• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Samba4 Introduction

Samba4 Introduction



s the culmination of ten years' work, the Samba Team has created the first compatible Free Software implementation of Microsoft’s Active Directory protocols. ...

s the culmination of ten years' work, the Samba Team has created the first compatible Free Software implementation of Microsoft’s Active Directory protocols.
LDAP, Kerberos, DNS, and all other essential services that are required for Active Directory are natively supported by Samba4.
Samba4 doesn't have only Active Directory functions, but it has also many other incredible features like smb3 protocol implementation, ctdb (cluster) functionality and much more.
The presentation will describe the supported scenarios of Samba 4 as an Active Directory DC and also, discusses the developments in the File Server, in particular the components of SMB2, SMB3 and CTDB.



Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Samba4 Introduction Samba4 Introduction Presentation Transcript

    • Beolink.org! SAMBA 4 
 Fabrizio Manfredi Furuholmen
    • Beolink.org! Froscon 2013" 2" Agenda §  Introduction §  Samba 4 §  Goals §  Active Directory §  SMB 2.X/3 §  CTDB §  Overview §  Samba §  ecosystem
    • Beolink.org!Introduction Froscon 2013" 3" What is Samba ?!
    • Beolink.org!Introduction Froscon 2013" 4"
    • Beolink.org!Introduction Froscon 2013" 5" Samba provide secure, stable and fast file and print services for all clients using the SMB/CIFS protocol, such as all versions of DOS and Windows, OS/2, Linux and many others…"
    • Beolink.org!Introduction Froscon 2013" 6" q Andrew Tridgell developed the first version of Samba Unix in December 1991 and January 1992" q Tridgell released "netbios for unix", nbserver, version 1.5 in December 1993." q Versions 1.6, 1.7, 1.8, and 1.9 followed relatively quickly, with the latter being released in January 1995. " q May 1996 to mark the birth of the Samba Team" q Version 2.0.0 was released in January 1999, and version 2.2.0 in April 2001." q Version 3.0.0, released on 23 September 2003," q Version 4.0.0, started in November 2003," q Version 3.1.0 released September 2004" " q Version 3.2.0 was released on 1 July 2008" q Version 3.3.0 was released on 1 January 2009" q Version 3.4.0 was released on 3 july 2009" q Version 3.5.0 was released 1 March 2010." q Version 3.6.0 was released on 9 August 2011. " " " Samba Release Planning from 2008" •  nine months fully supported," •  another nine months in the maintenance mode," •  nine months in the security fixes only mode. " " In total, each series is maintained for a period of approximately 27 months. "
    • Beolink.org!Introduction Froscon 2013" 7" Is Samba a dead project ?! " Some stats:" q 4801 commits last year " (7286 in 2011, and 10290 in 2010)" " q 72 unique contributors" q 550K lines changed (down from 770K)" q 1602 patches were reviewed" "
    • Beolink.org!Introduction Froscon 2013" 8"
    • Beolink.org!Introduction: Samba usage Froscon 2013" 9" Domestic Storage NAS" All in one Appliance" No i386 hw" Heterogeneous env" High performance " Fanatic" No money.." " Few small business" Few installation for office automation " Small/ embedded" XXL Env" $"
    • Beolink.org!Samba4: Goals Froscon 2013" 10" “The basic goals of Samba4 are quite ambitious, but achievable: " protocol completeness " extreme testability " non-POSIXbackends " fully asynchronous internals " flexible process models " auto-generated RPC infrastructure " flexible database architecture" “" " Andrew Tridgell From sambaxp 2004!
    • Beolink.org!Samba4 Froscon 2013" 11" …and Version 4.0 was released on December 11, 2012…"
    • Beolink.org!Samba4 Froscon 2013" 12" AD! SMB2.x/3! Highly asynchronous! Simplicity! Security (Coverity) ! Many other improvements!
    • Beolink.org! 9/4/13" 13" Powerful Identity Management (for Free)" Introduction: Samba4 AD Identity" Users" Authentications" Systems"Groups" Policies" LDAP storage (extensibile)! Kerberos! DNS (update)" Group Policies!
    • Beolink.org!Samba4: Simple Froscon 2013" 14" Everything is inside" Only a few steps" Migration scripts/ python lib" MMC interoperation" Simple to deploy!
    • Beolink.org!Samba4: demo Froscon 2013" 15" Are you sure … do you want to see a demo ?"
    • Beolink.org!Samba4: AD features Froscon 2013" 16" AD:! •  forests: 1, domains: 1, domain controllers: 1" •  Trusts: Samba can be trusted" •  Samba can not trust" Replication:! •  directory replication works" •  sysvol replication :Not implemented yet" •  multiple Samba DCs possible (sysvol replicated externally)" Samba4.1comingsoon!
    • Beolink.org!SMB 2.x Froscon 2013" 17" SMB (Server Message Block) is a remote file protocol! In the 2007 was released the smb 2.x, it was the first major redesign of SMB since 1997 (or 1987)! q Reduced complexity, going from over 100 commands and subcommands to just" q Request compounding, which allows multiple SMB requests to be sent as a single network request " q Larger reads and writes make better use of faster networks, even with high latency " q Caching of folder and file properties, where clients keeps local copy of information on folders and files " q Durable handles allow an SMB2 connection to transparently reconnect to the server if there is a temporary loss of network connectivity " q Message signing improved (HMAC SHA-256 replaces MD5 as hashing algorithm) and configuration/interoperability issues simplified" q Improved scalability for file sharing (number of users, shares and open files per server greatly increased)" q Extension mechanism (for instance, create context or variable offsets)" q Support for symbolic links! q …!
    • Beolink.org!SMB 2 Froscon 2013" 18" File Copy performance seen in the" real world much faster than SMB1" " q  Up to ~45x throughput for WAN" q  Up to 2-10x throughput for LAN" Transparent caching! LAN!
    • Beolink.org!SMB 2 Froscon 2013" 19"
    • Beolink.org!SMB 3 Froscon 2013" 20" SMB3! ! ! With windows server 2012 and windows 8, the smb reached the version 3 (aka 2.2)" q Availability " q SMB Transparent Failover" q SMB Multichannel" q …." q Scale Out" q SMB Direct (RDMA)" q Directory Leasing" q BranchCache™ V2" q Backup" q VSS for SMB File Shares" q Security " q SMB Encryption –AES-CCM" q Signing -AES-CMAC" q Management"
    • Beolink.org!SMB 3 Froscon 2013" 21" Ethernet10Gb"Infiniband32Gb"Infiniband54Gb" http://Smb3.info" The new futures are for:! q Central storage " q Virtualization infrastructure" "
    • Beolink.org!Samba4: SMB 2.2/3 Froscon 2013" 22" "SMB2 is superfast, increases security, and improves Windows compatibility.” by Apple"
    • Beolink.org!Samba4: I forgot to tell you… Froscon 2013" 23" " Samba4:" •  Active Directory Compatible Sever (AD/DC)" •  daemon "samba”" •  integrated LDAP server" •  integrated Kerberos server (heimdal)" •  intergrated DNS server (or external bind)" Samba3" •  Standalone and domain member Iaemons smbd, nmbd, winbindd(4)" •  SMB 2.0 now complete with durable hanldes" •  partial SMB 2.1 support with Multi-Credit" •  basic SMB 3.0 support" Franky(Samba4)!
    • Beolink.org!Samba4: Fileserver Froscon 2013" 24" S3fs is the name that has been given to a development effort to make possible the agreed default file server configuration for Samba 4.0 as an AD Domain controller." q Samba 3 file server " q SMB 3 implementation" " Ntvfs, used Samba 4.x alpha series" q Early SMB2 support." q Native filesystem" " To communicate between the smbd process that handles file sharing and the DCE/RPC server, all the SMB named pipe operations are converted into operations on a unix domain socket. (Franky Project)"
    • Beolink.org!CTDB 25" SambaXP 2013" Samba Server " DoYouthinkisitenough! oneSamba?! Cluster Filesystem!
    • Beolink.org!Samba4: Cluster problem Froscon 2013" 26" Sharing the data! " Session! q  IPC: messaging (messages.tdb and signals)" q  IPC: share volatile session data:" q  SMB sessions (sessionid.tdb)" q  share connections (connections.tdb)" q  share modes (locking.tdb)" q  byte range locks (brlock.tdb)" Persistent! q  user database (passdb.tdb)" q  domain join information (secrets.tdb)" q  id mapping tables (winbindd idmap.tdb)" q  registry (registry.tdb)"
    • Beolink.org!CTDB 27" SambaXP 2013"
    • Beolink.org!CTDB Froscon 2013" 28" High Availability! Each CTDB node is assigned two ip addresses, one private that is tied to a physical node and is dedicated to inter-CTDB traffic only and a second "public" ip address which is the address where clustered services such as SMB will bind to." " The CTDB cluster will ensure that when physical nodes fail, the remaining nodes will temporarily take over the public ip addresses of the failed nodes. " " Load distribution! Load between the nodes base on round-robin DNS! When a physical node takes over the public ip address of a failed node it will first send out a few Gratious, secondly the new node will also send a few "tcp tickles" to ensure that all clients that have established tcp connections to the failed node immediately detects that the tcp connections have terminated and needs to be recovered. " http://www.samba.org/~obnox/presentations/sambaXP-2010/sambaxp-2010-tutorial-ctdb-handout.pdf" https://wiki.samba.org/index.php/CTDB_Setup"
    • Beolink.org!CTDB: Performance Froscon 2013" 29" GPFS file system! 32 client smbtorture NBENCH test! " 1 node: 109 MBytes/sec" 2 nodes: 210 MBytes/sec" 3 nodes: 278 MBytes/sec" 4 nodes: 308 MBytes/sec" " " By Andrew Tridgell and Ronnie Sahlberg, Linux Conf Australia 2009" "
    • Beolink.org!Samba4: Open platform Froscon 2013" 30" Samba" RPC Library " VFS" Wrapper" 3rd parties" http://www.samba.org/samba/vendors/"
    • Beolink.org!Samba4: VFS Froscon 2013" 31" Stackable VFS (Virtual File System)! Samba passes each request to access the UNIX file system through the loaded VFS modules. This chapter covers the modules that come with the Samba source and provides references to some external modules." q Disk/share/fs operations" q Directory operations" q File operations" q NT ACL operations" q POSIX ACL operations" q EA operations" q AIO operations " q Offline operations"
    • Beolink.org!Samba4: VFS Froscon 2013" 32" http://sambaxp.org/fileadmin/user_upload/SambaXP2012-DATA/ thu/track2/Richard-Sharpe-Developing-Samba-VFS-Modules.pdf"
    • Beolink.org! 33" Base on VFSX VFSX is a transparent Samba Virtual File System (VFS) module which forwards operations to a process on the same machine for handing outside of the Samba daemon process…! SambaXP 2012" Python Server! " … " while True:" msg = self.request.recv(512)" if not msg: break" log.debug(msg)" # Handle message-parsing and operation execution error here." # Socket communication errors should be propagated." try:" "(operation, user, origpath, args) = self.__parseMessage(msg)" "result = self.__callOperation(operation, user, origpath, args)" except Exception, e:" "result = VFSOperationResult(FAIL_ERROR)" "log.exception(e)" self.request.send("%d" % result.status)" " # The client probably closed the connection." self.request.close()" log.debug("Close Connection”)" " def __parseMessage(self, msg):" parts = msg.split(":")" (operation, user, origpath) = parts[0:3]" log.debug(" operation = '%s' user = '%s' origpath = '%s'" %" " " "(operation, user, origpath))" args = []" if len(parts) > 3:" "args = parts[3].split(",")" "log.debug(" args = '%s'" % parts[3])" return (operation, user, origpath, args)" Example available to :" http://sambaxp.org/fileadmin/user_upload/ SambaXP2012-DATA/thu/track2/Richard-Sharpe- Developing-Samba-VFS-Modules.pdf"
    • Beolink.org!OpenChange Froscon 2013" 34" OpenChange is a portable Open Source implementation of Microsoft Exchange server and Exchange protocols. It provides a complete solution to interoperate with Microsoft Outlook clients or Microsoft Exchange servers. " q  Drop-In replacement" q  Interoperability with Microsoft Exchange Protocols" q  Native and transparent Microsoft Outlook support" q  Work on top of Samba Active Directory technology" q  Interface existing data storage backend" "
    • Beolink.org!Linux Kernel module Froscon 2013" 35" " Main Goals :! q  Local/Remote Transparency" q  Most applications shouldn't notice or care if on remote mount vs. ext4" q  Near perfect POSIX semantics to Samba servers (and those which " q  implement POSIX extensions) and best effort semantics to Windows and " q  other NAS filers" q  Fast, efficient, full function, secure method for accessing (from Linux) data " q  which lives on Windows servers or other NAS" q  As reliable as reasonably possible over bad networks" q  Be able to read and set not just file data but also all reasonably important " q  Windows metadata (for backup, archive, gateways and to help server " q  migration)" "
    • Beolink.org!Linux Kernel module Froscon 2013" 36" Simple test:! " $ dd if=./ddtest.out of=/dev/null bs=1M" " Results: " " Unpatched 3.4-rc2 kernel -- rsize is always capped at 16k here: " 1073741824 bytes (1.1 GB) copied, 97.6394 s, 11.0 MB/s" " Patched 3.4-rc2 kernel – rsize=1M:" 1073741824 bytes (1.1 GB) copied, 9.89869 s, 108 MB/s" " Patched 3.4-rc2 – rsize=61440:" 1073741824 bytes (1.1 GB) copied, 13.4146 s, 80.0 MB/s" " " " *cifs_iovec_read now collects/issues (larger) asynchronous reads. Primarily of use when a " share is mounted with forcedirectio, or strictcache and the client doesn't have an oplock for " the file being (in 3.5. From Jeff Layton)" " " "
    • Beolink.org! 37" What is the future ? SambaXP 2012" It is difficult to make predictions,! especially about the future….!
    • Beolink.org!Samba4: Result Froscon 2013" 38" Samba 4 integrates fully with Active Directory, and you can migrate an Active Directory domain to Samba 4"
    • Beolink.org!Samba4: Warning Froscon 2013" 39" The use of older documentation or mail list archives, especially those that reference Samba4 “test” and “alpha” releases, is strongly discouraged. "
    • Beolink.org!Samba4: Warning Froscon 2013" 40" If you are using an ext3 or ext4 filesystem on Linux, you should ensure that the filesystem is mounted with the user_xattr,acl,barrier=1 option. ."
    • Beolink.org!Samba4: SambaXP Froscon 2013" 41" The Samba eXPerience is the   international Samba conference for users and developers. Meet the Samba Team and discuss requirements, new features and get an update on current developments! ! " Göttingen, Germany " www.sambaxp.org" "
    • Beolink.org!! Thank you