Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Announcements

Samba-TNG Team Releases 0.3 312

emissary47 writes "The Samba-TNG (the next generation) team, releases the first beta of Samba-TNG (a Samba fork since 2000) including some very interesting features for everyone willing to replace NT4 domain controllers. With excellent LDAP-backend support, integration of Microsoft tools such as usermanager for domains and servermanager and a powerful command-line tool called rpcclient it is _the_ alternative solution for Windows domain controlling at the moment. They even include scripts for NT4-server migration in order to make a change easier."
This discussion has been archived. No new comments can be posted.

Samba-TNG Team Releases 0.3

Comments Filter:
  • by Anonymous Coward on Tuesday February 11, 2003 @01:28PM (#5281391)
    How will they handle the wormhole effect?
  • Good! (Score:1, Insightful)

    by Anonymous Coward
    It's about time. Too bad this wasn't available two years ago, when NT4 was still run in some older environments...
  • Samba-TNG (Score:3, Funny)

    by H.G. Pennypacker ( 649549 ) on Tuesday February 11, 2003 @01:30PM (#5281405)
    Code named 'Crusher'.
  • What's new? (Score:5, Informative)

    by $$$$$exyGal ( 638164 ) on Tuesday February 11, 2003 @01:30PM (#5281410) Homepage Journal

    Taken directly from the announcement, but it's short enough to just put here.

    Most important changes in 0.3:

    • Updated LDAP schema in ldap/samba-tng.schema-v3
    • Improved LDAP backend (subcontexts, performance speed up)
    • NT trusting TNG works now out of the box
    • Update to the registry tools in rpcclient
    • libiconv usage

    --sex [slashdot.org]

    • Re:What's new? (Score:2, Interesting)

      by Grrreat ( 584733 )
      Does'nt suppoort "File locking" or "File ACL Support". I've been able to use ACL support in Linux after compiling. Is File Locking critical? I'm mean what can happen to a file it more than one person opens a file, does it allow them to save over each other's version?
      • Re:What's new? (Score:3, Informative)

        by extra88 ( 1003 )
        When I have a file open on an NT server and an OS X client also has it open, everything is fine until I try to save the file. The app says it can't save the file under the original name and saves it with a random (alphanumeric) 8 character string for a name, not even the correct filename extension. That's pretty annoying but at least my changes aren't lost.

        If a 2nd Windows client opened the file, they would be warned that the file was already open and they could only open it Read Only (I only have experience with MS Word and Excel in this context so I don't know for certain if the applications play a part).

        I think there certainly is the potential for ending up with a crazy mixed-up file if more than one client saves changes to it at once. The more likely event is the last saved version is the one which is kept but it depends on the application and in some cases, the file.
      • Re:What's new? (Score:5, Insightful)

        by Anonym0us Cow Herd ( 231084 ) on Tuesday February 11, 2003 @02:32PM (#5282099)
        Is File Locking critical?

        Yes. There are plenty of applications that exploit this capability.

        A long time ago, in a galaxy far, far away, before the dark times, that is, before MS SQL Server, there were multi user applications. Multiple workstations, each locally running a copy of the application, could open the same data file on the server. Because they could, through the API, request certian byte range portions of the file be "locked" from other users who had the file open, they could effectively do sophisticated multi user operations without a database server. (Database servers were things for mainframes.)

        There are still programs that can do this. For instance. Microsoft Visual FoxPro. If you use FoxPro's native database (not an ODBC to some other database), then you need nothing more than a shared folder on a fileserver that supports locking. Too bad that SMB isn't suitable. This effectively cuts out some vertical market applications written in tools such as Visual FoxPro from using a shared Samba server. "Sorry, Mr. Customer, to run this specialized package, you'll need an NT server, a Novell server or an AppleShare server."

        Don't think these are merely "legacy" applications either.

        How many modern software programs allow concurrent editing of a document by multiple people? (where the applications cooperate in modifications to the data structures of the document and don't clibber each other) Excel? Word?
        • Re:What's new? (Score:4, Interesting)

          by skeedlelee ( 610319 ) on Tuesday February 11, 2003 @02:49PM (#5282243)
          How many modern software programs allow concurrent editing of a document by multiple people? (where the applications cooperate in modifications to the data structures of the document and don't clibber each other) Excel? Word?

          Granted I didn't work at it for that long, but I did attempt to get Word2000 to do this for a few medium sized documents a while ago. My experience was that there was no way to dynamically decide what part you wanted to work on, you had to declare the divisions ahead of time and then could use their master document approach (or whatever they called it). Basically, you declare a bunch of document sections, which are then stitched back into one document. A little clunky and made keeping a version archive pretty nasty, links got fouled up all overthe place.

          Given that it was a small group of people working on the documents, and the master document approach seemed to foul a few things up, we found it easier to have someone in control who could manually split out the necessary portions and reintegrate later. Bloody waste of time.

          The whole thing about 90% people using only 10% of the capability of Office is right on, the useful features are often missing or very hard to figure out. Not that I have a clue what takes up most of the space in office... clipart maybe?
          • I really don't know about Word and Excel since I never use either of them.

            But I can assure you that there are database applications that definitely use this approach quite successfully. Records are of uniform length. So are b-tree index nodes. I know the approach to be used as far back as the very earliest fileservers in microcomputers.
          • The whole thing about 90% people using only 10% of the capability of Office is right on

            This common misconception is responsible for uncounted number of software failures. The key thing is that those 90% each use a different 10%. Can you possible come up with a list of features that nobody uses? I use some rather esoteric ones in Word, but don't use ones other people use. The key is to have the functionality there, and make the software usable in the way you use it.

            Microsoft's solution to this involves those menus that hide things you don't use. Not the best solution, but it works for some people.

        • The big one I've seen lately causing headaches is MS Visual Studio.NET does file byte range locking. This is all fine and dandy, until you try to save and work on projects on a AFS drive, which only supports whole file locking, and VS.NET barfs all over it.
        • Re:What's new? (Score:5, Interesting)

          by Jeremy Allison - Sam ( 8157 ) on Tuesday February 11, 2003 @04:36PM (#5283469) Homepage
          Err - both Samba-TNG and Samba support this (byte-range
          locks). Out of the box. We have done for years. I wrote the
          code :-). That's why you can use Samba for these multi-user
          apps :-).

          Jeremy.
        • Real life example: Solomon IV 2.6, peer-to-peer version. Win 3.1, runs successfully on all flavors.

          Up to 6 simultaneous users (we did 6 very successfully). Works like a charm.

          This is a "serious" full featured general purpose accounting package w/ gl, ap, payroll, etc. All the controls missing in Quickbooks, Peachtree, and their ilk, but priced competitively. No back end!

          Starting w/ version 4.5, MS SQL Slammer is now required.

          Mark
  • by Anonymous Coward
    All your files get lost on the other side of the network for 7 years.
  • Before anyone gets off on a huge rant about this fork being pointless/harmfull/etc, read this [samba.org] - it's a statement by Andrew Tridgell, saying that he is "delighted" about the fork...
    • "As the original author of Samba I am delighted that this split has occurred. Many of the design decisions in Samba are showing their age, but as Samba is so widely used it can be difficult to try radical new approaches while keeping the code as stable as users have come to expect. With a new project developers have a lot more freedom to try innovative solutions to problems without any concern about stability. While we don't yet know how the TNG project will work out, it will certainly teach us something about how their proposed approaches work when they are given the chance to be fully tested."

      "I look forward to seeing more development in TNG now that the developers are not constrained by the more conservative elements of the Samba Team (such as myself!) and I will be delighted to see the project flourish. There has been only one viable SMB server solution for the free software community for far too long, and a world with only one choice is a boring place indeed."

      Divide and conquor.
    • This whole thing about a "fork" is kind of bogus. It's hardly a "fork" in traditional sense, like WINE or BSD.

      Even the letter linked to is quite old.

      Here's a simplified version of what happened: there was one Samba. One group of people wanted to rearchitect it to make significant improvements. Another group of people pointed out that a lot of people depend upon Samba as a production server, and would be without major bugfixes or improvements while Samba's guts were ripped out, especially since it might be years until Samba functionality reached former levels.

      Basically, the two groups couldn't agree, and a fork occured. The old Samba was maintained to keep people who were currently using Samba happy, and the new Samba was placed on the operating table and dubbed Samba: The Next Generation.

      A while later, both groups decided that Samba:TNG would make a good next major version for Samba. The old Samba will become 2.x, and Samba:TNG will become 3.x. So basically, all we have here is a Linux 1/Linux 2 or GNOME 1/GNOME 2 situation. The two forked for a version change.

      Most of the changes in TNG were based around domain controller stuff. Since I only use Samba as a client, it doesn't really affect me much...
      • by abartlet ( 64597 ) <abartlet@samba.org> on Tuesday February 11, 2003 @03:39PM (#5282914)
        This comment is misleading. There are no plans for samba.org to release Samba TNG, they are there own project now, and we have our own development process that is producing a very nice PDC for 3.0.

        Samba 2.2 contained basic domain control capabilty, and 3.0 really does a good job of completing it.

        Also, Samba 3.0 does many things that TNG does not - in particular Active Directory client support, and even Active Directory DC developement (very early)
      • No, sorry - that is not correct. Samba 3.0 has been in Alpha for a while but it is from the normal Samba team and has nothing at all to do with Samba TNG.

        Samba 3.0 comes with (I think) 3 daemons. The last time I heard, Samba TNG came with quite a few more than that. This approach was rejected by the Samba team as being simply too complicated to administer, a decision that lead directly to the fork.

        I had actually thought that TNG had run out of steam and was fading away, but this announcement seems to contradict that.

        Most of the changes in TNG were based around domain controller stuff. Since I only use Samba as a client, it doesn't really affect me much...
        Same here.

    • "Now you see that Evil [upevil.net] will always triumph, because good is dumb." - Dark Helmet

      Uhm, good may be dumb, but evil [upevil.net] looks like they're just now getting online... ;)
  • Wow, I thought this died. So they've been working since 2000 to replace NT4 (1996?) domain controllers, and now Microsoft has ripped through 2000, XP ... ?

    Seems like they're a bit late to the party, not that I don't appreciate the work, but haven't we all pretty much come up with work arounds or are used to dealing with Samba:TOS ?

    • late ??? (Score:5, Interesting)

      by johnjones ( 14274 ) on Tuesday February 11, 2003 @01:46PM (#5281600) Homepage Journal
      late I dont think so

      even MS will admit that they cant get people to move from NT to XP or 2k

      this is right on time ! because people will start to find NT is no longer supported by MS and move what they move to might just not be Microsoft based because its too expensive hence samba TNG

      but what I want to know is this

      can samba-TNG be a real PDC and comunicate to a NT BDC all the information such as the userlist AND when it falls over and comes back up (system maintenance) take back the PDC status and any changes from the BDC ?

      acting as a PDC and syncing with a NT BDC is what SAMBA really lacks IMHO

      regards

      John Jones
      • Re:late ??? (Score:5, Informative)

        by ed1park ( 100777 ) <ed1park@hotDEGASmail.com minus painter> on Tuesday February 11, 2003 @02:22PM (#5281996)
        "Can Samba be a Backup Domain Controller?
        With version 2.2, no. The native NT SAM replication protocols have not yet been fully implemented. The Samba Team is working on understanding and implementing the protocols, but this work has not been finished for version 2.2.

        Can I get the benefits of a BDC with Samba? Yes. The main reason for implementing a BDC is availability. If the PDC is a Samba machine, a second Samba machine can be set up to service logon requests whenever the PDC is down."

        You can find out more here...

        http://us2.samba.org/samba/ftp/cvs_current/docs/ ht mldocs/samba-bdc.html
        • NT needs BDCs because the PDC might have crashed, had a hardware fault or been accidentally turned off.

          If you put your PDC on a machine with reasonable redundancy, you don't need a BDC. If you can't afford any downtime, put it on a cluster.

          --dave (unix bigot, you understand) c-b

      • Re:late ??? (Score:5, Informative)

        by buchanmilne ( 258619 ) on Tuesday February 11, 2003 @02:31PM (#5282096) Homepage
        can samba-TNG be a real PDC and comunicate to a NT BDC all the information such as the userlist AND when it falls over and comes back up (system maintenance) take back the PDC status and any changes from the BDC ?

        AFAIK, this is what TNG was aiming for.

        acting as a PDC and syncing with a NT BDC is what SAMBA really lacks IMHO

        You mean samba-2.2.x. Samba-3.0alpha does support this, and has a better NT->Samba migration tool, 'net rpc vampire'.

        Samba3 is due out in about 2 months (hopefully).

        What I want to know is, have they got all the samba-2.2.x features?

        We run samba-2.2.x with ldap support for samba-only PDC/BDC operation.
        • It would appear that at present samba-tng isn't ready for production use (as with samba3), since it doesn't support:
          -ACLs (which we rely on with samba-2.2.x)
          -Locking
          -Advanced printer support.

          I'll continue testing samba3 and keep samba-2.2.x in production for the next few months.
        • Getting group membership to work properly has been a bit of a chore, but group permissions on the file shares works nicely.

          I don't really see a value in having an NT 4.0 bdc taking orders from the samba pdc - just convert them both!
      • You are dead on. We are currently looking at going from NT4 to ??? and evaluating prices. Basically, it's going to cost a shitpile of money:) I had forgotten about SMBTNG until this article, and am hoping to save the company quite a bit of money. Support? It's been worthless so far, why should I be worried about it now? I'd also be willing to be that SMBTNG can run on the hardware that would be destined for the scrapheap with a 2K or XP Pro upgrade. With cycles to spare.

      • Re:late ??? (Score:5, Insightful)

        by psamuels ( 64397 ) on Tuesday February 11, 2003 @04:43PM (#5283518) Homepage

        obKarmaBonus: because I'm a samba-tng developer (:

        this is right on time ! because people will start to find NT is no longer supported by MS and move what they move to might just not be Microsoft based because its too expensive hence samba TNG

        Right. The other thing is, with LDAP support, samba-tng (and samba.org for that matter) has many of the internal advantages of Active Directory. Network-side, it still looks like NT4, but internally, you can manage it via LDAP rather than the crusty old tools.

        For this reason, I personally don't see a lot of point in emulating a true Active Directory server. It just doesn't seem to buy all that much on Unix. On Win2k you have the whole world integrated into Active Directory - the DHCP server, the DNS server, dynamic DNS tying the two together, you name it. I think that's most of the value proposition of Active Directory, and on Unix the whole integration thing wouldn't be there anyway.

        Years ago, when samba-tng was young and fresh, someone (can't remember who, I think Luke Howard was involved) tried to write an NT5-compatible LDAP backend. It was never finished, but the regular LDAP backend matured to the point where we don't feel we need the AD-compatible one. The difference was mainly in the LDAP schema, as I recall.

      • Re:late ??? (Score:2, Informative)

        by t0ny ( 590331 )
        thats not true. Everyone you talk to wants to move, and sees the benefits of AD, but moving your entire production network to a new NOS takes lots of planning.

        I have been taking the necessary babysteps to get my network on AD for the past year, and am almost there. But when your network has hundreds of users with a whole lot of servers that absolutely have to be up during business hours, and have your normal support stuff to do besides, it is quite a huge undertaking.

        Probably the biggest thing that causes problems, but is the biggest reason to switch to AD, is being able to finally say goodbye to NetBIOS (the bane of my existence). Soon we will be deploying the AD Client to the Win9x machines and switching to DDNS for name resolution, replacing WINS. That step alone will solve tons of problems.

        After that I will work on switching the PDC to Win2k and run it in PDC emulation mode until the other DCs are upgraded and AD is ready to go.

        So, my point is just that its a lot of work.

    • by msgmonkey ( 599753 ) on Tuesday February 11, 2003 @01:52PM (#5281681)
      There are alot of places that still use NT4 and with MS EOL'ing it people will be forced to upgrade to Windows 2000. If this makes it easy for people to move over to Linux instead of Windows 2000 than all the better.
      • by Anonymous Coward
        I just wish they'd start adding graphic control tools... that'd make moving way easier.
      • by Anonymous Coward
        Okay, but what are they supposed to do about GPOs? Or WINS replication? Ever try to get network browsing to work across subnets without that? What about failover support? Are you really going to tell your boss "Yeah, we'll use this 0.3 release beta software to run our organization's network/file services and hope for the best! If shit breaks then tough!" If you would actually consider implementing Samba as a primary authentication service in a production environment then you are utterly mad. Even Samba-TNG will not be suitable for quite some time now for anything outside of a home network. The only place I can see Samba having any use is in a heterogenous environment with lots of Unix and Windows clients, and even at that you have to maintain seperate username/password databases for the Unix and Windows users. Administering Samba is a pain in the ass, frankly.

        Don't get me wrong, I think that the Samba project has a noble goal, I just think that perhaps they're going about it the wrong way. What I would like to see, rather than a redundant project immitating what Microsoft already can do, is an open-source "Client for Unix Networks", sort of like a Novell for Unix. Sure the windows client would have to be designed from the ground up, but that would make implementing things such as Group Policy Objects and functionality simmilar to Novell's ZEN system a whole lot easier. You could integrate code for the already existing Kerberos and AFS clients for windows into it, and build an LDAP backend on the server side of things that could be used to authenticate Macintosh, Windows or Unix clients. Maybe it could even have a plugin system for implementing policies on those respective operating systems as well. More importantly, if serious effort were concentrated onto this project, it could very well break the impending stranglehold that Microsoft seems destined to have on the server market with the fall of Novell and the rise of Windows .NET and its facist licensing system.

        I dunno, just a thought.
    • The regular Samba project has had NT4 domain controller support for quite sometime...

      We are currently working on Active Directory domain controller support. We've got a domain join more or less working for AD but are still working on initial logon.

      Read here [cifs2002.org] for more info.
  • NTLMv2? (Score:3, Interesting)

    by Cally ( 10873 ) on Tuesday February 11, 2003 @01:42PM (#5281545) Homepage
    This was a show-stopper for us only last week - trying to find a reasonably easy way to get Samba supporting NT LANManager v2 authentication? Anyone?
    • Re:NTLMv2? (Score:4, Informative)

      by praetorian_x ( 610780 ) on Tuesday February 11, 2003 @01:50PM (#5281651)

      In what context? NTLM authentication over the web (between IE and a java based app server) is available at http://jcifs.samba.org. This is a great solution for "single signon" for intranet applications.

      Of course, it goes without saying, that this protocol is not internet safe

      The JCIFS team even includes a delightful filter than you can plug in so request.getRemoteUser() will return DOMAIN_NAME\user_name. Realy good stuff for intranet development.

      Now, if only 'zilla will get NTLM support in 1.3...

      Cheers,
      prat
    • Re:NTLMv2? (Score:5, Informative)

      by abartlet ( 64597 ) <abartlet@samba.org> on Tuesday February 11, 2003 @03:32PM (#5282581)
      NTLMv2 authentication is fully supported in Samba 3.0 - we brought the code across from TNG 18 months ago.

      Recent alphas have LMv2 authenticaion too :-).

      The truth is, almost nobody uses NTLMv2 - certainly not MS...
  • Samba doesn't support domain trusts, does TNG? For example, if I have my own domain configured at home, can I set up a trust relationship with the domain at work and thus make authentication and network access easier for me?
  • Read at -1 if you don't believe me...

    It seems like somebody might be abusing their moderation power.
  • I just told a co-worker "yo, Samba-TNG just came out" and he was like "they didn't actually name it that, did they?" Another asked "but, is it out now ?"

    ;)
  • Gahh! I can't get the image of Piccard with a hat made of fruit dancing to Samba Music out of my head...

    ...Not going to Rio this year...
  • by Anonymous Coward on Tuesday February 11, 2003 @02:03PM (#5281805)


    Due to the complexity of LDAP, and samba w/PDC in general about 6 months ago I wroteup a pretty significant document on how to configure and deploy such a system, I've spent more then 40 hours on it to date, it's fairly complete:

    http://howto.aphroland.de/HOWTO/LDAP

    no way in hell could it withstand the slashdot effect, it runs ontop of Zope which is slow enough as it is! Apache seems to be in the order of 2000x to 2500x faster then zope+Zwiki, but the features of zope make it worth it.

    (been on /. for 5 years and still don't have an account)
    • by Havokmon ( 89874 ) <rick@havok m o n . c om> on Tuesday February 11, 2003 @03:23PM (#5282481) Homepage Journal
      Due to the complexity of LDAP, and samba w/PDC in general about 6 months ago I wroteup a pretty significant document on how to configure and deploy such a system, I've spent more then 40 hours on it to date, it's fairly complete:

      http://howto.aphroland.de/HOWTO/LDAP

      no way in hell could it withstand the slashdot effect, it runs ontop of Zope which is slow enough as it is! Apache seems to be in the order of 2000x to 2500x faster then zope+Zwiki, but the features of zope make it worth it.

      Looks good, too bad if I do a:
      wget -m -GMETA http://howto.aphroland.de/HOWTO/LDAP

      It doesn't do anything useful.. You don't run standard HTML (which is understandable), and all your links are hard links. I suppose I could 'sweep' the sctructure, and replace 'map' with index.html, and remove the hostname from all the files.. ugh. I'll just bookmark the damn thing.

      Bummer.. I'd hold a copy on my dinky Cable for temp use (and my own use)

  • TNG (Score:1, Troll)

    by evilviper ( 135110 )
    Sure, everyone likes TNG, but what you don't realize is that the next versions ('DS9' and 'Enterprise') will be big let-downs to everyone...
  • Seems some trolls have mass-registered Emails and accounts for SLashdot under the name of "CLIT Drone No. (randNum)". Now they are mass-posting some anal gay fantasy at a default of +1. Editors are working on it, but the troll engine is still pumping crap in +1.

    For your information, read at +2 for this article.
    • reading at +2 still doesn't help when retarded people (or the trolls themselves) mod the shit up as Funny.
    • Seems some trolls have mass-registered Emails and accounts for SLashdot under the name of "CLIT Drone No. (randNum)". Now they are mass-posting some anal gay fantasy at a default of +1.

      Whoa. You don't say!!??

      Editors are working on it, but the troll engine is still pumping crap in +1

      Yes, exercising their legendary thread bitchslapping powers instead of fixing the damn moderation system.

  • by mjh ( 57755 ) <mark@noSpaM.hornclan.com> on Tuesday February 11, 2003 @02:36PM (#5282137) Homepage Journal
    Samba-TNG (the next generation)

    If this is "news for nerds" site, was it really necessary to explain what TNG means? Or do I now have to stop imagining all my fellow /.ers posting in their klingon uniforms?

  • by Erik Hensema ( 12898 ) on Tuesday February 11, 2003 @03:15PM (#5282424) Homepage
    So what exactly are the advantages of TNG over TOS (The Original Samba)? And I don't mean 2.2.x, but the 3.0 developement series.
    • I'm not 100% sure, but my understanding is that some of the Samba developers wanted to replace Microsoft entirely, whereas the Samaba project was designed to coexist with an MS environment. The TNG team forked the code to produce a true replacement to an MS PDC and to implement less stable features without breaking the solid Samaba codebase.
      • my understanding is that some of the Samba developers wanted to replace Microsoft entirely, whereas the Samaba project was designed to coexist with an MS environment.

        Well, it's vague at best. Mainly it's just a fork, with occasional code merging in both directions (though we (-tng) take quite a bit more from them (samba.org) than they do from us). Many things samba.org does better, a few things we probably do better, but then again some of the differences are just ... differences.

        Sorry it's hard to give a more concrete reply - I don't know the exact capabilities of samba 3.0 alpha. I suppose abartlet (from samba.org) will give you a more complete answer, as is his habit. (:

  • by Koyaanisqatsi ( 581196 ) on Tuesday February 11, 2003 @03:16PM (#5282426)
    Quotes:
    (...) releases the first beta of Samba-TNG (...)
    (...) it is _the_ alternative solution for Windows domain controlling at the moment (...)

    While I'm all for OSS alternatives to M$ products, I don't think it is wise to call a "first beta" product a viable alternative to NT4, which is proven and tested (I can almost feel the fames coming now)
    • Well..... We are successfully using it since June of 2001 pre beta.... pre anything. We have not had a single problem with it except for printing. We solved that with Samba. It is really quite usable. Just don't run smbd with -d 10 and forget about it. :)
  • by Lxy ( 80823 )
    I've been using TNG for awhile now. It makes a great replacement to a PDC, even if it is only in beta.

    What I'd like to know: TNG was forked to create an unstable environment to test stuff. Since Samba was such an awesome piece of code, the developers forked TNG to try some things. Now, TNG is looking stable. Where can it go next? Another fork? Where is all the really unstable testing going from here?
    • Samba vs Samba-TNG (Score:3, Informative)

      by boots@work ( 17305 )
      Samba-TNG was originally an unstable CVS branch, run by people from the Samba team. However, the project has now forked [samba.org], and is developed by a separate group. It's vaguely similar to XEmacs vs GNU Emacs, although the details are very different.

      If you want the unstable version of Samba, try the Samba 3.0 alpha [samba.org] snapshots. Many of the domain integration features [samba.org] will be in this development series. If I understand correctly, some of the code is reused from Samba-TNG (both projects are GPL'd), but most is rewritten.

      As Andrews says in the open letter [samba.org], diversity is good: you can try -TNG and 3.0a and see which one suits you.
  • Printing? (Score:3, Interesting)

    by FatherOfONe ( 515801 ) on Tuesday February 11, 2003 @03:54PM (#5283101)
    I noticed on their status page that they don't support printing. This seems like a kinda huge issue.

    Did I mis-read it?

    • Re:Printing? (Score:5, Informative)

      by psamuels ( 64397 ) on Tuesday February 11, 2003 @05:06PM (#5283664) Homepage
      Did I mis-read it?

      No, you read it right. Here's the thing. samba.org has a much larger and (well, at least back in the boom days) better-funded team than we do, so we can only concentrate on so much at a time. Printing just isn't a priority. It might work in samba-tng, in some cases (it is after all derived from samba.org code, which includes printing) but we don't pay much attention to it.

      If you need your PDC to also be a print server, you should either (a) run samba-tng and samba.org on the same machine, on two separate IP addresses and netbios names (yes, this is a common and supported configuration), or (b) just use samba.org for your PDC, which in the past wasn't such a great idea but nowadays it is reported to be quite usable.

  • by hughk ( 248126 )
    When will they support ACLs? This is the big gotcha ifor commercial use? I guess they will need ACLs in the underlying file systm as a prerequisite.
    • Re:ACLs? (Score:3, Informative)

      by Junta ( 36770 )
      Samba already does support ACLs... I know that is at least possible if XFS is the underlying filesystem. It may be true for the other acl implementations, but Samba certainly is capable.

      As an aside, I'm really not that big of a fan of ACLs, they get too complex for users to effectively manage too quickly in large organizations. Sure, in theory it is good to give that degree of granularity, but in practice it is too fine grained. Now if the users used acls judiciously, it is no problem, but I often see users frequently adding groups and users to allow access to certain files without bothering to ever remove them. At that point, the permission system breaks down, and that is my complaint about ACLs.
      • I started working with OpenVMS, which implements ACLs quite well for just about everything, including the file system.

        The key point when I first learned about the real-world use of ACLs is that they cost performance. The more ACEs to be checked before an ACCEPT or DENY, the slower the access. The 'secret' was grant access to groups rather than individuals and then to grant or revoke group membership. It is fast and easy to manage.

        Moving to WinNT and later ACLs was easy although the tools, whilst prettier, were harder to use. However the ability to tune access to shared resources across an entire organisation meant that it was accepted rapidly.

        I know XFS does ACLs but reliable ACL support has been a little difficult for some of the other filesystems like ext3. RedHat, for example, were due to ship with it in 8.0, but the bug reports during the beta phase forced them to withdraw it.

        According the Web-page, Samba-TNG doesn't do ACLs yet on any file system. This is a shame because that is exactly what we need (in addition to PDC/BDC support) that would allow orgnisations to drop in Linux systems to replace Win NT servers. I'll happily wait for 2K support but those ACLs are important now.

  • by Lumpy ( 12016 ) on Tuesday February 11, 2003 @04:10PM (#5283228) Homepage
    Older but still heavily used DOS based Medical and Accounting packages WILL NOT reliably use a samba machine for a SMB share. a NT server will do it fine, but samba, including the latest and greatest will not. it keeps losing data or losing the connection.

    Cince most doctor offices still use Dos based medical software, and Most companies still use their DOS based Accounting software (Quickbooks is a Joke compared to these real accounting packages) any migration of their servers to linux spells doom.

    I've waited for over 4 years for this issue to be dealt with and it seems that the samba team is not interested.

    I personally wouldn't use these old (but still cost thousands today) apps.... but you cant tell a customer that to save $400.00 on their server they need to spend another $5500.00 to change their software suite and spend 100-200 hours manually keying in the old data into the new system.

    companies are funny that way.
    • Older but still heavily used DOS based Medical and Accounting packages WILL NOT reliably use a samba machine for a SMB share. [snip] it keeps losing data or losing the connection.

      We ran into something similar in my former place of work, and IIRC it got solved shortly after I left.

      If you're interested, I can try to dig up the details for you.

    • When did you last post to samba-technical about it?

      Try again - you might have some better luck. Bring your log file at debug level 10 with you.
    • I'm interested in this case...why will DOS lose data or connection to a samba server?

      Is it because it uses older SMB protocol dialect? Or does it have something to do with DOS behaviour towards FAT? And how many people are actually using DOS?
      • Unfortunately I would like to say nobody but... that seems to be far from the truth. Spend a little time doing consulting for the medical industry and you will be VERY surprised what you find. Alot of hospitals doing upgrades from 95 to 98, while xp is already at SP1. I figure by 2010 they will be up to NT4.

        And yes there are people still using dos. Hell there are pharmacy packages that run off dual floppy computers still. Medical industry is the king of legacy. Low IT budgets and the fear of messing with something that "works." In most other places the biggest fear you have is an assembly line stops for a few minutes, or a website goes down for a few minutes (God forbid.) But you screw up an upgrade or change out to something that doesn't have a feature needed in the medical industry.... you might start killing people. Stakes are a little high, so the idea of if it isn't broken don't fix it is rather common.
    • I am gonna have two subjects in this message. One a suggestion to fix the problem, and two, some advice on the medical software industry.

      You are running dos software? I am assuming you are peer to peered unless you are running it across NT. Also assuming you want to put in a Linux box so you can have a fileserver, web proxy, and whatever your heart desires.

      I dont know your office but i cant imagine it is very large if you are using DOS, otherwise you could have used novell. You dont have NT, or why would you worry about Samba?

      Heres what I would do. Goto ebay. You can Lantastic with 10 licenses for 40 bucks. You can acquire as many as you need at that price or lower. You acquire an old p2 or p3 for 200 bucks and your choice of ram. make sure it is in good shape. Pricewatch a new one. 150 bucks for a new p3 750, kick another 100 for hard drive and nic. You ever seen DOS run on a p///??? Like a scalded dog.

      Pop lantastic on that baby and fire it up and walk away. Problem solved for 300 bucks. And whatever labor you charge.

      Give me some more details on what you want to do and what you currently have installed. Then I can probably be a lot more helpful.

      My father ran a medical management company from 1970 to 1998. He had a mainframe installed in his office in 1970 to manage the financial end of the business then. He was way a head of his time. Offer the years I saw him switch systems from IBM/36s, in house Cobol Programmers, Sco boxes, Lantastic, Novell and finally to NT. And I learned them as they came out.

      I installed and supported a variety of systems over a 10 year period in the medical industry. So let me drop a dime on you and save you some headaches. I also did a stint for a group of 8 clinics as the IT guy. 30k active patienrs running through my box. AS400, 8 modems. All locations dialed in with 286, 386s. with a client. Ran smooth as hell.

      PLUS I was an actual clinic manager. I know the financial side as well.

      ****KEEP THE OLD SYSTEM RUNNING***** Whether it is still on the network or you got one station.

      1. They have access to all the old records, as will be explained.
      2. Something happens(employees refuse to learn new stuff) your box blows up. You got the old one as back up.

      1. Doctors make plenty of money. But they do not like to spend it in their practice, usually the least amount is done on the system. And with good reason. Late 80's billing systems that filed electronically could cost a 250k and upwards. But most medical tech sales people approach it the wrong way. Tell them to finance it(yes banks will finance software and hardware together) make it a part of operating costs, and they can write the whole thing off, so no need to skimp. Get the numbers together. When you give final bid. Show them total cost. Then show them that they can finance for three years at 500 a month.

      And remember all of this really hinges on docs being cheapskates.

      2. DONT SKIMP ON HARDWARE OR SOFTWARE that manages peoples money. Because that 400 you saved you went with some cheaper hardware. It craps out. The manufacturer doesnt get the blame, you get the blame. You cant say"well you wanted to save money on the hardware" A doctor will have a lawyer on your ass in a heartbeat. And then tell all his doctor buddies at the club you are a louse. Remember you have to fix the hardware. Get a Dell. They make good on the warranty and quick. Docs also like big named companies, might have stock in them. Docs will throw a bone that way.

      3. Most real practice management software, legacy software was made to run on old Unix boxes. AS400's. Some of it was later ported to dos boxes, or to run on Novell. However, the medical industry preffered UNIX. I have seen logs of uptimes of 5 years plus, and even one for 8. NT and SQL has made heavy inroads. Honestly, in all my years I only saw a few dos apps, and most were just clients that hit a nix box.

      4.And if you glean anything from this post make it this. It is a good selling point, headache saver, and NECCESITY if you are going to have peace of mind.

      NO DATA CONVERSION. Unless you intimatley know both databases, or someone has written a tool to go from one to the other. Do not do it.

      A. You usually can only get patient demographics and money owed. Too difficult, costly, to get all historical data. Those old 'bases aint pretty.
      And it costs money. And the first time Betty Sue Blowjob whines to the doc all the history aint there(cause she is too lazy to fill it in) he reams you.

      B. Docs carry around a load of DEAD Accounts receivables. So you been using a system for 8 years, you are carrying around loads of deadbeats. If they hadn't paid in three, they will not pay ever. So any reporting on the A/R is useless. I knew a doc with 8 million in outstanding. And i did a couple queries, and it was because since he started practicing, he kept people on the books. Now is a good time to start fresh. Make this point to him. They alway go for it if you can explain it concerning money. Tell them that he can get current real A/R totals ,and on the old machine turn over all stuff over three years out to a collection agency(careful with this, some people are on payment plans and do not deserve collections).

      5. Whenever a patient comes in the girls can say"Hey we have a new system, new encounter form, whatever" and have the patient fill it out. As each patient comes in, they do this. You clean up the patients files this way, mistakes, get all the new info, and it really is not too much work for the girls to do. And they do not have to sit 100 hours in a row rekeying. Just as necessary. And really, takes about 6 minutes for a normal typist to whip this on in. I did a study of this with 10 office workers.

      So I hope I hope I have given you some ideas and things to look out for. You gotta really go head to head with docs. But 90% of it are people issues. I no longer work in this part of IT because it burned me out. I wouldn't reccomend it to anyone. And I left good money.
  • I took Gerald Carter's Samba tutorial at the 2000 LISA conference during the early going-ons with TNG. He expressed that he was mildly disappointed that they wouldn't go with his idea to just call it "Tango" because it would go so adorably with "Samba". Oh well....

    ;^)

Dreams are free, but you get soaked on the connect time.

Working...