Slashdot Mirror

← Back to Stories (view on slashdot.org)

Samba Success in the Enterprise?

Posted by Cliff on from the asking-for-your-experiences dept.

gunnk asks: "We've deployed a Samba server here to replace some aging Novell Netware boxes. It works great: fast, secure, stable. However, we have one VIP that feels that Samba is 'amateur' software and that we should be buying Windows servers. I've been searching with little success for large Samba deployments in Enterprise environments. Anyone out there care to share stories of places that are happily running large Samba installations for their file servers? Or not so happy, for that matter — better to be informed!"

2 of 149 comments (clear)

  1. your "VIP" is a clueless n00b by Yonder+Way · · Score: 4, Interesting

    Samba may have been met with trepidation like 8 years ago. The rest of the world has gotten with the program. It works. It works well. It works extremely well.

    I've implemented it at a number of Fortune 100 companies. I cannot name names due to NDA but you would recognize the names. I am contracting at one of them right now.

    For enterprise scale use, I would even contend that Samba makes a better file server to large numbers of Windows clients than running Windows on the server. Can you run Windows on an IBM pSeries 570 (16 POWER5+ processors, 128GB RAM) to serve files to ~20,000 users? I can tell you that RHEL 4 does that just fine.

  2. Re:SAMBA + Windows 2003 Server is shit by Jeremy+Allison+-+Sam · · Score: 4, Interesting

    It's me you're complaining about here, as I wrote (and maintain)
    the POSIX ACL code in Samba.

    I understand your problem, but you've got to realize there's
    nowhere on a UNIX filesystem to store that meta-data and have
    the kernel understand it.

    Sure, we can push the NT ACLs into an EA, but nothing in
    the kernel will look at that EA or even be able to make sense
    of the SIDs stored within it.

    We can do the interpretation inside Samba but this doesn't
    prevent other POSIX processes from completely ignoring
    whatever ACLs you thought you'd securely set on that file.
    NetApp can do this as they have their own kernel (based
    on FreeBSD originally) which they've hacked to understand
    these ACLs. Samba isn't a kernel, and so can't do this :-).

    NFSv4 ACLs, whilst having their own problems, are much closer
    to what we need to store full NT ACLs. Unfortunately they (a)
    break POSIX, (b) aren't yet finished on the most popular
    platorm (Linux) and (c) have no userspace API standard for
    getting to them.

    This is one of the reasons my world sucks (Microsoft DFS is
    another at the moment :-) :-).

    Your complaint is like a child screaming "I want a pony,
    I want a pony...". We *all* want a pony. Where is it going
    to live..... :-).

    Jeremy.