Heat Is on Windows
Heat Is on Windows
In a move that gives the Windows server market a good shaking, the Samba development team has released Samba 2.2, a free Windows-compatible file and print server that offers enough functionality to be a Windows NT Server replacement for many organizations, especially in smaller stand-alone offices.
For basic file sharing and print sharing in a Windows client environment, Samba 2.2 offers plenty of reasons to look beyond Windows server operating systems in settings where Sambas lack of trust relationship and BDC (backup domain controller) support doesnt matter.
Samba is capable, flexible, mature and fairly well-documented; runs on several Unix operating systems; offers Web-based configuration and administration; and is free.
This major upgrade to Samba, which shipped in April, takes a big step forward by allowing NT and Windows 2000 systems to join a Samba-managed domain.
With this change, Samba is now a viable option as a file and print server for many more Windows shops than before and earns an eWeek Labs Analysts Choice award for this remarkable technical accomplishment.
To add this functionality, Samba Team developers (including those who are part of the SambaThe Next Generation project) had to reverse-engineer the proprietary protocols Microsoft Corp. uses to authenticate users and systems over the networkusing, in many cases, nothing but a packet sniffer.
Samba 2.2s key limitation as a domain controller is that it doesnt yet support Windows NT trust relationships and so doesnt support single sign-on for users accessing resources in multiple domains. Samba domains are stand-alone entities. Samba can be a member server in an NT Server-hosted domain with no problem; it doesnt support trusts only when it is running as a primary domain controller.
In addition, Samba cant use a BDC, meaning that Samba-hosted domains arent fault-tolerant.
Both trust relationship and BDC support are planned for Samba 3.0.
We also still had to type in user names that matched the log-in names of our Windows users in two places (the Unix /etc/passwd and Sambas smbpasswd files) for Samba to work.
This big (and ongoing) maintenance headache will soon disappear when a Samba utility called Winbind (which is already written) is integrated into the Samba core product. Winbind, which runs only on Linux right now, eliminates the need to add Windows users to the /etc/passwd file. Instead, Winbind builds direct Windows domain authentication into Linux.
Using Samba 2.2, we created a Samba domain on a Red Hat Inc. Red Hat Linux 7.0 server. We then could add to the new domain test-client systems running NT Workstation 4.0 Service Pack 6a, Windows 2000 Professional Service Pack 1, Windows 2000 Server Service Pack 1 and, just to be complete, Windows 95.
We did this via the normal Windows tools, having configured Samba to automatically create machine accounts when needed.
Samba now provides very well- developed NT print server support: We could manage print jobs through the normal Windows client tools, and adding a printer from a Windows client was just as easy as it is with a Windows servera simple double-click on the print servers printer icon.
Samba 2.2 also includes support for ACLs (Access Control Lists) on Solaris, AIX, UnixWare, Irix, FreeBSD and Linux. We tested this feature on Linux using an experimental kernel patch hosted at acl.bestbits.at and were able to edit Linux native ACLs directly from Windows client toolsimpressive.
Samba provides the bread and butter of corporate networks: file and print services. This release, the first viable open-source alternative to Windows NT Server 4.0, can replace or augment that product in some less-critical situations and thus can save companies considerable amounts of money.
SHORT-TERM BUSINESS IMPACT // This free Windows-compatible file and print server is going to help just about any organizations bottom line.
LONG-TERM BUSINESS IMPACT // As Samba moves toward full Windows NT Server functionality, some organizations will find that in a years time, Samba (or a Samba-based appliance) is all they need.
Supports Windows NT and Windows 2000 clients; automatic printer driver downloading; Windows users can take advantage of Unix ACLs; Web-based administration.
No support for Windows NT domain trust relationships; cant use (or be used as) a backup domain controller; Winbind Windows log-in integration utility not yet integrated into main Samba distribution.
Samba Team; www.samba.org