, the Redhat guy was nice enough to try and reproduce our setup and help us

We work closely with the RedHat guys. I'm surprised they didn't file a bug. Usually when they can't make progress on a bug they call us up.

Re:Fix LDAP first...

[sharkey]

Actually, I lost the PDC and Schema master a couple of years ago. It took less than 30 minutes of work on one of the other DCs to seize those FSMOs. Losing a GC, even if you have more than one, is more irritating, since all the PCs that look to it for the catalog do not like to fail over gracefully, at least in my situation - Exchagne 2000, Outlook 2000, Windows 2000.

Re:Fix LDAP first...

[askegg]

Ahh - sorry, misunderstood. Not likely knowing Microsoft history.

Re:Fix LDAP first...

[askegg]

This is a client issue and no system I know of currently does this nicely. Wish they would.

Re:Fix LDAP first...

[mikefe]

Where is the code, and what steps do the users have to go through to send a fax?

Re:Fix LDAP first...

[ink]

Here's the latest release: http://inconnu.isu.edu/~ink/new/projects/smbfax/ I haven't tried it with Samba 4 yet.

Same as they react to a tee shot...

[mtec]

with big wood.

Implementing Microsoft "Standards"

[spencerogden]

What is truly amazing about the Samba project is their consistent ability to emulate MS screw up, go "buf for bug" is the term I think is used. To implement something like Active Directory, bugs and, which included 4 or 5 different standard (but not quite) services is amazing. Just look at the problems with write support for NTFS. I don't know if its intentional, but MS products are not exactly easy to reverse engineer. Thanks, release us from the horror that is AD on XP!

Re:Implementing Microsoft "Standards"

[JohnnyKlunk]

OK, I know it's popular to bash MS here, but precisely what is the the horror that is AD on XP? Like MS or not if you've got x thousand users needing shared file/print resources across multiple servers / sites then AD with XP does a pretty reasonable job. It's easy to administer, easy for users to understand and the flexibility of clever combinations of site / ou / group based policies give a level of intuitive usability that very little else will provide.

Bash MS all you like. I dont like alot of their stuff either, just give some evidence for the stuff you dislike and admit to the stuff they do well.

Re:Implementing Microsoft "Standards"

[spencerogden]

You're right. And to be fair I'm not an MS Admin. My experience is with AD in small networks, where the usesrs want something simple like central passwords and roaming profiles. Like I said, I'm not the admin, so I can't vouch for the correctness of the implementation, but there have been nothing but problems. Slow logons, the server requires rebooting, and user management is a pain. I come from a perl background with the motto "Make simple things easy, and hard things possible" I suppose KXP with AD is overkill for this situation, but I don't how else this is done with MS products.

Re:Implementing Microsoft "Standards"

I like AD, compared to the other MS options. But why couldn't AD be, I don't know, compatible with LDAP. Or kerberos. AD is great for MS clients, but when you want to use kerberos auth for your POP server running on a non-MS platform, AD doesn't cut it. There is no good reason that AD couldn't have been made compatible with existing solutions to provide useful sharing of file/printer/mail/etc. resources without being locked into an MS-only environment.

Re:Implementing Microsoft "Standards"

Exactly. If AD is so bad, why is it being re-implemented on Linux?

Re:Uh, oh

Nope, didn't notice the ads at all thanks to AdBlock. I guess only people using IE saw the ads. ;)

Re:Uh, oh

[burns210]

Why not?

If I am going to put up an anti-microsoft site, and Microsoft wants to give me money by puting ads I know my users will just ignore, bring it on. They are just funding the site.

ALL I SEE

Looking at the matrix in its raw form, all I see is blonde, brunette..

Can Susan samba?

I wonder if Susan can dance samba.
Samba is nice if you like to look at a girl shake her booty like there was no tomorrow. Recommended.

By the way. My pet turtle (named Mozart) can't dance Samba and Portugal is the best country in the world -- even though people don't know how to dance samba here (mostly).

Viva la revolucion.

Re:Can Susan samba?

Portugal ... that is part of Spain, right?

Sense of Humour

[proudlyindian]

snippet --------- I am quite confident of not losing data. Of course, I also have a very strict automated backup regime setup for my wife, so if I'm wrong about the robustness we can recover without me having to cook dinner for a week as penance.

Risky guy!

[Lispy]

FTA: "Samba4 reached an important milestone tonight, as I installed it for my wife to use as her file server for all of her important documents, email, the book she is working on etc."

Ok, there are two rules I follow:
1. Never touch a running system.
but even more importantly:
2. Never touch the running system of your girlfriend/wife.

I did that a few weeks ago and upgraded her machine. Due to bad luck I bought a faulty RAM module and "thought" I had double checked it. Well, long story short, I got her machine ready in time for her finals but I went through a lot of absolutely unnecessery trouble. Ok, now she's happy and all but I nearly failed it. I would never ever try my development code on her productive box.

Re:Risky guy!

[Linuxathome]

No matter how you try to explain to the significant other (SO) that it wasn't your fault (i.e. buggy RAM, bad OS, or what not), they'd never believe it. Good advice, especially if you want to keep your GF.

Re:Risky guy!

[itwerx]

...try my development code on her productive box.

Whew! Yer darn lucky it was only on instead of in, otherwise it might be a reproductive box!!

(Oh, and be sure to test that code throughly - girls don't like bugs anywhere near their boxes...!)

Re:Risky guy!

[ruiner13]

"I would never ever try my development code on her productive box."

What about her reproductive box? (ducks)

Re:Risky guy!

[RTMFD]

I would never ever try my development code on her productive box.

If your father had never tried his "development code" on your mother's "productive box," you wouldn't be here!

Re:Uh, oh

[MadChicken]

It's not supposed to be an "anti-Microsoft site" it's a "Linux information and news" site. Well it used to be. Now it's just bitwaste.

I took LT out of my bookmarks, and I will never, ever send anyone there. The whole point is to have information at least partly to counteract FUD, and support Linux as a feasable platform, right? Some times you want to send your CIO a link telling him that Linux CAN work in a Microsoft environment, that it's not as bad as MS is telling you it will be... then an ad on that same site that takes up 50% of the screen tells you your dog will die and you will get leprosy if you use the word Linux anywhere in a business environment.

I don't know if they get paid for page views or not, but I don't care, I'm not taking the chance. LWN is still there, and there's some other "News for Nerds" site that once in a while posts stuff about Linux.

Re:susan ?

My advice to you is this: dump the stupid bitch, and get a girl who isn't mentally deficient.

Why promote a standard that encourages MS lockin?

[Billly+Gates]

I would prefer to see NDS implementations and Novell server integrations than to give MS the fuel to convince IT that Windows is the way to go since Unix only works with AD.

Re:susan ?

[Lispy]

even worse: My exgirlfriends name is Susann, and I am actively deploying a Samba Server next week.

I guess I'd better stick with Samba3 or else my girl thinks I am out latin-dancing with my exgirlfriend...

Not sure why this is in the `Linux' category ...

[dougmc]

I'm not quite sure why this story is in the Linux Slashdot category. Yes, the story is on Linux Today, but Samba runs on pretty much any *nix platform. (It wouldn't even surprise me if it ran on win32 under cygwin. That would be a bit wierd, but ...)

The BSD and Apple categories would be just as appropriate. Perhaps Slashdot needs a *nix category ...

Re:Silly

WTF? There have been like 10 off topic trolls so far. Is the average age demographic of /. slowly circling the drain right now or what?

Re:Uh, oh

[Trogre]

Yes, but the ads on slashdot change. This Linux Resource Center has been there for weeks (if not months).

I no longer read linuxtoday because of this policy they have adopted. I wonder how many other readers they've lost. The sad part is they don't display any feedback links on their front page so I can't even tell them why their losing customers.

DIY external hard drive with cwrsync to backup

[Linuxathome]

cwrsync is so cool. I use it regularly with my hard drive mp3 player to sync up and backup everytime I go from work to home. Personally, I think those Maxtor external hard drives with "one touch backup" aren't as useful as a do it yourself homemade external hard drive and cwrsync setup with a one-click backup icon on the desktop. With my Windows XP, I have a batch file on the desktop with the command:

C:\Progra~1\cwrsync\rsync -a -v --progress "/cygdrive/c/Documents and Settings/My Name.NAM-LAPTOP/My Documents" "/cygdrive/f"

Everytime I want to backup to the external hard drive (my mp3 player). I just plug it in and double click the batch file. Rsync'ed and good to go home!

Re:DIY external hard drive with cwrsync to backup

[Bios_Hakr]

No problems doing this from within your user account?

Re:Why promote a standard that encourages MS locki

[JohnnyKlunk]

Why promote a standard that encourages MS lockin??
Because MS own most of the desktop market. Yeah, an NDS implementation would be great - but who's going to use it?
Samba is open source - want an NDS fork? Go nuts. Write your own.
Why? Why is the bad question in open source. You didn't write it. You don't get to ask 'why'. You only get to use it, or do your own, something different.
I, for one, would support your open fork of this.

Where can I download Samba4?

[bondjamesbond]

Really. Can't find it. TIA.

Samba 4 Profit Plan

[comrade009]

1. Reach "Susan" stage.
2. ????????
3. Profit!

What Config Files?

[nurb432]

Just install webmin.. or use swat...

Re:What Config Files?

[Stevyn]

I've had bad luck with both of those tools actually. I use KDE's Samba plugin (ksambaplugin) to configure it. Then I'll check the smb.conf file for sanity.

All those tools do is generate the smb.conf file. They usually work, but not always.

Re:What Config Files?

[nurb432]

Sure, i know how to do it manually too, but ive had good luck with webmin.. ( at least on FBSD )

I dont install KDE on servers, so webmin is a nice tool to have around.

several additional daemons

[lkcl]

yes - i wanted to introduce several stand-alone daemons, for several reasons:

1) project manageability.

you tell people that samba is 350,000 lines of code and they freak out. you tell them that they can work on say writing a special samr daemon (e.g. a sql db one) which would be oh about 30-50k lines, and they start to calm down a bit.

2) clear delineation and separation of code at logical boundaries.

the complexity of the samba project was getting out of hand, and it is still out-of-hand.

by introducing separate services, which almost every other implementor of NT-compatible servers have done, you don't end up feeling like you've swallowed a tiger. ... would anyone DREAM of merging postfix, cyrus, nntpd and apache into a single daemon??

3) commercial and other-licensed-projects can interoperate.

sun microsystems would never have bothered to license AT&T's AFPS code [NT 3.5 ported to SysV by microsoft - badly - and bought by AT&T].

or, at least, if they had, they would have chucked away the file-server part of it, and used smbd as the file server, whilst still using the NT-based services from NT 3.5-ported-to-unix!

and they would have used the published interfaces - the ones used to communicate with the external DCE/RPC services.

the reasons i was quoted AGAINST doing separate services were that a) it would be several milliseconds too slow (which is a rubbish argument on a network-based protocol) and b) unix domain sockets cannot be used securely (which, given that they are used in winbind is again rubbish)

no, the real reasons why samba was not turned into separate daemons was a) so that samba could be used to maintain control as a single GPL project b) because i was the one advocating it c) the level of complexity was not understood and i failed to explain it clearly enough.

Re:several additional daemons

So, you had better ideas and better code but, your fork died and the original branch continued.

Your fork died because the original branch refused to merge your "superior" code and concepts? Come on, who's kidding who?

SAMBA did not force you to abandon your fork. You could have continued with the SAMBA TNG fork. Had you produced superior concepts and code, as you claimed to have, I doubt that the community would continue to use the original "inferior" branch.

Re:several additional daemons

"...would anyone DREAM of merging postfix, cyrus, nntpd and apache into a single daemon?? "

Jeeze, you call yourself a developer and you've apparently never heard of emacs?

Seriously, thanks for your effort and your postings. I may be forced to move away from Novell for my middling-small lab soon, and samba is the only acceptable alternative to me. It's seriously nice to have that alternative.

Re:several additional daemons

[lkcl]

samba tng is still going: i don't actively work on it but elrond does.

samba tng was, and still is, capable of acting as a PDC for thousands - yes, thousands - of users.

samba tng is the only PDC that doesn't fall over when a few hundred students all simultaneously log in at once.

i stopped working on samba tng because it was too distressing.

and you know just as well as i do that better ideas are useless when there is a monopoly power already in place.

Re:several additional daemons

[emacs_abuser]

Now you've done it, some lisper is probably already at it.

Re:several additional daemons

Read this post for the full story:

http://lists.samba.org/archive/samba-technical/2 00 2-January/018388.html

Somewhat different from the lkcl version.

Re:several additional daemons

[theTerribleRobbo]

and you know just as well as i do that better ideas are useless when there is a monopoly power already in place.

Just like Samba was useless when Microsoft held the monopoly on SMB implementations?

Re:Why promote a standard that encourages MS locki

[sethadam1]

Well, first off, eDirectory which replaces NDS already runs in a Linux environment. Secondly, Samba is an implementation of SMB, which is what Microsoft uses. Samba would not seek to replace Novell servers, because they don't work using SMB (aka CIFS).

Re: XAD

[lkcl]

XAD is very interesting, and it works, yet is ... lacking in key areas that would aid in migration.

you can make a XAD server be a member of an NT-controlled forest, but the replication protocol is itself a beast-and-a-half, such that it is not yet possible for a XAD server to replicate and then "take over" an NT server.

which is a pity.

also, lukeh has modified a number of open source projects to allow "plugin" components to be added, such that he can out-source to his own components.

the source code for these plugin methods _is_ available - ironically, the one for samba does pretty much EXACTLY what i do for samba tng - outsource the DCE/RPC traffic - yet unfortunately, XAD itself, the core of it, perhaps unsurprisingly, is proprietary.

Stages

[thomasj]

So these are the stages of Samba versions:

• Andrew: There is a branch tag. Some lines of code has been written, and it can print the word "Samba" in a log file
• Susan: Core things work. That is, you can see a share folder, and when MS-Word crashes, it is not clear, if it is the Samba pile that caused it
• Alpha: Susan threw it out! Andrew is now pestering his paying customers to use it. Status is: what works, works. Features are missing (like reading from files)
• Beta: Paying customers threw it out! Andrew is seeking the Linux distributors to try it out.
• Distro: Some advanced stuff doesn't come out right. The distributors release it anyhow in the hope that some geek will fix it.
• Limbo: The geek fixed it and made an obscure backdoor. He is now using your host for compiling his kernel
• Retro: Most people revert to an earlier version, with a better backdoor. The geek has now a nextdoor neighbor geek to compile X on the host
• Fiasco: Well, yeah. Your drop Windows service.

Sorry, got a bit carried away...

Wah wah wah. Somebody stole my lolly!

It's no wonder they didn't get along with you. Just look at your comments in this thread they are all dripping in the vinegar you have made with your sour grapes.

You claim to have learned from your mistakes but, I would argue that you have not. It seems to me that you haven't yet acknowledged your real mistakes.

You seem to have attempted to join a team, that was working well and harmoniously for many years before you came along, without adapting to the team's methods. You tried to introduce disruptive methods and attitudes to the team and they weren't really interested. Understandably so. Now that you are no longer a part of the team you still do not see that you were a disruption. This is your mistake.

You tried. That's admirable. But, you failed. If you are not willing to continue trying to develop superior software, then give up. But, don't go blaming everyone else for your failure. Be a man, accept it, truly learn from it, and move on.

Despite your claims to the contrary, the SAMBA team cooperates very well and SAMBA is one of the most successful Open Source projects out there, bar none.

Re:Wah wah wah. Somebody stole my lolly!

[lkcl]

i just want you to know that i have actually read - and accept - your comments and advice.

especially the bit about being disruptive: i ACCEPT that. i wanted things to move QUICKLY. to have full NT domain compatibility within a couple of years, not within a couple of decades.

also, i am reminded of a quote from terry pratchett's "Thief of Time" - let me see if i can find it for you... yes, here we go, page 32

and thus the future was decided. they were not bad men. they had worked hard on behalf of the valley for hundreds of years. but it is possible, after a while, to develop certain dangerous habits of thought. one is that, while all important enterprises need careful organisation, it is that organisation that needs organising, rather than the enterprise. and another is that tranquility is always a good thing.

humans can only make decisions and can only make judgements based on what they know.

your comments about the samba team's effectiveness _would_ be completely accurate if the information and observations i have been made aware of were not true.

Re:Wah wah wah. Somebody stole my lolly!

[Hank+Chinaski]

Fix your shift key, please. It is very very annoying to be constantly yelled at.

Re:Uh, oh

[spuzzzzzzz]

the great Microsoft god must give all non-believers a chance at redemption so it can feel good when it casts us all into hell.

no hell, sorry. But viruses are available.

Re:Uh, oh

[xanadu-xtroot.com]

dll hell...

Re:Silly

[xanadu-xtroot.com]

WTF? There have been like 10 off topic trolls so far. Is the average age demographic of /. slowly circling the drain right now or what?

1. Now?
2. 
   
   Geesh, you must be rather new here. It's been that way for a while now. Besides, if you'd login, you can set your threshold to not see most of them. I just ignore them, thus me seeing your post at all. I find some of the trolling rather funny actually...
   

Active Directory DC or not?

[Nailer]

The article says Samba 4 implements an Active Directory Domain Controller. The AUUG talk linked to doesn't mention that. The roadmap (http://www.mirror.ac.uk/mirror/www.samba.org/deve l/roadmap-4.0.html) mentions none of these features are started.

What's the story? AFAICT the only Samba AD DC stuff means using Samba 3 with the PADL software...

Does not parse.

Did you mean, "Samba 4 Reaches 'Susan' Stage?"

LDAP with eDirectory/NDS, SMBPasswords?

[otis+wildflower]

I'm just curious to see how well Samba currently and is planned to work with eDirectory/NDS, and how well it would integrate with a Groupwise layout (I had originally built an IT infrastructure with OpenLDAP, Cyrus IMAP, SMB-LDAP, Postfix, etc... It worked but managing passwords was unpleasant and groupware functionality was nonexistent)..

Also, has Samba made dealing with SMB passwords less awful? Contributed standardized LDAP schema and worked to have SMB password setting integrated with *LDAP, etc? The only way I could get it to work (back in 2001 or so) was to write a password-changing web script and that is kinda clunky..

Re:Uh, oh

[theendlessnow]

Though this is off topic (stuff about Linux Today), most have upgraded to http://lxer.com anyhow.

Re:Not sure why this is in the `Linux' category ..

[lkcl]

rpcclient and smbclient i compiled up under cygwin back in 1998: they worked fine!

Not really

It was, until we kicked their asses so bad they didn't even know what happened to them. That was almost 900 years ago.

Re:Why promote a standard that encourages MS locki

[askegg]

Actually, Netware does emaulate a CIFS server (http://www.novell.com/info/collateral/docs/462120 2.01/4621202.html#file)

Re:Why promote a standard that encourages MS locki

You can do anything with a Novel server that you can do with an NT one.

Its the truth.

CIFS is emulated by Novel and as an administrator is a much supperior tool. The CIO's are convinced otherwise by the MS marketing department that somehow Novel can not integrated as well with Windows desktops. That is false and in Europe and around the world Novel has a much larger marketshare.

TFA says;

[hummassa]

she is the wife of one of the developers; she volunteered to test a lot the previous versions of Samba; samba4 is entering the phase where she will help by testing it as the development advances...

Re:TFA says;

[leonbrooks]

she is the wife of one of the developers

A gentle, polite and helpful one, as well. And they have an excellent wooden frog, plus top-quality coffee facilities for those who are into chemically abusing their kidneys. But I digress. (-:

Tridge wrote the core of Samba4 in about a day of coding spread over about a day and a half elapsed. That blew my mind. He did have a clear idea of what he was going to do when he started, but nevertheless it's startling to watch. He also wrote the core to have unprecedented flexibility, so it's going to be just as interesting to see what some of the other Samba geniuses do with it now that it's airborne (just).

It's also going to be interesting to see if naming his test tool "smbtorture" this time around (instead of "smbclient") is going to prevent people coming to rely upon it for day-to-day administration. (-:

AD requires you to know what you are doing

[DragonHawk]

"My experience is with AD in small networks, where the usesrs want something simple like central passwords and roaming profiles."

Yah, that's generally what we use it for, too. (I work for an IT systems integrator.)

"... there have been nothing but problems. Slow logons, the server requires rebooting ..."

Dollars to donuts, your DNS configuration is wrong. For most small networks, this usually boils down to: "You need to make sure the one and only resolving DNS server mentioned anywhere in your configuration is your Active Directory Domain Controller". Along that same line: "Never mention your ISP's DNS servers anywhere!" (This is a tremendous over-simplication, but it will do for Slashdot. Reply if you really want to know the details.)

A lot of people are still used to NT4. There wasn't much you could do to mis-configure NT4. Sure, it might not work in the first place, but it was always due to Microsoft bugs and limitations and there wasn't anything you could do about it. If it could be done with NT4 "out of the box", it was generally pretty easy to do.

Contrast that with Windows 2000 and Active Directory. Suddenly, DNS, DHCP, dynamic DNS updates, DNS record types, DNS SRV records, LDAP, and Kerberos all get involved. Your DNS infrastructure has to correct or Active Directory will blow chunks. You cannot get by without reading the manual. That is a stark constrast to NT4.

"... and user management is a pain."

This strikes me as odd. If anything, I find user management much easier in AD vs NT4. What makes you say it is a pain? Maybe I can offer some advice.

FYI and FWIW, we also frequently deploy Samba in NT4 PDC emulation mode, and find it works very well at that. Centralized security database, roaming profiles, etc. I just miss Active Directory Group Policy.

Andrew Tridgell's side of the story

[DragonHawk]

Here is the link M. Coward posted, but fixed, plus my +2 score so more will see it. (Sorry M. Coward, but then, I figure if you're Anonymous, you're not worried about credit or karma.)

http://lists.samba.org/archive/samba-technical/200 2-January/018388.html

I don't know the people or the situation enough to judge either one, but I figure it is good to see both sides. The truth, I suspect, is somewhere in the middle, but I say that onlly because it usually is.

Re:Andrew Tridgell's side of the story

[lkcl]

so you see the coding technique i use, and the reasons why i used it, and you see the results.

funny - i don't believe i ever actually saw andrew's response - up until now, two nearly three years on.

what ever happened to release early, release often?

Re:Andrew Tridgell's side of the story

[ZOMG+REI!]

yeah sure, except that you replied to it: http://lists.samba.org/archive/samba-technical/200 2-January/018474.html

you're like an open source community troll, except you don't do it with trolling in mind.

What do you want?

[DragonHawk]

"... a basic summary of those comments is that i accept responsibility for my failings. can you do the same?"

I'm just curious here... I've read some of the mail archives of the disputes between you and some of the other Samba developers. From my very uninformed position, it appears to have mainly been a conflict of approach and style. Now, when that happens, one party has to change their ways or leave. Since Samba was already "their" project, and you didn't want to change your ways, you got kicked out of their sandbox for not playing the way they wanted to play. That, in and of itself, does not make either side "right" or "wrong", and I'm not about to pass judgement on either side.

The thing I'm curious about is, what are you looking for from Jeremy Allison? Acknowledgment of your efforts? An apology? An invitation to join the project as a decision-maker?

As Mr. Morden would say: What do you want?

Re:What do you want?

[lkcl]

what am i still looking for, after four years?

yes, an apology. no, most definitely not an invitation to join the project as a decision-maker: i recognise that decisions are made by andrew and jeremy and that there isn't a chance for anyone to advise them on strategic ideas or direction.

yes, the samba team to adopt an ASF-like charter with an additional clause that "strategic" coding decisions are given equal weight as "technical merit" coding decisions.

yes, the samba team to make strategic decisions to chop the project up into smaller more manageable sub-projects - or at the very least to put in place a means to "out-source" data received by one protocol to separate programs (just like in TNG) which can be controlled from the config file (which is where TNG differs: you _must_ run separate daemons/services rather than have one big smbd monolithic program).

yes, andrew to apologise for treating me like one of his 17-year-old students he lectures.

that's all :)

i've said these things before - it doesn't particularly bother me any more whether these things happen, except that i genuinely believe that the samba project will be a lot better off if they happen.

Re:Not sure why this is in the `Linux' category ..

> (It wouldn't even surprise me if it ran on win32 under cygwin. That would be a bit wierd, but ...)

It would seem less weird when you consider that you have to pay for client licenses for connections to NT/2000/XP/2003 machines (gory details here. Microsoft refuses to allow more than 10 SMB connections to Win2000 Pro because "it wasn't designed for it" or some such. So Samba on Win32 would make sense, if you were a Windows user who a.) wanted to save money and b.) wanted to allow a lot of other Windows users to connect to his machine.

I have not tried Samba on Win32.

Getting Windows to see other Windows well

[DragonHawk]

If I'm in a good mood and I want to become angry, all I have to do is click on Network Neighborhood, and I go from happy to pissed off in no time flat. First of all, it practically locks up the entire computer while it SEARCHES for network shares.

In the default configuration, that is pretty common. If you are interested, I can explain how to make it work well.

1. Create a WINS server (NetBIOS name server). Point all your SMB/CIFS clients to the WINS server.

2. Set your NetBIOS Node type to 2 (P-node, or Peer Node -- WINS resolution only).

3. Disable the NetBIOS computer browser service on all but a handful of "reliable server" machines.

To disable the NetBIOS browser on NT, disable the "Computer Browser" service.

On Win 95/98/ME, set the "Master Browser" option to "No" instead of "Auto" in the "Windows File and Printer Sharing" component in Network properties. (I might have the names wrong; I don't use 9X much anymore, and I don't have one handy to check.)

I usually recommend disabling the browser service on all computers expect for domain controller(s). If you do not have a domain, disable said service on all but one or two of your servers. If you do not have any servers, you're hosed, regardless of protocol. Designate a computer "the server" to fix things.

Once this is done, Windows name resolution works pretty well.

Re:Getting Windows to see other Windows well

[rice_burners_suck]

Thanks! I'll give this a try.

Re:Why promote a standard that encourages MS locki

[Xross_Ied]

As a Novell customer (my employer) let me say their marketing and packaging of their products is the worst (perhaps only 2nd to commodore).

Only in eDir8.7 (what is bundled in Netware6.5)do the have support for a "universal password"..
+ unicode characters in passwords
+ allows the password to be rehashed to the algorithm the client requests (SASL but only for the hashing of the password).

Now finally their CIFS emulation (present since NW6.0, circa 2002) has a single password store. Perviously, NDS/LDAP authentication used the NDS password and CIFS emulation used what they called the simple password.

Back on topic, I hope samba gets some sort of support for host based passwords in non-PDC/AD mode. Not every shop has PDC/AD and samba maintaining it's own password store is just silly. Yes I know the underlying reasons why but why not build in support for a password manager (ala Apple's OpenDirectory in Panther) where the password manager stores multiple hashes of the user's password and authenticates against the one appropriate for the service/protocol being used. As long as the password manager is supported by PAM most platforms will be supported.

Then we can be closer to a single password store nirvana.

my 2cents.

Re:Not sure why this is in the `Linux' category ..

[dougmc]

It would seem less weird when you consider that you have to pay for client licenses for connections to NT/2000/XP/2003 machines (gory details here. Microsoft refuses to allow more than 10 SMB connections to Win2000 Pro because "it wasn't designed for it" or some such. So Samba on Win32 would make sense, if you were a Windows user who a.) wanted to save money and b.) wanted to allow a lot of other Windows users to connect to his machine.

I considered that, but there's a catch -- the Windows licenses only allow ten connections whether you're using Microsoft servers or not. So, yes, using Samba on Windows 2000 Pro may let you bypass that restriction as imposed by W2K Pro, but it's still not `legal'.

This has come up before with web servers -- Microsoft got on Orielly's case because Orielly's web server allowed as many connections as the machine could handle, and didn't restrict it to 10 even if the machine wasn't licensed for it. (This was at least 10 years ago, so maybe my memory is sketchy. I had a friend who was working at Orielly at the time and he was fussing about this ...)

I don't think Orielly gave in, and I'm sure this has come up again and again with every web server, ftp server, mail server, etc. that runs under Windows. But Microsoft can't really enforce it, so ...

Suzan?

[Vulcann]

The latest headline on a redneck tech newspaper:

Well slap me around and call me Susan! SAMBA Makes 4!

Mod parent up (informative)

[xixax]

This is some generic text that you don't want to read, but Slashdot will not let me post without some form of content.

Great sounding software but

[matdodgson]

Is this newsworthy? Check out the feature list. Examine in particular how many components have not even been started.

Ob. Simpsons quote

[Smork]

Moe: [answers the phone] Yeah, just a sec; I'll check. [calls] Amanda Hugginkiss? Hey, I'm lookin' fer Amanda Hugginkiss. Why can't I find Amanda Hugginkiss?

Barney: Maybe your standards are too high!

Re:susan ?

I wanted to install an Alexa client once for a client, he told me better not since his wife would not like it!!!

Re:Not sure why this is in the `Linux' category ..

[julesh]

I considered that, but there's a catch -- the Windows licenses only allow ten connections whether you're using Microsoft servers or not. So, yes, using Samba on Windows 2000 Pro may let you bypass that restriction as imposed by W2K Pro, but it's still not `legal'.

I'm not sure this restriction is legal. It is entirely unrelated to copyright, it is merely MS attempting to prevent you using the software in particular ways, and what they can do in an end user contract that isn't shown to the purchaser before sale is rather limited. I'd put money on them never enforcing this all the way to court because they don't want to set a precedent.