Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Mr. Samba' Talks About Samba's Future

Posted by ScuttleMonkey on from the from-the-horses-mouth dept.

Jan Stafford writes "SearchEnterpriseLinux is running an article that gives the inside scoop from Samba guru John H. Terpstra on upcoming new features in Samba-3 and Samba-4, recent events in FUD-fighting and the benefits that businesses can realize by adopting open source early."

4 of 111 comments (clear)

  1. Not much about Samba 4... by Boffy · · Score: 5, Informative

    ...just about Samba 3. Samba 4 info can be found here

  2. Re:LDAP by fireboy1919 · · Score: 4, Informative

    It would be nice, wouldn't it?

    Of course, you don't actually have to use multiple user bases now. The winbind component can do out-of-the-box Active Directory integration and even map users to linux users. So there's nothing to complain about there.

    There are a few big problems with it, though:
    1) You can't have a backup for if your WINS system is down; Samba will not deal with both the original and the backup (because it won't sync the winbind produced groups/usernames with the existing groups/usernames).

    2) UIDs and GIDs are mapped by Samba on the fly...so if they're different the second time you try it, too bad. You'll just have to chown any files that have the wrong permissions.

    I don't really think that Samba's the way to go with this anyway. A better "out of the box" type solution would be to a version of pam_ldap that has built-in support for registering the unix box with an active directory, which is really the only piece that is still a kludge (to do pam_ldap+nss_ldap+mit_krb5+sasl, you have to manually get the keytab right now).

    --
    Mod me down and I will become more powerful than you can possibly imagine!
  3. Re:LDAP by Jeremy+Allison+-+Sam · · Score: 2, Informative

    Just a quick fyi. The winbindd cache is persistent, so it will always map the same way on subseqent lookups. The winbindd uid/gid cache can also be remoted onto an LDAP server, making the cache common between multiple instances of winbindd on different machines. So it's not as bad as you paint it and is used in some very large organisations as their main mapping mechanism between Windows and UNIX.

    Jeremy.

  4. Re:LDAP by nick+this · · Score: 2, Informative

    It might be worth noting that by using idmap_rid as the idmap backend, you can get common uid/rid mappings on multiple samba servers without having to set up LDAP.

    In a small AD implementation with a couple Linux boxes running samba, I find idmap_rid to be ideal. I run across folks with this level of need all the time.