Samba 4 AD + Fileserver



Similar documents
SerNet. Samba Status Update. Linuxkongress Hamburg October 10, Volker Lendecke SerNet Samba Team. Network Service in a Service Network

Samba 4.2. Cebit 2015 Hannover

SerNet. Clustered Samba. Nürnberg April 29, Volker Lendecke SerNet Samba Team. Network Service in a Service Network

SerNet. Samba Status Update. Munich 13. March Volker Lendecke SerNet Samba Team. Network Service in a Service Network

<Samba status report>

Scalable NAS Cluster With Samba And CTDB Source Talk Tage 2010

SMB3 in Samba. Multi-Channel and Beyond. Michael Adam Red Hat / samba.org

Integration with Active Directory. Jeremy Allison Samba Team

SAMBA AND SMB3: ARE WE THERE YET? Ira Cooper Principal Software Engineer Red Hat Samba Team

Clustered CIFS For Everybody Clustering Samba With CTDB. LinuxTag 2009

Microsoft SMB Running Over RDMA in Windows Server 8

Univention Corporate Server. Operation of a Samba domain based on Windows NT domain services

Samba s Way Toward SMB 3.0

A COMPARISON BETWEEN THE SAMBA3 AND LIKEWISE LWIOD FILE SERVERS

Samba as an Active Directory Domain Controller

Samba in the Enterprise : Samba 3.0 and beyond

FreeIPA Cross Forest Trusts

Going in production Winbind in large AD domains today. Günther Deschner (Red Hat / Samba Team)

Implementing Active Directory Hurdles, Obstacles, and the Finish Line. Jim McDonough Samba Team IBM Linux Technology Center April 6, 2004

Using Samba to play nice with Windows. Bill Moran Potential Technologies

Windows 2000 Security Architecture. Peter Brundrett Program Manager Windows 2000 Security Microsoft Corporation

Integrating UNIX and Linux with Active Directory. John H Terpstra

Active Directory network protocols and traffic

Migration of Windows Intranet domain to Linux Domain Moving Linux to a Wider World

Windows Services. Support Windows and mixed-platform workgroups with high-performance, affordable network services. Features

Implementation of Hadoop Distributed File System Protocol on OneFS Tanuj Khurana EMC Isilon Storage Division

Mac OS X Directory Services

An Open Source Wide-Area Distributed File System. Jeffrey Eric Altman jaltman *at* secure-endpoints *dot* com

Protocols for Dummies

Common Internet File System

Cross-Realm Trust Interoperability, MIT Kerberos and AD

Active Directory network protocols and traffic

SMB remote file protocol (including SMB 3.0) SW Worth, Microsoft

What we are going to cover...

Module 10: Maintaining Active Directory

Open Enterprise Server Product Roadmap Presentation

Samba 4 Status Update

v7.8.2 Release Notes for Websense Content Gateway

Integrating Red Hat Enterprise Linux 6 with Microsoft Active Directory Presentation

Lustre SMB Gateway. Integrating Lustre with Windows

OVERVIEW OF TYPICAL WINDOWS SERVER ROLES

Hyper-V over SMB: Remote File Storage Support in Windows Server 2012 Hyper-V. Jose Barreto Principal Program Manager Microsoft Corporation

WINDOWS 2000 Training Division, NIC

Load Balancing and High availability using CTDB + DNS round robin

Samba File Sharing 1 of 17. File Sharing. Hal Miller & Leeland Artra. Notes:

SKV PROPOSAL TO CLT FOR ACTIVE DIRECTORY AND DNS IMPLEMENTATION

OpenVMS Update & OpenVMS Common Internet File System based on SAMBA

LinuxCon North America

Samba. Samba. Samba 2.2.x. Limitations of Samba 2.2.x 1. Interoperating with Windows. Implements Microsoft s SMB protocol

Samba and Vista with IPv6

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

Architecture and Mode of Operation

Introduction to Active Directory. December 10th, pm Daniels 407

Clustered NAS meets GPFS. Andrew Tridgell LTC ALRT Team

Active Directory Compatibility with ExtremeZ-IP. A Technical Best Practices Whitepaper

Microkernels, virtualization, exokernels. Tutorial 1 CSC469

Using SUSE Linux Enterprise Desktop with Microsoft * Active Directory Infrastructure

How to build an Identity Management System on Linux. Simo Sorce Principal Software Engineer Red Hat, Inc.

What s new in Hyper-V 2012 R2

Getting Started Guide

Distributed File System Choices: Red Hat Storage, GFS2 & pnfs

SuSE File and Print Services with

Faculty Details. : Assistant Professor ( OG. ),Assistant Professor (OG) Course Details. : B. Tech. Batch : : Information Technology

Samba's AD DC: Samba 4.2 and Beyond. Presented by Andrew Bartlett of Catalyst //

Active Directory Compatibility with ExtremeZ-IP

What s in Installing and Configuring Windows Server 2012 (70-410):

Configuring Windows Server Clusters

Network File System (NFS) Pradipta De

Other documents in this series are available at: servernotes.wazmac.com

Introduction to Highly Available NFS Server on scale out storage systems based on GlusterFS

Testing Samba for Bigger Environments Samba / Linux / OpenLDAP at the german federal parliament

Active Directory Comapatibility with ExtremeZ-IP A Technical Best Practices Whitepaper

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

Table Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10

Network Attached Storage. Jinfeng Yang Oct/19/2015

What is included in the ATRC server support

1 Introduction. Ubuntu Linux Server & Client and Active Directory. Page 1 of 14

Enterprise Deployment of the EMC Documentum WDK Application

SUSE Manager 1.2.x ADS Authentication

NFS Ganesha and Clustered NAS on Distributed Storage System, GlusterFS. Soumya Koduri Meghana Madhusudhan Red Hat

SNARE Agent for Windows v Release Notes

Implementing the Hadoop Distributed File System Protocol on OneFS Jeff Hughes EMC Isilon

Open Directory. Apple s standards-based directory and network authentication services architecture. Features

A Technical Best Practices White Paper

Directory and File Transfer Services. Chapter 7

"Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary

How To Use 1Bay 1Bay From Awn.Net On A Pc Or Mac Or Ipad (For Pc Or Ipa) With A Network Box (For Mac) With An Ipad Or Ipod (For Ipad) With The

Charles Firth Managing Macs in a Windows World

Handling POSIX attributes for trusted Active Directory users and groups in FreeIPA

R4: Configuring Windows Server 2008 Network Infrastructure

Open Source Terminal Server Architecture for Enterprise Environment

SMB Advanced Networking for Fault Tolerance and Performance. Jose Barreto Principal Program Managers Microsoft Corporation

Collax Active Directory

Network operating systems typically are used to run computers that act as servers. They provide the capabilities required for network operation.

Kangaroot SUSE TechUpdate Interoperability SUSE Linux Enterprise and Windows

soliddb Fundamentals & Features Copyright 2013 UNICOM Global. All rights reserved.

OPC UA vs OPC Classic

InfiniBand Software and Protocols Enable Seamless Off-the-shelf Applications Deployment

Transcription:

Samba 4 AD + Fileserver Linuxtag 2013 Volker Lendecke Samba Team

Volker Lendecke Co-founder - Service Network GmbH Free Software as a successful business model Network Security for the industry and the public sector Samba-Support/Development in Germany 20 years concerned with Free Software First patches to Samba in 1994 2013, GmbH, Volker Lendecke

SLA based support for more than 650 customers network security for industrial and public customers firewalls, VPN, certificates, audits based on open standards wherever possible Support for many OS: Linux, Cisco IOS, Windows etc. Compliant with BSI Grundschutz and ISO 27001 and other international regulations 2013, GmbH, Volker Lendecke

and Samba technological leadership of worldwide involved in almost every big European Samba project Half of the European developers work for distributes up-to-date Samba packages samba experience The international Samba conference > 150 developers & users from > 15 countries 2013, GmbH, Volker Lendecke

What is Samba? Interoperability between Windows and Unix systems Most protocols Windows speaks today SMB (File Sharing), Printing, Browsing, Authentication Samba makes unix machines show up in Network Neighborhood Samba runs on most Unixes these days Main development platform is Linux Solaris, AIX, HP/UX, Stratus V/OS, Tru64, etc... 2013, GmbH, Volker Lendecke

Samba 3.6 Last release before 4.0 SMB2.0 support (except durable file handles) Tighten security defaults (client uses ntlmv2 by default) Printer subsystem overhauled Internal use of RPC interfaces Winbind idmap configuration changed (again :-() All goodies are part of Samba 4.0 2013, GmbH, Volker Lendecke

Samba 4 Finally released on December 11, 2012 We missed the really cool date 12.12.12... Started in 2003 by Andrew Tridgell as a new VFS system with the goal to support cluster file systems Complete re-write of Samba Target: 100% semantics of Windows Main new feature: Active Directory Domain controller Samba 4.0 merges Samba 3 and Samba 4 code bases 2013, GmbH, Volker Lendecke

Active Directory Domain Controller The main services beyond NT4: LDAP, Kerberos and DNS Kerberos is almost standard, Samba4 ships heimdal Work is planned to run with a stock MIT KDC LDAP has been extended extensively for AD DRSUAPI for multi-master replication Many improvements for scalability and consistency DNS: Both internal and bind plugin Not invented here was necessary because many team members could not get the bind config right... 2013, GmbH, Volker Lendecke

AD: Dirty little secrets officially supported: Small business server 1 domain, 1 domain controller Trusts: Samba can be trusted, but Samba can not trust (is that a bad thing? :-)) Replication: (multiple Dcs) Directory replication mostly works Sysvol replication not Windows compatible Rsync based manual replication possible (multiple Samba Domain Controllers) 2013, GmbH, Volker Lendecke

AD: Next steps Fix the limitations (trusts, replication) Sysvol (file system replication): Async rpc server infrastructure, also for witness protocol Lots of NTFS semantics laid down in the protocol Trusts: Winbind from source3 needs to be extended to take over from source4 Extensions for AD style intra- and inter-forest trusts 2013, GmbH, Volker Lendecke

SMB2 New protocol introduced with Windows Vista Basic SMB2 is semantically very similar to SMB1: CreateFile is almost the same New protocol features added only to SMB2 Samba 3.6 supports SMB2.0 excluding durable file handles Samba 4.0 includes durable file handles SMB3.0 negotiated 2013, GmbH, Volker Lendecke

SMB server TODOs SMB 2.1: leases SMB 3.0: directory leases multi channel RDMA cluster concepts: (scale-out/continuous availability) persistent handles witness protocol https://wiki.samba.org/index.php/samba3/smb3 2013, GmbH, Volker Lendecke

SMB: Leases and Directory Leases Leases oplocks done right (content caching) Directory Leases change notify done right (metadata caching) extend oplocks to cope with SMB oplocks and leases remove the 1:1 relation between open and oplock (locking.tdb) add support for oplock keys (empty for SMB 1) cleanup / preparation work was already started by Volker lease keys and client guid need to be maintained at the SMB layer 2013, GmbH, Volker Lendecke

SMB: Multi Channel bind multiple transport connections to one SMB session interface discovery: new fsctl (FSCTL QUERY NETWORK INTERFACE INFO) Server can tell the client what interfaces it provides extend current 1:1 relation smbd TCP connection transfer TCP-socket to smbd serving connections with the same ClientGUID in negprot (fd-passing) session bind automatically on correct smbd only one process has the file open for multi-channel sessions we only need to do book-keeping on the SMB level (replay/retry counters, channel sequence numbers,...) the posix/file system level won t notice multi channel 2013, GmbH, Volker Lendecke

SMB: RDMA RDMA uses (infiniband, iwarp or RoCE hardware, or software emulation) transport abstraction needed (TCP/NBT vs. RDMA) buffer abstraction needed in order to do zero-copy transfers SMB VFS READ/WRITE BUFFER SEND/RECV Problems with the current libibverbs/librdmacm libraries it s not fork() safe, which is currently required by smbd FD-passing is not supported, would be needed for the current planned multi channel design 2013, GmbH, Volker Lendecke

SMB: Persistent Handles persistent handles: durable handles with strong guarantees server application workload need to make some DBs persistent (or by record) ( changes to tdb / ctdb...) smbxsrv open global locking, brlock need new index databases for smbxsrv open 2013, GmbH, Volker Lendecke

SMB: Witness List server network interfaces and interface changes The witness protocol is implemented as DCERPC service. using ncacn ip tcp as transport heart beat link between a SMB 3.0 client and server cluster. it provides faster planed or unplaned failover needs async dcerpc server infrastructure which can be used independently from smbd/samba 2013, GmbH, Volker Lendecke

Kontakt Volker Lendecke, vl@sernet.de GmbH Bahnhofsallee 1b Schützenstr. 18 37081 Göttingen 10117 Berlin tel +49 551 370000-0 +49 30 5 779 779 0 fax +49 551 370000-9 +49 30 5 779 779 9 http://www.sernet.de 2013, GmbH 18

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information