Microsoft Working For Samba Interoperability

JP writes "Andrew Bartlett of Samba fame has written a document describing their recent collaboration with Microsoft's Active Directory team. In brief, it would seem that the sky is falling, as Microsoft's engineers seem to be really committed to making Samba fully interoperable with AD. They have organized interoperability fests and have knowledgeable engineers answering technical questions without legal or marketing drones getting in the way. However according to Andrew the Samba AD team is currently very short on manpower, so if you have network experience, now is the time to get coding."

What does this mean?

[GuloGulo]

"In brief, it would seem that the sky is falling, as Microsoft's engineers seem to be really committed to making Samba fully interoperable with AD"

The bolded part is a euphemism for "disaster in progress".

Forgive my naivety, but isn't this a good thing (as much as MS collaboration can be)? Why is this a "sky is falling" situation?

Re:What does this mean?

[postbigbang]

Snowballs are making it through hell, is what I believe was implied. Pigs are flying.

AD must not be the holy grail anymore, but I'm not complaining. Openness to the FOSS community isn't a Microsoft trait, but as long as they have this deal with Novell/SUSE that's making them a mint, why not try and make it work? After all, they can look inside SAMBA with no obstacles to learn about their own code.

Re:What does this mean?

This is not a new thing. They have been working with samba for a couple of years at least.

http://blogs.msdn.com/oldnewthing/search.aspx?q=samba&p=1

They even try to think about how it will work with OLDER already released versions that are in firmware that will never be updated again.

Re:What does this mean?

[Slash.Poop]

The sky is falling.....

.....simply descibes the level of cynicism and bias that slashDot and a vast majority of it posters have toward anything Microsoft. They don't believe that Microsoft does or creates anything good. So when Microsoft does do just that, it must mean that the sky is falling.

Re:What does this mean?

[partenon]

Right, and they are doing that because they are good, right? I know that nobody RTFA, but here is an excerpt, just for you :-)

In September 2007 Microsoft lost it's appeal of the 2004 anti-trust
Decision by the European Commission. As as result, Microsoft was
required to make protocol documentation available to competitors.

Re:What does this mean?

Right, and they are doing that because they are good, right? I know that nobody RTFA, but here is an excerpt, just for you :-)

In September 2007 Microsoft lost it's appeal of the 2004 anti-trust
Decision by the European Commission. As as result, Microsoft was
required to make protocol documentation available to competitors.

MS has a fiduciary responsibility to their shareholders, bankers, and every other stakeholder. For them not to defend their IP would open them up to lawsuits from their stakeholders. And for that matter, giving away their IP as others have suggested would also create the same outcome.

You see, business decisions are not black and white; good or evil; or your typical adolescent binary reasoning that prevails here on Slashdot. If some company that I invested my retirement savings into decided one day to give away their IP to be "good" and cave to the F/OSS community with no business plan on how to compensate for the loss of revenues, I would sue the management for gross malfeasance. Now, to head off the folks who would say that you can make up the revenues with services and support, I would like to point out that service and support companies are a dime a dozen, actually, that business plan has become a commodity worth as much as becoming a landscaper or a house cleaner - which I get a business card per day on average from folks who are in that business.

Re:What does this mean?

[partenon]

For them not to defend their IP would open them up to lawsuits from their stakeholders. And for that matter, giving away their IP as others have suggested would also create the same outcome.

The thing is: they are not giving away their IP. Their products are *not* being opened. Only the protocols their products uses needs to be documented. And let me show you another excerpt of TFA, as it seems you didn't read as well:

The EU mandated a set of minimum terms (now known as the WSPP) that the Samba Team (and others) would be able to access the documentation
under. By early 2008 the Free Software community gained access to this documentation under NDA, and by May 2008 Microsoft made all their protocol documentation public.

That means: their trade-secrets are still protected. They are forced to change only their monopolistics acts.

WTF?!

[cosmocain]

There's no car analogy to describe my deranged stare.

Re:WTF?!

Not even the Multipla?

Re:WTF?!

[UnknowingFool]

Me too. Where is BadAnalogyGuy when you need him?

Re:WTF?!

[ColdWetDog]

Me too. Where is BadAnalogyGuy when you need him?

Sitting in his garage, on the floor, slack jawed in wonder.

His attempt to put the engine from a Caterpillar D9 into his Miata were ... somehow successful.

(Well, you did ask for a bad analogy, didn't you?)

Re:WTF?!

[ThePhilips]

You seem to not read carefully the most important part: "Microsoft's engineers seem to be really committed to making Samba fully interoperable with AD"

M$ engineers are normal folks like you and me. Well, probably not me. The all cr*p breaks loose when M$ management gets involved and start pushing its political agendas.

If cooperation between AD and Samba folks would be successful, rest assured some M$ managers would try to stick themselves into the project to get a free share of credit for the success.

Re:WTF?!

[Toll_Free]

Due to NDA's, MS Engineers are probably not being helpful without management.

Whether or not management CONTINUES to allow them to be helpful, remains to be seen.

You DID bring up a good point, though.

--Toll_Free

Re:WTF?!

[sorak]

There's no car analogy to describe my deranged stare.

What if you saw a car humping a camel while Lindsay Lohan mud-wrestled Oprah Winfrey in the back seat? Would that be a good car analogy for this occurance?

about time..

[Markspark]

and this will probably be of some benefit to Microsoft, since playing well with other operating systems must always be an advantage.

Re:about time..

[Ritz_Just_Ritz]

Definitely about time. I'd much rather have a viable/free exchange server to remove the last vestiges of Windows Server infestations, but a bulletproof samba certainly helps the cause too.

A few windows clients, I can live with....

Cheers,

Re:about time..

[Captain+Splendid]

since playing well with other operating systems must always be an advantage.

Heh, I don't know about always. I don't recall having many advantages when networking win2k and win98 machines back in the day.

Re:about time..

[internerdj]

Why not? I don't think a for-profit company is ever going to get far from compete mode. I wouldn't expect Apple or Palm or Redhat for that matter to play well with others if it wasn't an advantage either.

Re:about time..

[bsane]

Or they'll just wait until their ideas are fully integrated with samba, and then threaten anyone who uses it with patent lawsuits...

I have a hard time seeing any other outcome.

Re:about time..

[somersault]

If Microsoft products are loosing ground, they have a great future in the mining and dredging industries! Imagine being able to dig things up without all that expensive heavy machinery!

Re:about time..

[TomorrowPlusX]

They haven't done this to Mono yet, as far as I know. They're even helping Mono with Moonlight.

I'm not a Microsoft fan, but you know, it's *possible* they're not as evil as they used to be.

Re:about time..

[gbjbaanb]

I suppose its all about realisation that Linux is making it into corporate environments, and Microsoft now has to do something to keep themselves there.

MS are saying that if you really, really must have a Linux server in your IT shop, they'd better make it so it can connect to the one true corporate user account register, before the people who put the Linux server in decide to try a different LDAP server, maybe even one supplied by Novell.

It makes sense for MS to start doing this, in this way they can keep their dominance in the corporate IT structure, by letting the lowly Linux boxes play in the same playground. The important thing to understand here is that even MS has realised linux is making it big in businesses, that kinda give Linux the seal of approval from MS, not even the most pro-MS, anti-OSS PHB can say its not a valid OS anymore.

Next: an Outlook client... MS won't mind that as it allows them to keep their Exchange systems ... until someone builds an Exchange replacement to go with it, and then watch MS share price tumble.

Re:about time..

[bfizzle]

Does it not seem odd to you that the only competitor for Windows file sharing recommended here is a open source clone of the same technology they are trying to replace?

There is a reason why Windows servers are so popular and it is no one makes directory services, file sharing, group policy, and email/calendaring as easy as Microsoft. Microsoft has been so successful at creating these services and making them simple to administer that most open source projects try to emulate/replicate/duplicate what already has been done.

So stay up on your soap box saying how much better the open source version is...

Re:about time..

[ryanvm]

Not only have they not tried to sink Mono with patent lawsuits. I can't think of ANYONE they've EVER attacked with patents.

I'm tired of hearing this lame FUD scenario from the Slashdot crowd every time MS dabbles in open source.

Re:about time..

Camera/flash memory makers and the FAT32 file system.
Not saying it's a big deal or even a trend, but it's not "never."

Re:about time..

[SnarfQuest]

Microsoft needs a working version of this code to "innovate" into their next version of Windows.

Re:about time..

No, but they've threatened to. According to MS Linux infringes on upwards of two hundred patents, and MS has claimed to have considered bringing up patent lawsuits against those who use Linux. This way companies will stick with MS rather than risk being sued to death.

In some ways it's worse to just threaten than actually going ahead with the lawsuit because once they've made it clear where the infringements are they can be dealt with (F/OSS being quite flexible and what not), but with their FUD they can hang it over the heads of any potential Linux users for years to come.

Re:about time..

[PitaBred]

It's not that odd. The Windows networks exist, and that's what's really important. No one gives two shits about what you're running, only if you can't communicate with them. Samba exists as a clone and is recommended here because people need to interoperate. You can't run any other kind of sharing on Windows and have it work properly, so the only other option is to use the same kind of sharing that Windows DOES work with.

Re:about time..

[PitaBred]

They don't attack people with patents outright. They say "Hey, Novell... we've got patents covering shit you're doing. It'd be in your best interests to work with us on the terms we specify". Microsoft doesn't need the money from the lawsuits, they aren't looking at it as a revenue stream. They look at it as a pointy stick to get people to do what they want, and license the patents BEFORE the lawsuits happen.

Re:about time..

[segedunum]

Not only have they not tried to sink Mono with patent lawsuits. I can't think of ANYONE they've EVER attacked with patents.

It hasn't stopped Ballmer and others at Microsoft talking about it incessantly, and it hasn't stopped them and won't stop them grabbing patents on fundamental .Net technology and telling everyone they need a patent grant. Most of Microsoft's patents thus far quite cleverly tell you that it applies to anything running within a CLR at the top, which means that they are not the general things everyone tells you they are when this is brought up. The only reason why the ECMA stuff is made available under RAND terms is because the ECMA requires it, but there is no guarantee that things will stay that way at all.

That's the state of play. Once .Net has reached critical mass they have the luxury of killing off any compatibility through technological changes, telling everyone that they now need a license grant, and if push comes to shove, patents that apply to .Net technology and nothing else if it needs to be enforced. Microsoft does not want people using their technology unless money ends up flowing into their coffers, and Microsoft employees on more than one occasion have called this a give-get scenario, where you give now and get more later. I am aghast that people haven't grokked that yet.

I'm tired of hearing this lame FUD scenario from the Slashdot crowd every time MS dabbles in open source.

Heh. Regardless of what the Slashdot crowd says, I don't know if you've noticed but Microsoft has had a certain degree of scepticism, and at times, outright hostility to this whole open source thing from their own lips. Are you seriously trying to tell me that you haven't noticed that yet and are you seriously wondering why people are sceptical right back?

Re:about time..

[tearmeapart]

Ummm... there are many network file systems out there that have worked fine for a long time. See http://en.wikipedia.org/wiki/Network_File_System
.

I know it may be from the 1980's, but my NFS is working just fine between my Solaris/Linux/FreeBSD machines. And yes, I do have plans to migrate to ZFS.

Re:about time..

[rickb928]

"There is a reason why Windows servers are so popular and it is no one makes directory services, file sharing, group policy, and email/calendaring as easy as Microsoft. Microsoft has been so successful at creating these services and making them simple to administer that most open source projects try to emulate/replicate/duplicate what already has been done"

I disagree.

Before even Novell had NDS working well there was StreeTalk. But NDS worked just fine, than, you very much.

It was the client, being crippled by Microsoft, that hampered NetWare. Not NDS.

The whole Microsoft v. Novell thing is a good case study in using interoperability to first build a market, then crush your competition, leaving you dominant and solitary. Perhaps you need to go back and read some of the court papers to more fully appreciate the effort Microsoft put into making Novell fail on Windows.

And then there's the whole Lotus 1-2-3 and WordPerfect things, but we digress. When Microsoft starts 'working' on interoperability, it is not irrational to suspect foul play. It's experience.

ps- I rather liked GroupWise, which worked pretty well when Exchange was not. And I use Notes at work which, despite the complaints, works too well to ditch here. Not entirely fair, 'cause here we use so many Notes databases and apps that Exchange can't replace all of it. The IBMers are frantically converting everything into .NET and Web 2.0 so we can use Exchange, and coincidentally experience substantially enhanced downtime in our data apps. And they are succeeding well. We've even lost data. Woot! Believe me, I know, these guys don't need any help from Microsoft.

grrr....

Re:about time..

[howlinmonkey]

As someone already mentioned, SAMBA came about because users wanted to play nice in the dominant environment. And MS didn't grow to dominance because their software was superior.

Oddly enough, much of AD is built on OSS technologies -> LDAP and Kerberos.

And MS is only simple to admin if you don't mind constantly searching for hacks, patches and updates for obscure problems. Often, you have to manually go to the nightmare that is the registry to solve problems. Those of us comfortable with a text editor don't need the square training wheels of the MS gui.

So stay up on your soapbox saying how much better MS is...

Re:about time..

[EvilRyry]

Microsoft has complete and total control over both the clients and the servers for all the things you just mentioned which gives them just a tad of an advantage. They also have a monopoly on the desktop market. The only way to really join the game is to play by their rules. Thanks to Open Source software that interoperates with the Microsoft products, this barrier of entry is much lower allowing more companies to compete in a given market.

You might be fine with a Windows file server and NTFS, unfortunately I manage large, high traffic storage volumes with a small budget. NTFS simply will not scale to my needs and I don't have the money to buy a SAN or NAS appliance (I've priced them, and demoed one and they are really, really expensive!). For me open source software provides an alternative solution that gives me the performance I need at a price my company can afford.

Re:about time..

[quanticle]

There is a reason why Windows servers are so popular and it is no one makes directory services, file sharing, group policy, and email/calendaring as easy as Microsoft.

Or perhaps its because no one makes directory services, file sharing, group policy, and email/calendaring as incompatible (with third party products) as Microsoft. Its not that Microsoft's products are any easier or more intuitive than the competition. Its that Microsoft's products work natively with Windows, and therefore allow Microsoft to leverage its monopoly in the desktop OS market into a monopoly in other spaces as well.

Re:about time..

[Jeremy+Allison+-+Sam]

Read this :

http://www.samba.org/samba/PFIF/PFIF_agreement.html

for details on patent issues. It's not as black as you paint it.

Jeremy.

Open source labs

[sammyo]

I could probably make some small contribution but have neither the time nor inclination to set up the dev and test environment.

For projects of this magnitude a site that could be ssh'd to, 'check out' a dev environment slice would make it a whole lot more practical for folks to work on a small bug or enhancement.

Novell, RedHat, want to help out.

[LWATCDR]

Seems like a good time for some of the larger distros to help Samba out.

Bad analogies?

This seems roughly akin to two soldiers from opposing armies suddenly having brunch and discussing the finer points of shooting people.

What I'd like to see...

[Toll_Free]

If MS is truly working with Samba to get it 100 percent, what I'd REALLY like to see (and I won't believe they ARE working with SMB until then) is non-encrypted passwords.

SHARE the SMB password system, make it available, so not every friggin windows machine has to do unencrypted passwords across the network to access SAMBA shares / printers / whatever.

That's always been my BIGGEST stumbling block. Linux is touted as being so secure, but then it has to use unencrypted passwords to chat with the desktop clients for sharing.

I KNOW it's an MS problem (their authentications schemas are proprietary), but if they claim to be trying for interoperability (which, they probably are), this was / is my biggest hurdle to accepting *nix in a windows shop.

--Toll_Free

Re:What I'd like to see...

[Zombie+Ryushu]

Use Kerberos to authenticate. I do.

Re:What I'd like to see...

[Toll_Free]

No, it wasn't a troll.

Natively, without another method (kerberos), you have to use unencrypted passwords.

That was my point. If it just >>worked, it would be better.

My biggest problem with Linux is interoperability. Yes, it's there, but you ALWAYS seem to have to enable SOMETHING else.

Hopefully, with this, you just install samba, configure your users, and that's it. Nothing else has to be added, changed or anything else.

It's not like you have to set up a different authentication schema to use a MS Server share on Win2k, do you? For linux to get a stronger foothold in the enterprise (and to a limited extent, the home network), it needs to be a little easier to get it to operate with the other operating systems... (I'm NOT saying this is Linux's fault, I'm hoping that MS decides to open the protocol up a bit more on the authentication side).

--Toll_Free

Re:What I'd like to see...

[Dog-Cow]

I've never configured samba to use unencrypted passwords unless I had to connect from Win9x (which won't do encrypted passwords). I really have no idea what you are talking about.

Re:What I'd like to see...

[Jeremy+Allison+-+Sam]

Sigh. The misinformation level in these threads is amazing :-(.

Yes, Win9x does encrypted passwords. They're not very good (lanman) but it is an encrypted password authentication.

Jeremy.

Re:What I'd like to see...

[Jeremy+Allison+-+Sam]

> SHARE the SMB password system, make it available, so not every friggin windows machine has to do unencrypted passwords across the network to access SAMBA shares /
> printers / whatever.

Troll. This hasn't been the case since Samba 1.x.

Jeremy.

Doesn't surprise me, from where I sit

[MikeRT]

I work for a company that does a lot of integration for enterprise customers. Sometimes there are spaces for Microsoft products in an otherwise Unix environment. Our customers happen to be pretty set on using Unix in general, so for Microsoft, it makes sense to make sure that their products can fit into an environment like that without any hassle. After all, a small sale is better than no sale.

Re:Doesn't surprise me, from where I sit

[dave562]

You're right on target. All OS zealotry aside, there are some applications that are simply better on Windows. Conversely there are some applications that you'd never want to put anywhere near Windows. In the real world there is a middle ground. Maybe your ERP system needs to output some numbers for the managers to play with in Excel. It can toss them onto a Samba share and everything is good. That's just an example off of the top of my head. I'm sure there are hundreds of others.

Who modded this down?

[desmodrone]

This guy asked a relevant wuestion, albeit mking a minor html mistake in the process, and some jackass mod comes in and carpet bombs him? I want to know the same thing, this seems like a good thing, but submitter makes it out to be something else with his terminology. So, is it a good thing or not? And to whomever modded this guy down, you're a jerk and you owe him an apology.

Re:Who modded this down?

[Gary+W.+Longsine]

This place is chock full of morons like that, and it seems that many of them have unlimited mod points. Thanks for fighting the good fight.

Hell officially freezes over...

[markp93]

... and yet the Cubs still can't win the World Series. :(

Re:New Version

[dkleinsc]

... and then claim patent or copyright infringement.

Microsoft's Target Has Moved

[mpapet]

Long ago, being having compatibility with Microsoft's file sharing backend would have been a big win, but the target has moved and, let's face it, Samba still isn't very easy to set up.

In this case, Microsoft knows the knife is cutting both ways. The low-end license buyers won't bother paying for a Linux admin, so it doesn't harm Microsoft one bit.

Microsoft's biggest customers buy the whole mess that includes their mail server and a bunch of other back office crap that remains totally closed.

hah this is too little too late

[DragonTHC]

The samba team already made sure it was interoperable. You can use samba/ldap as an AD replacement.

I have done it.

MS just wants to save some customers by doing this. I say it's not going to work all that well.

Those customers are probably not going to ditch windows desktops for linux anytime soon though.

Re:hah this is too little too late

[Shados]

Its already interoperable, but the MS AD team isn't going to stop adding features just because its going to break the desktops of people who don't pay them. But if they break things too much, they get sued to death over their monopoly. Their only solution is to make sure the Samba project keeps up, so its what they do.

Re:hah this is too little too late

[GoRK]

Did you replace AD with it or did you create an NT4 style domain? IMO I have never been able to achieve the AD replacement piece despite my best efforts with OpenLDAP and Kerberos and early releases of samba4. The first time anything expects to operate against a "real" active directory be it some remote software trying to authenticate, a NAS/filer, or software that "integrates" with AD, the setup has always fallen on its face. After a few attempts is simply becomes cheaper to deploy AD.

The problem now is that a lot of new hardware and software coming out is getting harder and harder to shoehorn into samba/NT4 style environments. You have to jump through hoops to get it to work and a lot of times you have to sacrifice features or security when you do make it work. So this is a problem in "the enterprise."

But it's starting to get bad with "the consumer" too. When a manufacturer's samba-running $99 NAS box that has worked great for a home user for years suddenly wont work with a new Vista machine it's perceived as microsoft's problem.

Depending on your opinion of the matter, these might or it might not be really Microsoft's fault, but in any case they do have an interest (and by that I mean a financial incentive) in making sure their garbage works with everyone else's garbage.

Re:Old Proverb

[AvitarX]

I agree.

I bet this is about a semi-fold on their server platform, to maintain desktops.

They can give-up AD servers, and push exchange and share point and Desktops/Office.

the AD is the weakest (least important) part of there monopoly, especially in mid-sized businesses.

If they provide the clients, and the messaging, and the document sharing, and even the remote desktops. The actual authentication is moot.

Big Guys: time to chip in

[alexborges]

I cannot believe the samba team is down to ONE full time developer.

Its a HUGE project to undertake.

When I buy my Red Hat, Suse or Ubuntu thingies for money, Im thinking some of that money goes to helping FOSS developers.

Hey, it better be that way guys: put some dough into Samba.... NOW!

Microsoft finally learning?

[i_want_you_to_throw_]

Remember when IBM was the Microsoft of it's day? Now it's a darling because it learned a valuable lesson....

Ultimately companies that create standards will eventually have to transition to a company that contributes to them.

I'm no M$ fan at all and that goes back a ways for me. On the other hand, Microsoft seems to be showing signs that they have accepted open source as something that's here to stay (although they hate it).

Next up on the radar? Google

Once they became a publicly traded company, responsible for only making a profit for their shareholders, it appears more and more like their motto should transition to "We do less evil than everyone else"

Re:Brilliant Marketing

[Shados]

Normally I'd agree, but right now it seems there's more to it than that. Microsoft is trying to stop the whole "getting sued to oblivion because of their monopoly" thing.

-They open source .NET (notice I'm not using capital letters here. Its not real open source, but you can see the code)
-Silverlight running on multiple platform, and they're helping out the Linux version, plus are funding efforts to make a cross-platform eclipse-based set of tools.
-Many of their new .NET projects are fully open source (for real)
-They are packaging and distributing open source (even GPL in some cases) apps in easy installers (not code they control: the installer pull it from the original web site, so its not "extended)
-They are embedding LGPL (I think thats the license) stuff in some of their core products (jquery in Visual Studio)
-There's more that I forget.

All of this aside the first one happened in the last couple of -months- (weeks in many cases). The first one is fairly recent.

Part of it, like I said, is because of all the lawsuits over their monopoly. Another part (some of the above fit in that category) are from the inside: some of MS' own employees with influence want to see better open source integration.

No legal personnel?

[joeflies]

They have organized interoperability fests and have knowledgeable engineers answering technical questions without legal or marketing drones getting in the way.

Wouldn't this be a GOOD time to have legal drones getting involved? No, not Microsoft's lawyers, the ones that will protect the interests of the Samba intellectual property?

Re:Bill Gates

[Erpo]

I'm not suprised.

For a long time Microsoft has had a package called Services For Unix that you can install on Windows. It allows Windows to act as a server but not a client with respect to standard *nix protocols like NFS.

Microsoft wants to replace *nix in the server space by breaking into purely *nix environments and replacing an entrenched server operating system with their operating system.

Whether this is done by making Windows interoperable with the protocols that are already on the clients or changing the clients to interoperate with Windows as a server is immaterial.

Unless they're making it easy for people to replace Windows AD servers with Samba servers running on Linux, this is not a big deal.

Engineer nature

[Godji]

Duh. Good engineers with no PHB supervision will tend to to great things. Even the ones at Microsoft.

What makes Microsoft Microsoft is the fact that engineers are very rarely left under little or no PHB control. When they are, news like that will follow.

You are confused.

[Zombie+Ryushu]

You have confused SMB, NMB, and SMBX, which Microsoft calls CIFS.

SMB is not all that different in how it works from FTP. Its a TCP Protocol that operates on Port 139.

NMB (NetBios Message Block) is how Windows provides SMB with services like Name Resolution. It also handles things called Browser elections which determine who the Domain Controllers will be.

Windows NT4 and 9x is hard Coded to only allow use of NMB to resolve SMB names. This was a horrible lockin tactic for Windows NT4 Server. Windows 2000 on can use NMB or DNS.

SMBX operates on port 445, and acts independantly of NMB and SMB.

Linux machines from Samba 2.2 on could use DNS to resolve SMB paths. Even though Windows machines are hard coded not to allow that.

Another lockin tactic with SMB was the use of the UNC (Universal Name Convention) which was FAR from Universal. The proper URI for smb is smb://. Konqueror has it right.

So, that should clear that up.

The worst offense Microsoft ever did was when they added the PAC to Kerberos. If there is a beacon shining in the night why the GPL is superior to the BSD liscence, the Kerberos PAC that has kept Active Directory Dominant for almost ten years should be a becon in the night. MS Kerberos PAC is incompatible with virtually EVERY SINGLE Kerberos server out there.

Look at what they're doing in the HE's

With MS increasing 'interoperability' with FOSS, many Universities are standardizing on MS products...

e.g. Oxford University, UK http://blogs.msdn.com/ukhe/archive/2008/10/22/oxford-university-and-microsoft-launch-it-collaboration.aspx

In the past, one of FOSS's heartlands was in higher-education, where linux systems do a lot of science work, producing thousands of graduates with linux experience.

Today, academics in faculties can no-longer demand the use of open, standards-based systems from their central IT since MS is 'open enough'. Don't believe me? Look at the language in the Oxford announcement.

Of course to get the full benefit of the 'open' MS system, you need to use MS products...

Next up: MS releases OpenSource AD compat Samba

[boyfaceddog]

MS will release Open Source AD compatible Samba - which everyone will use and will come with some weird license that everyone will argue with and MS will simply wipe out all products that use the MS AD Samba.

Embrace, extend, extinguish.

How hard is this to understand?

Not a client?

[HonoredMule]

[Services For Unix] allows Windows to act as a server but not a client with respect to standard *nix protocols like NFS.

I use SFU solely for enabling my Windows boxes to connect to NFS shares...so what are you talking about?

Re:Bill Gates

[EvilRyry]

Uhm, that's exactly what they are doing. Samba4 can (mostly) act as a domain controller in an AD environment. This even includes replicating to Windows AD controllers.

Working *with* or *against* it?

[SgtChaireBourne]

This is not a new thing. They have been working with samba for a couple of years at least.

Why is it that the Samba crew does all the work, including taking the case all the way through the courts, and shot down the appeals, and shooting down disinformation, and dealing with the anti-FOSS documentation NDAs, only for "JP" to give the headlines to M$?

The headline should reflect the content of the article and that is about the rapid headway that the Samba team is making. It's not the first time, nor even one of the first times, that the M$ developers have had to rely on the Samba team. Let's give credit where credit is due.

This is patently incorrect.

[Ayanami+Rei]

http://linux.ittoolbox.com/documents/popular-q-and-a/how-to-set-up-a-samba-server-with-encrypted-passwords-2278

Samba has supported LM, NTLM, NTLM v2, and kerberos authentication for quite a long time (since v2.2 at least). Your gripe with "unencrypted passwords" is only valid if you want to use PAM for password authentication (which requires the password to be sent over the wire to be "applied" at the server side as if you typed it into the login prompt) and you are not using kerberos or LDAP, as you should be. This feature of windows is purposely disable in XP SP1 and greater because it is retarded and you don't know how to properly set up your linux box in a sane way.

Re:Bill Gates

[Allador]

Unless they're making it easy for people to replace Windows AD servers with Samba servers running on Linux, this is not a big deal.

Did you not read the article you're posting about?

The bulk of the article is about precisely that. He's the lead dev on samba building an AD server, and talking about the wonderful level of support ms is (now) giving them.

He specifically mentioned that since they're the only ones working on an AD server replacement, at one of the 'plug fests' at MS' redmond campus, they were the only ones there to take advantage of it.

In addition, he mentions that the team on samba for building an AD server is short on developers, and is asking for help.

Do you mean that...

[mebrahim]

Microsoft is at embrace stage?

Re:Novel already thought of this.

[Jeremy+Allison+-+Sam]

"and Andrew just had to leave Novel in a storm to push the idea"

No, that would be me, not Andrew Bartlett. Andrew has been happily working at Red Hat for many years now.

Jeremy.