Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Samba 4.0 Released: the First Free Software Active Directory Compatible Server

Soulskill posted about 2 years ago | from the opening-up dept.

Software 343

Jeremy Allison - Sam writes "We released Samba 4.0 today, containing the first compatible Free Software implementation of Microsoft's Active Directory protocols. 'Samba 4.0 comprises an LDAP directory server, Heimdal Kerberos authentication server, a secure Dynamic DNS server, and implementations of all necessary remote procedure calls for Active Directory. Samba 4.0 provides everything needed to serve as an Active Directory Compatible Domain Controller for all versions of Microsoft Windows clients currently supported by Microsoft, including the recently released Windows 8. The Samba 4.0 Active Directory Compatible Server provides support for features such as Group Policy, Roaming Profiles, Windows Administration tools and integrates with Microsoft Exchange and Free Software compatible services such as OpenChange.'" Full release notes are available, and you grab the files from the download page.

Sorry! There are no comments related to the filter you selected.

If only it were samba-ng (2)

bluefoxlucid (723572) | about 2 years ago | (#42253615)

We got a giant monolith instead of a bunch of core libraries and services.

Re:If only it were samba-ng (3, Informative)

Jeremiah Cornelius (137) | about 2 years ago | (#42253735)

Gates is forked.

This will be embeddable on ARM appliances, and baked into VM management software, etc.

It only took 12 years... :-)

No more licensing fees :) (5, Interesting)

somersault (912633) | about 2 years ago | (#42253617)

Oh hell yes

Re:No more licensing fees :) (1)

jhoegl (638955) | about 2 years ago | (#42253765)

Shhhhh, they will hear you.
BTW, licenses will still be required for these machines/users, but not for the OS.

Re:No more licensing fees :) (4, Interesting)

somersault (912633) | about 2 years ago | (#42253871)

I already have loads of client licenses, but this means no more server licensing, so it will be significantly cheaper for small businesses to build a small network with full redundancy, and massively cheaper to build out large networks. Get this onto Ubuntu Server with a friendly interface, and MS will be close to dead in the water as far as servers go.

Re:No more licensing fees :) (0)

Synerg1y (2169962) | about 2 years ago | (#42254027)

Client licenses, what? Are you talking about windows OS keys? Why would anybody think those are suddenly not required?

Then again, reading through this discussion, I'd have to say most of the posters don't have a clue what they're talking about in regards to active directory and the relevance of what samba supposedly did here. I'd still wait 1/2 a year to put it into a test environment & another year to go production. AD isn't something that can error out sometimes without consequence.

On that note, to all the businesses who can't / don't want to afford windows SBS, this should like getting free money. Otherwise AD is just a role on a modern windows server... Notice how this is not a stand alone server , 99% of the time it's better to leave it stand alone. [microsoft.com]

Also, another thing I was looking for from the article was MISMO, there is no mention of it, AD will not integrate right without it. Hopefully, those roles are handled properly if we were to integrate it with an MS AD server.

Re:No more licensing fees :) (4, Insightful)

bigstrat2003 (1058574) | about 2 years ago | (#42254095)

I'd still wait 1/2 a year to put it into a test environment...

Why? Isn't the whole point of a test environment to find out if something has issues? I think that interested parties should put it into a test environment immediately, cause that's why they have a test environment. But yes, wait some time to put it into production.

Re:No more licensing fees :) (2)

somersault (912633) | about 2 years ago | (#42254227)

You don't sound like you have much of a clue either to be honest; when you buy server licenses, you also need to buy "client" licenses to go with them. These are in addition to normal desktop Windows licenses (as far as I'm aware at least). Though if you're using a non-MS implementation of the server, I don't see why you should need the client licenses too. If you do, that's still a hefty cost, but at least you shouldn't need to upgrade them every few years when running SAMBA.

Re:No more licensing fees :) (5, Insightful)

erroneus (253617) | about 2 years ago | (#42254105)

Sorry, but no. There are bunches and bunches of PHBs out there who will perpetually doubt that anyone can make a Microsoft server as good as Microsoft and would be more than a little afraid that by doing this, they would be in violation of some sort of license requirement. At the very least, it would void any support services if an exchange server were to connect to a Samba 4 AD domain. PHBs care a lot about stuff like that even if people rarely if ever use Microsoft's support.

For that dream to become a reality, a big player out there would have to step up and put their branding and reputation behind it. For example, IBM might be a great candidate for that. PHBs still know who IBM is. RedHat might not get the reception Linux users might think they deserve. Oracle, as much as I would like to see them die in a fire, might also be able to pull it off.

For now, the IT world is ruled by PHBs and one must always consider what things they might believe regardless of how ridiculous it may actually be.

Re:No more licensing fees :) (1)

MightyMartian (840721) | about 2 years ago | (#42254229)

It may very well make a difference in smaller and medium sized companies where Microsoft's CAL pricing increases means that replacing aging Server 2003 AD networks could potentially become A LOT cheaper. Obviously you will need someone with the expertise to run a Samba system, but I don't see anything about Samba 4 that's any more complicated than Samba 3.

Re:No more licensing fees :) (1)

erroneus (253617) | about 2 years ago | (#42254061)

Wait what?

I get that the client OS (presuming it is Microsoft Windows) must be licensed, but why the user?

This is the kind of thing I have been waiting for. A means to wedge other OSes into an AD oriented business network. Microsoft can just change a few things and make it required to run this or that server. They have played that game before where F/OSS has to catch up with changes Microsoft makes, but in the end they will lose because they can only make so many tweaks and changes before they risk compatibility with their existing software and clients.

So to set up an AD domain based off of this and be able to manage devices other than Windows clients would be a classic example of embrace and extend which could work against Microsoft. I know... it's just a dream now...

Re:No more licensing fees :) (1)

somersault (912633) | about 2 years ago | (#42253797)

Having said that, or accounts software (shudder) requires SQL server, but it will be nice to move that off to a VM and have all other network services running on Linux at last. Thankyou SAMBA team :)

Re:No more licensing fees :) (-1)

X0563511 (793323) | about 2 years ago | (#42253853)

Why does it require a specific SQL server? Coded by monkeys? SQL is SQL.

Re:No more licensing fees :) (4, Informative)

wonkey_monkey (2592601) | about 2 years ago | (#42253895)

SQL may be SQL, but MSSQL is not MySQL is not PostgreSQL.

Re:No more licensing fees :) (5, Informative)

kagaku (774787) | about 2 years ago | (#42253905)

Spoken like someone who has NEVER done SQL development. SQL most definitely is not SQL, it's a world full of vendor specific dialects of SQL, each varying in subtle and incompatible ways. Not to mention each requires a different method of connection, protocol, authentication and integration.

Re:No more licensing fees :) (0)

X0563511 (793323) | about 2 years ago | (#42253927)

ODBC? JDBC?

Re:No more licensing fees :) (4, Informative)

Tailhook (98486) | about 2 years ago | (#42254035)

ODBC? JDBC?

Neither of these normalize vendor specific dialects. Both of these require vendor specific drivers to implement vendor protocols. All of this leads to costly subtleties.

The grandparent is correct, both in its assertions about SQL and of you.

Re:No more licensing fees :) (1)

Bill Dimm (463823) | about 2 years ago | (#42254111)

ODBC? JDBC?

Neither of these normalize vendor specific dialects...

Minor nitpick, but that should be "Neither of these completely normalize vendor specific dialects." ODBC function substitution (e.g. "{fn CONCAT(x,y)}") normalizes out some basic things, but probably won't cover everything you might want to do.

Re:No more licensing fees :) (2)

TheNinjaroach (878876) | about 2 years ago | (#42254059)

ODBC / JDBC takes care of the connection, protocol and authentication, but it definitely doesn't take care of vendor-specific dialects.

Most good databases support ANSI SQL standards, but those specifications are lacking in too many ways to build a completely functional application without having to poke around with implementation-specific hacks.

Re:No more licensing fees :) (2)

Bill Dimm (463823) | about 2 years ago | (#42254063)

There are a ton of differences that are not normalized away by ODBC, including really basic functionality like the SQL code to drop or add multiple columns (and the need by some to manually drop indexes before dropping the columns, or the need to do a REORG TABLE after dropping columns). And, in spite of how incredibly old the ODBC standard is, ODBC drivers still don't implement some things or implement them incorrectly, so you really can't expect things to work with different DBMSs without testing.

Re:No more licensing fees :) (1)

X0563511 (793323) | about 2 years ago | (#42254119)

Why would you be adding/dropping fields outside of installation/upgrading?

Re:No more licensing fees :) (2)

Synerg1y (2169962) | about 2 years ago | (#42254203)

JDBC... lol, don't java'ers use hibernate now? Shit even got ported to .NET for some reason I'll never fully understand.

Re:No more licensing fees :) (1)

Charliemopps (1157495) | about 2 years ago | (#42254115)

That's not true. You can write code that can use all 3 interchangeably. I do it all the time, as my queries hit tables stored in all 3 formats and it's just way easier to go generic that try and keep your code strait between data sources. Generally if you can do MySQL then you can do everything else with ease. It's the people that have been working in an oracle shop their whole lives and they come out and work with us in the real world with dozens of mixed formats that they have to really learn how to code SQL. PLSQL and other "Fancy" versions are nice because they have little tricks that make some actions easier. But when it comes down to it, if you code it correctly you can drop the same code into any of those formats and it will return the same results. Can you write stuff in one that wont work in the other? Yes, but you don't have to do it that way. There's always a way to do it that will work in all 3, and in truth, that way is likely the best way (although maybe not the easiest).

Re:No more licensing fees :) (1)

gorzek (647352) | about 2 years ago | (#42254153)

Tell me about it. MS SQL supports this, but doesn't support that, but MySQL supports it, and Postgres supports it slightly differently, and let's not talk about Sybase.

Standards sure are awesome when every implementation of it is non-standard.

Re:No more licensing fees :) (1)

Synerg1y (2169962) | about 2 years ago | (#42254187)

You should try NoSQL, and as a guy who's done A LOT of sql development, they're all more or less the same, the syntax may vary, especially with oracle, and so may the licensing fees.

Also, somewhere between ODBC & OLE DB, which as far as I know are supported by any worthwhile SQL "flavor", you can connect SQL to SQL in any form.

Re:No more licensing fees :) (1)

somersault (912633) | about 2 years ago | (#42253961)

By retarded monkeys yes. Their installation CD requires IE. The software items had the worst designed interface I have ever seen. I really doubt it will work with any other SQL server.

If you try porting an app from one DB server to another you'll find out that there are some significant differences between SQL implementations too in terms of available functions, data types, etc.. it's possible to keep things generic, but I doubt most developers do so.

Re:No more licensing fees :) (1)

na1led (1030470) | about 2 years ago | (#42253917)

All we really need now is a Free SQL equivalent. Doubt that will ever happen.

Re:No more licensing fees :) (2)

Synerg1y (2169962) | about 2 years ago | (#42254219)

Nope, enjoy MS licensing fees. Don't google mysql... don't do it...
...
...
...
What did I just say? Now forget everything you've read here and enjoy MS licensing fees, don't forget to buy those CALs.

Re:No more licensing fees :) (1)

Anonymous Coward | about 2 years ago | (#42253935)

Good thing there's already plenty of free open source SQL servers.
Oh, you meant Microsoft SQL Server? I don't see how I could've misunderstood you, given the clear and unambiguous naming policy of this Microsoft product.
I can't wait until they release Microsoft Operating System and Microsoft Web Browser.

Samba Slashdotted (2)

sergioag (1246996) | about 2 years ago | (#42253623)

Slashdot does it again....

Re:Samba Slashdotted (1)

alphatel (1450715) | about 2 years ago | (#42253919)

Slashdot does it again....

I have a feeling that Microsoft slapped them with RIAA, MPAA and a few federal agents before anyone could finish downloading. What a shame, I got cutoff at "Active Director ".

Cool story bro. (-1)

Anonymous Coward | about 2 years ago | (#42253629)

FP

First post (-1)

Anonymous Coward | about 2 years ago | (#42253631)

Yawn

Re:First post (-1)

Anonymous Coward | about 2 years ago | (#42253723)

Yawn as well Video [youtube.com]

But anyway, why use such tool to connect Microsoft software ? Why not use Windows directly ? Don't understand the point of this article

Re:First post (2)

HaZardman27 (1521119) | about 2 years ago | (#42253815)

I'm not a sysadmin, but I believe the whole point is that you can avoid running Windows servers (and all the high costs associated with them) and retain communication and sharing over a non-homogeneous network.

Re:First post (2)

MachineShedFred (621896) | about 2 years ago | (#42253827)

Because if you have several hundred VMs in an organization that do nothing but act as local domain controllers for AD, you can now not spend that money on Windows licensing and instead do it with Linux?

But I guess that wasn't incredibly obvious.

Re:First post (3, Insightful)

Jerslan (1088525) | about 2 years ago | (#42253829)

Because Windows isn't always the best tool for the job? Because having a diverse ecosystem of IT appliances that can all share authentication and other such services is a VERY valuable thing?

fsck yeah! (5, Insightful)

Netdoctor (95217) | about 2 years ago | (#42253689)

Oh My Gawd.

I have been waiting literally *years* for this.

This just made up for an otherwise very crappy day. No, this just fixed my whole year.

Re:fsck yeah! (5, Funny)

neokushan (932374) | about 2 years ago | (#42254141)

I'm going to take a wild stab in the dark and assume you're a sysadmin.

Re:fsck yeah! (1)

danomac (1032160) | about 2 years ago | (#42254147)

Couldn't you have waited until January to say that? With only 21 days left in the year the statement doesn't have much impact!

Is it relevant ? (-1)

Anonymous Coward | about 2 years ago | (#42253691)

I think it is not relevant at all, like you can see on this video :
Video [youtube.com]

Wow (5, Insightful)

Anonymous Coward | about 2 years ago | (#42253693)

I'll be interested to see the reviews on this over the next several months. I'm interested to see how well this performs under different levels of load, and how it utilized group policy. Kind of exciting in an extremely nerdy sort of way.

How does Microsoft feel about this? (5, Interesting)

gstoddart (321705) | about 2 years ago | (#42253703)

I'm assuming if Microsoft could legally stop this, they would.

Likely the interfaces aren't copyrightable and this is probably a clean implementation -- but I'm sure if Microsoft could trot out a patent or something else to stop people they would.

I can't imagine they want implementations of their stuff out there. (Granted, they mostly started out by implementing other people's stuff, so there may not be much they can do about it.)

Re:How does Microsoft feel about this? (0)

Anonymous Coward | about 2 years ago | (#42253807)

How does Microsoft feel about this?

They hate it. They think it's criminal. But for the legal precedents regarding implementing public interfaces and Microsoft's criminal convictions in both the US and the EU they would sue the dickens out of everyone involved with Samba, including you.

Re:How does Microsoft feel about this? (5, Informative)

Jeremy Allison - Sam (8157) | about 2 years ago | (#42253833)

Ahem. Microsoft provided a positive quote for the press release, and were involved in bug fixing to ensure interoperability.

So no, I don't think they hate it :-).

Jeremy.

Re:How does Microsoft feel about this? (2)

ArhcAngel (247594) | about 2 years ago | (#42253869)

O_o

You've never seen two politicians who couldn't stand each other stand together and say nice things about one another in front of a large enthusiastic crowd?

Or are you just really bad a sarcasm?

Re:How does Microsoft feel about this? (4, Funny)

Jeremy Allison - Sam (8157) | about 2 years ago | (#42253943)

In the words of Francis Urquart:

"You might think that. I couldn't possibly comment.." :-).

Re:How does Microsoft feel about this? (4, Interesting)

Xtifr (1323) | about 2 years ago | (#42253897)

Really? I was about to post a snarky reply when I noticed the name and the low-enough-to-be-convincing slashdot ID, so I'll make it more of a simple question.:Given that Microsoft was required to publish the documentation by the EU, and the fact that this basically proves they did comply with the courts orders, can you really be sure they don't hate it? Sure, it gets them off the hook, which is reason enough for them to have helped with the effort, but they can still hate it.

Re:How does Microsoft feel about this? (5, Interesting)

Jeremy Allison - Sam (8157) | about 2 years ago | (#42253975)

Possibly their marketing and senior exec's hate it (although I doubt that - Thomas Pfenning is at director level in the Windows org and he think's it's pretty cool.

But I know their engineers think it's cool :-).

Jeremy.

Re:How does Microsoft feel about this? (1)

Xtifr (1323) | about 2 years ago | (#42254029)

But I know their engineers think it's cool :-).

Hmm, yeah, that part certainly makes sense. :)

Can someone mod this gentleman up please? (-1)

Anonymous Coward | about 2 years ago | (#42253903)

It's a sad reflection on slashdot if it's languishing at +2. Sort it out mods!

Re:How does Microsoft feel about this? (5, Informative)

mcl630 (1839996) | about 2 years ago | (#42253811)

Microsoft provided them with documentation and helped them with interoperability testing. From TFA:

The Samba 4.0 Active Directory Compatible Server was created with help from the official protocol documentation published by Microsoft Corporation and the Samba Team would like acknowledge the documentation help and interoperability testing by Microsoft engineers that made our implementation interoperable.

"Active Directory is a mainstay of enterprise IT environments, and Microsoft is committed to support for interoperability across platforms," said Thomas Pfenning, director of development, Windows Server. "We are pleased that the documentation and interoperability labs that Microsoft has provided have been key in the development of the Samba 4.0 Active Directory functionality."

Re:How does Microsoft feel about this? (1)

gstoddart (321705) | about 2 years ago | (#42253839)

Microsoft provided them with documentation and helped them with interoperability testing.

Well, then allow me to say ... holy crap. As much as I have a hard time believing "Microsoft is committed to support for interoperability across platforms". They haven't historically been interested in that.

Re:How does Microsoft feel about this? (1)

Anonymous Coward | about 2 years ago | (#42253909)

Microsoft of today does not have the same dominance it had in the 1990s. Microsoft of today reminds me of IBM right before IBM took a multi-billion dollar charge and everything changed for them.

I think Microsoft (at least in some departments) can see the writing on the wall and can see how IBM had to become more flexible towards open source in order to remain relevant in a number of markets.

Re:How does Microsoft feel about this? (-1)

Anonymous Coward | about 2 years ago | (#42253951)

You know, for all of this kind of banter I hear from the OSS community about MS doing this, that and another thing the fact of the matter is that MS has been pretty open, it's just your bigotry that keeps the old memes alive.
 
But I expect you'll continue to sing the same song the next time MS proves you wrong, again.

Re:How does Microsoft feel about this? (5, Informative)

erroneus (253617) | about 2 years ago | (#42254183)

From the Groklaw article, the documentation for active directory was sold to the Samba project. The Samba project then went about using the documentation as a reference. Microsoft did not want to sell this documentation to the Samba project and were required to do so under court order. So no. They weren't all that willing to help out.

And if Microsoft starts playing "undocumented features" games again to break compatibility, they will find themselves in court again.

Re:How does Microsoft feel about this? (1)

Anonymous Coward | about 2 years ago | (#42254077)

In 2007, MS was forced by the EU to do that, since SMB & co were based on open industry standards, and you can't just add features to those and not release the docs, because that would mean you’re doing anti-competitive "embrace, extend and extinguish" strategies, which the EU kicked MS's ass for before. Big time!

So to call the convicted serial killer (yes, if you know the whole history, you know that that is exactly what they are) named Microsoft a good guy for this, is like calling somebody a good guy because he didn't beat his kids this year, after being convicted for it, five years ago.

Re:How does Microsoft feel about this? (5, Informative)

leoxx (992) | about 2 years ago | (#42253907)

Of course what you failed to mention is that Microsoft only did this because the European Commission forced them to [samba.org] :

December 20th 2007. Today the Protocol Freedom Information Foundation (PFIF), a non-profit organization created by the Software Freedom Law Center, signed an agreement with Microsoft to receive the protocol documentation needed to fully interoperate with the Microsoft Windows workgroup server products and to make them available to Free Software projects such as Samba. Microsoft was required to make this information available to competitors as part of the European Commission March 24th 2004 Decision in the antitrust lawsuit, after losing their appeal against that decision on September 17th 2007.

Re:How does Microsoft feel about this? (0)

Anonymous Coward | about 2 years ago | (#42253999)

That's fine and all, but it only covers the documentation.

Now where's the court-ordered or governmentally-enforced requirement for them to help test it? It wouldn't surprise me if there isn't one. Microsoft these days isn't the old "Micro$oft" that everyone loves to hate.

Re:How does Microsoft feel about this? (1)

erroneus (253617) | about 2 years ago | (#42254211)

They would not be able to protect themselves from law suits if they didn't have inside knowledge about whether or not their documentation matches the implementation. If Microsoft's documentation is not accurate, they owe the Samba team a revision. This keeps them close to their enemies and out of anti-trust court rooms.

Re:How does Microsoft feel about this? (1)

Frosty Piss (770223) | about 2 years ago | (#42254041)

Of course what you failed to mention is that Microsoft only did this because the European Commission forced them to

Perhaps this is so NOW. But it will be interesting to see what direction Microsoft takes after Steve Ballmer's departure in 2013.

Re:How does Microsoft feel about this? (3, Informative)

Aaden42 (198257) | about 2 years ago | (#42253923)

Wasn't Microsoft *required* by a court judgement or two to provide documentation and interoperability for several of their protocols? I don't think this was entirely out of the goodness of their hearts

See the heading "February 2008 fine" here: http://en.wikipedia.org/wiki/Microsoft_litigation [wikipedia.org]

Re:How does Microsoft feel about this? (1)

Tailhook (98486) | about 2 years ago | (#42253941)

Microsoft provided them with documentation

As per European Commission order and enforced with massive punitive fines levied over a decade. It had to be beat out of them. Don't think for a moment this is volitional. They just can't tolerate any more shareholder meetings where another billion euro fine is on the agenda.

Re:How does Microsoft feel about this? (2)

MooMooFarm (725996) | about 2 years ago | (#42253841)

I'm assuming if Microsoft could legally stop this, they would.

Likely the interfaces aren't copyrightable and this is probably a clean implementation -- but I'm sure if Microsoft could trot out a patent or something else to stop people they would.

I can't imagine they want implementations of their stuff out there. (Granted, they mostly started out by implementing other people's stuff, so there may not be much they can do about it.)

Well if this article is still valid, then I would say they don't mind Samba. http://linux.slashdot.org/story/08/10/23/1441200/microsoft-working-for-samba-interoperability [slashdot.org]

Microsoft helped (4, Informative)

Gazzonyx (982402) | about 2 years ago | (#42253843)

Stop them? Microsoft helped the Samba team. Microsoft even uses the samba torture testing framework internally for their own products as I understand it. The torture tests catch crap that their own testing wouldn't since it tries to send packets that Windows clients would never send.

The EU is still a bit angry at Microsoft (remember when they had to release all of the documentation on their implementation of the SMB protocol?) and they don't need to be stoking that flame.

Re:How does Microsoft feel about this? (0)

Anonymous Coward | about 2 years ago | (#42253913)

They tried to stop this years ago but lost and settled with the SAMBA team over the remaining issues.

Re:How does Microsoft feel about this? (0)

Anonymous Coward | about 2 years ago | (#42254013)

They can't. But they will release a new Service Pack, with "updates" that will little by little will make newer version of windows incompatible with samba 4....

Re:How does Microsoft feel about this? (5, Informative)

Bengie (1121981) | about 2 years ago | (#42254091)

Microsoft actually invited several of the SAMBA team over, had 2 senior engineers on hand to answer any questions they had about SMB and even gave the SAMBA team their own VM environment complete with Win7/Win8/Linux to run SMB2/3 compatibility testing. Lots of questions about RDMA, Interface teaming, and multi-pathing.

The SAMBA team said they received a lot of insight and understanding from their time with the MS engineers and were impressed and excited.

I'm not sure Microsoft is too concerned about SAMBA 4 being released.

Re:How does Microsoft feel about this? (1)

Bengie (1121981) | about 2 years ago | (#42254259)

Seems the source from which I was remembering was a bit slanted. After a hair bit of digging, it seems MS was forced by the EU to work with SAMBA because of anti-trust issues.

Yes, MS is probably quaking in their shoes.

Re:How does Microsoft feel about this? (1)

AlphaWolf_HK (692722) | about 2 years ago | (#42254185)

Active directory is mostly built around LDAP, Kerberos, and SQL, all of which are open standards.

What's new? (2)

AlphaWolf_HK (692722) | about 2 years ago | (#42253709)

I did a network integration capstone course where we had linux and windows in a single active directory domain, with single sign on and all users and objects in one database. How is this different?

More power to them though, active directory is HUGE in the enterprise space. If you could integrate its security controls and policies into android tablets and smartphones, windows 8 and its lame tablet UI will never see the light of day in big business.

Re:What's new? (4, Informative)

bluefoxlucid (723572) | about 2 years ago | (#42253747)

The domain is run by Samba straight on Linux, not by an Active Directory Domain Controller on Windows 2008 Server.

Re:What's new? (2)

jon3k (691256) | about 2 years ago | (#42253813)

This didn't require a windows DC.

Re:What's new? (1)

X0563511 (793323) | about 2 years ago | (#42253857)

This new Samba release is the DC.

Re:What's new? (1)

jon3k (691256) | about 2 years ago | (#42253873)

Which is why I specified "Windows DC"

Re:What's new? (1)

Anonymous Coward | about 2 years ago | (#42253915)

Then you didnt have active directory, you had nt style domain single sign on etc.. was all possible, even to a limited extend you could push via batch files application installs all with samba 3.

Re:What's new? (1)

simplexion (1142447) | about 2 years ago | (#42253881)

How did you manage Windows clients? Could you lock them down and make changes to the machine depending on who logged on?

Too Late (-1)

Anonymous Coward | about 2 years ago | (#42253801)

Too late, the cloud has emerged and both the LAN and the classical "desktop management" is going to slowly die. I do not think many companies are going to change a Microsoft expensive LAN technology for a free&opensource one based on Linux: they will rather spend the time and the cash on switching to the cloud and a web based administration system.

Re:Too Late (5, Funny)

X0563511 (793323) | about 2 years ago | (#42253867)

Where the fuck do you think all that web-based administration plugs into, a unicorn?

Re:Too Late (1)

bigstrat2003 (1058574) | about 2 years ago | (#42253879)

Uh-huh. Right...

I hate to be the one to burst your bubble, but cloud-based services complement traditional computing environments, they do not replace them. If you're in certain situations (e.g., a small business with only 10 employees), the cloud can indeed be your entire IT infrastructure... but that won't work for everyone. Different needs for different organizations.

Administrative UI (1)

Anonymous Coward | about 2 years ago | (#42253803)

Does swat still suck sweaty donkey balls?

Re:Administrative UI (5, Informative)

Jeremy Allison - Sam (8157) | about 2 years ago | (#42253849)

Yes :-). That's why you can use the Windows tools to administer Samba4.0 AD server :-).

Jeremy.

Re:Administrative UI (1)

erroneus (253617) | about 2 years ago | (#42254231)

REALLY?!??!

OMG, that's huge!!

I wouldn't jump the gun just yet (1)

na1led (1030470) | about 2 years ago | (#42253819)

This might work for small networks, but what about Virtualization environments, Hyper-V, Multiple AD servers, Proxies, etc. I'm sure it's going to have limitations.

Re:I wouldn't jump the gun just yet (1)

Jeremy Allison - Sam (8157) | about 2 years ago | (#42253885)

It's just an AD server. Why would running under Virtualization environments, Hyper-V, Multiple AD servers, matter ?

Jeremy.

Re:I wouldn't jump the gun just yet (0)

na1led (1030470) | about 2 years ago | (#42253955)

Oh I don't know, things like OU, Group Policies, scripts, etc. How is Linux going to handle those?

Re:I wouldn't jump the gun just yet (0)

Anonymous Coward | about 2 years ago | (#42254107)

Oh I don't know, things like OU, Group Policies, scripts, etc. How is Linux going to handle those?

You are really doing a fantastic job at broadcasting the fact that you haven't used or even read much about Samba4. It is a *complete* Active Directory replacement and as such does ALL of the things you have mentioned.

In case you don't get it yet, if you are running a Samab4 domain controller you use exactly the same Windows-based tools to administer things like OU and group policies as you would if the domain controller was a Windows server running Active Directory.

Not sure why you even mention scripts. Client side you can do all the usual Windows fun- powershell, vbscript, batch files etc. Server side, Samba4 allows you to use Python to do almost anything.

Re:I wouldn't jump the gun just yet (1)

na1led (1030470) | about 2 years ago | (#42254169)

Have you looked at all the known issues and unsupported features? Who in their right mind is going to ditch their AD server at work, in a production environment for something that isn't fully compatible. When something goes wrong, will Microsoft assist you? I think not. This is fine for small networks, those on a budget, or maybe someday when it has fully matured.

Re:I wouldn't jump the gun just yet (1)

bigstrat2003 (1058574) | about 2 years ago | (#42254217)

You mean things that are either essential parts of AD and can be assumed to be implemented, or things which were specifically called out in TFS as being supported? Granted: saying they support it is not the same as actually supporting it. But unless you've already installed and tested this thing, it's a bit early to be calling bullshit on their claims.

Re:I wouldn't jump the gun just yet (0)

Anonymous Coward | about 2 years ago | (#42254075)

More importantly why would you have a DC function as a HyperV Host as well? That's NOT the ideal way to utilize virtualization to segregate systems. Your hypervisor should run by it's lonesome on the "host" OS.

Re:I wouldn't jump the gun just yet (2)

PlusFiveTroll (754249) | about 2 years ago | (#42253945)

You're going to have to catch me up why Hyper-V and Visualization matter in your sentence. If your V-Server depends on AD which is on the V-Server you're going to have an issue.

http://www.vmware.com/files/pdf/Virtualizing_Windows_Active_Directory.pdf [vmware.com]

People have already setup Samba4 and W2K8 ADs working together

http://admingeeks.blogspot.com/2011/05/samba-4-domain-controller-part-4-adding.html [blogspot.com]

The other issues are potentially a problem as there are thousands of different AD configurations out there, and all of them have not been tested.

Re:I wouldn't jump the gun just yet (1)

na1led (1030470) | about 2 years ago | (#42254097)

We use Hyper-V at our work, and sometimes VMs won't start if by chance there is an issue with the DC, that's why we have multiple AD servers. Plus I doubt Samba would integrate with System Center. There is a whole list of unsupported features and known issues - https://wiki.samba.org/index.php/Samba_4.0_Whitepaper [samba.org]

Re:I wouldn't jump the gun just yet (2)

Xtifr (1323) | about 2 years ago | (#42254007)

Didn't most of that stuff already work with OpenLDAP and Kerberos? Wasn't the only remaining issue the MS-specific bits of the protocol? I mean, yes, those are questions worth asking, but you seem to be assuming the answer is no; I would tend to assume the answer is, mostly, yes.

This is not some upstart, fly-by-night system. Samba has been in heavy use in the enterprise space for many years. I've been amazed at some of the companies I've stumbled across that were using Samba servers even before the AD support was available.

Re:I wouldn't jump the gun just yet (5, Informative)

Zombie Ryushu (803103) | about 2 years ago | (#42254233)

Samba 3+OpenLDAP+Heimdal Kerberos created what were often termed "Open Directory Services" by the Apple Crowd. They were mutant NT 4.0 Domains that had broken a bunch of the limitations of NT4, (such as multiple PDCs and levels of trusts.) provided LDAP and Kerberos, but to Windows, they were still just NT Domains to Windows. Not true ADs. XP and 2000 would disable Kerberos because it thought it was talking to NT4. Windows 7 dropped support for NT4 EXCEPT there was a special mode just for Samba 3 to work, and you had to edit the registry to get it working.

Coincidental timing? (1)

HaZardman27 (1521119) | about 2 years ago | (#42253855)

It's funny that this happens (and gets posted on Slashdot) today, not long after the announcement of the live interview with Luke Leighton, who started the Samba TNG fork.

Re:Coincidental timing? (0)

Anonymous Coward | about 2 years ago | (#42254135)

It's funny that this happens (and gets posted on Slashdot) today, not long after the announcement of the live interview with Luke Leighton, who started the Samba TNG fork.

Nothing coincidental about it- Samba4 development really took off this year (the RCs have been coming thick and fast for a while now) and the release date has been scheduled for today for some time now.

GPLv3 (0)

psergiu (67614) | about 2 years ago | (#42253967)

Unfortunatelly they kept the GPLv3 licence so it will never get used in any corporation large enough to have a "normal" legal team. :-(
I looks like Microsoft "educated" most of the lawyers that GPLv3 means trouble.
So Samba will be used by either small companies where the owner/CEO is smart enough that it does not care or by Google-level companies where the engineers have a word to say.
All the rest will have their lawyers say: "GPLv3 does not allow you to use Samba to manage protected information so we better buy some proprietary software without those limitations"

Re:GPLv3 (5, Insightful)

Jeremy Allison - Sam (8157) | about 2 years ago | (#42254033)

Oh you mean corporations like IBM, EMC, Netgear, WDC,Google ? Yeah, the GPLv3 really scared them :-).

Listen to my presentation here:

http://www.softwarefreedom.org/podcast/2011/may/10/why-samba-switched-to-GPLv3/ [softwarefreedom.org]

to explain why GPLv3 is a *better* license for commercial use the GPLv2.

Jeremy.

Re:GPLv3 (0)

Anonymous Coward | about 2 years ago | (#42254197)

GPLv3 may stop them selling samba solutions without providing the source but I'm not sure how this causes any problems with utilising it internally?

Occasion (1)

DaMattster (977781) | about 2 years ago | (#42254253)

This kind of a momentous occasion because it represents many, many man hours of work. I think Samba 4.0 has been under development since 2003. Nine long years and the fruits of the labor have been realized.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?