The latest version of Samba, the free software that provides systems running Linux and Unix with Windows-compatible file and print services, now works more closely than ever with Windows. Samba 3.0, which became available last month, enables machines to join an Active Directory domain as a native member and to authenticate users with LDAP and Kerberos. For companies that use Active Directory, these improvements can make a mixed- platform server environment easier to manage.
Samba now supports publishing printer attributes in Active Directory and can establish trust relationships with Windows NT 4.0 domain controllers.
Samba cannot yet serve as an Active Directory domain controller or a Windows NT-style backup domain controller. However, its capability as an NT-style primary domain controller offers sites that have held off on deploying Active Directory a strong option for replacing their Windows file and print servers with Linux boxes running Samba—for which they needn’t buy client access licenses.
The Samba Team’s latest Samba upgrade can replace or serve alongside Windows
Microsoft Corp. has announced that it will provide incident support and security hot fixes for Windows NT 4.0 only through the end of next year, which means that companies running these machines must make plans to migrate if they haven’t already done so. Samba will maintain user, group and domain security identifiers for businesses that are switching from Windows NT 4.0 domains to Samba domains.
Samba ships with SWAT (Samba Web Administration Tool), a Web-based management and setup client that offers a basic interface into the universe of different configuration options for Samba. Compared with the setup wizards in Windows 2003, SWAT is daunting—although it does include a couple of simple wizards of its own.
There are several other front ends for configuring Samba. We’ve been impressed in the past with Red Hat Inc.’s Samba setup tool for basic configuration. In addition, Apple Computer Inc. has done a good job of putting a friendly face on Samba in Mac OS X.
However, many scenarios, such as joining an Active Directory domain in native mode, are relatively complicated to set up because they require modifications to the configuration files of numerous components in addition to Samba.
We tested Samba using Red Hat Linux 9 in Windows 2000 and Windows 2003 Active Directory environments, and the setup process required tweaks to our Domain Name System setup and hosts file and to our installations of Kerberos and winbindd.
We’d like to see the likes of Red Hat and Apple expand their native Samba setup tools to expose more of Samba’s impressive capabilities and do so in a way that integrates well with the rest of the operating system.
Samba 3.0 does ship with good documentation, and there’s quite a bit of additional material available at www.samba.org, where Samba can be downloaded as source code.
There are also Samba binaries available at the site for certain Linux distributions, including Red Hat, Mandrake and Debian.
Discuss this in the eWEEK forum.
Senior Analyst Jason Brooks can be reached at firstname.lastname@example.org.