In a move that gives the Windows server market a good shaking, the Samba development team has released Samba 2.2, a free Windows-compatible file and print server that offers enough functionality to be a Windows NT Server replacement for many organizations, especially in smaller stand-alone offices.
For basic file sharing and print sharing in a Windows client environment, Samba 2.2 offers plenty of reasons to look beyond Windows server operating systems in settings where Sambas lack of trust relationship and BDC (backup domain controller) support doesnt matter.
Samba is capable, flexible, mature and fairly well-documented; runs on several Unix operating systems; offers Web-based configuration and administration; and is free.
This major upgrade to Samba, which shipped in April, takes a big step forward by allowing NT and Windows 2000 systems to join a Samba-managed domain.
With this change, Samba is now a viable option as a file and print server for many more Windows shops than before and earns an eWeek Labs Analysts Choice award for this remarkable technical accomplishment.
To add this functionality, Samba Team developers (including those who are part of the SambaThe Next Generation project) had to reverse-engineer the proprietary protocols Microsoft Corp. uses to authenticate users and systems over the networkusing, in many cases, nothing but a packet sniffer.
Samba 2.2s key limitation as a domain controller is that it doesnt yet support Windows NT trust relationships and so doesnt support single sign-on for users accessing resources in multiple domains. Samba domains are stand-alone entities. Samba can be a member server in an NT Server-hosted domain with no problem; it doesnt support trusts only when it is running as a primary domain controller.
In addition, Samba cant use a BDC, meaning that Samba-hosted domains arent fault-tolerant.
Both trust relationship and BDC support are planned for Samba 3.0.
We also still had to type in user names that matched the log-in names of our Windows users in two places (the Unix /etc/passwd and Sambas smbpasswd files) for Samba to work.
This big (and ongoing) maintenance headache will soon disappear when a Samba utility called Winbind (which is already written) is integrated into the Samba core product. Winbind, which runs only on Linux right now, eliminates the need to add Windows users to the /etc/passwd file. Instead, Winbind builds direct Windows domain authentication into Linux.
Using Samba 2.2, we created a Samba domain on a Red Hat Inc. Red Hat Linux 7.0 server. We then could add to the new domain test-client systems running NT Workstation 4.0 Service Pack 6a, Windows 2000 Professional Service Pack 1, Windows 2000 Server Service Pack 1 and, just to be complete, Windows 95.
We did this via the normal Windows tools, having configured Samba to automatically create machine accounts when needed.
Samba now provides very well- developed NT print server support: We could manage print jobs through the normal Windows client tools, and adding a printer from a Windows client was just as easy as it is with a Windows servera simple double-click on the print servers printer icon.
Samba 2.2 also includes support for ACLs (Access Control Lists) on Solaris, AIX, UnixWare, Irix, FreeBSD and Linux. We tested this feature on Linux using an experimental kernel patch hosted at acl.bestbits.at and were able to edit Linux native ACLs directly from Windows client toolsimpressive.
Timothy Dyck is a Senior Analyst with eWEEK Labs. He has been testing and reviewing application server, database and middleware products and technologies for eWEEK since 1996. Prior to joining eWEEK, he worked at the LAN and WAN network operations center for a large telecommunications firm, in operating systems and development tools technical marketing for a large software company and in the IT department at a government agency. He has an honors bachelors degree of mathematics in computer science from the University of Waterloo in Waterloo, Ontario, Canada, and a masters of arts degree in journalism from the University of Western Ontario in London, Ontario, Canada.